VIRY.CZ

Dobrý den,
prosím o kontrolu logu.
Děkuji

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-10-2022
Ran by pelka (administrator) on DESKTOP-108HT1O (LENOVO 20EV000WMC) (25-10-2022 20:46:37)
Running from C:\Users\pelka\Downloads
Loaded Profiles: pelka & kavokerr_nci_user
Platform: Microsoft Windows 10 Home Version 21H2 19044.2130 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(ALPS ALPINE CO., LTD. -> ALPSALPINE CO., LTD.) C:\Program Files\Apoint2K\ApntEx.exe
(atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Luis Cobian, CobianSoft) [File not signed] C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe ->) (International Business Machines Corporation -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
(C:\Program Files\Apoint2K\Apoint.exe ->) (ALPS ELECTRIC CO., LTD. -> ALPSALPINE CO., LTD.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(C:\Program Files\Apoint2K\HidMonitorSvc.exe ->) (ALPS ELECTRIC CO., LTD. -> ALPSALPINE CO., LTD.) C:\Program Files\Apoint2K\Apoint.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(DriverStore\FileRepository\fn.inf_amd64_700aca387f1cbd51\driver\tphkload.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FN11CD~1.INF\driver\shtctky.exe
(DriverStore\FileRepository\fn.inf_amd64_700aca387f1cbd51\driver\tphkload.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FN11CD~1.INF\driver\tpnumlkd.exe
(DriverStore\FileRepository\fn.inf_amd64_700aca387f1cbd51\driver\tphkload.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FN11CD~1.INF\driver\tposd.exe
(DriverStore\FileRepository\igdlh64.inf_amd64_555cfc07a674ecdd\igfxCUIService.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_555cfc07a674ecdd\igfxEM.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\NetTime\NetTimeService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (ALPS ELECTRIC CO., LTD. -> ALPSALPINE CO., LTD.) C:\Program Files\Apoint2K\HidMonitorSvc.exe
(services.exe ->) (CANON INC. -> CANON INC.) C:\Program Files\Canon\DIAS\CnxDIAS.exe
(services.exe ->) (CobianSoft, Luis Cobian) [File not signed] C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\SAII\CxUtilSvc.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_555cfc07a674ecdd\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_555cfc07a674ecdd\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_555cfc07a674ecdd\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Software Development Products -> Intel(R) Corporation) C:\Program Files (x86)\Common Files\Intel\RSDCM\bin\win32\RealSenseDCM.exe
(services.exe ->) (International Business Machines Corporation -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(services.exe ->) (KaVo Kerr.) [File not signed] C:\Program Files (x86)\KaVo Kerr Group\Discovery Service\mDNSResponder.exe
(services.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_700aca387f1cbd51\driver\tphkload.exe
(services.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\SysWOW64\EasyResume.exe
(services.exe ->) (Lenovo -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(services.exe ->) (Luis Cobian, CobianSoft) [File not signed] C:\Program Files (x86)\Cobian Backup 11\cbService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\NisSrv.exe
(services.exe ->) (PaloDEx Group Oy -> PaloDEx Group Oy) C:\Program Files (x86)\PaloDEx Group\IAM\broker_proxy.exe
(services.exe ->) (PaloDEx Group Oy -> PaloDEx Group Oy) C:\Program Files (x86)\PaloDEx Group\IAM\gxs-700_service.exe
(services.exe ->) (PaloDEx Group Oy -> PaloDEx Group Oy) C:\Program Files (x86)\PaloDEx Group\IAM\kkg_snapshot_usb.exe
(services.exe ->) (PaloDEx Group Oy -> Palodex Group Oy) C:\Program Files (x86)\PaloDEx Group\IAM\mDNSDiscovery.exe
(services.exe ->) (PaloDEx Group Oy -> PaloDEx Group Oy) C:\Program Files (x86)\PaloDEx Group\IAM\nci_broker.exe
(services.exe ->) (SafeNet, Inc. -> SafeNet Inc.) C:\Windows\System32\hasplms.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22082.119.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(svchost.exe ->) (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [Cobian Backup 11 interface] => C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe [4407808 2013-03-07] (Luis Cobian, CobianSoft) [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [ICAMaintenance_ICAPKIService_RegKeysRefresh] => C:\Program Files (x86)\I.CA\I.CA Maintenance\ICAMaintenance.exe [272120 2016-10-07] (Prvni certifikacni autorita, a.s. -> I.CA, a.s.)
HKU\S-1-5-21-1290061171-993259588-100462224-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38789456 2022-10-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-1290061171-993259588-100462224-1001\...\Run: [MicrosoftEdgeAutoLaunch_D5F753659FA4E6B0EEC105C9D1DB57E1] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3852232 2022-10-20] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\CnXP0PP: C:\Windows\System32\spool\prtprocs\x64\CnXP0PP.DLL [667136 2021-07-16] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\CPCA Language Monitor3b: C:\WINDOWS\system32\CNAS0MOK.DLL [968192 2011-04-11] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\CPCA Language Monitor4: C:\WINDOWS\system32\CNAS0MPK.DLL [1804288 2021-07-01] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0213914A-2B54-4B6D-99C6-796756F5CAFF} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation)
Task: {1D3BFC83-407A-48EB-8216-FE4420E45192} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [3047944 2020-10-12] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
Task: {2029F65C-CEB5-45CA-8E5D-AAEF5D07EAF4} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe /CM -search R -action INSTALL -includerebootpackages 1,3,4 -noicon -noreboot -nolicense -defaultupdate -schtask (No File)
Task: {451D1097-6168-47A0-9931-418A805DE963} - System32\Tasks\G2MUploadTask-S-1-5-21-1290061171-993259588-100462224-1001 => C:\Users\pelka\AppData\Local\GoToMeeting\19950\g2mupload.exe [33456 2022-05-08] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {45DC666C-433A-46C1-943E-220D2097487C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {524813D4-D3C6-4BD3-AD3E-A5A5A8FD798B} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\PowerMgrInst.exe [64984 2022-05-17] (Lenovo -> )
Task: {590E5A7A-225E-44B2-9C3E-20617F6F435A} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe (No File)
Task: {6AAF4B87-CC06-42BC-8E16-9BF8FDCB9383} - System32\Tasks\G2MUpdateTask-S-1-5-21-1290061171-993259588-100462224-1001 => C:\Users\pelka\AppData\Local\GoToMeeting\19950\g2mupdate.exe [33456 2022-05-08] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {7121ABE5-A49C-404F-8784-C0E9CF404577} - System32\Tasks\Lenovo Power Management Driver PnP Task => C:\WINDOWS\System32\ibmpmsvc.exe [851800 2018-12-26] (Lenovo -> Lenovo.)
Task: {7C539EEF-CF31-412F-A7CC-5123F8F85BB2} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1290061171-993259588-100462224-1001 => C:\Users\pelka\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe (No File)
Task: {83FD8E99-1D1B-4EF2-B163-9EEE32D350F5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {9204E127-A7EA-4072-BAE6-86E58A35B78A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-10-20] (Piriform Software Ltd -> Piriform)
Task: {92AD72C5-6F9F-445B-89C3-C971D6AFA514} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4669264 2022-10-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "c7092092-df92-4096-8e20-b25f36037c94" --version "6.05.10110" --silent
Task: {A7728A18-9B1C-41A9-9A29-782CFBED99B4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A883793F-B961-4694-9E37-E16795CEDB91} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AFB917AE-E0CF-4E32-B660-8EEABAFEE763} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B83B268D-5E6D-4748-B180-0C57EED30BFB} - System32\Tasks\CCleanerSkipUAC - pelka => C:\Program Files\CCleaner\CCleaner.exe [32472400 2022-10-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {D958B8F7-9163-433E-AED8-D52C354F88F6} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe PendingTask (No File)
Task: {E08F4E79-CC11-4582-B670-90A5E8B45604} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-12-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {E8732E7A-A4AE-476F-81C1-448B94B04B4C} - System32\Tasks\Microsoft\Windows\Conexant\AFA => C:\Program Files\CONEXANT\cAudioFilterAgent\SACpl.exe [1823232 2016-07-05] (Conexant Systems, Inc.) [File not signed]

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1290061171-993259588-100462224-1001.job => C:\Users\pelka\AppData\Local\GoToMeeting\19950\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1290061171-993259588-100462224-1001.job => C:\Users\pelka\AppData\Local\GoToMeeting\19950\g2mupload.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 127.0.0.1 ereceptsigner.cz
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{b7f02681-9e1a-485d-bbbe-bcdc582516fb}: [DhcpNameServer] 192.168.0.1

Edge:
=======
DownloadDir: C:\Users\pelka\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-1290061171-993259588-100462224-1001 -> about:start
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\pelka\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-25]
Edge DownloadDir: Default -> C:\Users\pelka\Downloads
Edge Notifications: Default -> hxxps://www.edarling.cz; hxxps://www.eximtours.cz; hxxps://www.facebook.com; hxxps://www.urbanstore.cz
Edge HomePage: Default -> edge://newtab/
Edge Extension: (Elektronický podpis ČSOB) - C:\Users\pelka\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gloanjaooihceakkecephipccmhbnead [2022-10-03]
Edge Extension: (FormApps Extension) - C:\Users\pelka\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2022-10-13]
Edge Extension: (Komponenta I.CA PKI Service) - C:\Users\pelka\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kchhpancoebhkdgdafnifpkcacaopncp [2022-08-28]
Edge Profile: C:\Users\pelka\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2022-10-24]

FireFox:
========
FF Plugin-x32: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2020-01-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2020-01-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-10-16] (Adobe Inc. -> Adobe Systems Inc.)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
R2 ApHidMonitorService; C:\Program Files\Apoint2K\HidMonitorSvc.exe [207376 2020-03-29] (ALPS ELECTRIC CO., LTD. -> ALPSALPINE CO., LTD.)
R2 Canon Driver Information Assist Service; C:\Program Files\Canon\DIAS\CnxDIAS.exe [4495224 2021-07-12] (CANON INC. -> CANON INC.)
R2 cbVSCService11; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584 2013-03-07] (CobianSoft, Luis Cobian) [File not signed]
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1185616 2022-10-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 CobianBackup11; C:\Program Files (x86)\Cobian Backup 11\cbService.exe [1131008 2013-03-07] (Luis Cobian, CobianSoft) [File not signed]
S3 DfWSrv; C:\Program Files (x86)\Soredex\DfW 2.8\DfWSrv.exe [61440 2012-12-14] () [File not signed]
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2020-06-02] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
R2 hasplms; C:\WINDOWS\system32\hasplms.exe [4665168 2015-09-24] (SafeNet, Inc. -> SafeNet Inc.)
S3 I.CA Maintenance Service; C:\Program Files (x86)\I.CA\I.CA Maintenance\ICAMaintenance.exe [272120 2016-10-07] (Prvni certifikacni autorita, a.s. -> I.CA, a.s.)
S3 I.CA Maintenance Service2; C:\Program Files (x86)\I.CA\I.CA Maintenance2\ICAMaintenance.exe [299336 2021-02-08] (Prvni certifikacni autorita, a.s. -> I.CA, a.s.)
R2 kkgbrokerproxy; C:\Program Files (x86)\PaloDEx Group\IAM\broker_proxy.exe [10409792 2018-03-02] (PaloDEx Group Oy -> PaloDEx Group Oy)
R2 kkgdevicebroker; C:\Program Files (x86)\PaloDEx Group\IAM\nci_broker.exe [2851640 2018-03-05] (PaloDEx Group Oy -> PaloDEx Group Oy)
R2 kkgdiscovery; C:\Program Files (x86)\KaVo Kerr Group\Discovery Service\mDNSResponder.exe [487424 2017-06-29] (KaVo Kerr.) [File not signed]
R2 kkggxs700service; C:\Program Files (x86)\PaloDEx Group\IAM\gxs-700_service.exe [4070720 2018-03-15] (PaloDEx Group Oy -> PaloDEx Group Oy)
R2 kkgmdnsdiscovery; C:\Program Files (x86)\PaloDEx Group\IAM\mDNSDiscovery.exe [4939072 2018-02-07] (PaloDEx Group Oy -> Palodex Group Oy)
R2 kkgsnapshotservice; C:\Program Files (x86)\Palodex Group\IAM\kkg_snapshot_usb.exe [233272 2020-05-22] (PaloDEx Group Oy -> PaloDEx Group Oy)
R2 Lenovo Instant On; C:\WINDOWS\SysWOW64\EasyResume.exe [2352368 2022-05-17] (Lenovo -> Lenovo Group Limited)
S2 LPlatSvc; C:\WINDOWS\System32\LPlatSvc.exe [892760 2018-12-26] (Lenovo -> Lenovo.)
R2 NetTimeSvc; C:\Program Files (x86)\NetTime\NetTimeService.exe [473088 2012-05-12] () [File not signed]
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [3016432 2022-08-24] (International Business Machines Corporation -> IBM Corp.)
R2 RealSenseDCM; C:\Program Files (x86)\Common Files\Intel\RSDCM\bin\win32\RealSenseDCM.exe [3663512 2015-10-15] (Intel(R) Software Development Products -> Intel(R) Corporation)
R2 TPHKLOAD; C:\WINDOWS\System32\DriverStore\FileRepository\fn.inf_amd64_700aca387f1cbd51\driver\TPHKLOAD.exe [465200 2020-12-28] (Lenovo -> Lenovo Group Limited)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\NisSrv.exe [3170576 2022-10-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe [133584 2022-10-16] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 GemCCID; C:\WINDOWS\System32\drivers\GemCCID.sys [137712 2016-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Gemalto)
R2 hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [350552 2015-09-24] (SafeNet, Inc. -> SafeNet Inc.)
R3 IXCamera; C:\WINDOWS\system32\DRIVERS\RealSenseDCM.sys [72704 2015-10-15] (Intel(R) Software Development Products -> Intel(R) Corporation)
R3 MpKsl81fea207; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{580BCA06-7231-46E8-BA42-5662CFB94259}\MpKslDrv.sys [228632 2022-10-25] (Microsoft Windows -> Microsoft Corporation)
S3 PcaSp50a64; C:\WINDOWS\System32\Drivers\PcaSp50a64.sys [41280 2019-04-03] (PRINTING COMMUNICATIONS ASSOC., INC. -> Printing Communications Assoc., Inc. (PCAUSA))
R0 PMDRVS; C:\WINDOWS\System32\drivers\pmdrvs.sys [44160 2018-12-26] (Lenovo -> Lenovo.)
R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [454032 2022-08-24] (International Business Machines Corporation -> IBM Corp.)
R1 RapportCerberus_2204255; c:\programdata\trusteer\rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_2204255.sys [1491664 2022-09-13] (International Business Machines Corporation -> IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [552272 2022-08-24] (International Business Machines Corporation -> IBM Corp.)
R0 RapportHades64; C:\WINDOWS\System32\Drivers\RapportHades64.sys [402840 2022-08-24] (International Business Machines Corporation -> IBM Corp.)
R0 RapportKE64; C:\WINDOWS\System32\Drivers\RapportKE64.sys [453528 2022-08-24] (International Business Machines Corporation -> IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [574544 2022-08-24] (International Business Machines Corporation -> IBM Corp.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2022-10-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [455968 2022-10-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-10-16] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-10-25 20:28 - 2022-10-25 20:28 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-10-25 20:28 - 2022-10-25 20:28 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-10-25 19:20 - 2022-10-25 19:20 - 000000000 ___HD C:\$WinREAgent
2022-10-25 18:57 - 2022-10-25 18:59 - 000048711 _____ C:\Users\pelka\Downloads\Addition.txt
2022-10-25 18:53 - 2022-10-25 20:47 - 000023853 _____ C:\Users\pelka\Downloads\FRST.txt
2022-10-25 18:53 - 2022-10-25 20:47 - 000000000 ____D C:\FRST
2022-10-25 18:52 - 2022-10-25 18:53 - 002373632 _____ (Farbar) C:\Users\pelka\Downloads\FRST64.exe
2022-10-25 16:14 - 2022-10-25 16:14 - 008791352 _____ (Malwarebytes) C:\Users\pelka\Downloads\adwcleaner (1).exe
2022-10-23 18:46 - 2022-10-23 18:46 - 000011096 _____ C:\Users\pelka\Documents\Soud odpoved Slezska23102022.odt
2022-10-13 15:32 - 2022-10-24 14:34 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2022-10-13 15:32 - 2022-10-24 14:34 - 000002124 _____ C:\Users\Public\Desktop\Acrobat Reader.lnk
2022-10-06 12:38 - 2022-10-06 12:38 - 000000000 ____D C:\ProgramData\Piriform
2022-10-06 07:34 - 2022-10-06 07:34 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-10-06 07:34 - 2022-10-06 07:34 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-10-06 07:34 - 2022-10-06 07:34 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-10-06 07:34 - 2022-10-06 07:34 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-10-06 07:34 - 2022-10-06 07:34 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-09-25 18:35 - 2022-09-26 20:24 - 000018705 _____ C:\Users\pelka\Downloads\Slezská rozpočty 2.odt
2022-09-25 18:11 - 2022-09-25 18:11 - 000717925 _____ C:\Users\pelka\Downloads\Prehled o prijmech a vydajich OSVC za rok 2021.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-10-25 20:48 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-10-25 20:40 - 2021-04-26 10:09 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-10-25 20:40 - 2019-12-07 16:41 - 000717850 _____ C:\WINDOWS\system32\perfh005.dat
2022-10-25 20:40 - 2019-12-07 16:41 - 000144992 _____ C:\WINDOWS\system32\perfc005.dat
2022-10-25 20:40 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-10-25 20:36 - 2019-03-27 18:08 - 000000000 ____D C:\Dositech
2022-10-25 20:35 - 2022-09-20 19:37 - 000003416 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2022-10-25 20:35 - 2022-09-20 19:37 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2022-10-25 20:35 - 2019-09-29 10:35 - 000000000 ____D C:\Program Files\CCleaner
2022-10-25 20:34 - 2019-03-26 20:07 - 000000000 __SHD C:\Users\pelka\IntelGraphicsProfiles
2022-10-25 20:33 - 2021-04-26 10:08 - 000003700 _____ C:\WINDOWS\system32\Tasks\Lenovo Power Management Driver PnP Task
2022-10-25 20:33 - 2021-04-26 10:08 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-10-25 20:33 - 2021-04-26 09:59 - 000289840 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-10-25 20:33 - 2021-04-26 09:59 - 000008192 ___SH C:\DumpStack.log.tmp
2022-10-25 20:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-10-25 20:33 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-10-25 20:33 - 2019-03-26 19:50 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2022-10-25 20:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-10-25 20:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-10-25 20:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2022-10-25 20:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-10-25 20:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-10-25 20:31 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-10-25 20:29 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-10-25 20:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-10-25 20:29 - 2019-03-26 19:48 - 000000000 ____D C:\Users\pelka\AppData\Local\Packages
2022-10-25 20:28 - 2021-04-26 10:01 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-10-25 20:15 - 2019-12-07 11:14 - 000000000 __RSD C:\WINDOWS\Media
2022-10-25 20:15 - 2019-03-26 22:21 - 000000000 ____D C:\Program Files\Canon
2022-10-25 19:23 - 2021-12-16 18:40 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1290061171-993259588-100462224-1001
2022-10-25 19:23 - 2021-04-26 10:08 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1290061171-993259588-100462224-1001
2022-10-25 19:23 - 2021-04-26 10:03 - 000002377 _____ C:\Users\pelka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-10-25 19:21 - 2020-08-03 18:07 - 000000000 ____D C:\Users\pelka\Desktop\Soud Janda
2022-10-25 19:18 - 2021-04-26 10:03 - 000000000 ____D C:\Users\kavokerr_nci_user
2022-10-25 18:56 - 2019-03-26 20:35 - 147398024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-10-25 18:56 - 2019-03-26 20:35 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-10-25 16:15 - 2019-12-30 10:55 - 000000000 ____D C:\WINDOWS\system32\Lenovo
2022-10-25 16:15 - 2019-03-26 20:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Lenovo
2022-10-25 15:32 - 2021-04-26 10:08 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-10-25 15:30 - 2021-04-26 09:59 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-10-25 14:07 - 2020-05-22 19:02 - 000000000 ____D C:\ProgramData\PaloDEx Group
2022-10-24 20:36 - 2021-04-26 10:03 - 000000000 ____D C:\Users\pelka
2022-10-23 18:09 - 2020-06-09 07:32 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-10-23 18:09 - 2020-06-09 07:32 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-10-17 18:51 - 2019-07-13 14:39 - 000000000 ____D C:\Users\pelka\Documents\Ordinace
2022-10-16 19:04 - 2019-03-26 18:36 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-10-16 18:53 - 2021-04-26 10:08 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-10-16 18:53 - 2021-04-26 10:08 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-10-13 15:33 - 2021-04-26 10:08 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-10-13 15:30 - 2019-03-26 19:48 - 000000000 ____D C:\Users\pelka\AppData\Roaming\Adobe
2022-10-06 07:39 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-10-06 07:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-10-06 07:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-10-06 07:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-10-06 07:37 - 2019-12-07 11:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2022-10-06 07:37 - 2019-12-07 11:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll

==================== Files in the root of some directories ========

2019-03-30 03:47 - 2022-01-28 16:13 - 000000600 _____ () C:\Users\pelka\AppData\Roaming\winscp.rnd

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-10-2022
Ran by pelka (25-10-2022 20:51:21)
Running from C:\Users\pelka\Downloads
Microsoft Windows 10 Home Version 21H2 19044.2130 (X64) (2021-04-26 08:08:26)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1290061171-993259588-100462224-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1290061171-993259588-100462224-503 - Limited - Disabled)
Guest (S-1-5-21-1290061171-993259588-100462224-501 - Limited - Disabled)
kavokerr_nci_user (S-1-5-21-1290061171-993259588-100462224-1002 - Limited - Enabled) => C:\Users\kavokerr_nci_user
pelka (S-1-5-21-1290061171-993259588-100462224-1001 - Administrator - Enabled) => C:\Users\pelka
WDAGUtilityAccount (S-1-5-21-1290061171-993259588-100462224-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ACS Unified PC/SC Driver 4.3.1.0 (HKLM\...\{70105406-1CAF-4162-8A0B-C47361317A78}) (Version: 4.3.1.0 - Advanced Card Systems Ltd.)
Adobe Acrobat Reader - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 22.003.20263 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.)
Balíček ovladače systému Windows - Advanced Card Systems Ltd. Unified PC/SC Driver (01/08/2019 4.3.1.0) (HKLM\...\F0BF7B36B8B2F7E24302D9C217904BB74C70A5BE) (Version: 01/08/2019 4.3.1.0 - Advanced Card Systems Ltd.)
Balíček ovladače systému Windows - ICASecureStore Minidriver SmartCard (05/29/2021 3.0.0.0) (HKLM\...\3E0B23DD1DE869F3B876AC4D03BB9FF5BC3887A5) (Version: 05/29/2021 3.0.0.0 - ICASecureStore Minidriver)
CCleaner (HKLM\...\CCleaner) (Version: 6.05 - Piriform)
Cobian Backup 11 Gravity (HKLM-x32\...\CobBackup11) (Version: - )
Conexant SmartAudio (HKLM\...\SAII) (Version: 6.0.277.0 - Conexant Systems)
DfW Database (HKLM-x32\...\{BB09E5F6-8DF4-4BE4-882D-570A6C295640}) (Version: 1.00.0001 - Soredex)
DfW Single User (HKLM-x32\...\{41CA1634-EC61-4C83-945F-4D98F0144A58}) (Version: 2.8.112.480 - Soredex) Hidden
DfW Single User (HKLM-x32\...\InstallShield_{41CA1634-EC61-4C83-945F-4D98F0144A58}) (Version: 2.8.112.480 - Soredex)
DfW Software (HKLM-x32\...\{DD9FA672-B7B7-4EAF-84E0-52905DBC85D9}) (Version: 2.8.112.480 - Soredex)
Dolby Audio X2 Windows API SDK (HKLM\...\{FA0735B6-9E18-437A-A1CD-9152650FC52B}) (Version: 0.8.8.90 - Dolby Laboratories, Inc.) Hidden
Dolby Audio X2 Windows APP (HKLM\...\{9806D15D-FCE9-4F5E-9934-97DD7B546195}) (Version: 0.8.5.74 - Dolby Laboratories, Inc.)
eData Signer (HKLM\...\{59527DE1-765A-4CD1-A758-F7CCAAB54E16}) (Version: 2.4.0 - Solitea Business Solutions s.r.o.)
ePodpisFS-x86 (HKLM-x32\...\{A3B9DFF0-4BC3-4578-9BB8-AAA16B26E65F}_is1) (Version: 10.0.0.0 - )
FormApps Signing Extension (HKLM-x32\...\{2ADAFEB7-56C5-497F-8960-67DA46A81838}) (Version: 2.27.0.46 - Software602 a.s.)
GemPcCCID (HKLM\...\{39417D48-AC92-47A7-9F53-3CA2049231B0}) (Version: 2.0.7 - Gemalto)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
GoTo Opener (HKLM-x32\...\{C0F33C38-345C-4C02-B161-11389350C2A5}) (Version: 1.0.533 - LogMeIn, Inc.)
GoToMeeting 10.19.0.19950 (HKU\S-1-5-21-1290061171-993259588-100462224-1001\...\GoToMeeting) (Version: 10.19.0.19950 - LogMeIn, Inc.)
I.CA Diagnostic (HKLM-x32\...\{3B3DA42B-7740-41A2-945B-505000D11434}) (Version: 1.3.3.0 - První certifikační autorita, a.s.) Hidden
I.CA Diagnostic (HKLM-x32\...\I.CA Diagnostic 1.3.3.0) (Version: 1.3.3.0 - První certifikační autorita, a.s.)
I.CA Maintenance (HKLM-x32\...\{29BC7C1E-3AEC-47AB-B820-FC16D759F1B3}) (Version: 1.3.0.0 - První certifikační autorita, a.s.) Hidden
I.CA Maintenance (HKLM-x32\...\I.CA Maintenance 1.3.0.0) (Version: 1.3.0.0 - První certifikační autorita, a.s.)
I.CA Maintenance2 (HKLM-x32\...\{81948A32-5091-42DF-A340-F9730335EBF2}) (Version: 2.0.1032.0 - První certifikační autorita, a.s.) Hidden
I.CA Maintenance2 (HKLM-x32\...\I.CA Maintenance2 2.0.1032.0) (Version: 2.0.1032.0 - První certifikační autorita, a.s.)
I.CA PKIServiceHost (HKLM\...\{DE1B351A-70D5-48E2-AA23-8FED45881890}) (Version: 2.2.3.0 - První certifikační autorita, a.s.) Hidden
I.CA PKIServiceHost (HKLM-x32\...\I.CA PKIServiceHost 2.2.3.0) (Version: 2.2.3.0 - První certifikační autorita, a.s.)
I.CA SecureStore (HKLM\...\{D216821D-1CB5-4445-8C7D-2B8E448ED4CA}) (Version: 6.14.0 - První certifikační autorita, a.s.)
IAM (HKLM-x32\...\{B8599626-6FB1-475C-8167-256C8437797C}) (Version: 5.18.17015 - Palodex Group)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1824.12.0.1140 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{499644D1-7870-428A-A88C-5169A0250434}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{9A7D34F8-31C7-4FFF-84E3-EF6EE85662B3}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{9FB3958C-E93E-47CA-A353-76024E5E3E4A}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{1D3CFE77-83A3-4B7C-B051-BFEA608DD477}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 25.20.100.6472 - Intel Corporation)
Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.49.213.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.49.213.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{3b132227-4567-48a1-9f85-0d0dad4346ee}) (Version: 1.49.213.1 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager Beta (x64): dptf_com (HKLM\...\{BAC4A770-7331-11E5-9AF6-2C44FD873B55}) (Version: 2.2.0.52404 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager Beta (x86): dptf_com (HKLM-x32\...\{C982EA5E-7331-11E5-ABE7-2C44FD873B55}) (Version: 2.2.0.52404 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager F200 Gold (x64): Intel® RealSense™ 3D camera ACPI driver (HKLM\...\{12507551-7332-11E5-B4D5-2C44FD873B55}) (Version: 1.4.27.52404 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager F200 Gold (x64): Intel® RealSense™ 3D camera IO module (HKLM\...\{1255574F-7332-11E5-99B3-2C44FD873B55}) (Version: 1.4.27.52404 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager F200 Gold (x64): Intel® RealSense™ 3D camera Source Provider (HKLM\...\{15E1B25E-7332-11E5-A642-2C44FD873B55}) (Version: 1.4.27.52404 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager F200 Gold (x64): Intel® RealSense™ 3D camera virtual driver (HKLM\...\{16B3814F-7332-11E5-9DFE-2C44FD873B55}) (Version: 1.4.27.52404 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager F200 Gold (x64): Intel® RealSense™ Depth Camera Manager Service (HKLM\...\{12507551-7332-11E5-81B7-2C44FD873B55}) (Version: 1.4.27.52404 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager F200 Gold (x86): Intel® RealSense™ 3D camera IO module (HKLM-x32\...\{6C1D3280-7332-11E5-AD4E-2C44FD873B55}) (Version: 1.4.27.52404 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager F200 Gold (x86): Intel® RealSense™ Depth Camera Manager Service (HKLM-x32\...\{6C1D3280-7332-11E5-B485-2C44FD873B55}) (Version: 1.4.27.52404 - Intel Corporation) Hidden
Java 8 Update 231 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180231F0}) (Version: 8.0.2310.11 - Oracle Corporation)
Java(TM) SE Development Kit 12.0.1 (64-bit) (HKLM\...\{0D60E96D-0B74-55A5-ACA5-0F6786FDF256}) (Version: 12.0.1.0 - Oracle Corporation)
KaVo Kerr Group Discovery Service (HKLM-x32\...\{18C72787-3C90-40D1-8F98-C983772934F8}) (Version: 1.0.16 - KaVo Kerr Group)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{E496AFB7-CB04-46CF-8FBB-5D665BC8811B}) (Version: 3.3.2110.22002 - Microsoft Corporation)
Lenovo Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.82.00.20 - Lenovo)
Lenovo Diagnostics Tool (HKLM\...\{01ADF966-E3BA-40DC-9037-E90BBA9ED50E}) (Version: 4.33.0 - Lenovo)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 106.0.1370.52 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 106.0.1370.52 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1290061171-993259588-100462224-1001\...\OneDriveSetup.exe) (Version: 22.207.1002.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{8204354C-A854-4D09-BFA2-E393587D4ACF}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{A249A060-47A3-4C49-BC13-D7E1662128D8}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24212 (HKLM\...\{F20396E5-D84E-3505-A7A8-7358F0155F6C}) (Version: 14.0.24212 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24212 (HKLM\...\{FAAD7243-0141-3987-AA2F-E56B20F80E41}) (Version: 14.0.24212 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24212 (HKLM-x32\...\{844ECB74-9B63-3D5C-958C-30BD23F19EE4}) (Version: 14.0.24212 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24212 (HKLM-x32\...\{37B55901-995A-3650-80B1-BBFD047E2911}) (Version: 14.0.24212 - Microsoft Corporation) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Mzdy Profesionál Ainex (HKLM-x32\...\Mzdy Profesionál Ainex_is1) (Version: - )
NetTime (HKLM-x32\...\NetTime_is1) (Version: - Mark Griffiths)
Odinstalační program ovladače tiskárny Canon Generic Plus PCL6 (HKLM\...\Canon Generic Plus PCL6) (Version: 7, 6, 0, 0 - Canon Inc.)
Ochrana koncového bodu Trusteer (HKLM-x32\...\Rapport_msi) (Version: 3.5.2204.140 - Trusteer)
OpenOffice 4.1.6 (HKLM-x32\...\{8DADDDBF-EB36-4D00-9291-8C281F1755A6}) (Version: 4.16.9790 - Apache Software Foundation)
Palodex Group PCI/PCIe Driver (64-bit) (HKLM-x32\...\{4E56333A-D018-403B-B009-212F15D4143A}) (Version: 1.0.16345 - Palodex Group) Hidden
Palodex Group PCI/PCIe Driver (64-bit) (HKLM-x32\...\InstallShield_{4E56333A-D018-403B-B009-212F15D4143A}) (Version: 1.0.16345 - Palodex Group)
Palodex Group PCI/PCIe Driver (HKLM-x32\...\{40562C16-0664-4249-A6A8-5C95C7A45CA1}) (Version: 1.0.16345 - Palodex Group)
Rapport (HKLM-x32\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.2204.140 - Trusteer) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.21290 - Realtek Semiconductor Corp.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 6.2.1.260 - Samsung Electronics)
Snapshot (HKLM-x32\...\{1068FCCB-48AE-49EE-843D-53D21BCE0252}) (Version: 1.0.0.81 - PaloDEx Group Oy)
Snapshot usb driver (HKLM-x32\...\{715D9A6D-F43A-4015-801E-E13077EF0A16}) (Version: 1.0.0.81 - PaloDEx Group Oy)
SOREDEX TWAIN 4 (HKLM-x32\...\{1C6D9750-2DB1-418F-8A46-D48042F1D7F8}) (Version: 4.6.1061 - SOREDEX) Hidden
SOREDEX TWAIN 4 (HKLM-x32\...\InstallShield_{1C6D9750-2DB1-418F-8A46-D48042F1D7F8}) (Version: 4.6.1061 - SOREDEX)
SOREDEX® TWAIN FLEXnetActivationService (HKLM-x32\...\{996E558D-8BDF-4C07-9A9C-ECDD1A80A0E1}) (Version: 1.00.8127 - Flexera Software, Inc.) Hidden
Správce hloubkové kamery Intel® RealSense™ F200 (HKLM-x32\...\ARP_for_prd_dcm_runtime_1.4.27.52404) (Version: 1.4.27.52404 - Intel Corporation)
TWAIN Subcomponents (HKLM-x32\...\{60A71B87-8556-4BCD-B713-48B19024AFE6}) (Version: 4.6.1061 - SOREDEX) Hidden
Účetní software Profesionál (HKLM-x32\...\Účetní software Profesionál_is1) (Version: - ing. Pavel Macek)
Windows Driver Package - Kavo Kerr Group (DdxDrvE) KaVoImagingDevices (11/09/2017 3.8.0.8655) (HKLM\...\6253FAC46713D20C0FC3E3A65C4883B9016180B5) (Version: 11/09/2017 3.8.0.8655 - Kavo Kerr Group)
Windows Driver Package - PaloDEx Group Oy (DdxDrv) PaloDExGroupImagingDevices (01/29/2013 2.3.4.7830) (HKLM\...\3BFD3F0F31A427975AEEEF742F52C8742EED8D9B) (Version: 01/29/2013 2.3.4.7830 - PaloDEx Group Oy)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
WinSCP 5.15 (HKLM-x32\...\winscp3_is1) (Version: 5.15 - Martin Prikryl)
Wintropos verze 1.7.2 (HKLM-x32\...\Wintropos_is1) (Version: 1.7.2 - Wintropos)
Zoom (HKU\S-1-5-21-1290061171-993259588-100462224-1001\...\ZoomUMX) (Version: 5.6.3 (751) - Zoom Video Communications, Inc.)

Packages:
=========
Cooking Fever -> C:\Program Files\WindowsApps\NORDCURRENT.COOKINGFEVER_16.0.5.0_x86__m9bz608c1b9ra [2022-10-23] (Nordcurrent)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.15.523.0_x64__rz1tebttyb220 [2022-10-23] (Dolby Laboratories)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2019-03-26] (Fitbit)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-04-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-04-26] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.14.9130.0_x64__8wekyb3d8bbwe [2022-10-23] (Microsoft Studios) [MS Ad]
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_3.27.21.0_x64__nfy108tqq3p12 [2022-10-23] (Thumbmunkeys Ltd)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-12-27] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_555cfc07a674ecdd\igfxDTCM.dll [2018-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2017-07-20 16:04 - 2017-07-20 16:04 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 000191488 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2017-12-27 04:55 - 2017-12-27 04:55 - 000005120 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CNext\CNext\atiamcsy.dll
2018-01-12 13:53 - 2018-01-12 13:53 - 000391168 _____ (Fairchild Imaging Systems) [File not signed] [File is in use] C:\Program Files (x86)\PaloDEx Group\IAM\CmosDentalCamera.dll
2018-01-12 13:53 - 2018-01-12 13:53 - 000281600 _____ (KaVo Kerr) [File not signed] C:\Program Files (x86)\PaloDEx Group\IAM\FusionLib.dll
2018-01-02 15:34 - 2018-01-02 15:34 - 000117248 _____ (KaVo Kerr.) [File not signed] C:\Program Files (x86)\PaloDEx Group\IAM\dnssd-kkg.dll
2019-04-03 15:53 - 2013-03-07 23:07 - 000009728 _____ (Luis Cobian) [File not signed] [File is in use] C:\Program Files (x86)\Cobian Backup 11\CobStringList.dll
2019-04-03 15:53 - 2013-03-07 23:27 - 002684928 _____ (Luis Cobian, CobianSoft) [File not signed] C:\Program Files (x86)\Cobian Backup 11\cbEngine.dll
2018-01-02 15:34 - 2018-01-02 15:34 - 001265664 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\PaloDEx Group\IAM\LIBEAY32.dll
2018-01-02 15:34 - 2018-01-02 15:34 - 000274944 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\PaloDEx Group\IAM\SSLEAY32.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\ssv.dll [2020-01-09] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\jp2ssv.dll [2020-01-09] (Oracle America, Inc. -> Oracle Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1290061171-993259588-100462224-1001\...\*.capgemini.com -> hxxp://*.capgemini.com
IE trusted site: HKU\S-1-5-21-1290061171-993259588-100462224-1001\...\*.capgemini.com -> hxxps://*.capgemini.com
IE trusted site: HKU\S-1-5-21-1290061171-993259588-100462224-1001\...\*.cnb.cz -> hxxp://*.cnb.cz
IE trusted site: HKU\S-1-5-21-1290061171-993259588-100462224-1001\...\*.cnb.cz -> hxxps://*.cnb.cz
IE trusted site: HKU\S-1-5-21-1290061171-993259588-100462224-1001\...\*.csob.cz -> hxxps://*.csob.cz
IE trusted site: HKU\S-1-5-21-1290061171-993259588-100462224-1001\...\*.csob.sk -> hxxps://*.csob.sk
IE trusted site: HKU\S-1-5-21-1290061171-993259588-100462224-1001\...\*.erasvet.cz -> hxxps://*.erasvet.cz
IE trusted site: HKU\S-1-5-21-1290061171-993259588-100462224-1001\...\*.fnplzen.cz -> hxxp://*.fnplzen.cz
IE trusted site: HKU\S-1-5-21-1290061171-993259588-100462224-1001\...\*.fnplzen.cz -> hxxps://*.fnplzen.cz
IE trusted site: HKU\S-1-5-21-1290061171-993259588-100462224-1001\...\*.ica.cz -> hxxp://*.ica.cz
IE trusted site: HKU\S-1-5-21-1290061171-993259588-100462224-1001\...\*.ica.cz -> hxxps://*.ica.cz
IE trusted site: HKU\S-1-5-21-1290061171-993259588-100462224-1001\...\*.nkcr.cz -> hxxp://*.nkcr.cz
IE trusted site: HKU\S-1-5-21-1290061171-993259588-100462224-1001\...\*.nkcr.cz -> hxxps://*.nkcr.cz
IE trusted site: HKU\S-1-5-21-1290061171-993259588-100462224-1001\...\*.postovnisporitelna.cz -> hxxps://*.postovnisporitelna.cz
IE trusted site: HKU\S-1-5-21-1290061171-993259588-100462224-1001\...\*.proebiz.com -> hxxp://*.proebiz.com
IE trusted site: HKU\S-1-5-21-1290061171-993259588-100462224-1001\...\*.proebiz.com -> hxxps://*.proebiz.com
IE trusted site: HKU\S-1-5-21-1290061171-993259588-100462224-1001\...\*.sbcz.cz -> hxxp://*.sbcz.cz
IE trusted site: HKU\S-1-5-21-1290061171-993259588-100462224-1001\...\*.sbcz.cz -> hxxps://*.sbcz.cz
IE trusted site: HKU\S-1-5-21-1290061171-993259588-100462224-1001\...\*.sberbank.cz -> hxxp://*.sberbank.cz
IE trusted site: HKU\S-1-5-21-1290061171-993259588-100462224-1001\...\*.sberbank.cz -> hxxps://*.sberbank.cz

There are 3 more sites.


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 09:31 - 2019-10-04 08:34 - 000000906 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 ereceptsigner.cz

2019-04-04 07:50 - 2019-06-22 09:21 - 000000445 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.1.101 DESKTOP-108HT1O.mshome.net # 2024 6 4 20 7 21 1 354

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\PaloDEx Group\IAM\
HKU\S-1-5-21-1290061171-993259588-100462224-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1290061171-993259588-100462224-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "Canon LBP5000 Status Window.lnk"
HKLM\...\StartupApproved\Run: => "DAX2_APP"
HKU\S-1-5-21-1290061171-993259588-100462224-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A9D6A8B8-C1F2-46CD-9530-D6B47F259E16}] => (Allow) C:\Users\pelka\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{C74D4B35-07B8-4C46-BE88-733FCF029AA8}] => (Allow) C:\Users\pelka\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{1A1E6E7E-5DA9-4C40-A1F4-948442240423}] => (Allow) C:\Users\pelka\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{72C9BE14-D727-4438-826D-AB03B61827BD}] => (Allow) C:\Users\pelka\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{7C8F70E5-DDA2-4FB8-9100-8861FD6C9512}] => (Allow) C:\Users\pelka\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{E81B79D7-B8CD-444D-818F-1F4052D1B31F}] => (Allow) C:\Windows\twain_32\SOREDEX\license_manager.exe (PaloDEx Group Oy -> PaloDEx Group Oy)
FirewallRules: [{7C9199BE-8BD9-4183-AB1D-764797E94B73}] => (Allow) LPort=9898
FirewallRules: [{43B8C73C-B52E-4012-A2C8-1E2A3585C981}] => (Allow) C:\Program Files (x86)\PaloDEx Group\IAM\broker_proxy.exe (PaloDEx Group Oy -> PaloDEx Group Oy)
FirewallRules: [{50457A76-F0D1-4ECD-ABF1-D3CA3BE9A044}] => (Allow) C:\Program Files (x86)\PaloDEx Group\IAM\nci_broker.exe (PaloDEx Group Oy -> PaloDEx Group Oy)
FirewallRules: [{1C4ADAE4-AF1A-40A0-96C8-966DE4E29C99}] => (Allow) LPort=11177
FirewallRules: [{44B11D94-6112-4C5A-816F-9949A3C6501D}] => (Allow) C:\Program Files (x86)\NetTime\NetTimeService.exe () [File not signed]
FirewallRules: [{B95AE57D-6BDF-4A96-9AA3-6F3C573009CF}] => (Allow) C:\WINDOWS\system32\hasplms.exe (SafeNet, Inc. -> SafeNet Inc.)
FirewallRules: [{D3FE1128-5581-4408-A19B-3C3EFF8E8EEB}] => (Allow) C:\Program Files (x86)\KaVo Kerr Group\Discovery Service\mDNSResponder.exe (KaVo Kerr.) [File not signed]
FirewallRules: [{8ECFBB86-7C25-477E-9595-08B4849AA799}] => (Allow) C:\Program Files (x86)\KaVo Kerr Group\Discovery Service\mDNSResponder.exe (KaVo Kerr.) [File not signed]
FirewallRules: [TCP Query User{1187FB4E-BC4C-40B7-9145-CACB2C2A4E7D}C:\program files (x86)\soredex\dfw 2.8\digora.exe] => (Allow) C:\program files (x86)\soredex\dfw 2.8\digora.exe () [File not signed]
FirewallRules: [UDP Query User{E3A65F15-9327-4385-A0A5-FF53BD9F7149}C:\program files (x86)\soredex\dfw 2.8\digora.exe] => (Allow) C:\program files (x86)\soredex\dfw 2.8\digora.exe () [File not signed]
FirewallRules: [{169F7863-5817-4D5D-BF07-131C2D26862D}] => (Block) C:\program files (x86)\soredex\dfw 2.8\digora.exe () [File not signed]
FirewallRules: [{AA06D70E-5938-432B-8B7D-F9A6EA2BBF41}] => (Block) C:\program files (x86)\soredex\dfw 2.8\digora.exe () [File not signed]
FirewallRules: [{2BA545DC-382C-4CDF-8B19-76AC4BBBA600}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{F7F6024F-D969-4390-A892-399A363F65E8}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{1EDB65DD-1722-4A6A-B97B-A8DF66C5CF75}] => (Allow) C:\Program Files\Canon\LBP5000_R150_V331_W64_uk_EN_1\Setup.exe (CANON INC. -> CANON INC.)
FirewallRules: [{3410C979-A3BD-4463-8183-EB968E57BC99}] => (Allow) C:\Program Files\Canon\LBP5000_R150_V331_W64_uk_EN_1\Setup.exe (CANON INC. -> CANON INC.)
FirewallRules: [{718A3E3F-3E51-455E-BA49-514F3A3C791A}] => (Allow) C:\Program Files\Canon\LBP5000_R150_V331_W64_uk_EN_1\Setup.exe (CANON INC. -> CANON INC.)
FirewallRules: [{B1CA8659-E733-4B8E-B111-D300D448ABC9}] => (Allow) C:\Program Files\Canon\LBP5000_R150_V331_W64_uk_EN_1\Setup.exe (CANON INC. -> CANON INC.)
FirewallRules: [{F5BE0C50-9CDC-4089-872E-42FC3F8E0110}] => (Allow) C:\Users\pelka\Downloads\LBP5000_R150_V331_W64_uk_EN_1\Setup.exe (CANON INC. -> CANON INC.)
FirewallRules: [{A825084F-E5B9-4041-8688-56D646EC36CE}] => (Allow) C:\Users\pelka\Downloads\LBP5000_R150_V331_W64_uk_EN_1\Setup.exe (CANON INC. -> CANON INC.)
FirewallRules: [{A037D38E-A0B4-4039-95C9-74A9AC56B35D}] => (Allow) C:\Windows\System32\CNAC4RPD.EXE => No File
FirewallRules: [{C8BB5770-A29E-4D46-833F-9394555DFA46}] => (Allow) C:\Windows\System32\CNAC4RPD.EXE => No File
FirewallRules: [{710EB8F1-ECB5-437E-A1D8-EDCAFFDF20BB}] => (Allow) C:\Program Files\Canon\DIAS\CnxDIAS.exe (CANON INC. -> CANON INC.)
FirewallRules: [{81CE6EB6-662F-4004-AFA3-E24F834E5A0C}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\106.0.1370.52\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DA1C09BC-4B3E-4627-B939-3FE07AF5FE7B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CF4CA557-1B48-46C3-8F16-ED34F75FA97D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{018B851F-76A9-4C52-A3FD-49B045E25D93}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C78288BC-ABE3-4C81-B21A-E7F034AA9105}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

21-09-2022 20:03:29 Instalační služba modulů systému Windows
21-09-2022 20:07:30 Instalační služba modulů systému Windows
05-10-2022 20:00:32 Instalační služba modulů systému Windows
05-10-2022 20:28:45 Instalační služba modulů systému Windows
25-10-2022 16:15:09 AdwCleaner_BeforeCleaning_25/10/2022_16:15:09
25-10-2022 19:20:16 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (10/25/2022 11:13:26 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (10/25/2022 10:55:52 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.19041.2075 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 2700

Čas spuštění: 01d8e83a120e5fb9

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\explorer.exe

ID hlášení: 6240f052-a952-478c-ac54-cfa3fec5e365

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (10/25/2022 08:45:39 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (10/24/2022 08:34:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.19041.2075 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 2318

Čas spuštění: 01d8e7d3cda03f9b

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\explorer.exe

ID hlášení: bea2366d-e5eb-434f-b7c4-349680b56ff8

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (10/24/2022 08:09:45 PM) (Source: ESENT) (EventID: 455) (User: )
Description: wuaueng.dll (6328,R,98) SUS20ClientDataStore: Při otevírání souboru protokolu C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb00026.log došlo k chybě -1811 (0xfffff8ed).

Error: (10/24/2022 11:54:39 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.19041.2075 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 196c

Čas spuštění: 01d8e785a7dbfcb2

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\explorer.exe

ID hlášení: d0c3fad0-2249-4643-bd8c-c61cf2555da0

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (10/24/2022 11:14:07 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (10/24/2022 10:51:47 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.


System errors:
=============
Error: (10/25/2022 08:33:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba LMS neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (10/25/2022 07:19:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba LMS neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (10/25/2022 04:15:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Cobian Backup 11 Gravity byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (10/25/2022 04:15:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba KaVo Kerr Group GXS-700 Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 2000 milisekund: Restartovat službu.

Error: (10/25/2022 04:15:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba DfW Server byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (10/25/2022 04:15:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Conexant Audio Message Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (10/25/2022 04:15:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Content Protection HECI Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (10/25/2022 04:15:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Dolby DAX2 API Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
================
Date: 2022-10-24 08:51:17
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {B4D75F5A-FB25-4823-9819-8B4A04BCE122}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-10-20 08:40:56
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {CAFAA8F7-FF83-41D2-91CD-CDAA006E7257}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-10-18 09:29:36
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {8B8F4511-5619-465D-B3CC-D040B8F2ADF0}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-10-17 07:48:24
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D37DB8A0-CC1E-4C94-AD93-110F30C14BFF}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-10-13 08:26:01
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {CD73230A-9FF7-466C-A631-59E1BA3AAA1C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2022-10-24 11:00:34
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.377.658.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19700.3
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2022-10-13 13:01:29
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.375.1567.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19600.3
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2022-10-13 13:01:29
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.375.1567.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19600.3
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2022-10-13 13:01:29
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.375.1567.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19600.3
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2022-10-13 13:01:29
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.375.1567.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19600.3
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

CodeIntegrity:
===============
Date: 2022-10-25 20:33:49
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_555cfc07a674ecdd\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO R00ET64W (1.39 ) 10/31/2019
Motherboard: LENOVO 20EV000WMC
Processor: Intel(R) Core(TM) i7-6500U CPU @ 2.50GHz
Percentage of memory in use: 49%
Total physical RAM: 8075.11 MB
Available physical RAM: 4089.23 MB
Total Virtual: 9355.11 MB
Available Virtual: 5369.36 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:231.74 GB) (Free:128.43 GB) (Model: Samsung SSD 850 EVO 250GB) NTFS

\\?\Volume{0ec81db0-9bc2-474b-a810-512cc00c4488}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{ab8d7636-9a66-4945-ab9b-5b23bf3e9dd8}\ () (Fixed) (Total:0.55 GB) (Free:0.07 GB) NTFS
\\?\Volume{fb3a1618-efe9-40aa-82c2-4f539ae777e3}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation)
Task: {2029F65C-CEB5-45CA-8E5D-AAEF5D07EAF4} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe /CM -search R -action INSTALL -includerebootpackages 1,3,4 -noicon -noreboot -nolicense -defaultupdate -schtask (No File)
Task: {7C539EEF-CF31-412F-A7CC-5123F8F85BB2} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1290061171-993259588-100462224-1001 => C:\Users\pelka\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe (No File)
Task: {D958B8F7-9163-433E-AED8-D52C354F88F6} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe PendingTask (No File)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\DumpStack.log.tmp
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [{A037D38E-A0B4-4039-95C9-74A9AC56B35D}] => (Allow) C:\Windows\System32\CNAC4RPD.EXE => No File
FirewallRules: [{C8BB5770-A29E-4D46-833F-9394555DFA46}] => (Allow) C:\Windows\System32\CNAC4RPD.EXE => No File

EmptyTemp:
End

Uložte do C:\Users\pelka\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 23-10-2022
Ran by pelka (26-10-2022 10:51:58) Run:1
Running from C:\Users\pelka\Downloads
Loaded Profiles: pelka & kavokerr_nci_user
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation)
Task: {2029F65C-CEB5-45CA-8E5D-AAEF5D07EAF4} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe /CM -search R -action INSTALL -includerebootpackages 1,3,4 -noicon -noreboot -nolicense -defaultupdate -schtask (No File)
Task: {7C539EEF-CF31-412F-A7CC-5123F8F85BB2} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1290061171-993259588-100462224-1001 => C:\Users\pelka\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe (No File)
Task: {D958B8F7-9163-433E-AED8-D52C354F88F6} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe PendingTask (No File)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\DumpStack.log.tmp
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [{A037D38E-A0B4-4039-95C9-74A9AC56B35D}] => (Allow) C:\Windows\System32\CNAC4RPD.EXE => No File
FirewallRules: [{C8BB5770-A29E-4D46-833F-9394555DFA46}] => (Allow) C:\Windows\System32\CNAC4RPD.EXE => No File

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2029F65C-CEB5-45CA-8E5D-AAEF5D07EAF4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2029F65C-CEB5-45CA-8E5D-AAEF5D07EAF4}" => removed successfully
C:\WINDOWS\System32\Tasks\TVT\TVSUUpdateTask => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TVT\TVSUUpdateTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7C539EEF-CF31-412F-A7CC-5123F8F85BB2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7C539EEF-CF31-412F-A7CC-5123F8F85BB2}" => removed successfully
C:\WINDOWS\System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1290061171-993259588-100462224-1001 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Lenovo Service Bridge\S-1-5-21-1290061171-993259588-100462224-1001" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D958B8F7-9163-433E-AED8-D52C354F88F6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D958B8F7-9163-433E-AED8-D52C354F88F6}" => removed successfully
C:\WINDOWS\System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TVT\TVSUUpdateTask_UserLogOn" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A037D38E-A0B4-4039-95C9-74A9AC56B35D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C8BB5770-A29E-4D46-833F-9394555DFA46}" => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 23821411 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 18443846 B
Edge => 19456 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 6656 B
NetworkService => 16832 B
pelka => 66920052 B
kavokerr_nci_user => 66926708 B

RecycleBin => 47300 B
EmptyTemp: => 168.1 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 26-10-2022 10:53:20)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 10:53:20 ====

Smazáno. Zrychlil se chod?

Ano, zrychlil.
Děkuji

Rádo se stalo!

Jeste jednou dekuji! Zasilam příspěvek na provoz fora.

Za příspěvek děkujeme!