VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o kontrolu LOGu, neustále se mi nastavuje Yahoo jako vyhledávač v Chrome

https://forum.viry.cz:443/viewtopic.php?t=158606

Stránka 1 z 1

Prosím o kontrolu LOGu, neustále se mi nastavuje Yahoo jako vyhledávač v Chrome

Napsal: 25 bře 2022 23:39
od pepperbox
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-03-2022
Ran by 42073 (administrator) on DESKTOP-BBIA4VM (HP HP ProBook 450 G6) (25-03-2022 23:31:12)
Running from C:\Users\42073\Desktop
Loaded Profiles: 42073
Platform: Microsoft Windows 11 Home Version 21H2 22000.556 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\DPAgent.exe ->) (DigitalPersona, Inc. -> DigitalPersona, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpAgent.exe
(C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe ->) (DigitalPersona, Inc. -> Crossmatch, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_22055.502.1226.2344_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\99.0.1150.46\msedgewebview2.exe <12>
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCopyAccelerator.exe
(cmd.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\browserhost.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_baf36d4852e8e257\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_baf36d4852e8e257\igfxEM.exe
(DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\BridgeCommunication.exe
(explorer.exe ->) (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express\express.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <62>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(HP Inc. -> HP) C:\Program Files (x86)\HP\HP Notifications\HPNotifications.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (DigitalPersona, Inc. -> Crossmatch, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe
(services.exe ->) (Eidgenössische Technische Hochschule Zürich -> ETH Zurich) C:\Program Files (x86)\SafeExamBrowser\SebWindowsServiceWCF\SebWindowsServiceWCF.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_44633d75967bb427\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_dea730b932418dc2\HotKeyServiceUWP.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_dea730b932418dc2\LanWlanWwanSwitchingServiceUWP.exe
(services.exe ->) (HP Inc. -> HP) C:\Program Files (x86)\HP\HP MAC Address Manager\hpMAMSrv.exe
(services.exe ->) (HP Inc. -> HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_baf36d4852e8e257\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_9196e89091d8bdbb\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_3de4831720bb2934\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_a439e07c373809e2\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_00352e148f6a4096\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_00352e148f6a4096\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_0b214be229a13e84\jhi_service.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_c0fd909ca6e7d672\LMS.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_11f809ac26966b9b\RtkAudUService64.exe <3>
(services.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(svchost.exe ->) (bookingDesktopApp.) [File not signed] C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe
(svchost.exe ->) (HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPJumpStarts_1.10.1627.0_x64__v10z8vjag6ke6\HP.JumpStarts.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2202.10603.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.95.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
(SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(winlogon.exe ->) (DigitalPersona, Inc. -> Crossmatch, Inc.) C:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\DPAgent.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_11f809ac26966b9b\RtkAudUService64.exe [1274712 2021-08-05] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [HPNotifications] => C:\Program Files (x86)\HP\HP Notifications\HPNotifications.exe [1585192 2019-06-28] (HP Inc. -> HP)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\DPAgent.exe, <==== ATTENTION
HKU\S-1-5-21-3055917467-3469389264-874521194-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31046640 2020-09-21] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\99.0.4844.82\Installer\chrmstp.exe [2022-03-22] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\Users\42073\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2021-01-23]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKU\S-1-5-21-3055917467-3469389264-874521194-1001\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {020111B8-48D0-4B96-B854-84C249A8D273} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {1042C573-B0EA-475D-92E5-F12F18F4741D} - System32\Tasks\bookingDesktopAppUpdateTaskMachineUA => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-03-24] (bookingDesktopApp.) [File not signed]
Task: {24F9CD54-3C45-4CE8-A7C1-63BDA672A142} - System32\Tasks\HP\Consent Manager Launcher => sc start hptouchpointanalyticsservice
Task: {27DF793A-17F8-4534-8E6E-06F5A0865616} - System32\Tasks\G2MUpdateTask-S-1-5-21-3055917467-3469389264-874521194-1001 => C:\Users\42073\AppData\Local\GoToMeeting\19932\g2mupdate.exe [31176 2021-12-06] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {28725CB7-9EC1-49C4-BD22-CFE9580A0D90} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8307120 2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {3A951303-B5E7-4230-BB6D-0F2415316B9C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22580696 2022-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {3AB9092A-205D-4026-9493-F5FC067529BB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [136368 2022-02-25] (HP Inc. -> HP Inc.)
Task: {3D34A644-5B5D-4468-8580-A6450FDA9F5E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {45D941AE-C724-4D8F-A481-1531373337B7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {47075EA0-E795-4D57-97D3-5531DEF49FB3} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\42073\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [18007968 2021-10-27] (ESET, spol. s r.o. -> ESET)
Task: {4801E263-7A80-452B-A04B-287FC72C9894} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {4B2AAC74-0BE3-4CCC-BC89-372C7CC2B35B} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\42073\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [18007968 2021-10-27] (ESET, spol. s r.o. -> ESET)
Task: {5F664E89-A04F-4E3D-B150-863ADB7275EF} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [137072 2022-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {69E5288E-8AB4-4607-B14D-F0057A5BCCD8} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40432 2020-09-21] (Garmin International, Inc. -> )
Task: {6B46AA7C-7784-4F8A-BA69-EA639690E125} - System32\Tasks\G2MUploadTask-S-1-5-21-3055917467-3469389264-874521194-1001 => C:\Users\42073\AppData\Local\GoToMeeting\19932\g2mupload.exe [31176 2021-12-06] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {6DFA3843-A7FC-4353-ADE9-83E8B38BD2F6} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22580696 2022-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {8CB2A5A3-BF67-4E8F-B6C2-D7493B1DEA5C} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [59232 2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {935773AD-9143-4764-A684-E79167B3BADB} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [137072 2022-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {98FE94DC-965F-44DD-BC46-765F4E7B856D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9C1B5321-B423-4A14-BD4F-8CB31B6782AA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8307120 2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {C0C717C3-5966-474A-942C-50544258A2B4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {D1D5C2B9-AE13-470A-ABB0-DCD8BE0A68B0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {D4551A18-2FB2-4E01-9597-601AD3376019} - System32\Tasks\bookingDesktopAppUpdateTaskMachineCore => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-03-24] (bookingDesktopApp.) [File not signed]
Task: {F3A262E6-696D-4182-B88D-7B7B1C0E43A2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-14] (Google LLC -> Google LLC)
Task: {FA7FA1F4-ACA8-45D5-AC24-11A795E2084C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-14] (Google LLC -> Google LLC)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3055917467-3469389264-874521194-1001.job => C:\Users\42073\AppData\Local\GoToMeeting\19932\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3055917467-3469389264-874521194-1001.job => C:\Users\42073\AppData\Local\GoToMeeting\19932\g2mupload.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3efc6d8c-9ec7-4f8c-81df-95afaa221c5d}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d7b31104-122b-4d5c-8040-f89d1fb38747}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\42073\AppData\Local\Microsoft\Edge\User Data\Default [2022-03-05]

FireFox:
========
FF DefaultProfile: a0pfvoup.default
FF ProfilePath: C:\Users\42073\AppData\Roaming\Mozilla\Firefox\Profiles\a0pfvoup.default [2020-01-14]
FF ProfilePath: C:\Users\42073\AppData\Roaming\Mozilla\Firefox\Profiles\lvctn243.default-release [2022-03-23]
FF Homepage: Mozilla\Firefox\Profiles\lvctn243.default-release -> www.seznam.cz
FF Session Restore: Mozilla\Firefox\Profiles\lvctn243.default-release -> is enabled.
FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - c:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome => not found
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=3 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2020-03-24] (bookingDesktopApp.) [File not signed]
FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=9 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2020-03-24] (bookingDesktopApp.) [File not signed]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-03-02] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\42073\AppData\Local\Google\Chrome\User Data\Default [2022-03-25]
CHR HomePage: Default -> hxxp://start.funmoods.com/?f=1&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1Qzu0CzztD0A0AzyyDtDtAyDzyyBtByByCzytN0D0Tzu0StBtByBtN1L2XzutBtFtCtFtCtFtAtCtB&cr=96850439
CHR StartupUrls: Default -> "hxxp://start.funmoods.com/?f=1&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1Qzu0CzztD0A0AzyyDtDtAyDzyyBtByByCzytN0D0Tzu0StBtByBtN1L2XzutBtFtCtFtCtFtAtCtB&cr=96850439"
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee_uninternational&type=E210CZ91105G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\42073\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-01-14]
CHR Extension: (Dokumenty) - C:\Users\42073\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-01-14]
CHR Extension: (Disk Google) - C:\Users\42073\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-21]
CHR Extension: (YouTube) - C:\Users\42073\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-01-14]
CHR Extension: (Adobe Acrobat: nástroje pro úpravu, převod a podpis souborů PDF) - C:\Users\42073\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-03-23]
CHR Extension: (Tabulky) - C:\Users\42073\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-01-14]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\42073\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2022-03-18]
CHR Extension: (Dokumenty Google offline) - C:\Users\42073\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-03-17]
CHR Extension: (Tlačítko Uložit pro Pinterest) - C:\Users\42073\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2022-03-03]
CHR Extension: (Screen Recorder) - C:\Users\42073\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdopnakmnlnccgpfpmjmdjjohmcdgabp [2021-05-13]
CHR Extension: (Grammarly for Chrome) - C:\Users\42073\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2022-03-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\42073\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (Gmail) - C:\Users\42073\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Participate by Lookback) - C:\Users\42073\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppapgcbnefafdghpfglgilaghielefgn [2022-03-17]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
S2 bookingdesktopapp; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-03-24] (bookingDesktopApp.) [File not signed]
S3 bookingdesktopappm; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-03-24] (bookingDesktopApp.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11649952 2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
R2 DpHost; c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe [529072 2019-06-19] (DigitalPersona, Inc. -> Crossmatch, Inc.)
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [350008 2020-12-24] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 HotKeyServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_dea730b932418dc2\HotKeyServiceUWP.exe [1512544 2021-10-30] (HP Inc. -> HP Inc.)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1321096 2018-09-28] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\AppHelperCap.exe [761856 2022-01-19] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\DiagsCap.exe [760864 2022-01-19] (HP Inc. -> HP Inc.)
R2 HPMAMSrv; C:\Program Files (x86)\HP\HP MAC Address Manager\hpMAMSrv.exe [542248 2019-04-22] (HP Inc. -> HP)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\NetworkCap.exe [756720 2022-01-19] (HP Inc. -> HP Inc.)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149480 2019-04-12] (HP Inc. -> HP)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\SysInfoCap.exe [760304 2022-01-19] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_44633d75967bb427\x64\TouchpointAnalyticsClientService.exe [494688 2021-11-21] (HP Inc. -> HP Inc.)
R2 LanWlanWwanSwitchingServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_dea730b932418dc2\LanWlanWwanSwitchingServiceUWP.exe [591968 2021-10-30] (HP Inc. -> HP Inc.)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [972936 2022-03-10] (McAfee, LLC -> McAfee, LLC)
R2 SebWindowsServiceWCF; C:\Program Files (x86)\SafeExamBrowser\SebWindowsServiceWCF\SebWindowsServiceWCF.exe [408776 2020-04-08] (Eidgenössische Technische Hochschule Zürich -> ETH Zurich)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\NisSrv.exe [3046608 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe [132504 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [50616 2021-11-24] (WDKTestCert VssAdministrator,132811656475919983 -> HP)
R3 BHTPCRDR; C:\WINDOWS\System32\drivers\bhtpcrdr.sys [202456 2020-07-07] (BayHub Technology Inc. -> BayHubTech/O2Micro)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-15] (HP Inc. -> HP Inc.)
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [60448 2021-11-24] (WDKTestCert VssAdministrator,132811656475919983 -> HP)
S3 Hsp; C:\WINDOWS\System32\drivers\Hsp.sys [110904 2022-02-10] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-03-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [439544 2022-03-15] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90360 2022-03-15] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [37280 2021-11-23] (HP Inc. -> HP)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-03-25 23:31 - 2022-03-25 23:31 - 000029000 _____ C:\Users\42073\Desktop\FRST.txt
2022-03-25 23:30 - 2022-03-25 23:31 - 000000000 ____D C:\FRST
2022-03-25 23:28 - 2022-03-25 23:28 - 002365440 _____ (Farbar) C:\Users\42073\Desktop\FRST64.exe
2022-03-22 22:40 - 2022-03-23 00:08 - 978251500 _____ C:\Users\42073\Downloads\Desperate Housewives - Zoufalé manželky S01E03 Hezký obrázek (2004) HD+.mp4
2022-03-22 20:09 - 2022-03-22 21:02 - 965175765 _____ C:\Users\42073\Downloads\Desperate Housewives - Zoufalé manželky S01E02 Ale co je pod povrchem (2004) HD+.mp4
2022-03-22 19:11 - 2022-03-22 19:39 - 505053858 _____ C:\Users\42073\Downloads\Desperate Housewives - Zoufalé manželky S01E01 Pilot (2004) HD.mp4
2022-03-17 08:17 - 2022-03-25 22:28 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-03-17 07:42 - 2022-03-17 09:35 - 2069358320 _____ C:\Users\42073\Downloads\Brilantni plan 2007 HD.avi
2022-03-11 21:10 - 2022-03-11 21:10 - 000015016 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-03-11 21:09 - 2022-03-11 21:09 - 000210432 _____ C:\WINDOWS\system32\CloudIdWxhExtension.dll
2022-03-11 21:06 - 2022-03-11 21:06 - 000000000 ___HD C:\$WinREAgent
2022-03-10 21:22 - 2022-03-10 21:22 - 000000000 ____D C:\WINDOWS\Firmware
2022-03-01 23:49 - 2022-03-01 23:49 - 000194560 _____ C:\Users\42073\Downloads\Ukonceni_PL-20-21LSkomb (1).ppt
2022-03-01 23:47 - 2022-03-01 23:47 - 000196608 _____ C:\Users\42073\Downloads\Ukonceni_PL-20-21LSkomb.ppt
2022-02-23 21:16 - 2022-02-23 21:16 - 001658150 _____ C:\Users\42073\Downloads\eTicket_4034131.pdf
2022-02-23 20:37 - 2022-02-23 20:37 - 000059496 _____ C:\Users\42073\Downloads\tabulka modrá.pptx

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-03-25 23:30 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-03-25 23:28 - 2020-01-14 21:31 - 000000000 ____D C:\Program Files (x86)\Google
2022-03-25 23:19 - 2021-06-05 13:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-03-25 22:28 - 2020-01-13 21:30 - 000000000 ____D C:\Users\42073\AppData\LocalLow\Mozilla
2022-03-25 21:56 - 2021-06-05 13:10 - 000000000 ___HD C:\Program Files\WindowsApps
2022-03-25 21:56 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-03-25 21:47 - 2020-06-06 08:13 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-03-25 21:47 - 2020-06-06 08:13 - 000002282 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-03-25 21:45 - 2020-01-13 21:28 - 000000000 ___RD C:\Users\42073\OneDrive
2022-03-25 21:45 - 2020-01-13 20:24 - 000000000 __SHD C:\Users\42073\IntelGraphicsProfiles
2022-03-24 23:25 - 2021-12-16 22:08 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-03-24 19:03 - 2020-01-13 20:24 - 000000000 ____D C:\Users\42073\AppData\Local\Packages
2022-03-24 19:03 - 2019-04-19 19:32 - 000000000 ____D C:\ProgramData\Packages
2022-03-23 21:24 - 2021-03-02 16:19 - 000000000 ____D C:\Users\42073\AppData\Local\D3DSCache
2022-03-23 21:22 - 2021-12-16 22:14 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3055917467-3469389264-874521194-1001
2022-03-23 21:22 - 2021-12-16 22:14 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3055917467-3469389264-874521194-1001
2022-03-23 21:22 - 2020-10-04 22:27 - 000002385 _____ C:\Users\42073\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-03-23 00:48 - 2022-02-10 12:16 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-03-22 18:34 - 2020-01-14 21:32 - 000002309 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-03-22 18:34 - 2020-01-14 21:32 - 000002268 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-03-22 00:20 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-03-18 12:17 - 2021-12-16 22:16 - 001714894 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-03-18 12:17 - 2021-06-05 18:20 - 000727326 _____ C:\WINDOWS\system32\perfh005.dat
2022-03-18 12:17 - 2021-06-05 18:20 - 000151236 _____ C:\WINDOWS\system32\perfc005.dat
2022-03-18 12:17 - 2021-06-05 13:09 - 000000000 ____D C:\WINDOWS\INF
2022-03-18 12:13 - 2021-12-16 22:14 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-03-18 12:13 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\ServiceState
2022-03-18 12:13 - 2021-06-05 13:01 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-03-18 12:13 - 2020-10-04 23:11 - 000012288 ___SH C:\DumpStack.log.tmp
2022-03-18 12:13 - 2020-01-13 21:30 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-03-18 12:13 - 2019-11-14 10:40 - 000000000 ___HD C:\Intel
2022-03-18 09:54 - 2021-06-05 13:01 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-03-17 23:43 - 2020-04-23 20:49 - 000000000 ____D C:\Users\42073\AppData\Roaming\vlc
2022-03-17 11:28 - 2021-12-16 22:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-03-17 11:28 - 2020-01-13 21:30 - 000001013 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-03-15 18:56 - 2019-04-19 19:26 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-03-14 22:18 - 2020-04-22 11:26 - 000002144 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2022-03-13 00:24 - 2021-12-16 22:08 - 000593160 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-03-13 00:23 - 2021-06-05 13:10 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-03-13 00:23 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-03-13 00:23 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SystemResources
2022-03-13 00:23 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-03-13 00:23 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-03-13 00:23 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-03-13 00:23 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-03-13 00:23 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-03-11 21:14 - 2020-08-25 22:37 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-03-11 21:14 - 2020-01-17 20:57 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-03-11 21:13 - 2020-01-17 20:57 - 145666720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-03-11 21:09 - 2021-12-16 22:09 - 003102208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-03-10 21:31 - 2019-11-14 10:51 - 000000000 ____D C:\Program Files\Microsoft Office
2022-03-09 20:39 - 2022-01-18 22:09 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d7f2c154c9e51b
2022-03-09 20:39 - 2021-12-16 22:14 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-03-06 17:50 - 2021-12-16 22:14 - 000003858 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2022-03-06 17:50 - 2021-12-16 22:14 - 000003416 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2022-03-06 17:50 - 2021-10-27 23:45 - 000001386 _____ C:\Users\42073\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2022-03-05 08:19 - 2021-12-16 22:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2022-03-01 00:36 - 2020-08-25 22:37 - 000504136 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2022-03-01 00:36 - 2020-08-25 22:37 - 000491848 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll

==================== Files in the root of some directories ========

2020-03-25 00:47 - 2020-03-25 00:47 - 000000045 _____ () C:\Users\42073\AppData\Roaming\WB.CFG
2021-05-23 22:34 - 2021-05-23 22:34 - 000007475 _____ () C:\Users\42073\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-03-2022
Ran by 42073 (25-03-2022 23:32:28)
Running from C:\Users\42073\Desktop
Microsoft Windows 11 Home Version 21H2 22000.556 (X64) (2021-12-16 21:14:33)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

42073 (S-1-5-21-3055917467-3469389264-874521194-1001 - Administrator - Enabled) => C:\Users\42073
Administrator (S-1-5-21-3055917467-3469389264-874521194-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3055917467-3469389264-874521194-503 - Limited - Disabled)
Guest (S-1-5-21-3055917467-3469389264-874521194-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3055917467-3469389264-874521194-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 22.001.20085 - Adobe Systems Incorporated)
ANT Drivers Installer x64 (HKLM\...\{16BA964D-698D-4663-8FA7-B9613DA7958B}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Audacity 2.4.2 (HKLM-x32\...\Audacity_is1) (Version: 2.4.2 - Audacity Team)
Booking (HKLM-x32\...\{13D4CD54-EA09-4FDB-B979-8B2BC0F020CA}_is1) (Version: 2.0.701 - Booking)
Elevated Installer (HKLM-x32\...\{877496C2-70B0-42F1-835A-FAFE2CF0199C}) (Version: 7.1.4.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{235f2ee5-7383-44df-a298-01221caa5532}) (Version: 7.1.4.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{E944FA32-8BCF-474F-BFB2-D1EF24555873}) (Version: 7.1.4.0 - Garmin Ltd or its subsidiaries) Hidden
GIMP 2.10.24 (HKLM\...\GIMP-2_is1) (Version: 2.10.24 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 99.0.4844.82 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
GoTo Opener (HKLM-x32\...\{C0F33C38-345C-4C02-B161-11389350C2A5}) (Version: 1.0.533 - LogMeIn, Inc.)
GoToMeeting 10.18.0.19932 (HKU\S-1-5-21-3055917467-3469389264-874521194-1001\...\GoToMeeting) (Version: 10.18.0.19932 - LogMeIn, Inc.)
HP Client Security Manager (HKLM\...\HPProtectTools) (Version: 9.4.1.2817 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.15.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP MAC Address Manager (HKLM-x32\...\{21FA165F-905C-4DDA-B00A-00C3A5D17BBA}) (Version: 1.1.19.1 - HP Inc.)
HP Notifications (HKLM-x32\...\{645A4621-EB2A-4943-A01D-B39C345560A8}) (Version: 1.1.19.1 - HP)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.5.10103.7263 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{4551f75f-3c54-4f09-8221-8c8a061bad00}) (Version: 10.1.18019.8144 - Intel(R) Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1915.12.0.1259 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.6952 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1915.1 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{c6de84fd-ece7-4c2a-9f06-8cabe7ab79a0}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.14931.20132 - Microsoft Corporation)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.14931.20132 - Microsoft Corporation)
Microsoft 365 - sk-sk (HKLM\...\O365HomePremRetail - sk-sk) (Version: 16.0.14931.20132 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 99.0.1150.52 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 99.0.1150.46 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Retail - cs-cz) (Version: 16.0.14931.20132 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3055917467-3469389264-874521194-1001\...\OneDriveSetup.exe) (Version: 22.045.0227.0004 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3055917467-3469389264-874521194-1001\...\Teams) (Version: 1.3.00.34662 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{4812E2CC-BAA9-49AE-B310-DA845882322B}) (Version: 4.66.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 98.0.1 (x64 cs)) (Version: 98.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 72.0.1 - Mozilla)
MPC-HC 1.7.11 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.11 - MPC-HC Team)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14931.20010 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14931.20094 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Realtek USB Audio (HKLM-x32\...\{0A46A65D-89AC-464C-8026-3CD44960BD04}) (Version: 6.3.9600.216 - Realtek Semiconductor Corp.)
SafeExamBrowser (HKLM-x32\...\{6CFE830A-37CD-4369-B7B5-DFA6D8A41138}) (Version: 2.4 - ETH Zurich)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.685 - McAfee, LLC)
Zoom (HKU\S-1-5-21-3055917467-3469389264-874521194-1001\...\ZoomUMX) (Version: 5.5.2 (12494.0204) - Zoom Video Communications, Inc.)

Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.16.62.0_x86__kgqvnymyfvs32 [2022-03-10] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.76.6.0_x64__kgqvnymyfvs32 [2022-03-17] (king.com)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-12-10] (Microsoft Corporation)
HP Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.HPAudioControl_2.27.252.0_x64__dt26b99r8h8gj [2021-09-20] (Realtek Semiconductor Corp)
HP JumpStarts -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStarts_1.10.1627.0_x64__v10z8vjag6ke6 [2022-03-07] (HP Inc.)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_1.8.0.0_x64__v10z8vjag6ke6 [2021-10-15] (HP Inc.)
HP Power Manager -> C:\Program Files\WindowsApps\AD2F1837.HPPowerManager_2.1.24.0_x64__v10z8vjag6ke6 [2021-12-24] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.0.42.0_x64__v10z8vjag6ke6 [2021-12-09] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.14.42.0_x64__v10z8vjag6ke6 [2022-03-04] (HP Inc.)
HP System Information -> C:\Program Files\WindowsApps\AD2F1837.HPSystemInformation_7.0.18.0_x64__v10z8vjag6ke6 [2020-09-18] (HP Inc.)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-02-17] (INTEL CORP)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2020-01-21] (LinkedIn)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-12-16] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-12-16] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.3171.0_x64__8wekyb3d8bbwe [2022-03-25] (Microsoft Studios) [MS Ad]
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3407.0_x64__8j3eq9eme6ctt [2022-03-07] (INTEL CORP) [Startup Task]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0 [2022-03-22] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3055917467-3469389264-874521194-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\42073\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20289.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3055917467-3469389264-874521194-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\42073\AppData\Local\GoToMeeting\17359\G2MOutlookAddin64.dll => No File
CustomCLSID: HKU\S-1-5-21-3055917467-3469389264-874521194-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\42073\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-09-09 07:13 - 2019-09-09 07:13 - 001364992 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Garmin\Express\CefSharp.Core.dll
2020-09-21 10:27 - 2020-09-21 10:27 - 000073216 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Garmin\Express\FixBootSector.dll
2017-05-08 09:35 - 2017-05-08 09:35 - 000325632 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Garmin\Express\GpsImgWrapper.dll
2019-07-27 08:57 - 2019-07-27 08:57 - 096071680 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\libcef.dll
2020-09-21 10:27 - 2020-09-21 10:27 - 001976832 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Garmin\Express\XercesLib.dll
2020-03-24 20:47 - 2020-03-24 20:47 - 001743360 ____T (bookingDesktopApp.) [File not signed] C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\bookingDesktopApppdate.dll
2019-06-19 23:20 - 2019-06-19 23:20 - 000382464 _____ (Crossmatch, Inc.) [File not signed] c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DPCPFelica.dll
2019-06-19 23:20 - 2019-06-19 23:20 - 000338432 _____ (Crossmatch, Inc.) [File not signed] c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DPDevice2.dll
2019-06-19 23:19 - 2019-06-19 23:19 - 000456192 _____ (Crossmatch, Inc.) [File not signed] c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DPDevice5.dll
2020-09-21 10:31 - 2020-09-21 10:31 - 000234496 _____ (Dynastream Innovations Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\ANT_WrappedLib.dll
2020-09-21 10:27 - 2020-09-21 10:27 - 002711552 _____ (Garmin International) [File not signed] [File is in use] C:\Program Files (x86)\Garmin\Express\legacyio.dll
2017-05-08 09:35 - 2017-05-08 09:35 - 000343552 _____ (Garmin International, Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\IMG_GPSMAP.dll
2020-09-21 10:27 - 2020-09-21 10:27 - 000425472 _____ (Garmin) [File not signed] C:\Program Files (x86)\Garmin\Express\XMLdll.dll
2020-03-20 20:02 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2020-04-21 17:13 - 2020-04-21 17:13 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2020-04-21 17:13 - 2020-04-21 17:13 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2022-02-15 10:42 - 2022-02-15 10:42 - 000137168 _____ (Microsoft Windows -> Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.95.0_x64__cw5n1h2txyewy\Dashboard\WebView2Loader.dll
2020-09-21 10:29 - 2020-09-21 10:29 - 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\DSI_SiUSBXp_3_1.DLL
2019-07-27 08:57 - 2019-07-27 08:57 - 000762368 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Garmin\Express\chrome_elf.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-3055917467-3469389264-874521194-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2022-03-10] (McAfee, LLC -> McAfee, LLC)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2022-02-25] (HP Inc. -> HP Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2022-03-10] (McAfee, LLC -> McAfee, LLC)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2022-02-25] (HP Inc. -> HP Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-03-03] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3055917467-3469389264-874521194-1001\...\sharepoint.com -> hxxps://occamczech-myfiles.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3055917467-3469389264-874521194-1001\Control Panel\Desktop\\Wallpaper -> C:\windows\web\wallpaper\HP\HP_SNOW_3840x2160.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{92627273-9AE0-4A4C-BD33-6BF5952A1A3C}C:\users\42073\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\42073\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{05CC1836-129F-4E25-95A9-7183C1AF8F5B}C:\users\42073\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\42073\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3D3BA070-9407-4D53-96A2-BE5404A885ED}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F8677A1E-2389-4A93-89D2-23B2459BEB64}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{5F6E1454-3BA8-4F93-8220-9D245C85D93A}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{2B0CA60E-D917-4C0C-8743-A44D7F67AAFC}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{702FA744-5225-4C58-AAEA-36219602AF8E}C:\users\42073\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\42073\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{089576ED-FB31-49FC-9D51-DE08D1017B84}C:\users\42073\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\42073\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{69984B23-EB8B-4E87-AD14-E6A845AA4589}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{D0C4DAA7-B4AE-41F7-9A37-BF4EC16B1374}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{B62AEE05-EA72-44E8-8DBC-F35FF2DDBD35}] => (Allow) C:\Users\42073\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{73055CDA-8A82-48A4-BE17-4CA3E0531E99}] => (Allow) C:\Users\42073\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{743522FB-FAF8-4D31-8C3A-5F6FC181C6C7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F289BEE4-F5B1-427C-AB41-00BB8703A54C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{57801A46-C711-4ABF-BA93-32604D7B1DBB}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2FB46681-7741-4FBE-B7FE-7F854790C81C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8D29AF81-8E02-4990-9DEB-5C416DAE0214}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4E8C38F6-13CD-4309-A4E4-4B0A2F0CD5C8}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22055.502.1226.2344_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EE055A2B-1EC5-4C7E-AB2B-4145DA690F35}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22055.502.1226.2344_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{541E3F80-9650-4A6E-8FB9-609B0EC3DCD4}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\99.0.1150.46\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F0B9935C-C0BC-4FBD-AE83-3A83D4E5F17B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8069C68D-822B-4D28-977C-E7D54C43CB54}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0AB92F73-F644-44FA-8ABD-FB2A5CD906B8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{757174D1-0DBE-46DF-8952-EE8FB72BEB50}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2D755574-3D0A-460C-A275-84F2F109EF9A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{860C3B50-2F78-481B-A15C-8896113FCE34}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A1A1AFB2-70D7-4269-AE52-07D68174159B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0E398E12-CF6B-491E-8433-890B9AD8E8E1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FE3D13C6-B5FE-44DF-B262-F4D96E2024A2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E133B9AE-0C7C-4C8F-8F6C-53FF2A89A9DE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F65AA7C7-ED30-4A74-9B08-71ABE4B4EC5A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{676CB7E0-0823-44C1-B509-9FB9C4740B45}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3E0E079D-75AC-4591-92AA-3F3BF0E1F228}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

==================== Restore Points =========================

11-03-2022 21:06:06 Instalační služba modulů systému Windows
18-03-2022 09:54:13 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/24/2022 07:03:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SysInfoCap.exe, verze: 1.40.2695.0, časové razítko: 0x61e73add
Název chybujícího modulu: combase.dll, verze: 10.0.22000.527, časové razítko: 0x244b2314
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000047285
ID chybujícího procesu: 0x2db4
Čas spuštění chybující aplikace: 0x01d83ef3b29cf607
Cesta k chybující aplikaci: C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\SysInfoCap.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\combase.dll
ID zprávy: 1ff6b3ec-17cd-435d-8653-f63cd2c4ffaf
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/23/2022 09:22:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SysInfoCap.exe, verze: 1.40.2695.0, časové razítko: 0x61e73add
Název chybujícího modulu: combase.dll, verze: 10.0.22000.527, časové razítko: 0x244b2314
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000047285
ID chybujícího procesu: 0x900
Čas spuštění chybující aplikace: 0x01d83ab937d11d26
Cesta k chybující aplikaci: C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\SysInfoCap.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\combase.dll
ID zprávy: 8a95ecef-118e-4354-9325-d37af8eb7797
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/17/2022 07:40:38 AM) (Source: HP Comm Recovery) (EventID: 0) (User: )
Description: Zpracování události PowerEvent se nezdařilo. Chyba, ke které došlo: System.IO.IOException: Proces nemůže přistupovat k souboru C:\Windows\Temp\signtool.exe, protože soubor je využíván jiným procesem.
v System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
v System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost)
v System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)
v System.IO.FileStream..ctor(String path, FileMode mode)
v _HPCommRecovery.Tools.Signtool.ExtractSignTool()
v _HPCommRecovery.Tools.Signtool.Verify(String arg)
v _HPCommRecovery.HPAHAgent.CallAgent()
v _HPCommRecovery.AppSession..ctor(DateTime Current, String LogPath)
v _HPCommRecovery.HPAHLogger.NewSession()
v _HPCommRecovery.HPCommRecove....

Error: (03/14/2022 07:42:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SysInfoCap.exe, verze: 1.40.2695.0, časové razítko: 0x61e73add
Název chybujícího modulu: combase.dll, verze: 10.0.22000.527, časové razítko: 0x244b2314
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000047285
ID chybujícího procesu: 0xa4c
Čas spuštění chybující aplikace: 0x01d836ba7787b305
Cesta k chybující aplikaci: C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\SysInfoCap.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\combase.dll
ID zprávy: ab229067-f7fc-46dd-b8e7-ca7df3999e1f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/14/2022 07:41:58 PM) (Source: HP Comm Recovery) (EventID: 0) (User: )
Description: Zpracování události PowerEvent se nezdařilo. Chyba, ke které došlo: System.IO.IOException: Proces nemůže přistupovat k souboru C:\Windows\Temp\signtool.exe, protože soubor je využíván jiným procesem.
v System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
v System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost)
v System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)
v System.IO.FileStream..ctor(String path, FileMode mode)
v _HPCommRecovery.Tools.Signtool.ExtractSignTool()
v _HPCommRecovery.Tools.Signtool.Verify(String arg)
v _HPCommRecovery.HPAHAgent.CallAgent()
v _HPCommRecovery.AppSession..ctor(DateTime Current, String LogPath)
v _HPCommRecovery.HPAHLogger.NewSession()
v _HPCommRecovery.HPCommRecove....

Error: (03/13/2022 12:24:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DpHostW.exe, verze: 9.4.1.62, časové razítko: 0x5d0af1e4
Název chybujícího modulu: DPFPEngineDP.dll, verze: 9.4.1.62, časové razítko: 0x5d0af56c
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000001f98b
ID chybujícího procesu: 0x1264
Čas spuštění chybující aplikace: 0x01d836684fd2ba5d
Cesta k chybující aplikaci: c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe
Cesta k chybujícímu modulu: c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DPFPEngineDP.dll
ID zprávy: 96e2f107-13dc-4cc4-b8d8-11546bd17f54
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/12/2022 09:06:05 AM) (Source: HP Comm Recovery) (EventID: 0) (User: )
Description: Zpracování události PowerEvent se nezdařilo. Chyba, ke které došlo: System.IO.IOException: Proces nemůže přistupovat k souboru C:\Windows\Temp\signtool.exe, protože soubor je využíván jiným procesem.
v System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
v System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost)
v System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)
v System.IO.FileStream..ctor(String path, FileMode mode)
v _HPCommRecovery.Tools.Signtool.ExtractSignTool()
v _HPCommRecovery.Tools.Signtool.Verify(String arg)
v _HPCommRecovery.HPAHAgent.CallAgent()
v _HPCommRecovery.AppSession..ctor(DateTime Current, String LogPath)
v _HPCommRecovery.HPAHLogger.NewSession()
v _HPCommRecovery.HPCommRecove....

Error: (03/11/2022 05:52:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DpHostW.exe, verze: 9.4.1.62, časové razítko: 0x5d0af1e4
Název chybujícího modulu: DPFPEngineDP.dll, verze: 9.4.1.62, časové razítko: 0x5d0af56c
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000001f98b
ID chybujícího procesu: 0x145c
Čas spuštění chybující aplikace: 0x01d8356870409fb5
Cesta k chybující aplikaci: c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe
Cesta k chybujícímu modulu: c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DPFPEngineDP.dll
ID zprávy: d55bc9a6-f3ed-4609-a660-13909a51510a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (03/25/2022 09:45:57 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-BBIA4VM)
Description: Nelze spustit server DCOM: {5250E46F-BB09-D602-5891-F476DC89B700} jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147958016
při provádění příkazu:
"C:\WINDOWS\system32\DllHost.exe" /Processid:{5250E46F-BB09-D602-5891-F476DC89B700}

Error: (03/25/2022 09:45:40 PM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{D7B31104-122B-4D5C-8040-F89D1FB38747}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (03/24/2022 07:03:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP System Info HSA Service byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (03/24/2022 07:03:32 PM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{D7B31104-122B-4D5C-8040-F89D1FB38747}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (03/23/2022 09:22:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP System Info HSA Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (03/23/2022 09:21:52 PM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{D7B31104-122B-4D5C-8040-F89D1FB38747}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (03/22/2022 06:35:01 PM) (Source: Service Control Manager) (EventID: 7046) (User: )
Description: Následující služba přestala opakovaně odpovídat na požadavky řízení služby: HP Hotkey UWP Service

Kontaktujte dodavatele služby nebo správce systému a poraďte se s nimi, zda je vhodné službu vypnout, dokud nebude zjištěna příčina problému.

Před vypnutím služby bude pravděpodobně nutné restartovat počítač v nouzovém režimu.

Error: (03/22/2022 06:34:31 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby HotKeyServiceUWP bylo dosaženo časového limitu (30000 ms).


Windows Defender:
================
Date: 2022-03-25 21:56:58
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {013EED78-56C3-4CA8-B0ED-A96132554AEE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-03-24 23:24:50
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {4098734F-625D-4BB0-852F-5F8E9236A0D9}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-03-07 20:17:44
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {207F0415-4C93-47B5-B7EC-F1AF76AAF83B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-03-05 12:37:17
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {DD8D985E-098C-4DC1-9EF2-EE2F9D544347}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-02-23 18:47:57
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {C2091958-B4FF-4172-8552-7911CD8E1869}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]

Date: 2022-01-31 19:52:09
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.355.2814.0
Předchozí verze bezpečnostních informací: 1.355.2795.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18800.4
Předchozí verze modulu: 1.1.18800.4
Kód chyby: 0x80508007
Popis chyby: Zařízení nemá dostatek paměti. Ukončete některé programy a opakujte akci, nebo v nápovědě a podpoře vyhledejte informace, jak se vyhnout potížím s nedostatkem paměti.

Date: 2022-01-31 19:52:09
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.355.2814.0
Předchozí verze bezpečnostních informací: 1.355.2795.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18800.4
Předchozí verze modulu: 1.1.18800.4
Kód chyby: 0x80508007
Popis chyby: Zařízení nemá dostatek paměti. Ukončete některé programy a opakujte akci, nebo v nápovědě a podpoře vyhledejte informace, jak se vyhnout potížím s nedostatkem paměti.

CodeIntegrity:
===============
Date: 2022-03-18 12:24:12
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_00352e148f6a4096\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-03-18 12:23:48
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: HP R71 Ver. 01.19.00 01/13/2022
Motherboard: HP 8538
Processor: Intel(R) Core(TM) i3-8145U CPU @ 2.10GHz
Percentage of memory in use: 80%
Total physical RAM: 8063.7 MB
Available physical RAM: 1558.12 MB
Total Virtual: 18901.24 MB
Available Virtual: 10335.24 MB

==================== Drives ================================

Drive c: (Windows ) (Fixed) (Total:475.72 GB) (Free:331.6 GB) (Protected) NTFS

\\?\Volume{f9bd2a87-4834-42a8-9a82-023978eb73e1}\ () (Fixed) (Total:0.94 GB) (Free:0.08 GB) NTFS
\\?\Volume{0e0c1329-706f-4e5d-ae48-d8a74bbb5fa3}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.13 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 94C45EC3)

Partition: GPT.

==================== End of Addition.txt =======================

Re: Prosím o kontrolu LOGu, neustále se mi nastavuje Yahoo jako vyhledávač v Chrome

Napsal: 26 bře 2022 11:34
od Rudy
Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: Prosím o kontrolu LOGu, neustále se mi nastavuje Yahoo jako vyhledávač v Chrome

Napsal: 26 bře 2022 13:06
od pepperbox
# -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build: 11-18-2021
# Database: 2022-03-15.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-26-2022
# Duration: 00:00:02
# OS: Windows 10 Home
# Cleaned: 10
# Failed: 1


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\csastats
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utilman.exe
Deleted HKLM\Software\Classes\CLSID\{6BC1E857-E2AC-4787-91AD-8D23D871496D}
Deleted HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon|Userinit
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{6BC1E857-E2AC-4787-91AD-8D23D871496D}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utilman.exe

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted ICQ Search
Deleted My Web Search Bar
Deleted http://start.funmoods.com/?f=1&a=iron2& ... r=96850439
Deleted http://start.funmoods.com/?f=1&a=iron2& ... r=96850439
Not Deleted Web Search

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [4322 octets] - [26/03/2022 13:04:02]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Re: Prosím o kontrolu LOGu, neustále se mi nastavuje Yahoo jako vyhledávač v Chrome

Napsal: 26 bře 2022 16:21
od Rudy
Dejte nové logy FRST+Addition.

Re: Prosím o kontrolu LOGu, neustále se mi nastavuje Yahoo jako vyhledávač v Chrome

Napsal: 26 bře 2022 20:20
od pepperbox
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-03-2022
Ran by 42073 (administrator) on DESKTOP-BBIA4VM (HP HP ProBook 450 G6) (26-03-2022 20:15:01)
Running from C:\Users\42073\Desktop
Loaded Profiles: 42073
Platform: Microsoft Windows 11 Home Version 21H2 22000.556 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe ->) (DigitalPersona, Inc. -> Crossmatch, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_22055.502.1226.2344_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\99.0.1150.46\msedgewebview2.exe <6>
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCopyAccelerator.exe
(cmd.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\browserhost.exe
(DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\BridgeCommunication.exe
(explorer.exe ->) (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express\express.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <19>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\runonce.exe
(services.exe ->) (DigitalPersona, Inc. -> Crossmatch, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_44633d75967bb427\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_dea730b932418dc2\HotKeyServiceUWP.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_dea730b932418dc2\LanWlanWwanSwitchingServiceUWP.exe
(services.exe ->) (HP Inc. -> HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_9196e89091d8bdbb\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_c0fd909ca6e7d672\LMS.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_11f809ac26966b9b\RtkAudUService64.exe <3>
(svchost.exe ->) (bookingDesktopApp.) [File not signed] C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe <2>
(svchost.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe <2>
(svchost.exe ->) (HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPJumpStarts_1.10.1627.0_x64__v10z8vjag6ke6\HP.JumpStarts.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2202.10603.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\MoUsoCoreWorker.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_11f809ac26966b9b\RtkAudUService64.exe [1274712 2021-08-05] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [HPNotifications] => C:\Program Files (x86)\HP\HP Notifications\HPNotifications.exe [1585192 2019-06-28] (HP Inc. -> HP)
HKU\S-1-5-21-3055917467-3469389264-874521194-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31046640 2020-09-21] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\99.0.4844.82\Installer\chrmstp.exe [2022-03-22] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\Users\42073\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2021-01-23]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKU\S-1-5-21-3055917467-3469389264-874521194-1001\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {020111B8-48D0-4B96-B854-84C249A8D273} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {1042C573-B0EA-475D-92E5-F12F18F4741D} - System32\Tasks\bookingDesktopAppUpdateTaskMachineUA => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-03-24] (bookingDesktopApp.) [File not signed]
Task: {24F9CD54-3C45-4CE8-A7C1-63BDA672A142} - System32\Tasks\HP\Consent Manager Launcher => sc start hptouchpointanalyticsservice
Task: {27DF793A-17F8-4534-8E6E-06F5A0865616} - System32\Tasks\G2MUpdateTask-S-1-5-21-3055917467-3469389264-874521194-1001 => C:\Users\42073\AppData\Local\GoToMeeting\19932\g2mupdate.exe [31176 2021-12-06] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {28725CB7-9EC1-49C4-BD22-CFE9580A0D90} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8307120 2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {3A951303-B5E7-4230-BB6D-0F2415316B9C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22580696 2022-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {3AB9092A-205D-4026-9493-F5FC067529BB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [136368 2022-02-25] (HP Inc. -> HP Inc.)
Task: {3D34A644-5B5D-4468-8580-A6450FDA9F5E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {45D941AE-C724-4D8F-A481-1531373337B7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {47075EA0-E795-4D57-97D3-5531DEF49FB3} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\42073\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [18007968 2021-10-27] (ESET, spol. s r.o. -> ESET)
Task: {4801E263-7A80-452B-A04B-287FC72C9894} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {4B2AAC74-0BE3-4CCC-BC89-372C7CC2B35B} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\42073\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [18007968 2021-10-27] (ESET, spol. s r.o. -> ESET)
Task: {5F664E89-A04F-4E3D-B150-863ADB7275EF} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [137072 2022-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {69E5288E-8AB4-4607-B14D-F0057A5BCCD8} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40432 2020-09-21] (Garmin International, Inc. -> )
Task: {6B46AA7C-7784-4F8A-BA69-EA639690E125} - System32\Tasks\G2MUploadTask-S-1-5-21-3055917467-3469389264-874521194-1001 => C:\Users\42073\AppData\Local\GoToMeeting\19932\g2mupload.exe [31176 2021-12-06] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {6DFA3843-A7FC-4353-ADE9-83E8B38BD2F6} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22580696 2022-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {8CB2A5A3-BF67-4E8F-B6C2-D7493B1DEA5C} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [59232 2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {935773AD-9143-4764-A684-E79167B3BADB} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [137072 2022-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {98FE94DC-965F-44DD-BC46-765F4E7B856D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9C1B5321-B423-4A14-BD4F-8CB31B6782AA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8307120 2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {C0C717C3-5966-474A-942C-50544258A2B4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {D1D5C2B9-AE13-470A-ABB0-DCD8BE0A68B0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {D4551A18-2FB2-4E01-9597-601AD3376019} - System32\Tasks\bookingDesktopAppUpdateTaskMachineCore => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-03-24] (bookingDesktopApp.) [File not signed]
Task: {F3A262E6-696D-4182-B88D-7B7B1C0E43A2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-14] (Google LLC -> Google LLC)
Task: {FA7FA1F4-ACA8-45D5-AC24-11A795E2084C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-14] (Google LLC -> Google LLC)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3055917467-3469389264-874521194-1001.job => C:\Users\42073\AppData\Local\GoToMeeting\19932\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3055917467-3469389264-874521194-1001.job => C:\Users\42073\AppData\Local\GoToMeeting\19932\g2mupload.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3efc6d8c-9ec7-4f8c-81df-95afaa221c5d}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d7b31104-122b-4d5c-8040-f89d1fb38747}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\42073\AppData\Local\Microsoft\Edge\User Data\Default [2022-03-05]

FireFox:
========
FF DefaultProfile: a0pfvoup.default
FF ProfilePath: C:\Users\42073\AppData\Roaming\Mozilla\Firefox\Profiles\a0pfvoup.default [2020-01-14]
FF ProfilePath: C:\Users\42073\AppData\Roaming\Mozilla\Firefox\Profiles\lvctn243.default-release [2022-03-23]
FF Homepage: Mozilla\Firefox\Profiles\lvctn243.default-release -> www.seznam.cz
FF Session Restore: Mozilla\Firefox\Profiles\lvctn243.default-release -> is enabled.
FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - c:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome => not found
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=3 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2020-03-24] (bookingDesktopApp.) [File not signed]
FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=9 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2020-03-24] (bookingDesktopApp.) [File not signed]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-03-02] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\42073\AppData\Local\Google\Chrome\User Data\Default [2022-03-26]
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee_uninternational&type=E210CZ91105G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\42073\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-01-14]
CHR Extension: (Dokumenty) - C:\Users\42073\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-01-14]
CHR Extension: (Disk Google) - C:\Users\42073\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-21]
CHR Extension: (YouTube) - C:\Users\42073\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-01-14]
CHR Extension: (Adobe Acrobat: nástroje pro úpravu, převod a podpis souborů PDF) - C:\Users\42073\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-03-23]
CHR Extension: (Tabulky) - C:\Users\42073\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-01-14]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\42073\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2022-03-18]
CHR Extension: (Dokumenty Google offline) - C:\Users\42073\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-03-17]
CHR Extension: (Tlačítko Uložit pro Pinterest) - C:\Users\42073\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2022-03-03]
CHR Extension: (Screen Recorder) - C:\Users\42073\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdopnakmnlnccgpfpmjmdjjohmcdgabp [2021-05-13]
CHR Extension: (Grammarly for Chrome) - C:\Users\42073\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2022-03-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\42073\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (Gmail) - C:\Users\42073\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Participate by Lookback) - C:\Users\42073\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppapgcbnefafdghpfglgilaghielefgn [2022-03-17]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
S2 bookingdesktopapp; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-03-24] (bookingDesktopApp.) [File not signed]
S3 bookingdesktopappm; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-03-24] (bookingDesktopApp.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11649952 2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
R2 DpHost; c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe [529072 2019-06-19] (DigitalPersona, Inc. -> Crossmatch, Inc.)
S2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [350008 2020-12-24] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 HotKeyServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_dea730b932418dc2\HotKeyServiceUWP.exe [1512544 2021-10-30] (HP Inc. -> HP Inc.)
S2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1321096 2018-09-28] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\AppHelperCap.exe [761856 2022-01-19] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\DiagsCap.exe [760864 2022-01-19] (HP Inc. -> HP Inc.)
S2 HPMAMSrv; C:\Program Files (x86)\HP\HP MAC Address Manager\hpMAMSrv.exe [542248 2019-04-22] (HP Inc. -> HP)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\NetworkCap.exe [756720 2022-01-19] (HP Inc. -> HP Inc.)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149480 2019-04-12] (HP Inc. -> HP)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\SysInfoCap.exe [760304 2022-01-19] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_44633d75967bb427\x64\TouchpointAnalyticsClientService.exe [494688 2021-11-21] (HP Inc. -> HP Inc.)
R2 LanWlanWwanSwitchingServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_dea730b932418dc2\LanWlanWwanSwitchingServiceUWP.exe [591968 2021-10-30] (HP Inc. -> HP Inc.)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [972936 2022-03-10] (McAfee, LLC -> McAfee, LLC)
S2 SebWindowsServiceWCF; C:\Program Files (x86)\SafeExamBrowser\SebWindowsServiceWCF\SebWindowsServiceWCF.exe [408776 2020-04-08] (Eidgenössische Technische Hochschule Zürich -> ETH Zurich)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\NisSrv.exe [3046608 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe [132504 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [50616 2021-11-24] (WDKTestCert VssAdministrator,132811656475919983 -> HP)
R3 BHTPCRDR; C:\WINDOWS\System32\drivers\bhtpcrdr.sys [202456 2020-07-07] (BayHub Technology Inc. -> BayHubTech/O2Micro)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-15] (HP Inc. -> HP Inc.)
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [60448 2021-11-24] (WDKTestCert VssAdministrator,132811656475919983 -> HP)
S3 Hsp; C:\WINDOWS\System32\drivers\Hsp.sys [110904 2022-02-10] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-03-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [439544 2022-03-15] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90360 2022-03-15] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [37280 2021-11-23] (HP Inc. -> HP)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-03-26 13:03 - 2022-03-26 13:05 - 000000000 ____D C:\AdwCleaner
2022-03-26 13:02 - 2022-03-26 13:02 - 008540344 _____ (Malwarebytes) C:\Users\42073\Desktop\adwcleaner.exe
2022-03-25 23:32 - 2022-03-25 23:33 - 000040863 _____ C:\Users\42073\Desktop\Addition.txt
2022-03-25 23:31 - 2022-03-26 20:15 - 000026140 _____ C:\Users\42073\Desktop\FRST.txt
2022-03-25 23:30 - 2022-03-26 20:15 - 000000000 ____D C:\FRST
2022-03-25 23:28 - 2022-03-25 23:28 - 002365440 _____ (Farbar) C:\Users\42073\Desktop\FRST64.exe
2022-03-22 22:40 - 2022-03-23 00:08 - 978251500 _____ C:\Users\42073\Downloads\Desperate Housewives - Zoufalé manželky S01E03 Hezký obrázek (2004) HD+.mp4
2022-03-22 20:09 - 2022-03-22 21:02 - 965175765 _____ C:\Users\42073\Downloads\Desperate Housewives - Zoufalé manželky S01E02 Ale co je pod povrchem (2004) HD+.mp4
2022-03-22 19:11 - 2022-03-22 19:39 - 505053858 _____ C:\Users\42073\Downloads\Desperate Housewives - Zoufalé manželky S01E01 Pilot (2004) HD.mp4
2022-03-17 08:17 - 2022-03-25 22:28 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-03-17 07:42 - 2022-03-17 09:35 - 2069358320 _____ C:\Users\42073\Downloads\Brilantni plan 2007 HD.avi
2022-03-11 21:10 - 2022-03-11 21:10 - 000015016 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-03-11 21:09 - 2022-03-11 21:09 - 000210432 _____ C:\WINDOWS\system32\CloudIdWxhExtension.dll
2022-03-11 21:06 - 2022-03-11 21:06 - 000000000 ___HD C:\$WinREAgent
2022-03-10 21:22 - 2022-03-10 21:22 - 000000000 ____D C:\WINDOWS\Firmware
2022-03-01 23:49 - 2022-03-01 23:49 - 000194560 _____ C:\Users\42073\Downloads\Ukonceni_PL-20-21LSkomb (1).ppt
2022-03-01 23:47 - 2022-03-01 23:47 - 000196608 _____ C:\Users\42073\Downloads\Ukonceni_PL-20-21LSkomb.ppt

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-03-26 20:15 - 2020-01-14 21:31 - 000000000 ____D C:\Program Files (x86)\Google
2022-03-26 20:14 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-03-26 20:14 - 2020-01-13 21:28 - 000000000 ___RD C:\Users\42073\OneDrive
2022-03-26 13:01 - 2020-01-13 20:24 - 000000000 __SHD C:\Users\42073\IntelGraphicsProfiles
2022-03-25 23:49 - 2021-06-05 13:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-03-25 23:30 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-03-25 22:28 - 2020-01-13 21:30 - 000000000 ____D C:\Users\42073\AppData\LocalLow\Mozilla
2022-03-25 21:56 - 2021-06-05 13:10 - 000000000 ___HD C:\Program Files\WindowsApps
2022-03-25 21:47 - 2020-06-06 08:13 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-03-25 21:47 - 2020-06-06 08:13 - 000002282 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-03-24 23:25 - 2021-12-16 22:08 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-03-24 19:03 - 2020-01-13 20:24 - 000000000 ____D C:\Users\42073\AppData\Local\Packages
2022-03-24 19:03 - 2019-04-19 19:32 - 000000000 ____D C:\ProgramData\Packages
2022-03-23 21:24 - 2021-03-02 16:19 - 000000000 ____D C:\Users\42073\AppData\Local\D3DSCache
2022-03-23 21:22 - 2021-12-16 22:14 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3055917467-3469389264-874521194-1001
2022-03-23 21:22 - 2021-12-16 22:14 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3055917467-3469389264-874521194-1001
2022-03-23 21:22 - 2020-10-04 22:27 - 000002385 _____ C:\Users\42073\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-03-23 00:48 - 2022-02-10 12:16 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-03-22 18:34 - 2020-01-14 21:32 - 000002309 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-03-22 18:34 - 2020-01-14 21:32 - 000002268 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-03-22 00:20 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-03-18 12:17 - 2021-12-16 22:16 - 001714894 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-03-18 12:17 - 2021-06-05 18:20 - 000727326 _____ C:\WINDOWS\system32\perfh005.dat
2022-03-18 12:17 - 2021-06-05 18:20 - 000151236 _____ C:\WINDOWS\system32\perfc005.dat
2022-03-18 12:17 - 2021-06-05 13:09 - 000000000 ____D C:\WINDOWS\INF
2022-03-18 12:13 - 2021-12-16 22:14 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-03-18 12:13 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\ServiceState
2022-03-18 12:13 - 2021-06-05 13:01 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-03-18 12:13 - 2020-10-04 23:11 - 000012288 ___SH C:\DumpStack.log.tmp
2022-03-18 12:13 - 2020-01-13 21:30 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-03-18 12:13 - 2019-11-14 10:40 - 000000000 ___HD C:\Intel
2022-03-18 09:54 - 2021-06-05 13:01 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-03-17 23:43 - 2020-04-23 20:49 - 000000000 ____D C:\Users\42073\AppData\Roaming\vlc
2022-03-17 11:28 - 2021-12-16 22:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-03-17 11:28 - 2020-01-13 21:30 - 000001013 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-03-15 18:56 - 2019-04-19 19:26 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-03-14 22:18 - 2020-04-22 11:26 - 000002144 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2022-03-13 00:24 - 2021-12-16 22:08 - 000593160 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-03-13 00:23 - 2021-06-05 13:10 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-03-13 00:23 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-03-13 00:23 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SystemResources
2022-03-13 00:23 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-03-13 00:23 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-03-13 00:23 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-03-13 00:23 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-03-13 00:23 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-03-11 21:14 - 2020-08-25 22:37 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-03-11 21:14 - 2020-01-17 20:57 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-03-11 21:13 - 2020-01-17 20:57 - 145666720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-03-11 21:09 - 2021-12-16 22:09 - 003102208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-03-10 21:31 - 2019-11-14 10:51 - 000000000 ____D C:\Program Files\Microsoft Office
2022-03-09 20:39 - 2022-01-18 22:09 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d7f2c154c9e51b
2022-03-09 20:39 - 2021-12-16 22:14 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-03-06 17:50 - 2021-12-16 22:14 - 000003858 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2022-03-06 17:50 - 2021-12-16 22:14 - 000003416 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2022-03-06 17:50 - 2021-10-27 23:45 - 000001386 _____ C:\Users\42073\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2022-03-05 08:19 - 2021-12-16 22:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2022-03-01 00:36 - 2020-08-25 22:37 - 000504136 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2022-03-01 00:36 - 2020-08-25 22:37 - 000491848 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll

==================== Files in the root of some directories ========

2020-03-25 00:47 - 2020-03-25 00:47 - 000000045 _____ () C:\Users\42073\AppData\Roaming\WB.CFG
2021-05-23 22:34 - 2021-05-23 22:34 - 000007475 _____ () C:\Users\42073\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-03-2022
Ran by 42073 (26-03-2022 20:16:53)
Running from C:\Users\42073\Desktop
Microsoft Windows 11 Home Version 21H2 22000.556 (X64) (2021-12-16 21:14:33)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

42073 (S-1-5-21-3055917467-3469389264-874521194-1001 - Administrator - Enabled) => C:\Users\42073
Administrator (S-1-5-21-3055917467-3469389264-874521194-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3055917467-3469389264-874521194-503 - Limited - Disabled)
Guest (S-1-5-21-3055917467-3469389264-874521194-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3055917467-3469389264-874521194-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 22.001.20085 - Adobe Systems Incorporated)
ANT Drivers Installer x64 (HKLM\...\{16BA964D-698D-4663-8FA7-B9613DA7958B}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Audacity 2.4.2 (HKLM-x32\...\Audacity_is1) (Version: 2.4.2 - Audacity Team)
Booking (HKLM-x32\...\{13D4CD54-EA09-4FDB-B979-8B2BC0F020CA}_is1) (Version: 2.0.701 - Booking)
Elevated Installer (HKLM-x32\...\{877496C2-70B0-42F1-835A-FAFE2CF0199C}) (Version: 7.1.4.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{235f2ee5-7383-44df-a298-01221caa5532}) (Version: 7.1.4.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{E944FA32-8BCF-474F-BFB2-D1EF24555873}) (Version: 7.1.4.0 - Garmin Ltd or its subsidiaries) Hidden
GIMP 2.10.24 (HKLM\...\GIMP-2_is1) (Version: 2.10.24 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 99.0.4844.82 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
GoTo Opener (HKLM-x32\...\{C0F33C38-345C-4C02-B161-11389350C2A5}) (Version: 1.0.533 - LogMeIn, Inc.)
GoToMeeting 10.18.0.19932 (HKU\S-1-5-21-3055917467-3469389264-874521194-1001\...\GoToMeeting) (Version: 10.18.0.19932 - LogMeIn, Inc.)
HP Client Security Manager (HKLM\...\HPProtectTools) (Version: 9.4.1.2817 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.15.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP MAC Address Manager (HKLM-x32\...\{21FA165F-905C-4DDA-B00A-00C3A5D17BBA}) (Version: 1.1.19.1 - HP Inc.)
HP Notifications (HKLM-x32\...\{645A4621-EB2A-4943-A01D-B39C345560A8}) (Version: 1.1.19.1 - HP)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.5.10103.7263 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{4551f75f-3c54-4f09-8221-8c8a061bad00}) (Version: 10.1.18019.8144 - Intel(R) Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1915.12.0.1259 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.6952 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1915.1 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{c6de84fd-ece7-4c2a-9f06-8cabe7ab79a0}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.14931.20132 - Microsoft Corporation)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.14931.20132 - Microsoft Corporation)
Microsoft 365 - sk-sk (HKLM\...\O365HomePremRetail - sk-sk) (Version: 16.0.14931.20132 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 99.0.1150.52 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 99.0.1150.46 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Retail - cs-cz) (Version: 16.0.14931.20132 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3055917467-3469389264-874521194-1001\...\OneDriveSetup.exe) (Version: 22.045.0227.0004 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3055917467-3469389264-874521194-1001\...\Teams) (Version: 1.3.00.34662 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{4812E2CC-BAA9-49AE-B310-DA845882322B}) (Version: 4.66.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 98.0.1 (x64 cs)) (Version: 98.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 72.0.1 - Mozilla)
MPC-HC 1.7.11 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.11 - MPC-HC Team)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14931.20010 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14931.20094 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Realtek USB Audio (HKLM-x32\...\{0A46A65D-89AC-464C-8026-3CD44960BD04}) (Version: 6.3.9600.216 - Realtek Semiconductor Corp.)
SafeExamBrowser (HKLM-x32\...\{6CFE830A-37CD-4369-B7B5-DFA6D8A41138}) (Version: 2.4 - ETH Zurich)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.685 - McAfee, LLC)
Zoom (HKU\S-1-5-21-3055917467-3469389264-874521194-1001\...\ZoomUMX) (Version: 5.5.2 (12494.0204) - Zoom Video Communications, Inc.)

Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.16.62.0_x86__kgqvnymyfvs32 [2022-03-10] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.76.6.0_x64__kgqvnymyfvs32 [2022-03-17] (king.com)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-12-10] (Microsoft Corporation)
HP Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.HPAudioControl_2.27.252.0_x64__dt26b99r8h8gj [2021-09-20] (Realtek Semiconductor Corp)
HP JumpStarts -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStarts_1.10.1627.0_x64__v10z8vjag6ke6 [2022-03-07] (HP Inc.)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_1.8.0.0_x64__v10z8vjag6ke6 [2021-10-15] (HP Inc.)
HP Power Manager -> C:\Program Files\WindowsApps\AD2F1837.HPPowerManager_2.1.24.0_x64__v10z8vjag6ke6 [2021-12-24] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.0.42.0_x64__v10z8vjag6ke6 [2021-12-09] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.14.42.0_x64__v10z8vjag6ke6 [2022-03-04] (HP Inc.)
HP System Information -> C:\Program Files\WindowsApps\AD2F1837.HPSystemInformation_7.0.18.0_x64__v10z8vjag6ke6 [2020-09-18] (HP Inc.)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-02-17] (INTEL CORP)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2020-01-21] (LinkedIn)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-12-16] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-12-16] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.3171.0_x64__8wekyb3d8bbwe [2022-03-25] (Microsoft Studios) [MS Ad]
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3407.0_x64__8j3eq9eme6ctt [2022-03-07] (INTEL CORP) [Startup Task]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0 [2022-03-22] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3055917467-3469389264-874521194-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\42073\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20289.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3055917467-3469389264-874521194-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\42073\AppData\Local\GoToMeeting\17359\G2MOutlookAddin64.dll => No File
CustomCLSID: HKU\S-1-5-21-3055917467-3469389264-874521194-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\42073\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-09-09 07:13 - 2019-09-09 07:13 - 001364992 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Garmin\Express\CefSharp.Core.dll
2020-09-21 10:27 - 2020-09-21 10:27 - 000073216 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Garmin\Express\FixBootSector.dll
2017-05-08 09:35 - 2017-05-08 09:35 - 000325632 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Garmin\Express\GpsImgWrapper.dll
2019-07-27 08:57 - 2019-07-27 08:57 - 096071680 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\libcef.dll
2020-09-21 10:27 - 2020-09-21 10:27 - 001976832 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Garmin\Express\XercesLib.dll
2020-03-24 20:47 - 2020-03-24 20:47 - 001743360 ____T (bookingDesktopApp.) [File not signed] C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\bookingDesktopApppdate.dll
2019-06-19 23:20 - 2019-06-19 23:20 - 000382464 _____ (Crossmatch, Inc.) [File not signed] c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DPCPFelica.dll
2019-06-19 23:20 - 2019-06-19 23:20 - 000338432 _____ (Crossmatch, Inc.) [File not signed] c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DPDevice2.dll
2019-06-19 23:19 - 2019-06-19 23:19 - 000456192 _____ (Crossmatch, Inc.) [File not signed] c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DPDevice5.dll
2020-09-21 10:31 - 2020-09-21 10:31 - 000234496 _____ (Dynastream Innovations Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\ANT_WrappedLib.dll
2020-09-21 10:27 - 2020-09-21 10:27 - 002711552 _____ (Garmin International) [File not signed] [File is in use] C:\Program Files (x86)\Garmin\Express\legacyio.dll
2017-05-08 09:35 - 2017-05-08 09:35 - 000343552 _____ (Garmin International, Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\IMG_GPSMAP.dll
2020-09-21 10:27 - 2020-09-21 10:27 - 000425472 _____ (Garmin) [File not signed] C:\Program Files (x86)\Garmin\Express\XMLdll.dll
2020-03-20 20:02 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2020-04-21 17:13 - 2020-04-21 17:13 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2020-04-21 17:13 - 2020-04-21 17:13 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2020-09-21 10:29 - 2020-09-21 10:29 - 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\DSI_SiUSBXp_3_1.DLL
2019-07-27 08:57 - 2019-07-27 08:57 - 000762368 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Garmin\Express\chrome_elf.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-3055917467-3469389264-874521194-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2022-03-10] (McAfee, LLC -> McAfee, LLC)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2022-02-25] (HP Inc. -> HP Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2022-03-10] (McAfee, LLC -> McAfee, LLC)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2022-02-25] (HP Inc. -> HP Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-03-03] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3055917467-3469389264-874521194-1001\...\sharepoint.com -> hxxps://occamczech-myfiles.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3055917467-3469389264-874521194-1001\Control Panel\Desktop\\Wallpaper -> C:\windows\web\wallpaper\HP\HP_SNOW_3840x2160.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{92627273-9AE0-4A4C-BD33-6BF5952A1A3C}C:\users\42073\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\42073\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{05CC1836-129F-4E25-95A9-7183C1AF8F5B}C:\users\42073\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\42073\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3D3BA070-9407-4D53-96A2-BE5404A885ED}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F8677A1E-2389-4A93-89D2-23B2459BEB64}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{5F6E1454-3BA8-4F93-8220-9D245C85D93A}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{2B0CA60E-D917-4C0C-8743-A44D7F67AAFC}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{702FA744-5225-4C58-AAEA-36219602AF8E}C:\users\42073\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\42073\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{089576ED-FB31-49FC-9D51-DE08D1017B84}C:\users\42073\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\42073\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{69984B23-EB8B-4E87-AD14-E6A845AA4589}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{D0C4DAA7-B4AE-41F7-9A37-BF4EC16B1374}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{B62AEE05-EA72-44E8-8DBC-F35FF2DDBD35}] => (Allow) C:\Users\42073\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{73055CDA-8A82-48A4-BE17-4CA3E0531E99}] => (Allow) C:\Users\42073\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{743522FB-FAF8-4D31-8C3A-5F6FC181C6C7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F289BEE4-F5B1-427C-AB41-00BB8703A54C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{57801A46-C711-4ABF-BA93-32604D7B1DBB}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2FB46681-7741-4FBE-B7FE-7F854790C81C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8D29AF81-8E02-4990-9DEB-5C416DAE0214}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4E8C38F6-13CD-4309-A4E4-4B0A2F0CD5C8}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22055.502.1226.2344_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EE055A2B-1EC5-4C7E-AB2B-4145DA690F35}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22055.502.1226.2344_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{541E3F80-9650-4A6E-8FB9-609B0EC3DCD4}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\99.0.1150.46\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F0B9935C-C0BC-4FBD-AE83-3A83D4E5F17B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8069C68D-822B-4D28-977C-E7D54C43CB54}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0AB92F73-F644-44FA-8ABD-FB2A5CD906B8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{757174D1-0DBE-46DF-8952-EE8FB72BEB50}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2D755574-3D0A-460C-A275-84F2F109EF9A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{860C3B50-2F78-481B-A15C-8896113FCE34}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A1A1AFB2-70D7-4269-AE52-07D68174159B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0E398E12-CF6B-491E-8433-890B9AD8E8E1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FE3D13C6-B5FE-44DF-B262-F4D96E2024A2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E133B9AE-0C7C-4C8F-8F6C-53FF2A89A9DE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F65AA7C7-ED30-4A74-9B08-71ABE4B4EC5A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{676CB7E0-0823-44C1-B509-9FB9C4740B45}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3E0E079D-75AC-4591-92AA-3F3BF0E1F228}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

==================== Restore Points =========================

11-03-2022 21:06:06 Instalační služba modulů systému Windows
18-03-2022 09:54:13 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/24/2022 07:03:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SysInfoCap.exe, verze: 1.40.2695.0, časové razítko: 0x61e73add
Název chybujícího modulu: combase.dll, verze: 10.0.22000.527, časové razítko: 0x244b2314
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000047285
ID chybujícího procesu: 0x2db4
Čas spuštění chybující aplikace: 0x01d83ef3b29cf607
Cesta k chybující aplikaci: C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\SysInfoCap.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\combase.dll
ID zprávy: 1ff6b3ec-17cd-435d-8653-f63cd2c4ffaf
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/23/2022 09:22:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SysInfoCap.exe, verze: 1.40.2695.0, časové razítko: 0x61e73add
Název chybujícího modulu: combase.dll, verze: 10.0.22000.527, časové razítko: 0x244b2314
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000047285
ID chybujícího procesu: 0x900
Čas spuštění chybující aplikace: 0x01d83ab937d11d26
Cesta k chybující aplikaci: C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\SysInfoCap.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\combase.dll
ID zprávy: 8a95ecef-118e-4354-9325-d37af8eb7797
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/17/2022 07:40:38 AM) (Source: HP Comm Recovery) (EventID: 0) (User: )
Description: Zpracování události PowerEvent se nezdařilo. Chyba, ke které došlo: System.IO.IOException: Proces nemůže přistupovat k souboru C:\Windows\Temp\signtool.exe, protože soubor je využíván jiným procesem.
v System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
v System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost)
v System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)
v System.IO.FileStream..ctor(String path, FileMode mode)
v _HPCommRecovery.Tools.Signtool.ExtractSignTool()
v _HPCommRecovery.Tools.Signtool.Verify(String arg)
v _HPCommRecovery.HPAHAgent.CallAgent()
v _HPCommRecovery.AppSession..ctor(DateTime Current, String LogPath)
v _HPCommRecovery.HPAHLogger.NewSession()
v _HPCommRecovery.HPCommRecove....

Error: (03/14/2022 07:42:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SysInfoCap.exe, verze: 1.40.2695.0, časové razítko: 0x61e73add
Název chybujícího modulu: combase.dll, verze: 10.0.22000.527, časové razítko: 0x244b2314
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000047285
ID chybujícího procesu: 0xa4c
Čas spuštění chybující aplikace: 0x01d836ba7787b305
Cesta k chybující aplikaci: C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\SysInfoCap.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\combase.dll
ID zprávy: ab229067-f7fc-46dd-b8e7-ca7df3999e1f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/14/2022 07:41:58 PM) (Source: HP Comm Recovery) (EventID: 0) (User: )
Description: Zpracování události PowerEvent se nezdařilo. Chyba, ke které došlo: System.IO.IOException: Proces nemůže přistupovat k souboru C:\Windows\Temp\signtool.exe, protože soubor je využíván jiným procesem.
v System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
v System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost)
v System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)
v System.IO.FileStream..ctor(String path, FileMode mode)
v _HPCommRecovery.Tools.Signtool.ExtractSignTool()
v _HPCommRecovery.Tools.Signtool.Verify(String arg)
v _HPCommRecovery.HPAHAgent.CallAgent()
v _HPCommRecovery.AppSession..ctor(DateTime Current, String LogPath)
v _HPCommRecovery.HPAHLogger.NewSession()
v _HPCommRecovery.HPCommRecove....

Error: (03/13/2022 12:24:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DpHostW.exe, verze: 9.4.1.62, časové razítko: 0x5d0af1e4
Název chybujícího modulu: DPFPEngineDP.dll, verze: 9.4.1.62, časové razítko: 0x5d0af56c
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000001f98b
ID chybujícího procesu: 0x1264
Čas spuštění chybující aplikace: 0x01d836684fd2ba5d
Cesta k chybující aplikaci: c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe
Cesta k chybujícímu modulu: c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DPFPEngineDP.dll
ID zprávy: 96e2f107-13dc-4cc4-b8d8-11546bd17f54
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/12/2022 09:06:05 AM) (Source: HP Comm Recovery) (EventID: 0) (User: )
Description: Zpracování události PowerEvent se nezdařilo. Chyba, ke které došlo: System.IO.IOException: Proces nemůže přistupovat k souboru C:\Windows\Temp\signtool.exe, protože soubor je využíván jiným procesem.
v System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
v System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost)
v System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)
v System.IO.FileStream..ctor(String path, FileMode mode)
v _HPCommRecovery.Tools.Signtool.ExtractSignTool()
v _HPCommRecovery.Tools.Signtool.Verify(String arg)
v _HPCommRecovery.HPAHAgent.CallAgent()
v _HPCommRecovery.AppSession..ctor(DateTime Current, String LogPath)
v _HPCommRecovery.HPAHLogger.NewSession()
v _HPCommRecovery.HPCommRecove....

Error: (03/11/2022 05:52:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DpHostW.exe, verze: 9.4.1.62, časové razítko: 0x5d0af1e4
Název chybujícího modulu: DPFPEngineDP.dll, verze: 9.4.1.62, časové razítko: 0x5d0af56c
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000001f98b
ID chybujícího procesu: 0x145c
Čas spuštění chybující aplikace: 0x01d8356870409fb5
Cesta k chybující aplikaci: c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe
Cesta k chybujícímu modulu: c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DPFPEngineDP.dll
ID zprávy: d55bc9a6-f3ed-4609-a660-13909a51510a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (03/26/2022 08:14:41 PM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{D7B31104-122B-4D5C-8040-F89D1FB38747}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (03/26/2022 01:05:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP Analytics service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (03/26/2022 01:05:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Graphics Command Center Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/26/2022 01:05:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HP MAC Address Manager Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/26/2022 01:05:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP Hotkey UWP Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (03/26/2022 01:05:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Storage Middleware Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/26/2022 01:05:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Fortemedia APO Control Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/26/2022 01:05:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Realtek Bluetooth Device Manager Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
================
Date: 2022-03-25 21:56:58
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {013EED78-56C3-4CA8-B0ED-A96132554AEE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-03-24 23:24:50
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {4098734F-625D-4BB0-852F-5F8E9236A0D9}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-03-07 20:17:44
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {207F0415-4C93-47B5-B7EC-F1AF76AAF83B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-03-05 12:37:17
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {DD8D985E-098C-4DC1-9EF2-EE2F9D544347}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-02-23 18:47:57
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {C2091958-B4FF-4172-8552-7911CD8E1869}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]

Date: 2022-01-31 19:52:09
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.355.2814.0
Předchozí verze bezpečnostních informací: 1.355.2795.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18800.4
Předchozí verze modulu: 1.1.18800.4
Kód chyby: 0x80508007
Popis chyby: Zařízení nemá dostatek paměti. Ukončete některé programy a opakujte akci, nebo v nápovědě a podpoře vyhledejte informace, jak se vyhnout potížím s nedostatkem paměti.

Date: 2022-01-31 19:52:09
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.355.2814.0
Předchozí verze bezpečnostních informací: 1.355.2795.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18800.4
Předchozí verze modulu: 1.1.18800.4
Kód chyby: 0x80508007
Popis chyby: Zařízení nemá dostatek paměti. Ukončete některé programy a opakujte akci, nebo v nápovědě a podpoře vyhledejte informace, jak se vyhnout potížím s nedostatkem paměti.

CodeIntegrity:
===============
Date: 2022-03-18 12:24:12
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_00352e148f6a4096\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-03-18 12:23:48
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: HP R71 Ver. 01.19.00 01/13/2022
Motherboard: HP 8538
Processor: Intel(R) Core(TM) i3-8145U CPU @ 2.10GHz
Percentage of memory in use: 47%
Total physical RAM: 8063.7 MB
Available physical RAM: 4202.68 MB
Total Virtual: 18901.23 MB
Available Virtual: 15055.81 MB

==================== Drives ================================

Drive c: (Windows ) (Fixed) (Total:475.72 GB) (Free:331.14 GB) (Protected) NTFS

\\?\Volume{f9bd2a87-4834-42a8-9a82-023978eb73e1}\ () (Fixed) (Total:0.94 GB) (Free:0.08 GB) NTFS
\\?\Volume{0e0c1329-706f-4e5d-ae48-d8a74bbb5fa3}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.13 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 94C45EC3)

Partition: GPT.

==================== End of Addition.txt =======================

Re: Prosím o kontrolu LOGu, neustále se mi nastavuje Yahoo jako vyhledávač v Chrome

Napsal: 26 bře 2022 20:57
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKU\S-1-5-21-3055917467-3469389264-874521194-1001\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {F3A262E6-696D-4182-B88D-7B7B1C0E43A2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-14] (Google LLC -> Google LLC)
Task: {FA7FA1F4-ACA8-45D5-AC24-11A795E2084C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-14] (Google LLC -> Google LLC)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
CustomCLSID: HKU\S-1-5-21-3055917467-3469389264-874521194-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\42073\AppData\Local\GoToMeeting\17359\G2MOutlookAddin64.dll => No File
CustomCLSID: HKU\S-1-5-21-3055917467-3469389264-874521194-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\42073\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
FirewallRules: [{73055CDA-8A82-48A4-BE17-4CA3E0531E99}] => (Allow) C:\Users\42073\AppData\Roaming\Zoom\bin\airhost.exe => No File

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Prosím o kontrolu LOGu, neustále se mi nastavuje Yahoo jako vyhledávač v Chrome

Napsal: 26 bře 2022 22:21
od pepperbox
Provedl jsem to, ale vyskočila jen tabulka s následujícím nápisem:

Fix completed. "Fixlog.txt" is saved in the same dorectory FRST is located.

The computer needs restart. Please close all open windows. Note that you will not get any notification from the tool after restart. Clic ok to restart

Re: Prosím o kontrolu LOGu, neustále se mi nastavuje Yahoo jako vyhledávač v Chrome

Napsal: 27 bře 2022 10:21
od Rudy
Bude na ploše v souboru fixlog.txt.

Re: Prosím o kontrolu LOGu, neustále se mi nastavuje Yahoo jako vyhledávač v Chrome

Napsal: 27 bře 2022 19:11
od pepperbox
Fix result of Farbar Recovery Scan Tool (x64) Version: 25-03-2022
Ran by 42073 (26-03-2022 22:16:49) Run:2
Running from C:\Users\42073\Desktop
Loaded Profiles: 42073
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKU\S-1-5-21-3055917467-3469389264-874521194-1001\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {F3A262E6-696D-4182-B88D-7B7B1C0E43A2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-14] (Google LLC -> Google LLC)
Task: {FA7FA1F4-ACA8-45D5-AC24-11A795E2084C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-14] (Google LLC -> Google LLC)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
CustomCLSID: HKU\S-1-5-21-3055917467-3469389264-874521194-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\42073\AppData\Local\GoToMeeting\17359\G2MOutlookAddin64.dll => No File
CustomCLSID: HKU\S-1-5-21-3055917467-3469389264-874521194-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\42073\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
FirewallRules: [{73055CDA-8A82-48A4-BE17-4CA3E0531E99}] => (Allow) C:\Users\42073\AppData\Roaming\Zoom\bin\airhost.exe => No File

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{C885AA15-1764-4293-B82A-0586ADD46B35} => not found
HKLM\SOFTWARE\Policies\Google => not found
HKU\S-1-5-21-3055917467-3469389264-874521194-1001\SOFTWARE\Policies\Google => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3A262E6-696D-4182-B88D-7B7B1C0E43A2}" => not found
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FA7FA1F4-ACA8-45D5-AC24-11A795E2084C}" => not found
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => not found
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => not found
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => not found
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => not found
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => not found
HKU\S-1-5-21-3055917467-3469389264-874521194-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309} => not found
HKU\S-1-5-21-3055917467-3469389264-874521194-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92} => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{73055CDA-8A82-48A4-BE17-4CA3E0531E99}" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9452472 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 160442 B
Edge => 0 B
Chrome => 20179245 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
42073 => 367263 B

RecycleBin => 0 B
EmptyTemp: => 28.8 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 22:17:01 ====

Re: Prosím o kontrolu LOGu, neustále se mi nastavuje Yahoo jako vyhledávač v Chrome

Napsal: 27 bře 2022 19:52
od Rudy
OK. Nastala nějaká změna?

Re: Prosím o kontrolu LOGu, neustále se mi nastavuje Yahoo jako vyhledávač v Chrome

Napsal: 27 bře 2022 21:36
od pepperbox
Uvidíme...zatím moc díky, budu to sledovat.

Děkuju!

Re: Prosím o kontrolu LOGu, neustále se mi nastavuje Yahoo jako vyhledávač v Chrome

Napsal: 28 bře 2022 09:12
od Rudy
Rádo se stalo! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz