VIRY.CZ

Dobrý den, prosím o kontrolu mého ntb. Email mi hlásí nějaké blokace... Děkuji

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-02-2021
Ran by Prodejce1 (administrator) on LITOMERICE1-NB (ASUSTeK COMPUTER INC. VivoBook_ASUSLaptop X509FJ_X509FJ) (08-03-2021 20:15:46)
Running from C:\Users\Prodejce1\Downloads
Loaded Profiles: Prodejce1 & MSSQLSERVER
Platform: Windows 10 Home Version 20H2 19042.844 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.​) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_2346917970a59cb8\ASUSLinkRemote\AsusLinkRemote.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.​) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_2346917970a59cb8\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe
(ASUSTek Computer Inc. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_2346917970a59cb8\ASUSLinkNear\AsusLinkNear.exe
(ASUSTek Computer Inc. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_2346917970a59cb8\ASUSLinkNear\AsusLinkNearExt.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_2346917970a59cb8\ASUSOptimization\AsusOptimization.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_2346917970a59cb8\ASUSOptimization\AsusOptimizationStartupTask.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_2346917970a59cb8\ASUSSoftwareManager\AsusSoftwareManager.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_2346917970a59cb8\ASUSSystemAnalysis\AsusSystemAnalysis.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(Gemalto, Inc. -> SafeNet, Inc.) C:\Windows\System32\hasplms.exe
(Gemalto, Inc. -> SafeNet, Inc.) C:\Windows\System32\hasplmv.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <37>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(ICEpower a/s -> ICEpower A/S) C:\Windows\System32\DriverStore\FileRepository\icesoundapo64.inf_amd64_db704b106aae3892\ICEsoundService64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_7ecc5be6ca7b3b0d\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\jhi_service.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_54b736e5be5b50b2\OneApp.IGCC.WinService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_e9b40d45ab4dc6b8\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_e9b40d45ab4dc6b8\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_eea3cf789013ad4f\RstMwService.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_47a3c840f4f369ff\Intel_PIE_Service.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <10>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\lync.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Prodejce1\AppData\Local\Microsoft\OneDrive\21.016.0124.0003\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Prodejce1\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SurfaceWirelessDisplayAdapter_4.227.139.0_x64__8wekyb3d8bbwe\Desktop\WDADesktopService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2101.10.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_2346917970a59cb8\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_aceb5b140d1d131e\Display.NvContainer\NVDisplay.Container.exe <2>
(Oresi) [File not signed] C:\Program Files (x86)\Orca\Orca.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <3>
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(WhatsApp, Inc -> WhatsApp) C:\Users\Prodejce1\AppData\Local\WhatsApp\app-2.2106.10\WhatsApp.exe <7>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [175504 2020-10-26] (ESET, spol. s r.o. -> ESET)
HKU\S-1-5-21-61476251-3162843502-1331547060-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Prodejce1\AppData\Local\Microsoft\Teams\Update.exe [2453720 2021-03-03] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-61476251-3162843502-1331547060-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32726088 2021-03-05] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-61476251-3162843502-1331547060-1001\...\Run: [Lync] => C:\Program Files\Microsoft Office\root\Office16\lync.exe [26325312 2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-61476251-3162843502-1331547060-1001\...\Run: [GoogleDriveSync] => "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
HKU\S-1-5-21-61476251-3162843502-1331547060-1001\...\MountPoints2: {b5577829-1523-11eb-9467-04ed339ae38f} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-61476251-3162843502-1331547060-1001\...\MountPoints2: {dc54ba59-f26c-11ea-9462-04ed339ae38f} - "D:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\88.2.8118.185\Installer\chrmstp.exe [2021-03-02] (Piriform Software Ltd -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.190\Installer\chrmstp.exe [2021-02-25] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {20C37D65-60FC-4F1D-AEAA-F7A6FEFE3307} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2212528 2021-02-17] (Piriform Software Ltd -> Piriform Software)
Task: {268C70A4-D9D6-4834-A014-F58BD1529394} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-08-17] (Google LLC -> Google LLC)
Task: {322B44AA-28BE-4C1D-9A54-7ECD12FD1169} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1510808 2002-02-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {33EBE368-92A5-47C8-AF83-6C90C2B73383} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23080304 2021-02-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {344DF41A-FE85-4B3A-899C-5C4B79A547F6} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [694752 2021-02-24] (Mozilla Corporation -> Mozilla Foundation)
Task: {4758374F-9F7F-495A-AB96-03FA57B9B68B} - System32\Tasks\Microsoft\Windows\PLA\AsusLinkNear => {FF679DA1-8FF2-4474-9C9E-52BBD409B557} C:\WINDOWS\system32\pla.dll [1493504 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {5606E1BF-D2B5-4114-A1C5-951B1573BB1B} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-02-15] (Piriform Software Ltd -> Piriform Software)
Task: {5FD95087-FC27-479F-B98A-24CB0050F447} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_2346917970a59cb8\ASUSSystemAnalysis\AsusSystemAnalysis.exe [2215480 2021-02-03] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
Task: {66551EE1-F8BB-4789-9C31-E9E35202673F} - System32\Tasks\RtkAudUService64_BG => C:\Windows\System32\RtkAudUService64.exe [985496 2020-12-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {7923FB46-AEE3-4D74-BA06-DDA5AA05F142} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-02-15] (Piriform Software Ltd -> Piriform Software)
Task: {7B965582-BD09-4A47-87A9-61ABE71D3EE5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-08-17] (Google LLC -> Google LLC)
Task: {9F0DA58A-C881-45FA-ABC3-7FF87567AD89} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141184 2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {ACA03E0B-EB63-4A5F-8E8E-17A5BDC09134} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_2346917970a59cb8\ASUSOptimization\AsusHotkeyExec.exe [230976 2021-02-03] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
Task: {B3B59519-2DDF-4B3F-B4CF-BA3A9695C775} - System32\Tasks\ASUS Update Checker 2.0 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_2346917970a59cb8\ASUSSoftwareManager\AsusUpdateChecker.exe [693176 2021-02-03] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
Task: {B7E10FDB-25ED-4A01-B44D-21D1D9374A60} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141184 2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {E172528C-AB49-4F95-B071-FA3DE1FDBBC6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27168840 2021-03-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {EA1448FA-6EA7-4956-8A31-95878A23C5C4} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23080304 2021-02-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {EA151570-C090-4E1C-8355-7CC6B4D9B403} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2212528 2021-02-17] (Piriform Software Ltd -> Piriform Software)
Task: {F5CEC320-8889-4A2F-973C-4EEDB6E4FBFA} - System32\Tasks\Microsoft\Windows\PLA\074C0539-0999-4DA9-9D0D-3D016B62F4E9 => {FF679DA1-8FF2-4474-9C9E-52BBD409B557} C:\WINDOWS\system32\pla.dll [1493504 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {F9ACD4AE-205B-4FC2-8E94-0B4C2A62BC3A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-03-05] (Piriform Software Ltd -> Piriform)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 89.239.24.2 89.239.24.34 8.8.8.8 8.8.8.8 192.168.100.1 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{6088905d-02c5-4ccc-a79f-9525ee1a01a7}: [DhcpNameServer] 89.239.24.2 89.239.24.34 8.8.8.8 8.8.8.8 192.168.100.1 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{8dc0eda4-ebab-4927-8473-1423d1464b4d}: [DhcpNameServer] 192.168.249.1
Tcpip\..\Interfaces\{c0c2e9ca-765c-4be1-88de-38e5a0b1da79}: [DhcpNameServer] 30.50.1.1 30.50.1.2
Tcpip\..\Interfaces\{ffc0e848-ebcd-420c-98af-76951afde5a3}: [DhcpNameServer] 89.239.24.2 89.239.24.34 8.8.8.8 8.8.8.8 192.168.100.1 8.8.8.8 192.168.1.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Prodejce1\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-08]
Edge StartupUrls: Default -> "hxxp://www.oresi.cz/"

FireFox:
========
FF DefaultProfile: 0xvslzn5.default
FF ProfilePath: C:\Users\Prodejce1\AppData\Roaming\Mozilla\Firefox\Profiles\0xvslzn5.default [2020-08-19]
FF ProfilePath: C:\Users\Prodejce1\AppData\Roaming\Mozilla\Firefox\Profiles\dyq7w2rd.default-release [2021-03-08]
FF Notifications: Mozilla\Firefox\Profiles\dyq7w2rd.default-release -> hxxps://calendar.google.com
FF Extension: (uBlock Origin) - C:\Users\Prodejce1\AppData\Roaming\Mozilla\Firefox\Profiles\dyq7w2rd.default-release\Extensions\uBlock0@raymondhill.net.xpi [2021-02-10]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2021-02-15] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2021-02-15] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2021-03-08]

Chrome:
=======
CHR Profile: C:\Users\Prodejce1\AppData\Local\Google\Chrome\User Data\Default [2021-03-08]
CHR Notifications: Default -> hxxps://cz.pinterest.com; hxxps://mail.oresi.cz; hxxps://www.facebook.com; hxxps://www.kosik.cz; hxxps://www.netflix.com
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.youndoo.com/?z=031669dcef602a6fd735 ... RW&type=hp"
CHR DefaultSearchURL: Default -> hxxps://www.instagram.com/static/images/ico/xxh ... 09d459.png
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\Prodejce1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-08-17]
CHR Extension: (Dokumenty) - C:\Users\Prodejce1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-08-17]
CHR Extension: (Disk Google) - C:\Users\Prodejce1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-23]
CHR Extension: (Pop up blocker for Chrome™ - Poper Blocker) - C:\Users\Prodejce1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2021-01-11]
CHR Extension: (uBlock Origin) - C:\Users\Prodejce1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-02-10]
CHR Extension: (Avast Passwords) - C:\Users\Prodejce1\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2020-10-10]
CHR Extension: (Tabulky) - C:\Users\Prodejce1\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-08-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\Prodejce1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-04]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\Prodejce1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-01-29]
CHR Extension: (Instagram) - C:\Users\Prodejce1\AppData\Local\Google\Chrome\User Data\Default\Extensions\maonlnecdeecdljpahhnnlmhbmalehlm [2020-10-10]
CHR Extension: (Lightshot (Nástroje snímků)) - C:\Users\Prodejce1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp [2020-10-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Prodejce1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Prodejce1\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2020-10-10]
CHR Extension: (Chrome Media Router) - C:\Users\Prodejce1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-02-01]
CHR HKU\S-1-5-21-61476251-3162843502-1331547060-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASUSLinkNear; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_2346917970a59cb8\ASUSLinkNear\AsusLinkNear.exe [1098304 2021-02-03] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
R2 ASUSLinkNearExt; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_2346917970a59cb8\ASUSLinkNear\AsusLinkNearExt.exe [142280 2021-02-03] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
R2 ASUSLinkRemote; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_2346917970a59cb8\ASUSLinkRemote\AsusLinkRemote.exe [790984 2021-02-03] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.​)
R2 ASUSOptimization; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_2346917970a59cb8\ASUSOptimization\AsusOptimization.exe [327232 2021-02-03] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R2 ASUSSoftwareManager; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_2346917970a59cb8\ASUSSoftwareManager\AsusSoftwareManager.exe [883264 2021-02-03] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_2346917970a59cb8\ASUSSystemAnalysis\AsusSystemAnalysis.exe [2215480 2021-02-03] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_2346917970a59cb8\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [620968 2021-02-03] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.)
S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-02-15] (Piriform Software Ltd -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\88.2.8118.185\elevation_service.exe [1456376 2021-02-17] (Piriform Software Ltd -> Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-02-15] (Piriform Software Ltd -> Piriform Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8988552 2021-02-22] (Microsoft Corporation -> Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-10-26] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-10-26] (ESET, spol. s r.o. -> ESET)
R2 hasplms; C:\Windows\system32\hasplms.exe [7364688 2019-03-01] (Gemalto, Inc. -> SafeNet, Inc.)
R2 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [370368 2015-06-10] (Microsoft Corporation -> Microsoft Corporation)
S4 SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [613056 2015-06-10] (Microsoft Corporation -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12723480 2021-02-17] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_aceb5b140d1d131e\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_aceb5b140d1d131e\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aksdf; C:\Windows\system32\drivers\aksdf.sys [389560 2019-03-01] (Gemalto, Inc. -> SafeNet, Inc.)
R2 aksfridge; C:\Windows\system32\drivers\aksfridge.sys [487352 2019-03-01] (Gemalto, Inc. -> SafeNet, Inc.)
S3 akshasp; C:\WINDOWS\system32\DRIVERS\akshasp.sys [69776 2019-03-01] (Gemalto, Inc. -> SafeNet, Inc.)
S3 akshhl; C:\WINDOWS\system32\DRIVERS\akshhl.sys [68752 2019-03-01] (Gemalto, Inc. -> SafeNet, Inc.)
S3 aksusb; C:\WINDOWS\system32\DRIVERS\aksusb.sys [314000 2019-03-01] (Gemalto, Inc. -> SafeNet, Inc.)
R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [108504 2019-04-23] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R1 ASUSSAIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_2346917970a59cb8\ASUSSystemAnalysis\ASUSSAIO.sys [36408 2021-02-03] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R1 ATKWMIACPIIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_2346917970a59cb8\ASUSOptimization\atkwmiacpi64.sys [44712 2021-02-03] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [160992 2020-10-26] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [109360 2020-10-26] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15288 2020-10-22] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [190464 2020-10-26] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [43720 2020-10-26] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [70048 2020-10-26] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [107784 2020-10-26] (ESET, spol. s r.o. -> ESET)
R2 hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [1970104 2019-03-01] (Gemalto, Inc. -> SafeNet, Inc.)
S4 RsFx0300; C:\WINDOWS\System32\DRIVERS\RsFx0300.sys [247488 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-08 20:15 - 2021-03-08 20:16 - 000027626 _____ C:\Users\Prodejce1\Downloads\FRST.txt
2021-03-08 20:14 - 2021-03-08 20:15 - 000000000 ____D C:\FRST
2021-03-08 20:14 - 2021-03-08 20:14 - 002301440 _____ (Farbar) C:\Users\Prodejce1\Downloads\FRST64.exe
2021-03-08 14:35 - 2021-03-08 16:41 - 484691894 _____ C:\Users\Prodejce1\Downloads\20210308_oresilitomerice_bfdaca810d69884b3793_20210308125311_archive.zip
2021-03-08 14:35 - 2021-03-08 14:35 - 000065494 _____ C:\Users\Prodejce1\Downloads\installer.php
2021-03-08 12:41 - 2021-03-08 12:41 - 001708014 _____ C:\Users\Prodejce1\Downloads\Photos.zip
2021-03-08 12:37 - 2021-03-08 12:37 - 000342907 _____ C:\Users\Prodejce1\Downloads\774172197.pdf
2021-03-08 12:05 - 2021-03-08 12:05 - 000047360 _____ C:\Users\Prodejce1\Downloads\Neplattdane.pdf
2021-03-08 11:58 - 2021-03-08 11:58 - 000039032 _____ C:\Users\Prodejce1\Downloads\Seznam Email.pdf
2021-03-06 22:12 - 2021-03-06 22:13 - 017487751 _____ C:\Users\Prodejce1\Downloads\wordpress-5.6.2-cs_CZ.zip
2021-03-05 21:59 - 2021-03-05 22:01 - 000203368 _____ C:\Users\Prodejce1\Downloads\WhatsApp Image 2021-03-05 at 16.48.48.jpeg
2021-03-05 21:59 - 2021-03-05 22:00 - 000166108 _____ C:\Users\Prodejce1\Downloads\WhatsApp Image 2021-03-05 at 16.49.02 (1).jpeg
2021-03-05 21:59 - 2021-03-05 21:59 - 000113026 _____ C:\Users\Prodejce1\Downloads\WhatsApp Image 2021-03-05 at 16.49.02.jpeg
2021-03-05 21:59 - 2021-03-05 21:59 - 000088962 _____ C:\Users\Prodejce1\Downloads\WhatsApp Image 2021-03-05 at 16.49.01.jpeg
2021-03-05 10:58 - 2021-03-05 10:58 - 000051372 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\ranš 2.pdf
2021-03-05 10:57 - 2021-03-05 10:57 - 000063643 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\ranš.pdf
2021-03-05 10:49 - 2021-03-05 10:49 - 000061167 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\tzguhbnj.pdf
2021-03-05 10:48 - 2021-03-05 10:48 - 000061988 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\zrdguhiuj.pdf
2021-03-05 09:25 - 2021-03-05 09:25 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-05 09:25 - 2021-03-05 09:25 - 000011002 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-03-05 09:24 - 2021-03-05 09:24 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-03-05 09:24 - 2021-03-05 09:24 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-05 09:24 - 2021-03-05 09:24 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-03-05 09:24 - 2021-03-05 09:24 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-03-04 01:59 - 2021-03-04 01:59 - 002824108 _____ C:\WINDOWS\Minidump\030421-9671-01.dmp
2021-03-02 19:11 - 2021-03-02 19:11 - 016737542 _____ C:\Users\Prodejce1\Downloads\LT01-2021_ORE_AEG_CZ_N01 TP (vytvoreno Lemoni).zip
2021-03-02 19:11 - 2021-03-02 19:11 - 002813361 _____ C:\Users\Prodejce1\Downloads\LT01-2021_ORE_AEG_CZ_N01 LQ (vytvoreno Lemoni).pdf
2021-03-01 18:23 - 2021-03-01 18:23 - 000112100 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\Atyp P. Procházka.pdf
2021-03-01 18:21 - 2021-03-01 18:21 - 002532271 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\Doobjednávka Procházka atyp.pdf
2021-03-01 10:33 - 2021-03-01 10:33 - 002537092 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\hamplová doobjednávka.pdf
2021-03-01 09:49 - 2021-03-01 09:49 - 000021917 _____ C:\Users\Prodejce1\Downloads\2021-02-01–2021-02-28_Souhrn_fakturace.pdf
2021-02-26 18:48 - 2021-02-26 18:48 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-02-26 13:37 - 2021-02-26 13:38 - 002692204 _____ C:\WINDOWS\Minidump\022621-12421-01.dmp
2021-02-26 12:37 - 2021-02-26 12:37 - 000072004 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\Zahradníčková - záloha.pdf
2021-02-26 08:39 - 2021-02-26 08:39 - 000061986 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\Montaz P.Procházka.pdf
2021-02-26 08:39 - 2021-02-26 08:39 - 000051117 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\Zamereni - P.Procházka.pdf
2021-02-25 16:26 - 2021-02-25 16:26 - 000075813 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\Konečná faktura - P.Procházka.pdf
2021-02-25 16:09 - 2021-02-25 16:09 - 004348889 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\Kupní smlouva - P.Procházka.pdf
2021-02-25 14:51 - 2021-02-25 14:51 - 000075692 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\P.Špírková - finální faktura.pdf
2021-02-24 10:27 - 2021-02-24 10:27 - 000323125 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\ks.pdf
2021-02-24 09:12 - 2021-02-24 09:12 - 000000000 ____D C:\Users\Prodejce1\Downloads\zasilka-HREW4X373CNL4C4Z
2021-02-24 09:11 - 2021-02-02 15:26 - 011277590 ____N C:\Users\Prodejce1\Downloads\SPONZOR_CT_SETKANI_6310.mp4
2021-02-24 09:11 - 2021-02-02 15:26 - 010555362 ____N C:\Users\Prodejce1\Downloads\SPONZOR_CT_HYCKANI_6310.mp4
2021-02-24 08:44 - 2021-02-24 08:44 - 014508714 _____ C:\Users\Prodejce1\Downloads\Protokol-o-zaměření.pdf
2021-02-24 08:43 - 2021-02-24 08:43 - 000006840 _____ C:\Users\Prodejce1\Downloads\Příloha-bez-názvu_-00003.htm
2021-02-24 04:20 - 2021-03-04 01:59 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-02-23 19:26 - 2021-02-23 19:26 - 000087697 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\10-kuchynka-pohled.pdf
2021-02-23 17:24 - 2021-02-23 17:24 - 000063020 _____ C:\Users\Prodejce1\Downloads\WhatsApp Image 2021-02-23 at 16.50.43.jpeg
2021-02-22 19:00 - 2021-02-22 19:00 - 000071623 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\Záloha - paní Čelákovská.pdf
2021-02-22 18:25 - 2021-02-22 18:25 - 000205933 _____ C:\Users\Prodejce1\Downloads\zamereni 2 celakovska.pdf
2021-02-22 18:25 - 2021-02-22 18:25 - 000180994 _____ C:\Users\Prodejce1\Downloads\zamereni celakovska.pdf
2021-02-22 18:24 - 2021-02-22 18:24 - 000282530 _____ C:\Users\Prodejce1\Downloads\půdorys ČELÁKOVSKÁ.pdf
2021-02-22 18:23 - 2021-02-22 18:23 - 000193858 _____ C:\Users\Prodejce1\Downloads\Stena 1A ČELÁKOVSKÁ.pdf
2021-02-22 18:23 - 2021-02-22 18:23 - 000170709 _____ C:\Users\Prodejce1\Downloads\Stena 1B ČELÁKOVSKÁ.pdf
2021-02-22 18:17 - 2021-02-22 18:17 - 002710370 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\Kupní smlouva - p. Čelákovská.pdf
2021-02-22 11:50 - 2021-02-22 11:50 - 000896729 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\P.Čelákovská - nabídka.pdf
2021-02-22 11:50 - 2021-02-22 11:50 - 000891031 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\njmk.pdf
2021-02-18 19:53 - 2021-02-18 19:53 - 000299034 _____ C:\Users\Prodejce1\Downloads\barvy látek zatemňovací.pdf
2021-02-18 19:51 - 2021-02-18 19:51 - 000041702 _____ C:\Users\Prodejce1\Downloads\WhatsApp Image 2021-02-18 at 16.10.42.jpeg
2021-02-18 16:35 - 2021-02-18 16:35 - 002536345 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\Martínkovi - doobjednávka.pdf
2021-02-18 15:11 - 2021-02-18 15:11 - 002537078 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\Tajzichovi - doobjednávka.pdf
2021-02-18 14:26 - 2021-02-18 14:26 - 000074431 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\H.Štetinová pračka faktura.pdf
2021-02-18 14:19 - 2021-02-18 14:19 - 000319195 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\fvghjklů.pdf
2021-02-17 15:42 - 2021-02-17 15:42 - 021406451 _____ C:\Users\Prodejce1\Downloads\VZORNIK_Dolti_Collection_dvirka.pdf
2021-02-17 12:06 - 2021-02-17 12:07 - 002535310 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\Doobjednávka Procházka.pdf
2021-02-17 09:08 - 2021-02-17 09:08 - 000055123 _____ C:\Users\Prodejce1\Downloads\received_172345367763477.jpeg
2021-02-16 18:50 - 2021-02-16 18:50 - 001685004 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\Studie_vZorka+Dusan.pdf
2021-02-16 17:01 - 2021-02-19 19:26 - 001734905 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\Studie_v3.pdf
2021-02-15 10:27 - 2021-03-02 12:32 - 000002389 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2021-02-15 10:27 - 2021-02-15 10:27 - 000003842 _____ C:\WINDOWS\system32\Tasks\CCleaner Browser Heartbeat Task (Hourly)
2021-02-15 10:27 - 2021-02-15 10:27 - 000003258 _____ C:\WINDOWS\system32\Tasks\CCleaner Browser Heartbeat Task (Logon)
2021-02-15 10:27 - 2021-02-15 10:27 - 000000000 ____D C:\Users\Prodejce1\AppData\Local\CCleaner Browser
2021-02-15 10:27 - 2021-02-15 10:27 - 000000000 ____D C:\ProgramData\CCleaner Browser
2021-02-15 10:26 - 2021-03-02 12:32 - 000000000 ____D C:\Program Files (x86)\CCleaner Browser
2021-02-15 10:26 - 2021-02-15 10:26 - 000003528 _____ C:\WINDOWS\system32\Tasks\CCleanerUpdateTaskMachineUA
2021-02-15 10:26 - 2021-02-15 10:26 - 000003404 _____ C:\WINDOWS\system32\Tasks\CCleanerUpdateTaskMachineCore
2021-02-12 20:14 - 2021-02-12 20:14 - 025569170 _____ C:\Users\Prodejce1\Downloads\VID_20210212_120954.mp4
2021-02-12 20:11 - 2021-02-12 20:11 - 022204676 _____ C:\Users\Prodejce1\Downloads\VID_20210212_120533.mp4
2021-02-11 21:03 - 2021-02-11 21:03 - 000000000 ____D C:\Users\Prodejce1\Downloads\wetransfer-35bb14
2021-02-11 20:53 - 2021-02-11 20:53 - 004348937 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\Kupní Smlouva - Květinářství, včetně desek.pdf
2021-02-11 17:20 - 2021-02-11 17:20 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-11 17:20 - 2021-02-11 17:20 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-10 18:39 - 2021-02-10 18:39 - 027331773 _____ C:\Users\Prodejce1\Downloads\Diagnostics_Logs-OLK-UTC.2021.2.10.17.39.31.682.zip
2021-02-10 16:10 - 2021-02-10 16:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje pro aplikaci Microsoft Office Outlook
2021-02-10 08:58 - 2021-02-10 08:58 - 011229070 _____ C:\Users\Prodejce1\Downloads\VID_20210131_092458.mp4
2021-02-07 21:57 - 2021-02-07 21:57 - 001039090 _____ C:\Users\Prodejce1\Downloads\2021-01-24T20-28_Transakce_._3491829120928032-7043496.pdf
2021-02-07 21:57 - 2021-02-07 21:57 - 001038482 _____ C:\Users\Prodejce1\Downloads\2021-01-26T14-00_Transakce_._3435521009892175-7051447 (1).pdf
2021-02-07 21:56 - 2021-02-07 21:56 - 001039101 _____ C:\Users\Prodejce1\Downloads\2021-01-23T09-50_Transakce_._3488737477903863-7036953.pdf
2021-02-07 21:56 - 2021-02-07 21:56 - 001039059 _____ C:\Users\Prodejce1\Downloads\2021-01-28T06-33_Transakce_._3381938995250378-7059818.pdf
2021-02-07 21:56 - 2021-02-07 21:56 - 001038482 _____ C:\Users\Prodejce1\Downloads\2021-01-26T14-00_Transakce_._3435521009892175-7051447.pdf
2021-02-07 21:55 - 2021-02-07 21:55 - 001039063 _____ C:\Users\Prodejce1\Downloads\2021-01-31T17-24_Transakce_._3515424948568449-7079272.pdf
2021-02-07 21:55 - 2021-02-07 21:55 - 001039060 _____ C:\Users\Prodejce1\Downloads\2021-01-29T19-29_Transakce_._3506881732756099-7067657.pdf
2021-02-07 21:55 - 2021-02-07 21:55 - 001038911 _____ C:\Users\Prodejce1\Downloads\2021-02-04T20-14_Transakce_._3587876511323288-7102070.pdf
2021-02-06 21:38 - 2021-02-06 21:39 - 000387932 _____ C:\Users\Prodejce1\Downloads\received_1616953585172814 (1).jpeg

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-08 20:09 - 2020-10-05 12:29 - 000000000 ____D C:\Users\Prodejce1\AppData\Roaming\WhatsApp
2021-03-08 20:08 - 2020-11-03 17:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-08 20:08 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-08 19:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-08 19:09 - 2020-08-11 22:44 - 000000000 ___RD C:\Users\Prodejce1\OneDrive
2021-03-08 19:00 - 2020-08-18 14:15 - 000000000 ____D C:\Users\Prodejce1\AppData\LocalLow\Mozilla
2021-03-08 19:00 - 2020-08-18 14:13 - 000000000 ____D C:\ProgramData\Mozilla
2021-03-08 16:28 - 2020-11-03 17:47 - 000003752 _____ C:\WINDOWS\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474
2021-03-08 13:06 - 2020-10-05 12:10 - 000000000 ____D C:\Program Files\CCleaner
2021-03-08 08:45 - 2020-08-11 09:21 - 000000000 ____D C:\KLS'04
2021-03-08 08:35 - 2020-08-11 09:13 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-03-07 18:55 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-07 04:05 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-03-06 22:05 - 2020-11-08 01:30 - 000000000 ____D C:\Users\Prodejce1\Downloads\Stare faktury
2021-03-06 12:58 - 2020-08-11 22:42 - 000000000 ____D C:\Users\Prodejce1\AppData\Local\Packages
2021-03-06 12:53 - 2020-11-03 17:47 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-03-06 12:06 - 2020-10-12 23:11 - 000001456 _____ C:\Users\Prodejce1\AppData\Local\Adobe Save for Web 12.0 Prefs
2021-03-06 09:54 - 2020-08-11 09:14 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-03-05 10:03 - 2020-11-03 17:51 - 001834266 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-03-05 10:03 - 2019-12-07 15:41 - 000719496 _____ C:\WINDOWS\system32\perfh005.dat
2021-03-05 10:03 - 2019-12-07 15:41 - 000145622 _____ C:\WINDOWS\system32\perfc005.dat
2021-03-05 09:58 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-03-05 09:58 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-05 09:58 - 2019-07-12 16:27 - 000000000 ____D C:\Program Files\Microsoft Office
2021-03-05 09:57 - 2020-11-03 17:47 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-05 09:57 - 2020-11-03 17:42 - 000450432 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-05 09:57 - 2020-11-03 17:42 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-05 09:57 - 2020-08-11 22:42 - 000000000 __SHD C:\Users\Prodejce1\IntelGraphicsProfiles
2021-03-05 09:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-03-05 09:57 - 2019-10-01 00:39 - 000000000 ____D C:\ProgramData\NVIDIA
2021-03-05 09:57 - 2019-10-01 00:33 - 000000000 ___HD C:\Intel
2021-03-05 09:56 - 2020-11-03 17:43 - 000000000 ____D C:\Users\Prodejce1
2021-03-05 09:56 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-05 09:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-05 09:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-05 09:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-05 09:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-05 09:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-05 09:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-05 09:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-05 09:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-05 09:56 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-03-05 09:09 - 2019-03-19 05:49 - 000000167 _____ C:\WINDOWS\win.ini
2021-03-04 23:23 - 2020-11-30 07:00 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b200e73e57ef
2021-03-04 23:23 - 2020-11-03 17:47 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-04 04:06 - 2020-11-03 17:47 - 000004122 _____ C:\WINDOWS\system32\Tasks\ASUS Update Checker 2.0
2021-03-04 04:06 - 2020-11-03 17:47 - 000003764 _____ C:\WINDOWS\system32\Tasks\ASUS Optimization 36D18D69AFC3
2021-03-04 02:00 - 2020-11-29 03:36 - 000000000 ____D C:\WINDOWS\Minidump
2021-03-04 01:59 - 2020-12-10 11:39 - 1693197532 _____ C:\WINDOWS\MEMORY.DMP
2021-03-04 01:59 - 2020-08-18 14:13 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-03-03 19:16 - 2020-09-23 10:03 - 000000000 ____D C:\Users\Prodejce1\AppData\Local\ElevatedDiagnostics
2021-03-03 18:54 - 2020-10-02 09:56 - 000002386 _____ C:\Users\Prodejce1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-02-27 03:59 - 2020-10-05 12:28 - 000000000 ____D C:\Users\Prodejce1\AppData\Local\WhatsApp
2021-02-26 18:48 - 2020-08-19 17:16 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-02-26 09:17 - 2020-08-11 22:45 - 000000000 ____D C:\Users\Prodejce1\AppData\Local\PlaceholderTileLogoFolder
2021-02-25 13:18 - 2020-08-17 18:53 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-24 09:13 - 2020-10-21 19:13 - 000000000 ____D C:\Users\Prodejce1\AppData\Roaming\vlc
2021-02-19 19:26 - 2021-02-05 21:07 - 000011774 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\klienti fb.xlsx
2021-02-19 16:59 - 2020-11-03 17:47 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-61476251-3162843502-1331547060-1001
2021-02-19 16:59 - 2020-11-03 17:43 - 000002375 _____ C:\Users\Prodejce1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-19 09:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-02-14 20:03 - 2020-11-15 00:41 - 000000000 ____D C:\Users\Prodejce1\AppData\Local\Notepad
2021-02-14 20:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-02-14 20:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-02-14 20:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-14 20:01 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-14 20:01 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-02-14 10:18 - 2020-09-30 22:36 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-11 17:16 - 2020-08-11 23:10 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-11 17:14 - 2020-08-11 23:10 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-10 17:04 - 2019-10-01 00:38 - 000000000 ____D C:\ProgramData\Intel
2021-02-10 16:10 - 2020-10-02 16:21 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-02-10 16:10 - 2020-08-11 09:15 - 000000000 ____D C:\Program Files (x86)\MSECache
2021-02-10 09:04 - 2020-08-11 09:07 - 000000000 ____D C:\Program Files (x86)\Orca
2021-02-07 13:38 - 2019-10-01 00:42 - 000000000 ____D C:\Program Files\Intel

==================== Files in the root of some directories ========

2020-10-12 23:11 - 2021-03-06 12:06 - 000001456 _____ () C:\Users\Prodejce1\AppData\Local\Adobe Save for Web 12.0 Prefs

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-02-2021
Ran by Prodejce1 (08-03-2021 20:16:58)
Running from C:\Users\Prodejce1\Downloads
Windows 10 Home Version 20H2 19042.844 (X64) (2020-11-03 16:47:27)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-61476251-3162843502-1331547060-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-61476251-3162843502-1331547060-503 - Limited - Disabled)
Guest (S-1-5-21-61476251-3162843502-1331547060-501 - Limited - Disabled)
Prodejce1 (S-1-5-21-61476251-3162843502-1331547060-1001 - Administrator - Enabled) => C:\Users\Prodejce1
WDAGUtilityAccount (S-1-5-21-61476251-3162843502-1331547060-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.17.5 - ICEpower a/s)
CCleaner (HKLM\...\CCleaner) (Version: 5.77 - Piriform)
CCleaner Browser (HKLM-x32\...\CCleaner Browser) (Version: 88.2.8118.185 - Autoři prohlížeče CCleaner Browser)
CCleaner Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1067.0 - Piriform Software) Hidden
CEWE FOTOLAB fotosvet (HKLM-x32\...\CEWE FOTOLAB fotosvet) (Version: 7.0.4 - CEWE Stiftung u Co. KGaA)
ESET Security (HKLM\...\{3B47BDC5-99BF-4F5C-A303-1F0F9DBC74F6}) (Version: 14.0.22.0 - ESET, spol. s r.o.)
GDR 2269 for SQL Server 2014 (KB3045324) (64-bit) (HKLM\...\KB3045324) (Version: 12.0.2269.0 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.190 - Google LLC)
Intel® PROSet/Wireless Software (HKLM-x32\...\{7194a517-3ed1-424f-93f2-d95fe11843f5}) (Version: 21.0.0.0u - Intel Corporation)
KLS'04 ( 19.09.2019 ) Oresi DB 105 (HKLM-x32\...\{A092274D-9C45-44FC-81E9-BF6EBC2351AA}_is1) (Version: - )
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.13801.20266 - Microsoft Corporation)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.13801.20266 - Microsoft Corporation)
Microsoft Access database engine 2010 (English) (HKLM\...\{90140000-00D1-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.45 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.63 - )
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 89.0.774.45 - Microsoft Corporation)
Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{A106FA6F-E94C-44C9-8A0F-C34BD82C9FE6}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Office Language Pack 2013 - Czech/čeština (HKLM\...\Office15.OMUI.cs-cz) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-61476251-3162843502-1331547060-1001\...\OneDriveSetup.exe) (Version: 21.016.0124.0003 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{6292D514-17A4-403F-98F9-E150F10C043D}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2014) (Version: - Microsoft Corporation)
Microsoft SQL Server 2014 Setup (English) (HKLM\...\{37C44B5C-E839-4A9D-9E20-A93E1B2FD35A}) (Version: 12.0.2269.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-61476251-3162843502-1331547060-1001\...\Teams) (Version: 1.4.00.4167 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2014 (HKLM\...\{366CD715-2FF4-40B4-A8B4-A05E5D21A945}) (Version: 12.0.2000.8 - Microsoft Corporation)
Mozilla Firefox 86.0 (x64 cs) (HKLM\...\Mozilla Firefox 86.0 (x64 cs)) (Version: 86.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 79.0 - Mozilla)
Nástroj pro aktualizaci dat podle časového pásma pro aplikaci Microsoft Office Outlook (HKLM-x32\...\{95120000-0038-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1093 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
NVIDIA Ovladače grafiky 451.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 451.67 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13801.20182 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13801.20182 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13801.20182 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13801.20182 - Microsoft Corporation) Hidden
Sentinel Runtime (HKLM-x32\...\{D4AEC281-53BF-42C3-B1ED-F84391CF41AF}) (Version: 7.91.26692.60000 - Gemalto)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0100-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{010BF41A-4D78-40C3-90BA-117DF64A0AE2}) (Version: - Microsoft)
Skype pro firmy Basic 2016 - cs-cz (HKLM\...\SkypeforBusinessEntryRetail - cs-cz) (Version: 16.0.13801.20266 - Microsoft Corporation)
SQL Server 2014 Common Files (HKLM\...\{BD1CD96B-FE4B-4EAE-83D4-6EF55AB5779C}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Common Files (HKLM\...\{F7012F84-80F5-4C25-852E-B1BA03276FE6}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (HKLM\...\{17531BCD-C627-46A2-9F1E-7CC920E0E94A}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (HKLM\...\{5082A9F3-AEE5-4639-9BA7-C19661BA7331}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (HKLM\...\{ACC530B8-B6B4-40D6-B59B-152468CF47D0}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (HKLM\...\{D1B847A9-B06B-4264-9EF0-78E6E1571E65}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2014 (HKLM-x32\...\{3204DE95-97D2-4261-A286-98A262E171D4}) (Version: 12.0.2000.8 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (HKLM\...\{6476DB81-F263-4C04-8574-AAD31136C304}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
TeamViewer Host (HKLM-x32\...\TeamViewer) (Version: 15.15.5 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WhatsApp (HKU\S-1-5-21-61476251-3162843502-1331547060-1001\...\WhatsApp) (Version: 2.2106.10 - WhatsApp)
WinRAR 5.80 beta 4 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.4 - win.rar GmbH)

Packages:
=========
AudioWizard -> C:\Program Files\WindowsApps\ICEpower.AudioWizard_1.5.28.0_x64__dxp88312j1fgj [2020-08-17] (ICEpower)
Bezdrátový adaptér displeje Microsoft -> C:\Program Files\WindowsApps\Microsoft.SurfaceWirelessDisplayAdapter_4.227.139.0_x64__8wekyb3d8bbwe [2021-01-04] (Microsoft Corporation) [Startup Task]
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.7.2020.0_x64__rz1tebttyb220 [2021-03-07] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-09-26] (Microsoft Corporation)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2021-01-15] (INTEL CORP)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-08-11] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-08-11] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-01-29] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-01-20] (NVIDIA Corp.)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3282.0_x64__8j3eq9eme6ctt [2020-12-31] (INTEL CORP) [Startup Task]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.7.198.0_x64__dt26b99r8h8gj [2020-08-11] (Realtek Semiconductor Corp)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-61476251-3162843502-1331547060-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Prodejce1\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20289.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-61476251-3162843502-1331547060-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Prodejce1\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-26] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-11-20] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-11-20] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-26] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_aceb5b140d1d131e\nvshext.dll [2020-07-07] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-26] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-11-20] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-11-20] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-10-28 00:28 - 2020-10-28 00:28 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2020-10-28 00:28 - 2020-10-28 00:28 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\c2r64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-61476251-3162843502-1331547060-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=PF170501&iDate=2020-02-19 11:04:24&bName=
HKU\S-1-5-21-61476251-3162843502-1331547060-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE
HKU\S-1-5-21-61476251-3162843502-1331547060-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKU\S-1-5-21-61476251-3162843502-1331547060-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-61476251-3162843502-1331547060-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-61476251-3162843502-1331547060-1001\...\sharepoint.com -> hxxps://kingjoe-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-61476251-3162843502-1331547060-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Prodejce1\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\IMG_20210307_132001.jpg
HKU\S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 89.239.24.2 - 89.239.24.34
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-61476251-3162843502-1331547060-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{8D40FCD9-1D3D-4CC6-9DE8-3709143DAE6A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B2ADC765-0AD0-4651-8833-FC8F03CEA8F6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{525247A5-480F-4C50-8607-1FD850CA29BD}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DC5520F9-A06A-4692-814A-E6CF8B8D511A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{D3473E4F-6531-43C8-8134-8BB7E0878CE9}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{6BADF7C6-9F0D-4B9C-9561-6133CA399ED4}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{434AF964-5E71-479A-A9F2-20C52C009D8A}C:\users\prodejce1\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\prodejce1\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{186355BC-5530-475F-B0F3-9421EF6E29D5}C:\users\prodejce1\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\prodejce1\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{0C785C9E-0C60-4EB9-89CF-427B7E01805B}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{942CA9C1-722F-4D88-8438-DEF416FEE717}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{EF238ED7-DEBF-4825-B9BD-9328180AC8DA}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{8CE7C425-28B8-4E94-836F-DC0F23EBBED5}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{FB94DEB4-6E81-4E81-8159-50EA90BA0077}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A13229EB-A8C8-45E9-99E2-E22E62588CCF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{695AA710-8641-4D9C-83E7-44EC1C78C9E1}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0495043E-FF23-4F95-80F5-DB96BFAF59F7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AC27E230-29D4-4B6D-AF25-10AA159E8835}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DFD8443E-213D-418F-8636-39E3C5D05C2D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D83A750D-9D4C-42F3-A13A-21468D42AA67}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1D780036-8532-47E5-BA94-105699C0FEE7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{D991C10E-5AAB-4280-8F02-580674AFC5B0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1175F184-F4A5-4CCD-BF87-0AC564A3DCA7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{3490BB6B-87A7-4F16-BD82-CE84FD0835B1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{BB07A2A7-4D74-4370-9CE3-E090C7D911D9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{59A73D84-A142-4045-9C74-87ECA8130E24}] => (Allow) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (Piriform Software Ltd -> Piriform Software)
FirewallRules: [{1AD48CAD-2CF7-49B5-9534-8A86814870DB}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\89.0.774.45\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C92C242A-67E6-4464-931D-F39896CD7274}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_2346917970a59cb8\ASUSLinkNear\AsusLinkNear.exe (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
FirewallRules: [{2B392713-378A-4D1B-8FCB-C7A50318AC72}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_2346917970a59cb8\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.​)
FirewallRules: [{AF8ED85E-C3B0-4A44-A871-0E7EE2C11490}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_2346917970a59cb8\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.​)

==================== Restore Points =========================

01-03-2021 10:22:23 Naplánovaný kontrolní bod
05-03-2021 09:16:03 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/08/2021 08:38:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: OLicenseHeartbeat.exe, verze: 16.0.13801.20182, časové razítko: 0x602dd932
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.804, časové razítko: 0x0e9c5eae
Kód výjimky: 0xc06d007e
Posun chyby: 0x000000000002d759
ID chybujícího procesu: 0x43a8
Čas spuštění chybující aplikace: 0x01d713edf9e42a75
Cesta k chybující aplikaci: C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 3c4ff3c1-e7ee-4a52-bec4-2ed795931272
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/07/2021 01:15:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: OLicenseHeartbeat.exe, verze: 16.0.13801.20182, časové razítko: 0x602dd932
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.804, časové razítko: 0x0e9c5eae
Kód výjimky: 0xc06d007e
Posun chyby: 0x000000000002d759
ID chybujícího procesu: 0x27f0
Čas spuštění chybující aplikace: 0x01d712e706803cc1
Cesta k chybující aplikaci: C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: aed0f0a5-d889-4907-a69e-0e23f79eb174
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/06/2021 09:53:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: OLicenseHeartbeat.exe, verze: 16.0.13801.20182, časové razítko: 0x602dd932
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.804, časové razítko: 0x0e9c5eae
Kód výjimky: 0xc06d007e
Posun chyby: 0x000000000002d759
ID chybujícího procesu: 0x170c
Čas spuštění chybující aplikace: 0x01d712663b81e5f8
Cesta k chybující aplikaci: C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 6d6fefad-ff82-4ca8-9fcb-e46e2300576a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/05/2021 09:56:50 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (03/04/2021 04:06:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RtkAudUService64.exe, verze: 1.0.228.1, časové razítko: 0x5daea611
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.804, časové razítko: 0x4544b4a1
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000ff099
ID chybujícího procesu: 0x1cd0
Čas spuštění chybující aplikace: 0x01d71091ac954379
Cesta k chybující aplikaci: C:\WINDOWS\system32\RtkAudUService64.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: b8916793-9e7d-47e2-bfef-9be4c7341bf4
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/27/2021 05:54:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: KLS.exe, verze: 1.0.1.0, časové razítko: 0x5fe0e828
Název chybujícího modulu: KLS.exe, verze: 1.0.1.0, časové razítko: 0x5fe0e828
Kód výjimky: 0xc000041d
Posun chyby: 0x00609c17
ID chybujícího procesu: 0xcd4
Čas spuštění chybující aplikace: 0x01d70d1a81c695f7
Cesta k chybující aplikaci: C:\KLS'04\KLS.exe
Cesta k chybujícímu modulu: C:\KLS'04\KLS.exe
ID zprávy: cddf8e89-f7d8-4f50-a57f-04e098ca4f70
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/27/2021 05:54:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: KLS.exe, verze: 1.0.1.0, časové razítko: 0x5fe0e828
Název chybujícího modulu: KLS.exe, verze: 1.0.1.0, časové razítko: 0x5fe0e828
Kód výjimky: 0xc0000005
Posun chyby: 0x00609c17
ID chybujícího procesu: 0xcd4
Čas spuštění chybující aplikace: 0x01d70d1a81c695f7
Cesta k chybující aplikaci: C:\KLS'04\KLS.exe
Cesta k chybujícímu modulu: C:\KLS'04\KLS.exe
ID zprávy: 17f1b800-f9c2-4895-a0d5-90e582b68a85
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/26/2021 01:38:08 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: LITOMERICE1-NB)
Description: Aplikaci nebo službu Microsoft Windows Search Protocol Host nelze ukončit.


System errors:
=============
Error: (03/06/2021 04:31:05 PM) (Source: Netwtw08) (EventID: 5002) (User: )
Description: Intel(R) Wireless-AC 9461 : Bylo zjištěno, že síťový adaptér nepracuje správně.
5002 - uCode SW error (SysAssert, NMI)

Error: (03/06/2021 04:31:05 PM) (Source: Netwtw08) (EventID: 5005) (User: )
Description: Intel(R) Wireless-AC 9461 : Byla zjištěna vnitřní chyba a došlo k selhání.
5005 - Driver internal error

Error: (03/05/2021 11:51:28 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9WZDNCRFJBH4-Microsoft.Windows.Photos.

Error: (03/04/2021 01:59:59 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: Počítač byl restartován z procesu kontroly chyb. Kontrola chyb: 0x00000154 (0xffffbf8f4cfad000, 0xfffffe058000df30, 0x0000000000000002, 0x0000000000000000). Výpis byl uložen do: C:\WINDOWS\MEMORY.DMP. ID hlášení: 80faad60-21e5-468a-bcf9-bbaef5553f83

Error: (03/04/2021 01:59:43 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (22:40:03, ‎03.‎03.‎2021) bylo neočekávané.

Error: (03/02/2021 02:39:01 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelIHVRouter08.dll

Error: (03/02/2021 02:39:01 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelIHVRouter08.dll

Error: (03/02/2021 02:39:01 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelIHVRouter08.dll


Windows Defender:
================
Date: 2020-12-13 13:41:01
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {74035AF4-3F7C-443A-A8BE-67C85D42E98B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-12-11 21:12:24
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F6BA75B7-47A1-402A-AA4E-9DBEC77BF5E7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-12-11 16:25:17
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {DBDCECAD-1AC4-4EC7-A078-E22BC5647DF5}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-12-09 13:31:01
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {813412E5-39B9-447E-A942-631066097DCD}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-12-09 01:04:20
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {239911C6-3C4C-45E3-BC95-760CA1482914}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2021-03-08 09:57:40
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

BIOS: American Megatrends Inc. X509FJ.300 04/30/2019
Motherboard: ASUSTeK COMPUTER INC. X509FJ
Processor: Intel(R) Core(TM) i5-8265U CPU @ 1.60GHz
Percentage of memory in use: 92%
Total physical RAM: 8043.36 MB
Available physical RAM: 643.21 MB
Total Virtual: 20331.36 MB
Available Virtual: 7732.62 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:237.57 GB) (Free:124.67 GB) NTFS

\\?\Volume{cf79d5eb-bf07-44d1-96be-6c6623f97781}\ () (Fixed) (Total:0.63 GB) (Free:0.17 GB) NTFS
\\?\Volume{f8af5851-3817-4cc2-b0cf-c5099b8719c5}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 96871955)

Partition: GPT.

==================== End of Addition.txt =======================

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Díky, zde:

# -------------------------------
# Malwarebytes AdwCleaner 8.1.0.0
# -------------------------------
# Build: 02-15-2021
# Database: 2021-01-11.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-08-2021
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 3
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

Deleted Seznam doplněk - Esko - olfeabkoenfaoljndfecamgilllcpiak

***** [ Chromium URLs ] *****

Deleted http://www.youndoo.com/?z=031669dcef602 ... RW&type=hp
Deleted youndoo

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1628 octets] - [08/03/2021 21:26:52]
AdwCleaner[C00].txt - [1761 octets] - [08/03/2021 21:27:15]
AdwCleaner[S01].txt - [1750 octets] - [08/03/2021 21:29:06]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

OK. Dejte nové logy FRST+Addition.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-02-2021
Ran by Prodejce1 (administrator) on LITOMERICE1-NB (ASUSTeK COMPUTER INC. VivoBook_ASUSLaptop X509FJ_X509FJ) (09-03-2021 09:41:19)
Running from C:\Users\Prodejce1\Downloads
Loaded Profiles: Prodejce1 & MSSQLSERVER
Platform: Windows 10 Home Version 20H2 19042.844 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.​) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_2346917970a59cb8\ASUSLinkRemote\AsusLinkRemote.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.​) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_2346917970a59cb8\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe
(ASUSTek Computer Inc. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_2346917970a59cb8\ASUSLinkNear\AsusLinkNear.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_2346917970a59cb8\ASUSOptimization\AsusOptimization.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_2346917970a59cb8\ASUSOptimization\AsusOptimizationStartupTask.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_2346917970a59cb8\ASUSSoftwareManager\AsusSoftwareManager.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_2346917970a59cb8\ASUSSystemAnalysis\AsusSystemAnalysis.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(Gemalto, Inc. -> SafeNet, Inc.) C:\Windows\System32\hasplms.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <19>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_7ecc5be6ca7b3b0d\esif_uf.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2101.10.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_aceb5b140d1d131e\Display.NvContainer\NVDisplay.Container.exe <2>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [175504 2020-10-26] (ESET, spol. s r.o. -> ESET)
HKU\S-1-5-21-61476251-3162843502-1331547060-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Prodejce1\AppData\Local\Microsoft\Teams\Update.exe [2453720 2021-03-03] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-61476251-3162843502-1331547060-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32726088 2021-03-05] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-61476251-3162843502-1331547060-1001\...\Run: [Lync] => C:\Program Files\Microsoft Office\root\Office16\lync.exe [26325312 2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-61476251-3162843502-1331547060-1001\...\MountPoints2: {b5577829-1523-11eb-9467-04ed339ae38f} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-61476251-3162843502-1331547060-1001\...\MountPoints2: {dc54ba59-f26c-11ea-9462-04ed339ae38f} - "E:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\88.2.8118.185\Installer\chrmstp.exe [2021-03-02] (Piriform Software Ltd -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.190\Installer\chrmstp.exe [2021-02-25] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {20C37D65-60FC-4F1D-AEAA-F7A6FEFE3307} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2212528 2021-02-17] (Piriform Software Ltd -> Piriform Software)
Task: {268C70A4-D9D6-4834-A014-F58BD1529394} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-08-17] (Google LLC -> Google LLC)
Task: {322B44AA-28BE-4C1D-9A54-7ECD12FD1169} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1510808 2002-02-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {33EBE368-92A5-47C8-AF83-6C90C2B73383} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23080304 2021-02-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {344DF41A-FE85-4B3A-899C-5C4B79A547F6} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [694752 2021-02-24] (Mozilla Corporation -> Mozilla Foundation)
Task: {4758374F-9F7F-495A-AB96-03FA57B9B68B} - System32\Tasks\Microsoft\Windows\PLA\AsusLinkNear => {FF679DA1-8FF2-4474-9C9E-52BBD409B557} C:\WINDOWS\system32\pla.dll [1493504 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {5606E1BF-D2B5-4114-A1C5-951B1573BB1B} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-02-15] (Piriform Software Ltd -> Piriform Software)
Task: {596347C0-DDA9-4817-B749-0E7D1629DFDD} - System32\Tasks\Microsoft\Windows\PLA\074C0539-0999-4DA9-9D0D-3D016B62F4E9 => {FF679DA1-8FF2-4474-9C9E-52BBD409B557} C:\WINDOWS\system32\pla.dll [1493504 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {5FD95087-FC27-479F-B98A-24CB0050F447} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_2346917970a59cb8\ASUSSystemAnalysis\AsusSystemAnalysis.exe [2215480 2021-02-03] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
Task: {66551EE1-F8BB-4789-9C31-E9E35202673F} - System32\Tasks\RtkAudUService64_BG => C:\Windows\System32\RtkAudUService64.exe [985496 2020-12-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {7923FB46-AEE3-4D74-BA06-DDA5AA05F142} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-02-15] (Piriform Software Ltd -> Piriform Software)
Task: {7B965582-BD09-4A47-87A9-61ABE71D3EE5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-08-17] (Google LLC -> Google LLC)
Task: {9F0DA58A-C881-45FA-ABC3-7FF87567AD89} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141184 2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {ACA03E0B-EB63-4A5F-8E8E-17A5BDC09134} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_2346917970a59cb8\ASUSOptimization\AsusHotkeyExec.exe [230976 2021-02-03] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
Task: {B3B59519-2DDF-4B3F-B4CF-BA3A9695C775} - System32\Tasks\ASUS Update Checker 2.0 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_2346917970a59cb8\ASUSSoftwareManager\AsusUpdateChecker.exe [693176 2021-02-03] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
Task: {B7E10FDB-25ED-4A01-B44D-21D1D9374A60} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141184 2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {E172528C-AB49-4F95-B071-FA3DE1FDBBC6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27168840 2021-03-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {EA1448FA-6EA7-4956-8A31-95878A23C5C4} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23080304 2021-02-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {EA151570-C090-4E1C-8355-7CC6B4D9B403} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2212528 2021-02-17] (Piriform Software Ltd -> Piriform Software)
Task: {F9ACD4AE-205B-4FC2-8E94-0B4C2A62BC3A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-03-05] (Piriform Software Ltd -> Piriform)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 89.239.24.2 89.239.24.34 8.8.8.8 8.8.8.8 192.168.100.1 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{6088905d-02c5-4ccc-a79f-9525ee1a01a7}: [DhcpNameServer] 89.239.24.2 89.239.24.34 8.8.8.8 8.8.8.8 192.168.100.1 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{8dc0eda4-ebab-4927-8473-1423d1464b4d}: [DhcpNameServer] 192.168.249.1
Tcpip\..\Interfaces\{c0c2e9ca-765c-4be1-88de-38e5a0b1da79}: [DhcpNameServer] 30.50.1.1 30.50.1.2
Tcpip\..\Interfaces\{ffc0e848-ebcd-420c-98af-76951afde5a3}: [DhcpNameServer] 89.239.24.2 89.239.24.34 8.8.8.8 8.8.8.8 192.168.100.1 8.8.8.8 192.168.1.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Prodejce1\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-08]
Edge StartupUrls: Default -> "hxxp://www.oresi.cz/"

FireFox:
========
FF DefaultProfile: 0xvslzn5.default
FF ProfilePath: C:\Users\Prodejce1\AppData\Roaming\Mozilla\Firefox\Profiles\0xvslzn5.default [2020-08-19]
FF ProfilePath: C:\Users\Prodejce1\AppData\Roaming\Mozilla\Firefox\Profiles\dyq7w2rd.default-release [2021-03-09]
FF Notifications: Mozilla\Firefox\Profiles\dyq7w2rd.default-release -> hxxps://calendar.google.com
FF Extension: (uBlock Origin) - C:\Users\Prodejce1\AppData\Roaming\Mozilla\Firefox\Profiles\dyq7w2rd.default-release\Extensions\uBlock0@raymondhill.net.xpi [2021-02-10]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2021-02-15] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2021-02-15] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2021-03-08]

Chrome:
=======
CHR Profile: C:\Users\Prodejce1\AppData\Local\Google\Chrome\User Data\Default [2021-03-09]
CHR Notifications: Default -> hxxps://cz.pinterest.com; hxxps://mail.oresi.cz; hxxps://www.facebook.com; hxxps://www.kosik.cz; hxxps://www.netflix.com
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxps://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://www.instagram.com/static/images/ico/xxh ... 09d459.png
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\Prodejce1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-08-17]
CHR Extension: (Dokumenty) - C:\Users\Prodejce1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-08-17]
CHR Extension: (Disk Google) - C:\Users\Prodejce1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-23]
CHR Extension: (Pop up blocker for Chrome™ - Poper Blocker) - C:\Users\Prodejce1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2021-01-11]
CHR Extension: (uBlock Origin) - C:\Users\Prodejce1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-02-10]
CHR Extension: (Avast Passwords) - C:\Users\Prodejce1\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2020-10-10]
CHR Extension: (Tabulky) - C:\Users\Prodejce1\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-08-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\Prodejce1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-04]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\Prodejce1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-01-29]
CHR Extension: (Instagram) - C:\Users\Prodejce1\AppData\Local\Google\Chrome\User Data\Default\Extensions\maonlnecdeecdljpahhnnlmhbmalehlm [2020-10-10]
CHR Extension: (Lightshot (Nástroje snímků)) - C:\Users\Prodejce1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp [2020-10-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Prodejce1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Chrome Media Router) - C:\Users\Prodejce1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-02-01]
CHR HKU\S-1-5-21-61476251-3162843502-1331547060-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASUSLinkNear; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_2346917970a59cb8\ASUSLinkNear\AsusLinkNear.exe [1098304 2021-02-03] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
S2 ASUSLinkNearExt; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_2346917970a59cb8\ASUSLinkNear\AsusLinkNearExt.exe [142280 2021-02-03] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
R2 ASUSLinkRemote; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_2346917970a59cb8\ASUSLinkRemote\AsusLinkRemote.exe [790984 2021-02-03] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.​)
R2 ASUSOptimization; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_2346917970a59cb8\ASUSOptimization\AsusOptimization.exe [327232 2021-02-03] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R2 ASUSSoftwareManager; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_2346917970a59cb8\ASUSSoftwareManager\AsusSoftwareManager.exe [883264 2021-02-03] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_2346917970a59cb8\ASUSSystemAnalysis\AsusSystemAnalysis.exe [2215480 2021-02-03] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
S2 ASUSSystemDiagnosis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_2346917970a59cb8\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [620968 2021-02-03] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.)
S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-02-15] (Piriform Software Ltd -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\88.2.8118.185\elevation_service.exe [1456376 2021-02-17] (Piriform Software Ltd -> Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-02-15] (Piriform Software Ltd -> Piriform Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8988552 2021-02-22] (Microsoft Corporation -> Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-10-26] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-10-26] (ESET, spol. s r.o. -> ESET)
R2 hasplms; C:\Windows\system32\hasplms.exe [7364688 2019-03-01] (Gemalto, Inc. -> SafeNet, Inc.)
S2 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [370368 2015-06-10] (Microsoft Corporation -> Microsoft Corporation)
S4 SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [613056 2015-06-10] (Microsoft Corporation -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12723480 2021-02-17] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_aceb5b140d1d131e\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_aceb5b140d1d131e\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aksdf; C:\Windows\system32\drivers\aksdf.sys [389560 2019-03-01] (Gemalto, Inc. -> SafeNet, Inc.)
R2 aksfridge; C:\Windows\system32\drivers\aksfridge.sys [487352 2019-03-01] (Gemalto, Inc. -> SafeNet, Inc.)
R3 akshasp; C:\WINDOWS\system32\DRIVERS\akshasp.sys [69776 2019-03-01] (Gemalto, Inc. -> SafeNet, Inc.)
R3 akshhl; C:\WINDOWS\system32\DRIVERS\akshhl.sys [68752 2019-03-01] (Gemalto, Inc. -> SafeNet, Inc.)
R3 aksusb; C:\WINDOWS\system32\DRIVERS\aksusb.sys [314000 2019-03-01] (Gemalto, Inc. -> SafeNet, Inc.)
R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [108504 2019-04-23] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R1 ASUSSAIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_2346917970a59cb8\ASUSSystemAnalysis\ASUSSAIO.sys [36408 2021-02-03] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R1 ATKWMIACPIIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_2346917970a59cb8\ASUSOptimization\atkwmiacpi64.sys [44712 2021-02-03] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [160992 2020-10-26] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [109360 2020-10-26] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15288 2020-10-22] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [190464 2020-10-26] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [43720 2020-10-26] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [70048 2020-10-26] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [107784 2020-10-26] (ESET, spol. s r.o. -> ESET)
R2 hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [1970104 2019-03-01] (Gemalto, Inc. -> SafeNet, Inc.)
S4 RsFx0300; C:\WINDOWS\System32\DRIVERS\RsFx0300.sys [247488 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-08 21:36 - 2021-03-08 21:36 - 000310232 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_1fb2df72a_klark.sys
2021-03-08 21:36 - 2021-03-08 21:36 - 000038878 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\cc_20210308_213635.reg
2021-03-08 21:35 - 2021-03-08 21:35 - 000207352 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_1fb2df72a_mark.sys
2021-03-08 21:35 - 2021-03-08 21:35 - 000127792 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\1fb2df72.sys
2021-03-08 21:35 - 2021-03-08 21:35 - 000000000 ____D C:\KVRT2020_Data
2021-03-08 21:32 - 2021-03-08 21:33 - 101073840 _____ (AO Kaspersky Lab) C:\Users\Prodejce1\Downloads\KVRT.exe
2021-03-08 21:27 - 2021-03-08 21:27 - 008463216 _____ (Malwarebytes) C:\Users\Prodejce1\Downloads\AdwCleaner.exe
2021-03-08 21:25 - 2021-03-08 21:27 - 000000000 ____D C:\AdwCleaner
2021-03-08 21:24 - 2021-03-08 21:25 - 008463216 _____ (Malwarebytes) C:\Users\Prodejce1\Downloads\adwcleaner_8.1.exe
2021-03-08 20:16 - 2021-03-08 20:18 - 000035815 _____ C:\Users\Prodejce1\Downloads\Addition.txt
2021-03-08 20:15 - 2021-03-09 09:41 - 000023906 _____ C:\Users\Prodejce1\Downloads\FRST.txt
2021-03-08 20:14 - 2021-03-09 09:41 - 000000000 ____D C:\FRST
2021-03-08 20:14 - 2021-03-08 20:14 - 002301440 _____ (Farbar) C:\Users\Prodejce1\Downloads\FRST64.exe
2021-03-08 14:35 - 2021-03-08 16:41 - 484691894 _____ C:\Users\Prodejce1\Downloads\20210308_oresilitomerice_bfdaca810d69884b3793_20210308125311_archive.zip
2021-03-08 14:35 - 2021-03-08 14:35 - 000065494 _____ C:\Users\Prodejce1\Downloads\installer.php
2021-03-08 12:41 - 2021-03-08 12:41 - 001708014 _____ C:\Users\Prodejce1\Downloads\Photos.zip
2021-03-08 12:37 - 2021-03-08 12:37 - 000342907 _____ C:\Users\Prodejce1\Downloads\774172197.pdf
2021-03-08 12:05 - 2021-03-08 12:05 - 000047360 _____ C:\Users\Prodejce1\Downloads\Neplattdane.pdf
2021-03-08 11:58 - 2021-03-08 11:58 - 000039032 _____ C:\Users\Prodejce1\Downloads\Seznam Email.pdf
2021-03-06 22:12 - 2021-03-06 22:13 - 017487751 _____ C:\Users\Prodejce1\Downloads\wordpress-5.6.2-cs_CZ.zip
2021-03-05 21:59 - 2021-03-05 22:01 - 000203368 _____ C:\Users\Prodejce1\Downloads\WhatsApp Image 2021-03-05 at 16.48.48.jpeg
2021-03-05 21:59 - 2021-03-05 22:00 - 000166108 _____ C:\Users\Prodejce1\Downloads\WhatsApp Image 2021-03-05 at 16.49.02 (1).jpeg
2021-03-05 21:59 - 2021-03-05 21:59 - 000113026 _____ C:\Users\Prodejce1\Downloads\WhatsApp Image 2021-03-05 at 16.49.02.jpeg
2021-03-05 21:59 - 2021-03-05 21:59 - 000088962 _____ C:\Users\Prodejce1\Downloads\WhatsApp Image 2021-03-05 at 16.49.01.jpeg
2021-03-05 10:58 - 2021-03-05 10:58 - 000051372 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\ranš 2.pdf
2021-03-05 10:57 - 2021-03-05 10:57 - 000063643 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\ranš.pdf
2021-03-05 10:49 - 2021-03-05 10:49 - 000061167 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\tzguhbnj.pdf
2021-03-05 10:48 - 2021-03-05 10:48 - 000061988 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\zrdguhiuj.pdf
2021-03-05 09:25 - 2021-03-05 09:25 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-05 09:25 - 2021-03-05 09:25 - 000011002 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-03-05 09:24 - 2021-03-05 09:24 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-03-05 09:24 - 2021-03-05 09:24 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-05 09:24 - 2021-03-05 09:24 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-03-05 09:24 - 2021-03-05 09:24 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-03-02 19:11 - 2021-03-02 19:11 - 016737542 _____ C:\Users\Prodejce1\Downloads\LT01-2021_ORE_AEG_CZ_N01 TP (vytvoreno Lemoni).zip
2021-03-02 19:11 - 2021-03-02 19:11 - 002813361 _____ C:\Users\Prodejce1\Downloads\LT01-2021_ORE_AEG_CZ_N01 LQ (vytvoreno Lemoni).pdf
2021-03-01 18:23 - 2021-03-01 18:23 - 000112100 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\Atyp P. Procházka.pdf
2021-03-01 18:21 - 2021-03-01 18:21 - 002532271 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\Doobjednávka Procházka atyp.pdf
2021-03-01 10:33 - 2021-03-01 10:33 - 002537092 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\hamplová doobjednávka.pdf
2021-03-01 09:49 - 2021-03-01 09:49 - 000021917 _____ C:\Users\Prodejce1\Downloads\2021-02-01–2021-02-28_Souhrn_fakturace.pdf
2021-02-26 18:48 - 2021-02-26 18:48 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-02-26 12:37 - 2021-02-26 12:37 - 000072004 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\Zahradníčková - záloha.pdf
2021-02-26 08:39 - 2021-02-26 08:39 - 000061986 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\Montaz P.Procházka.pdf
2021-02-26 08:39 - 2021-02-26 08:39 - 000051117 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\Zamereni - P.Procházka.pdf
2021-02-25 16:26 - 2021-02-25 16:26 - 000075813 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\Konečná faktura - P.Procházka.pdf
2021-02-25 16:09 - 2021-02-25 16:09 - 004348889 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\Kupní smlouva - P.Procházka.pdf
2021-02-25 14:51 - 2021-02-25 14:51 - 000075692 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\P.Špírková - finální faktura.pdf
2021-02-24 10:27 - 2021-02-24 10:27 - 000323125 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\ks.pdf
2021-02-24 09:12 - 2021-02-24 09:12 - 000000000 ____D C:\Users\Prodejce1\Downloads\zasilka-HREW4X373CNL4C4Z
2021-02-24 09:11 - 2021-02-02 15:26 - 011277590 ____N C:\Users\Prodejce1\Downloads\SPONZOR_CT_SETKANI_6310.mp4
2021-02-24 09:11 - 2021-02-02 15:26 - 010555362 ____N C:\Users\Prodejce1\Downloads\SPONZOR_CT_HYCKANI_6310.mp4
2021-02-24 08:44 - 2021-02-24 08:44 - 014508714 _____ C:\Users\Prodejce1\Downloads\Protokol-o-zaměření.pdf
2021-02-24 08:43 - 2021-02-24 08:43 - 000006840 _____ C:\Users\Prodejce1\Downloads\Příloha-bez-názvu_-00003.htm
2021-02-24 04:20 - 2021-03-04 01:59 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-02-23 19:26 - 2021-02-23 19:26 - 000087697 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\10-kuchynka-pohled.pdf
2021-02-23 17:24 - 2021-02-23 17:24 - 000063020 _____ C:\Users\Prodejce1\Downloads\WhatsApp Image 2021-02-23 at 16.50.43.jpeg
2021-02-22 19:00 - 2021-02-22 19:00 - 000071623 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\Záloha - paní Čelákovská.pdf
2021-02-22 18:25 - 2021-02-22 18:25 - 000205933 _____ C:\Users\Prodejce1\Downloads\zamereni 2 celakovska.pdf
2021-02-22 18:25 - 2021-02-22 18:25 - 000180994 _____ C:\Users\Prodejce1\Downloads\zamereni celakovska.pdf
2021-02-22 18:24 - 2021-02-22 18:24 - 000282530 _____ C:\Users\Prodejce1\Downloads\půdorys ČELÁKOVSKÁ.pdf
2021-02-22 18:23 - 2021-02-22 18:23 - 000193858 _____ C:\Users\Prodejce1\Downloads\Stena 1A ČELÁKOVSKÁ.pdf
2021-02-22 18:23 - 2021-02-22 18:23 - 000170709 _____ C:\Users\Prodejce1\Downloads\Stena 1B ČELÁKOVSKÁ.pdf
2021-02-22 18:17 - 2021-02-22 18:17 - 002710370 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\Kupní smlouva - p. Čelákovská.pdf
2021-02-22 11:50 - 2021-02-22 11:50 - 000896729 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\P.Čelákovská - nabídka.pdf
2021-02-22 11:50 - 2021-02-22 11:50 - 000891031 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\njmk.pdf
2021-02-18 19:53 - 2021-02-18 19:53 - 000299034 _____ C:\Users\Prodejce1\Downloads\barvy látek zatemňovací.pdf
2021-02-18 19:51 - 2021-02-18 19:51 - 000041702 _____ C:\Users\Prodejce1\Downloads\WhatsApp Image 2021-02-18 at 16.10.42.jpeg
2021-02-18 16:35 - 2021-02-18 16:35 - 002536345 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\Martínkovi - doobjednávka.pdf
2021-02-18 15:11 - 2021-02-18 15:11 - 002537078 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\Tajzichovi - doobjednávka.pdf
2021-02-18 14:26 - 2021-02-18 14:26 - 000074431 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\H.Štetinová pračka faktura.pdf
2021-02-18 14:19 - 2021-02-18 14:19 - 000319195 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\fvghjklů.pdf
2021-02-17 15:42 - 2021-02-17 15:42 - 021406451 _____ C:\Users\Prodejce1\Downloads\VZORNIK_Dolti_Collection_dvirka.pdf
2021-02-17 12:06 - 2021-02-17 12:07 - 002535310 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\Doobjednávka Procházka.pdf
2021-02-17 09:08 - 2021-02-17 09:08 - 000055123 _____ C:\Users\Prodejce1\Downloads\received_172345367763477.jpeg
2021-02-16 18:50 - 2021-02-16 18:50 - 001685004 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\Studie_vZorka+Dusan.pdf
2021-02-16 17:01 - 2021-02-19 19:26 - 001734905 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\Studie_v3.pdf
2021-02-15 10:27 - 2021-03-02 12:32 - 000002389 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2021-02-15 10:27 - 2021-02-15 10:27 - 000003842 _____ C:\WINDOWS\system32\Tasks\CCleaner Browser Heartbeat Task (Hourly)
2021-02-15 10:27 - 2021-02-15 10:27 - 000003258 _____ C:\WINDOWS\system32\Tasks\CCleaner Browser Heartbeat Task (Logon)
2021-02-15 10:27 - 2021-02-15 10:27 - 000000000 ____D C:\Users\Prodejce1\AppData\Local\CCleaner Browser
2021-02-15 10:27 - 2021-02-15 10:27 - 000000000 ____D C:\ProgramData\CCleaner Browser
2021-02-15 10:26 - 2021-03-02 12:32 - 000000000 ____D C:\Program Files (x86)\CCleaner Browser
2021-02-15 10:26 - 2021-02-15 10:26 - 000003528 _____ C:\WINDOWS\system32\Tasks\CCleanerUpdateTaskMachineUA
2021-02-15 10:26 - 2021-02-15 10:26 - 000003404 _____ C:\WINDOWS\system32\Tasks\CCleanerUpdateTaskMachineCore
2021-02-12 20:14 - 2021-02-12 20:14 - 025569170 _____ C:\Users\Prodejce1\Downloads\VID_20210212_120954.mp4
2021-02-12 20:11 - 2021-02-12 20:11 - 022204676 _____ C:\Users\Prodejce1\Downloads\VID_20210212_120533.mp4
2021-02-11 21:03 - 2021-02-11 21:03 - 000000000 ____D C:\Users\Prodejce1\Downloads\wetransfer-35bb14
2021-02-11 20:53 - 2021-02-11 20:53 - 004348937 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\Kupní Smlouva - Květinářství, včetně desek.pdf
2021-02-11 17:20 - 2021-02-11 17:20 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-11 17:20 - 2021-02-11 17:20 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-10 18:39 - 2021-02-10 18:39 - 027331773 _____ C:\Users\Prodejce1\Downloads\Diagnostics_Logs-OLK-UTC.2021.2.10.17.39.31.682.zip
2021-02-10 16:10 - 2021-02-10 16:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje pro aplikaci Microsoft Office Outlook
2021-02-10 08:58 - 2021-02-10 08:58 - 011229070 _____ C:\Users\Prodejce1\Downloads\VID_20210131_092458.mp4
2021-02-07 21:57 - 2021-02-07 21:57 - 001039090 _____ C:\Users\Prodejce1\Downloads\2021-01-24T20-28_Transakce_._3491829120928032-7043496.pdf
2021-02-07 21:57 - 2021-02-07 21:57 - 001038482 _____ C:\Users\Prodejce1\Downloads\2021-01-26T14-00_Transakce_._3435521009892175-7051447 (1).pdf
2021-02-07 21:56 - 2021-02-07 21:56 - 001039101 _____ C:\Users\Prodejce1\Downloads\2021-01-23T09-50_Transakce_._3488737477903863-7036953.pdf
2021-02-07 21:56 - 2021-02-07 21:56 - 001039059 _____ C:\Users\Prodejce1\Downloads\2021-01-28T06-33_Transakce_._3381938995250378-7059818.pdf
2021-02-07 21:56 - 2021-02-07 21:56 - 001038482 _____ C:\Users\Prodejce1\Downloads\2021-01-26T14-00_Transakce_._3435521009892175-7051447.pdf
2021-02-07 21:55 - 2021-02-07 21:55 - 001039063 _____ C:\Users\Prodejce1\Downloads\2021-01-31T17-24_Transakce_._3515424948568449-7079272.pdf
2021-02-07 21:55 - 2021-02-07 21:55 - 001039060 _____ C:\Users\Prodejce1\Downloads\2021-01-29T19-29_Transakce_._3506881732756099-7067657.pdf
2021-02-07 21:55 - 2021-02-07 21:55 - 001038911 _____ C:\Users\Prodejce1\Downloads\2021-02-04T20-14_Transakce_._3587876511323288-7102070.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-09 09:36 - 2020-11-03 17:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-09 09:36 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-09 08:51 - 2020-11-03 17:47 - 000003752 _____ C:\WINDOWS\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474
2021-03-09 01:25 - 2020-10-05 12:10 - 000000000 ____D C:\Program Files\CCleaner
2021-03-08 21:54 - 2020-10-05 12:29 - 000000000 ____D C:\Users\Prodejce1\AppData\Roaming\WhatsApp
2021-03-08 21:33 - 2020-11-29 03:36 - 000000000 ____D C:\WINDOWS\Minidump
2021-03-08 21:33 - 2020-08-11 09:13 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-03-08 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-03-08 21:33 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-03-08 21:29 - 2019-10-01 00:39 - 000000000 ____D C:\ProgramData\NVIDIA
2021-03-08 21:10 - 2020-08-11 09:21 - 000000000 ____D C:\KLS'04
2021-03-08 19:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-08 19:09 - 2020-08-11 22:44 - 000000000 ___RD C:\Users\Prodejce1\OneDrive
2021-03-08 19:00 - 2020-08-18 14:15 - 000000000 ____D C:\Users\Prodejce1\AppData\LocalLow\Mozilla
2021-03-08 19:00 - 2020-08-18 14:13 - 000000000 ____D C:\ProgramData\Mozilla
2021-03-07 18:55 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-06 22:05 - 2020-11-08 01:30 - 000000000 ____D C:\Users\Prodejce1\Downloads\Stare faktury
2021-03-06 12:58 - 2020-08-11 22:42 - 000000000 ____D C:\Users\Prodejce1\AppData\Local\Packages
2021-03-06 12:53 - 2020-11-03 17:47 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-03-06 12:06 - 2020-10-12 23:11 - 000001456 _____ C:\Users\Prodejce1\AppData\Local\Adobe Save for Web 12.0 Prefs
2021-03-06 09:54 - 2020-08-11 09:14 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-03-05 10:03 - 2020-11-03 17:51 - 001834266 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-03-05 10:03 - 2019-12-07 15:41 - 000719496 _____ C:\WINDOWS\system32\perfh005.dat
2021-03-05 10:03 - 2019-12-07 15:41 - 000145622 _____ C:\WINDOWS\system32\perfc005.dat
2021-03-05 09:58 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-03-05 09:58 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-05 09:58 - 2019-07-12 16:27 - 000000000 ____D C:\Program Files\Microsoft Office
2021-03-05 09:57 - 2020-11-03 17:47 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-05 09:57 - 2020-11-03 17:42 - 000450432 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-05 09:57 - 2020-11-03 17:42 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-05 09:57 - 2020-08-11 22:42 - 000000000 __SHD C:\Users\Prodejce1\IntelGraphicsProfiles
2021-03-05 09:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-03-05 09:57 - 2019-10-01 00:33 - 000000000 ___HD C:\Intel
2021-03-05 09:56 - 2020-11-03 17:43 - 000000000 ____D C:\Users\Prodejce1
2021-03-05 09:56 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-05 09:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-05 09:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-05 09:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-05 09:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-05 09:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-05 09:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-05 09:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-05 09:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-05 09:56 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-03-05 09:09 - 2019-03-19 05:49 - 000000167 _____ C:\WINDOWS\win.ini
2021-03-04 23:23 - 2020-11-30 07:00 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b200e73e57ef
2021-03-04 23:23 - 2020-11-03 17:47 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-04 04:06 - 2020-11-03 17:47 - 000004122 _____ C:\WINDOWS\system32\Tasks\ASUS Update Checker 2.0
2021-03-04 04:06 - 2020-11-03 17:47 - 000003764 _____ C:\WINDOWS\system32\Tasks\ASUS Optimization 36D18D69AFC3
2021-03-04 01:59 - 2020-08-18 14:13 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-03-03 19:16 - 2020-09-23 10:03 - 000000000 ____D C:\Users\Prodejce1\AppData\Local\ElevatedDiagnostics
2021-03-03 18:54 - 2020-10-02 09:56 - 000002386 _____ C:\Users\Prodejce1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-02-27 03:59 - 2020-10-05 12:28 - 000000000 ____D C:\Users\Prodejce1\AppData\Local\WhatsApp
2021-02-26 18:48 - 2020-08-19 17:16 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-02-26 09:17 - 2020-08-11 22:45 - 000000000 ____D C:\Users\Prodejce1\AppData\Local\PlaceholderTileLogoFolder
2021-02-25 13:18 - 2020-08-17 18:53 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-24 09:13 - 2020-10-21 19:13 - 000000000 ____D C:\Users\Prodejce1\AppData\Roaming\vlc
2021-02-19 19:26 - 2021-02-05 21:07 - 000011774 _____ C:\Users\Prodejce1\OneDrive\Dokumenty\klienti fb.xlsx
2021-02-19 16:59 - 2020-11-03 17:47 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-61476251-3162843502-1331547060-1001
2021-02-19 16:59 - 2020-11-03 17:43 - 000002375 _____ C:\Users\Prodejce1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-14 20:03 - 2020-11-15 00:41 - 000000000 ____D C:\Users\Prodejce1\AppData\Local\Notepad
2021-02-14 20:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-02-14 20:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-02-14 20:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-14 20:01 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-14 20:01 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-02-14 10:18 - 2020-09-30 22:36 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-11 17:16 - 2020-08-11 23:10 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-11 17:14 - 2020-08-11 23:10 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-10 17:04 - 2019-10-01 00:38 - 000000000 ____D C:\ProgramData\Intel
2021-02-10 16:10 - 2020-10-02 16:21 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-02-10 16:10 - 2020-08-11 09:15 - 000000000 ____D C:\Program Files (x86)\MSECache
2021-02-10 09:04 - 2020-08-11 09:07 - 000000000 ____D C:\Program Files (x86)\Orca
2021-02-07 13:38 - 2019-10-01 00:42 - 000000000 ____D C:\Program Files\Intel

==================== Files in the root of some directories ========

2020-10-12 23:11 - 2021-03-06 12:06 - 000001456 _____ () C:\Users\Prodejce1\AppData\Local\Adobe Save for Web 12.0 Prefs

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================




Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-02-2021
Ran by Prodejce1 (09-03-2021 09:42:41)
Running from C:\Users\Prodejce1\Downloads
Windows 10 Home Version 20H2 19042.844 (X64) (2020-11-03 16:47:27)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-61476251-3162843502-1331547060-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-61476251-3162843502-1331547060-503 - Limited - Disabled)
Guest (S-1-5-21-61476251-3162843502-1331547060-501 - Limited - Disabled)
Prodejce1 (S-1-5-21-61476251-3162843502-1331547060-1001 - Administrator - Enabled) => C:\Users\Prodejce1
WDAGUtilityAccount (S-1-5-21-61476251-3162843502-1331547060-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.17.5 - ICEpower a/s)
CCleaner (HKLM\...\CCleaner) (Version: 5.77 - Piriform)
CCleaner Browser (HKLM-x32\...\CCleaner Browser) (Version: 88.2.8118.185 - Autoři prohlížeče CCleaner Browser)
CCleaner Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1067.0 - Piriform Software) Hidden
CEWE FOTOLAB fotosvet (HKLM-x32\...\CEWE FOTOLAB fotosvet) (Version: 7.0.4 - CEWE Stiftung u Co. KGaA)
ESET Security (HKLM\...\{3B47BDC5-99BF-4F5C-A303-1F0F9DBC74F6}) (Version: 14.0.22.0 - ESET, spol. s r.o.)
GDR 2269 for SQL Server 2014 (KB3045324) (64-bit) (HKLM\...\KB3045324) (Version: 12.0.2269.0 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.190 - Google LLC)
Intel® PROSet/Wireless Software (HKLM-x32\...\{7194a517-3ed1-424f-93f2-d95fe11843f5}) (Version: 21.0.0.0u - Intel Corporation)
KLS'04 ( 19.09.2019 ) Oresi DB 105 (HKLM-x32\...\{A092274D-9C45-44FC-81E9-BF6EBC2351AA}_is1) (Version: - )
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.13801.20266 - Microsoft Corporation)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.13801.20266 - Microsoft Corporation)
Microsoft Access database engine 2010 (English) (HKLM\...\{90140000-00D1-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.45 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.63 - )
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 89.0.774.48 - Microsoft Corporation)
Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{A106FA6F-E94C-44C9-8A0F-C34BD82C9FE6}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Office Language Pack 2013 - Czech/čeština (HKLM\...\Office15.OMUI.cs-cz) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-61476251-3162843502-1331547060-1001\...\OneDriveSetup.exe) (Version: 21.016.0124.0003 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{6292D514-17A4-403F-98F9-E150F10C043D}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2014) (Version: - Microsoft Corporation)
Microsoft SQL Server 2014 Setup (English) (HKLM\...\{37C44B5C-E839-4A9D-9E20-A93E1B2FD35A}) (Version: 12.0.2269.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-61476251-3162843502-1331547060-1001\...\Teams) (Version: 1.4.00.4167 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2014 (HKLM\...\{366CD715-2FF4-40B4-A8B4-A05E5D21A945}) (Version: 12.0.2000.8 - Microsoft Corporation)
Mozilla Firefox 86.0 (x64 cs) (HKLM\...\Mozilla Firefox 86.0 (x64 cs)) (Version: 86.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 79.0 - Mozilla)
Nástroj pro aktualizaci dat podle časového pásma pro aplikaci Microsoft Office Outlook (HKLM-x32\...\{95120000-0038-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1093 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
NVIDIA Ovladače grafiky 451.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 451.67 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13801.20182 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13801.20182 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13801.20182 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13801.20182 - Microsoft Corporation) Hidden
Sentinel Runtime (HKLM-x32\...\{D4AEC281-53BF-42C3-B1ED-F84391CF41AF}) (Version: 7.91.26692.60000 - Gemalto)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0100-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{010BF41A-4D78-40C3-90BA-117DF64A0AE2}) (Version: - Microsoft)
Skype pro firmy Basic 2016 - cs-cz (HKLM\...\SkypeforBusinessEntryRetail - cs-cz) (Version: 16.0.13801.20266 - Microsoft Corporation)
SQL Server 2014 Common Files (HKLM\...\{BD1CD96B-FE4B-4EAE-83D4-6EF55AB5779C}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Common Files (HKLM\...\{F7012F84-80F5-4C25-852E-B1BA03276FE6}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (HKLM\...\{17531BCD-C627-46A2-9F1E-7CC920E0E94A}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (HKLM\...\{5082A9F3-AEE5-4639-9BA7-C19661BA7331}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (HKLM\...\{ACC530B8-B6B4-40D6-B59B-152468CF47D0}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (HKLM\...\{D1B847A9-B06B-4264-9EF0-78E6E1571E65}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2014 (HKLM-x32\...\{3204DE95-97D2-4261-A286-98A262E171D4}) (Version: 12.0.2000.8 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (HKLM\...\{6476DB81-F263-4C04-8574-AAD31136C304}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
TeamViewer Host (HKLM-x32\...\TeamViewer) (Version: 15.15.5 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WhatsApp (HKU\S-1-5-21-61476251-3162843502-1331547060-1001\...\WhatsApp) (Version: 2.2106.10 - WhatsApp)
WinRAR 5.80 beta 4 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.4 - win.rar GmbH)

Packages:
=========
AudioWizard -> C:\Program Files\WindowsApps\ICEpower.AudioWizard_1.5.28.0_x64__dxp88312j1fgj [2020-08-17] (ICEpower)
Bezdrátový adaptér displeje Microsoft -> C:\Program Files\WindowsApps\Microsoft.SurfaceWirelessDisplayAdapter_4.227.139.0_x64__8wekyb3d8bbwe [2021-01-04] (Microsoft Corporation) [Startup Task]
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.7.2020.0_x64__rz1tebttyb220 [2021-03-07] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-09-26] (Microsoft Corporation)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2021-01-15] (INTEL CORP)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-08-11] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-08-11] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-01-29] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-01-20] (NVIDIA Corp.)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3282.0_x64__8j3eq9eme6ctt [2020-12-31] (INTEL CORP) [Startup Task]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.7.198.0_x64__dt26b99r8h8gj [2020-08-11] (Realtek Semiconductor Corp)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-61476251-3162843502-1331547060-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Prodejce1\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20289.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-26] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-11-20] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-11-20] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-26] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_aceb5b140d1d131e\nvshext.dll [2020-07-07] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-26] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-11-20] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-11-20] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-10-28 00:28 - 2020-10-28 00:28 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\AppvIsvSubsystems64.dll
2020-10-28 00:28 - 2020-10-28 00:28 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\c2r64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-61476251-3162843502-1331547060-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=PF170501&iDate=2020-02-19 11:04:24&bName=
HKU\S-1-5-21-61476251-3162843502-1331547060-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE
HKU\S-1-5-21-61476251-3162843502-1331547060-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKU\S-1-5-21-61476251-3162843502-1331547060-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-61476251-3162843502-1331547060-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-61476251-3162843502-1331547060-1001\...\sharepoint.com -> hxxps://kingjoe-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-61476251-3162843502-1331547060-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Prodejce1\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\IMG_20210307_132001.jpg
HKU\S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 89.239.24.2 - 89.239.24.34
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-61476251-3162843502-1331547060-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{8D40FCD9-1D3D-4CC6-9DE8-3709143DAE6A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B2ADC765-0AD0-4651-8833-FC8F03CEA8F6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{525247A5-480F-4C50-8607-1FD850CA29BD}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DC5520F9-A06A-4692-814A-E6CF8B8D511A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{D3473E4F-6531-43C8-8134-8BB7E0878CE9}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{6BADF7C6-9F0D-4B9C-9561-6133CA399ED4}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{434AF964-5E71-479A-A9F2-20C52C009D8A}C:\users\prodejce1\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\prodejce1\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{186355BC-5530-475F-B0F3-9421EF6E29D5}C:\users\prodejce1\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\prodejce1\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{0C785C9E-0C60-4EB9-89CF-427B7E01805B}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{942CA9C1-722F-4D88-8438-DEF416FEE717}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{EF238ED7-DEBF-4825-B9BD-9328180AC8DA}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{8CE7C425-28B8-4E94-836F-DC0F23EBBED5}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{FB94DEB4-6E81-4E81-8159-50EA90BA0077}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A13229EB-A8C8-45E9-99E2-E22E62588CCF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{695AA710-8641-4D9C-83E7-44EC1C78C9E1}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0495043E-FF23-4F95-80F5-DB96BFAF59F7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AC27E230-29D4-4B6D-AF25-10AA159E8835}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DFD8443E-213D-418F-8636-39E3C5D05C2D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D83A750D-9D4C-42F3-A13A-21468D42AA67}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1D780036-8532-47E5-BA94-105699C0FEE7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{D991C10E-5AAB-4280-8F02-580674AFC5B0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1175F184-F4A5-4CCD-BF87-0AC564A3DCA7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{3490BB6B-87A7-4F16-BD82-CE84FD0835B1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{BB07A2A7-4D74-4370-9CE3-E090C7D911D9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{59A73D84-A142-4045-9C74-87ECA8130E24}] => (Allow) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (Piriform Software Ltd -> Piriform Software)
FirewallRules: [{E3B60208-5180-44DA-A6F5-8CE8EBB1A87F}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_2346917970a59cb8\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.​)
FirewallRules: [{D2031983-322A-4289-AB26-2F493EF96895}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_2346917970a59cb8\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.​)
FirewallRules: [{C8D300FA-2B2C-4724-889E-A350A0E9D0B9}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_2346917970a59cb8\ASUSLinkNear\AsusLinkNear.exe (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
FirewallRules: [{8F58803F-A84F-46B6-BC14-8E3756EA63A5}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\89.0.774.48\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

01-03-2021 10:22:23 Naplánovaný kontrolní bod
05-03-2021 09:16:03 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/09/2021 08:50:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: OLicenseHeartbeat.exe, verze: 16.0.13801.20182, časové razítko: 0x602dd932
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.804, časové razítko: 0x0e9c5eae
Kód výjimky: 0xc06d007e
Posun chyby: 0x000000000002d759
ID chybujícího procesu: 0xa20
Čas spuštění chybující aplikace: 0x01d714b8e88a291a
Cesta k chybující aplikaci: C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 0314f5a1-d7ed-41b4-b985-96978e50e7b5
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/08/2021 08:20:08 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002

Error: (03/08/2021 08:20:08 PM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002

Error: (03/08/2021 08:20:08 PM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003

Error: (03/08/2021 08:38:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: OLicenseHeartbeat.exe, verze: 16.0.13801.20182, časové razítko: 0x602dd932
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.804, časové razítko: 0x0e9c5eae
Kód výjimky: 0xc06d007e
Posun chyby: 0x000000000002d759
ID chybujícího procesu: 0x43a8
Čas spuštění chybující aplikace: 0x01d713edf9e42a75
Cesta k chybující aplikaci: C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 3c4ff3c1-e7ee-4a52-bec4-2ed795931272
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/07/2021 01:15:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: OLicenseHeartbeat.exe, verze: 16.0.13801.20182, časové razítko: 0x602dd932
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.804, časové razítko: 0x0e9c5eae
Kód výjimky: 0xc06d007e
Posun chyby: 0x000000000002d759
ID chybujícího procesu: 0x27f0
Čas spuštění chybující aplikace: 0x01d712e706803cc1
Cesta k chybující aplikaci: C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: aed0f0a5-d889-4907-a69e-0e23f79eb174
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/06/2021 09:53:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: OLicenseHeartbeat.exe, verze: 16.0.13801.20182, časové razítko: 0x602dd932
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.804, časové razítko: 0x0e9c5eae
Kód výjimky: 0xc06d007e
Posun chyby: 0x000000000002d759
ID chybujícího procesu: 0x170c
Čas spuštění chybující aplikace: 0x01d712663b81e5f8
Cesta k chybující aplikaci: C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 6d6fefad-ff82-4ca8-9fcb-e46e2300576a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/05/2021 09:56:50 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]


System errors:
=============
Error: (03/09/2021 08:44:29 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelIHVRouter08.dll

Error: (03/08/2021 10:20:35 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelIHVRouter08.dll

Error: (03/08/2021 09:36:18 PM) (Source: DCOM) (EventID: 10000) (User: LITOMERICE1-NB)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (03/08/2021 09:29:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla neočekávaně ukončena. Tento stav nastal již 2krát.

Error: (03/08/2021 09:29:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (03/08/2021 09:29:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Intel(R) Dynamic Tuning service byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (03/08/2021 09:29:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba ASUS Software Manager byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (03/08/2021 09:29:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Microsoft Office Click-to-Run Service byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.


Windows Defender:
================
Date: 2020-12-13 13:41:01
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {74035AF4-3F7C-443A-A8BE-67C85D42E98B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-12-11 21:12:24
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F6BA75B7-47A1-402A-AA4E-9DBEC77BF5E7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-12-11 16:25:17
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {DBDCECAD-1AC4-4EC7-A078-E22BC5647DF5}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-12-09 13:31:01
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {813412E5-39B9-447E-A942-631066097DCD}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-12-09 01:04:20
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {239911C6-3C4C-45E3-BC95-760CA1482914}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2021-03-09 03:57:41
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

BIOS: American Megatrends Inc. X509FJ.300 04/30/2019
Motherboard: ASUSTeK COMPUTER INC. X509FJ
Processor: Intel(R) Core(TM) i5-8265U CPU @ 1.60GHz
Percentage of memory in use: 68%
Total physical RAM: 8043.36 MB
Available physical RAM: 2540.49 MB
Total Virtual: 20331.36 MB
Available Virtual: 12155.1 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:237.57 GB) (Free:126.88 GB) NTFS
Drive e: (HiSuite) (CDROM) (Total:0 GB) (Free:0 GB) CDFS

\\?\Volume{cf79d5eb-bf07-44d1-96be-6c6623f97781}\ () (Fixed) (Total:0.63 GB) (Free:0.17 GB) NTFS
\\?\Volume{f8af5851-3817-4cc2-b0cf-c5099b8719c5}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 96871955)

Partition: GPT.

==================== End of Addition.txt =======================

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKU\S-1-5-21-61476251-3162843502-1331547060-1001\...\MountPoints2: {b5577829-1523-11eb-9467-04ed339ae38f} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-61476251-3162843502-1331547060-1001\...\MountPoints2: {dc54ba59-f26c-11ea-9462-04ed339ae38f} - "E:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {268C70A4-D9D6-4834-A014-F58BD1529394} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-08-17] (Google LLC -> Google LLC)
Task: {7B965582-BD09-4A47-87A9-61ABE71D3EE5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-08-17] (Google LLC -> Google LLC)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
HKU\S-1-5-21-61476251-3162843502-1331547060-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=PF170501&iDate=2020-02-19 11:04:24&bName=
HKU\S-1-5-21-61476251-3162843502-1331547060-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKU\S-1-5-21-61476251-3162843502-1331547060-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-61476251-3162843502-1331547060-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

EmptyTemp:
End

Uložte do C:\Users\Prodejce1\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 28-02-2021
Ran by Prodejce1 (09-03-2021 12:16:35) Run:1
Running from C:\Users\Prodejce1\Downloads
Loaded Profiles: Prodejce1 & MSSQLSERVER
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-61476251-3162843502-1331547060-1001\...\MountPoints2: {b5577829-1523-11eb-9467-04ed339ae38f} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-61476251-3162843502-1331547060-1001\...\MountPoints2: {dc54ba59-f26c-11ea-9462-04ed339ae38f} - "E:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {268C70A4-D9D6-4834-A014-F58BD1529394} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-08-17] (Google LLC -> Google LLC)
Task: {7B965582-BD09-4A47-87A9-61ABE71D3EE5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-08-17] (Google LLC -> Google LLC)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
HKU\S-1-5-21-61476251-3162843502-1331547060-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=PF170501&iDate=2020-02-19 11:04:24&bName=
HKU\S-1-5-21-61476251-3162843502-1331547060-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKU\S-1-5-21-61476251-3162843502-1331547060-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-61476251-3162843502-1331547060-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

EmptyTemp:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-61476251-3162843502-1331547060-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b5577829-1523-11eb-9467-04ed339ae38f} => removed successfully
HKU\S-1-5-21-61476251-3162843502-1331547060-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dc54ba59-f26c-11ea-9462-04ed339ae38f} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{268C70A4-D9D6-4834-A014-F58BD1529394}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{268C70A4-D9D6-4834-A014-F58BD1529394}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7B965582-BD09-4A47-87A9-61ABE71D3EE5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7B965582-BD09-4A47-87A9-61ABE71D3EE5}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKU\S-1-5-21-61476251-3162843502-1331547060-1001\Software\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
"HKU\S-1-5-21-61476251-3162843502-1331547060-1001\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages" => removed successfully
"HKU\S-1-5-21-61476251-3162843502-1331547060-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-61476251-3162843502-1331547060-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 18014022 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 1886504 B
Edge => 22528 B
Chrome => 1129769690 B
Firefox => 40062716 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
Prodejce1 => 124546046 B
MSSQLSERVER => 124546046 B

RecycleBin => 0 B
EmptyTemp: => 1.3 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 12:16:59 ====

Smazáno. Nastala nějaká změna?

Snad ano, zatím mi nepřišla žádná podivná zpráva ani nevyskočilo okýnko od ESETu. Děkuji mockrát, pošlu příspěvek

Za příspěvek děkujeme a vy nemáte zač!