Myš reaguje divně, sám se mačká enter stisknutím myši
Napsal: 05 led 2023 12:39
Dobrý den,
mám podezření na nějaký malware, prosím o kontrolu logu. Moc díky!
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-12-2022
Ran by Uzivatel (administrator) on MICHALA (LENOVO 80WK) (05-01-2023 12:32:38)
Running from C:\Users\Uzivatel\Desktop
Loaded Profiles: Uzivatel
Platform: Microsoft Windows 10 Home Version 22H2 19045.2364 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\Qustodio\qapp\QUpdateService.exe ->) (Qustodio Technologies SL -> ) C:\Program Files (x86)\Qustodio\qapp\crashpad_handler.exe <3>
(C:\Program Files (x86)\Qustodio\qproxy\qengine.exe ->) (Qustodio Technologies SL -> Qustodio Technologies) C:\Program Files (x86)\Qustodio\qapp\QAppTray.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxEM.exe
(explorer.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4232.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <31>
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\Family First\DDnsChecker\DnsCheckerService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_c2ac023763d5d3ad\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_e3f96af62737a898\RstMwService.exe
(services.exe ->) (LENOVO -> Lenovo(beijing) Limited) C:\Program Files\Lenovo\Nerve Center\bin\x64\PluginLoaderSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe
(services.exe ->) (Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvltig.inf_amd64_0d04d46e99e0e8d9\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Qustodio Technologies SL -> Qustodio Technologies) C:\Program Files (x86)\Qustodio\qapp\QUpdateService.exe
(services.exe ->) (Qustodio Technologies SL -> Qustodio Technologies) C:\Program Files (x86)\Qustodio\qproxy\qengine.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(svchost.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4232.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (LENOVO -> Lenovo(beijing) Limited) C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenterUpdateAgent.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22102.229.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19677688 2021-10-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617784 2021-10-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617784 2021-10-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [194480 2022-11-03] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11327200 2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [QAppTray] => C:\Program Files (x86)\Qustodio\qapp\QAppTray.exe [5817888 2022-09-23] (Qustodio Technologies SL -> Qustodio Technologies)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [279240 2016-12-09] (Canon Inc. -> CANON INC.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\Run: [launchOnStartup] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [13799776 2022-03-21] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\Run: [Steam] => D:\Steam\steam.exe [4246376 2022-12-15] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38916432 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\Run: [com.squirrel.slack.slack] => C:\Users\Uzivatel\AppData\Local\slack\slack.exe [309040 2022-08-31] (Slack Technologies, Inc. -> Slack Technologies Inc.)
HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\MountPoints2: {4fbf8dc8-fa2c-11ec-adc3-54e1ad4b7247} - "E:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\Canon G3010 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDEI.DLL [482816 2017-08-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon TS5000 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDF.DLL [30720 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor G3010 series: C:\WINDOWS\system32\CNMLMEI.DLL [1303040 2017-08-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5300 series: CNMLMAT.DLL (No File)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS5000 series: C:\WINDOWS\system32\CNMLMDF.DLL [485376 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS5000 series XPS: C:\WINDOWS\system32\CNMXLMDF.DLL [487424 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [359936 2012-06-14] (CANON INC.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\108.0.5359.125\Installer\chrmstp.exe [2022-12-16] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\108.1.46.144\Installer\chrmstp.exe [2022-12-15] (Brave Software, Inc. -> Brave Software, Inc.)
GroupPolicy\User: Restriction ? <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {02276FA8-2F26-4150-B8BF-51C0AD1C7BEB} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {0FDAAC7E-54CC-42D3-81C8-64B220F6E612} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2567049384-1476051938-1418897080-1002 => C:\Users\Uzivatel\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (No File)
Task: {1001AFA4-6FD5-41D1-9947-F6D1D6608426} - System32\Tasks\Opera scheduled assistant Autoupdate 1656611901 => C:\Users\Uzivatel\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Uzivatel\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {1683CC96-F947-4DAD-8D7F-C388FBFFAEE2} - System32\Tasks\Opera scheduled Autoupdate 1656611895 => C:\Users\Uzivatel\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {19FCE532-E3E3-4CD5-B322-2898E6A1F1A6} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {29A72C34-32DC-4F07-9604-57EEE19E599C} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {3070743D-48EF-4580-9B8D-7AF2BFE073BE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {37DF3989-B35D-416D-97D6-955BF6B40BA0} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {3A83F326-857D-4092-9692-A2F8CDF072E3} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-12-09] (Piriform Software Ltd -> Piriform)
Task: {3EA38098-76CC-487A-BB78-4C3025E80648} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3077448 2021-12-13] (Intel Corporation -> Intel Corporation)
Task: {4A318BEE-B304-4FB7-A059-DE978439D427} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {4FD19FF7-92AD-44BE-A093-191FE9511092} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {509436D4-DAAA-4C40-B6C5-9CD48C4A7AE9} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4669264 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "1351fa5c-2ac1-4f85-a3a0-4de5e77ad4ec" --version "6.07.10191" --silent
Task: {518F092C-C398-4788-8D59-2E58EABE786B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-01] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {51ADEE62-7337-4038-9DF3-674806DAF427} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {58BD1CEE-AFAD-472D-9CF9-7B229E424DBC} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2567049384-1476051938-1418897080-1002 => C:\Users\Uzivatel\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {5D9E662D-407A-4E94-BF2E-7294BDA7B4F8} - System32\Tasks\CCleanerSkipUAC - Uzivatel => C:\Program Files\CCleaner\CCleaner.exe [32602448 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {63CC4E57-26E7-44F9-9E8B-DEE607E1D013} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {65A96F5D-1447-475D-8177-EAFB2E46939B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {67506DFB-2FDD-4999-8DA5-2773D83BE552} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe /CM -search R -action INSTALL -includerebootpackages 1,3,4 -noicon -noreboot -nolicense -defaultupdate -schtask (No File)
Task: {74EA52C1-1E75-45EB-BDD8-F6EA087AB992} - System32\Tasks\GoogleUpdateTaskMachineCore{79EC1C55-1C31-40FC-A573-A9D45B7262A9} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-10-11] (Google Inc -> Google LLC)
Task: {794177E9-F5AC-44DE-90E7-8D46F9FC3186} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {79D2EFCE-7F3B-4458-9433-2C285FAC211D} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {7EE6C38D-C04B-42CA-BAA2-A3202D4B969B} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342080 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {8B746C94-F7D0-400F-92C9-530B45939C15} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {9D326BD3-C485-460B-ACD8-655979BCEE16} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162456 2021-12-18] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {9D8250B7-30FE-418F-AEF2-AD6D95BE7FAC} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {A17FCD6C-655F-4518-AFF1-D625717A0664} - System32\Tasks\GoogleUpdateTaskMachineUA{840A3A40-9A02-4585-B354-6E9D393B94AA} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-10-11] (Google Inc -> Google LLC)
Task: {A724C4B6-C811-4825-A025-204E820A767D} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {A7986DE1-334C-4A42-A6AA-FDCA819193C4} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162456 2021-12-18] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {AB5DF58E-66C9-4610-8103-9EC70023DFC0} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3077448 2021-12-13] (Intel Corporation -> Intel Corporation)
Task: {D9B587DE-F8F3-4A01-8754-D67AE9F6054A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646344 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {E218548D-EF9E-47ED-A06D-BB5A4ADA92BF} - System32\Tasks\NerveCenterUpdate => C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenterUpdateAgent.exe [744800 2017-04-28] (LENOVO -> Lenovo(beijing) Limited)
Task: {F7866A90-CE98-4729-8EC4-6FABEDEA486E} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File)
Task: {F7920DBF-32FC-4719-85C6-C245E9DF19A0} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe PendingTask (No File)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{048e9000-5619-41aa-b32e-01d2d585c78b}: [DhcpNameServer] 192.168.2.1 0.0.0.0
Tcpip\..\Interfaces\{e5ea96d8-3994-4a08-886a-d1c2a3fe2cbc}: [DhcpNameServer] 192.168.1.1
Edge:
=======
DownloadDir: C:\Users\Uzivatel\Downloads
Edge Profile: C:\Users\Uzivatel\AppData\Local\Microsoft\Edge\User Data\Default [2022-12-22]
Edge DownloadDir: Default -> C:\Users\Uzivatel\Downloads
Edge StartupUrls: Default -> "hxxps://r-pass.cz/"
FireFox:
========
FF DefaultProfile: 37tql1uz.default
FF ProfilePath: C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\37tql1uz.default [2023-01-05]
FF ProfilePath: C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\vp2ps7ar.default-release-1630156417128 [2023-01-05]
FF Notifications: Mozilla\Firefox\Profiles\vp2ps7ar.default-release-1630156417128 -> hxxps://aukro.cz; hxxps://voyo.nova.cz; hxxps://jaknaletenky.cz; hxxps://meet.google.com
FF Extension: (LastPass: Free Password Manager) - C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\vp2ps7ar.default-release-1630156417128\Extensions\support@lastpass.com.xpi [2022-12-20]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2023-01-05]
Chrome:
=======
CHR Profile: C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default [2023-01-03]
CHR Notifications: Default -> hxxps://www.facebook.com
CHR StartupUrls: Default -> "hxxp://www.r-pass.cz/"
CHR Extension: (Dokumenty Google offline) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-12-23]
CHR Extension: (Vysor) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gidgenkbbabolejbgbpnhbimgjbffefm [2021-12-29]
CHR Extension: (Story Saver) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafcolokinicfdmlidhaebadidhdehpk [2023-01-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
Brave:
=======
BRA Profile: C:\Users\Uzivatel\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2022-12-13]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\Uzivatel\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2022-11-07]
BRA Extension: (Brave NTP background images) - C:\Users\Uzivatel\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2022-08-30]
BRA Extension: (Wallet Data Files Updater) - C:\Users\Uzivatel\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2022-10-15]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\Uzivatel\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2022-11-07]
BRA Extension: (Brave NTP sponsored images) - C:\Users\Uzivatel\AppData\Local\BraveSoftware\Brave-Browser\User Data\efkihffiamafhbhefjaljejgdpkelpal [2022-11-07]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\Uzivatel\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2022-03-30]
BRA Extension: (Brave Ad Block Updater (CZE, SVK: EasyList Czech and Slovak)) - C:\Users\Uzivatel\AppData\Local\BraveSoftware\Brave-Browser\User Data\omkkefoeihpbpebhhbhmjekpnegokpbj [2022-11-07]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\Uzivatel\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2022-11-07]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162456 2021-12-18] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162456 2021-12-18] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1003344 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
R2 DnsCheckerService; C:\Program Files (x86)\Family First\DDnsChecker\DnsCheckerService.exe [13824 2021-01-19] () [File not signed]
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2019-01-21] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
S3 EHttpSrv; C:\Program Files\ESET\ESET Security\ehttpsrv.exe [53880 2022-11-03] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3428784 2022-11-03] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3428784 2022-11-03] (ESET, spol. s r.o. -> ESET)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1959776 2022-03-21] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6484832 2022-03-21] (GOG Sp. z o.o. -> GOG.com)
S3 GameRecorderSVC; C:\Program Files\Lenovo\Nerve Center\bin\x86\GameRecorderSVC.exe [392032 2017-04-28] (LENOVO -> Lenovo(beijing) Limited)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [445432 2021-04-19] (Canon Inc. -> )
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2562776 2022-01-31] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3481312 2022-01-31] (Electronic Arts, Inc. -> Electronic Arts)
R2 PluginLoaderSvc; C:\Program Files\Lenovo\Nerve Center\bin\x64\PluginLoaderSvc.exe [966496 2017-04-28] (LENOVO -> Lenovo(beijing) Limited)
R2 qengine; C:\Program Files (x86)\Qustodio\qproxy\qengine.exe [5621288 2022-09-22] (Qustodio Technologies SL -> Qustodio Technologies)
R2 qupdate; C:\Program Files (x86)\Qustodio\qapp\QUpdateService.exe [2348064 2022-09-23] (Qustodio Technologies SL -> Qustodio Technologies)
S3 Rockstar Service; D:\Rockstar Games\Launcher\RockstarService.exe [2703192 2022-12-12] (Rockstar Games, Inc. -> Rockstar Games)
R2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [12288 2021-11-19] (Microsoft) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\NisSrv.exe [2372048 2020-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MsMpEng.exe [128376 2020-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe [20480 2021-11-19] (Microsoft) [File not signed]
S3 BraveElevationService; "C:\Program Files\BraveSoftware\Brave-Browser\Application\108.1.46.144\elevation_service.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvltig.inf_amd64_0d04d46e99e0e8d9\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvltig.inf_amd64_0d04d46e99e0e8d9\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 BHTPCRDR; C:\WINDOWS\System32\drivers\bhtpcrdr.sys [174496 2021-10-16] (BayHub Technology Inc. -> BayHubTech/O2Micro)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [194336 2022-11-03] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [118400 2022-11-03] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [16336 2022-08-31] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [235632 2022-11-03] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [80664 2022-11-03] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [121000 2022-11-03] (ESET, spol. s r.o. -> ESET)
S3 FBNetFilter; C:\Windows\system32\Drivers\FBNetFlt.sys [46576 2017-04-28] (Lenovo (Beijing) Co., Ltd. -> Lenovo(beijing) Limited)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S3 pelmouse; C:\WINDOWS\system32\DRIVERS\pelmouse.sys [26880 2016-07-11] (WDKTestCert idd,131110062695071623 -> TPMX Electronics Ltd.)
S3 pelusblf; C:\WINDOWS\system32\DRIVERS\pelusblf.sys [33048 2016-07-11] (WDKTestCert idd,131110062695071623 -> )
R1 qwdf64; C:\WINDOWS\system32\Drivers\qwdf64.sys [41872 2022-06-28] (Qustodio Technologies, SL -> Qustodio Technologies)
R1 qwdr64; C:\WINDOWS\system32\Drivers\qwdr64.sys [55696 2022-06-28] (Qustodio Technologies, SL -> Qustodio Technologies)
R2 qwfp; C:\WINDOWS\system32\Drivers\qwfp64.sys [47640 2022-06-28] (Microsoft Windows Hardware Compatibility Publisher -> Qustodio Technologies)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-11-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [428264 2020-11-03] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69864 2020-11-03] (Microsoft Windows -> Microsoft Corporation)
U3 avgbdisk; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-01-05 12:33 - 2023-01-05 12:33 - 001222144 _____ C:\Users\Uzivatel\Desktop\RSITx64.exe
2023-01-05 12:32 - 2023-01-05 12:33 - 000032527 _____ C:\Users\Uzivatel\Desktop\FRST.txt
2023-01-05 12:31 - 2023-01-05 12:31 - 002376192 _____ (Farbar) C:\Users\Uzivatel\Desktop\FRST64.exe
2023-01-04 15:08 - 2023-01-04 15:08 - 000018777 _____ C:\Users\Uzivatel\Desktop\planovaci-kalendar-vyska zdroj-web.xlsx
2023-01-04 13:26 - 2023-01-04 14:47 - 000018785 _____ C:\Users\Uzivatel\Downloads\planovaci-kalendar-vyska zdroj-web.xlsx
2023-01-04 09:19 - 2023-01-04 09:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2023-01-03 10:48 - 2023-01-03 10:48 - 001300377 _____ C:\Users\Uzivatel\Downloads\potvrzení_Equip-1.pdf
2023-01-03 10:47 - 2023-01-03 10:47 - 001300377 _____ C:\Users\Uzivatel\Downloads\potvrzení_Equip.pdf
2023-01-03 10:46 - 2023-01-03 10:46 - 001300377 _____ C:\Users\Uzivatel\Desktop\potvrzení_Equip.pdf
2023-01-03 09:21 - 2023-01-03 09:21 - 000107523 _____ C:\Users\Uzivatel\Downloads\hb_potvrzeni_uroky_587995-1_20230101_009.pdf
2023-01-03 08:33 - 2023-01-03 08:33 - 000768068 _____ C:\Users\Uzivatel\Desktop\KoloemociCZ.pdf
2022-12-25 00:54 - 2022-12-25 00:54 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2022-12-20 19:20 - 2022-12-20 19:58 - 000000000 ____D C:\Users\Uzivatel\Documents\Mount&Blade Savegames
2022-12-20 19:19 - 2022-12-20 20:11 - 000000000 ____D C:\Users\Uzivatel\AppData\Roaming\Mount&Blade
2022-12-20 19:01 - 2022-12-20 19:01 - 000116165 _____ C:\Users\Uzivatel\Downloads\2022123083.pdf
2022-12-20 18:09 - 2022-12-20 18:09 - 000000000 ____D C:\Users\Uzivatel\Documents\Mount&Blade Warband Savegames
2022-12-20 18:08 - 2022-12-20 20:43 - 000000000 ____D C:\Users\Uzivatel\Documents\Mount&Blade Warband
2022-12-20 18:08 - 2022-12-20 18:08 - 000000000 ____D C:\Users\Uzivatel\AppData\Roaming\Mount&Blade Warband
2022-12-18 12:57 - 2022-12-18 12:57 - 000048745 _____ C:\Users\Uzivatel\Downloads\Pohyb_25826003110_na_uctu_2000340629.pdf
2022-12-18 08:19 - 2022-12-18 08:19 - 000000000 ___HD C:\$WinREAgent
2022-12-06 13:21 - 2022-12-06 13:21 - 000100698 _____ C:\Users\Uzivatel\Downloads\AC-Statistika-CITYHOUSE-2022(1).xlsx
2022-12-06 12:27 - 2022-12-06 12:27 - 000010745 _____ C:\Users\Uzivatel\Downloads\Leadership Conference, Vienna 2022 - Timetable & Sesisons.xlsx
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-01-05 12:33 - 2021-04-11 09:16 - 000013104 _____ C:\WINDOWS\SysWOW64\qengineOff.ini
2023-01-05 12:33 - 2021-04-11 09:16 - 000013104 _____ C:\WINDOWS\system32\qengineOff.ini
2023-01-05 12:32 - 2021-10-30 10:56 - 000000000 ____D C:\FRST
2023-01-05 12:31 - 2021-04-12 13:31 - 000000000 ____D C:\ProgramData\Qustodio
2023-01-05 12:30 - 2022-02-11 10:23 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-01-05 12:30 - 2021-12-11 09:21 - 000000000 ____D C:\Program Files\CCleaner
2023-01-05 12:30 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-01-05 12:30 - 2019-10-11 08:29 - 000000000 ____D C:\Program Files (x86)\Google
2023-01-05 12:29 - 2020-04-22 15:14 - 000000000 ____D C:\Users\Uzivatel\AppData\LocalLow\Mozilla
2023-01-05 12:28 - 2022-04-17 19:28 - 000000000 __SHD C:\Users\Uzivatel\IntelGraphicsProfiles
2023-01-05 12:28 - 2022-04-15 08:57 - 000000000 ____D C:\ProgramData\NVIDIA
2023-01-05 12:28 - 2021-12-11 10:55 - 000008192 ___SH C:\DumpStack.log.tmp
2023-01-05 12:28 - 2021-04-11 09:16 - 000000000 ____D C:\ProgramData\boost_interprocess
2023-01-05 12:28 - 2020-08-04 17:47 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-01-05 12:28 - 2019-10-11 08:30 - 000000000 ____D C:\Intel
2023-01-05 12:26 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-01-05 12:25 - 2020-04-29 12:48 - 000000000 ____D C:\Users\Uzivatel\AppData\Roaming\vlc
2023-01-05 12:01 - 2020-08-04 17:44 - 001693268 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-01-05 12:01 - 2019-12-07 15:41 - 000718024 _____ C:\WINDOWS\system32\perfh005.dat
2023-01-05 12:01 - 2019-12-07 15:41 - 000145166 _____ C:\WINDOWS\system32\perfc005.dat
2023-01-05 12:01 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-01-05 11:27 - 2020-08-04 14:11 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-01-05 08:56 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-01-05 08:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-01-04 22:58 - 2021-12-11 09:21 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-01-04 14:46 - 2019-10-11 08:25 - 000000000 ____D C:\Users\Uzivatel\AppData\Local\Packages
2023-01-04 12:39 - 2021-03-18 07:30 - 000000000 ____D C:\Users\Uzivatel\AppData\Roaming\Evernote
2023-01-04 09:20 - 2022-03-30 09:56 - 000000000 ____D C:\Users\Uzivatel\AppData\Roaming\DropboxElectron
2023-01-04 09:19 - 2021-03-18 07:23 - 000000000 ____D C:\Users\Uzivatel\AppData\Local\Dropbox
2023-01-04 09:19 - 2021-03-18 07:23 - 000000000 ____D C:\Program Files (x86)\Dropbox
2023-01-04 09:01 - 2020-08-04 17:47 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-01-04 09:01 - 2020-08-04 17:47 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-01-03 22:20 - 2022-10-03 03:07 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-01-02 23:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-12-28 11:06 - 2022-02-23 16:56 - 000000000 ____D C:\ProgramData\CanonIJPLM
2022-12-23 15:52 - 2022-04-17 19:29 - 000000000 ____D C:\Users\Uzivatel\AppData\Local\D3DSCache
2022-12-23 09:56 - 2022-10-03 03:07 - 000003476 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2022-12-23 09:56 - 2022-01-24 22:45 - 000000000 ____D C:\Users\Uzivatel\AppData\Local\CrashDumps
2022-12-20 19:27 - 2021-03-18 07:21 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-12-20 19:27 - 2020-07-07 14:36 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-12-20 09:29 - 2021-10-10 19:45 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-12-20 09:29 - 2021-03-18 07:21 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-12-18 14:59 - 2020-08-04 14:11 - 000450512 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemApps
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-12-18 08:29 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-12-18 08:26 - 2020-08-04 17:43 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-12-18 08:16 - 2020-04-22 19:03 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-12-18 08:13 - 2020-04-22 19:03 - 148633544 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-12-17 11:35 - 2020-08-03 10:30 - 000000000 ____D C:\Users\Uzivatel
2022-12-16 13:03 - 2019-10-11 08:30 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-12-16 12:13 - 2020-07-09 09:25 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-12-15 08:20 - 2021-12-18 17:48 - 000002364 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2022-12-15 08:20 - 2021-12-18 17:48 - 000002323 _____ C:\Users\Public\Desktop\Brave.lnk
2022-12-10 22:18 - 2022-02-19 14:17 - 000014263 _____ C:\Users\Uzivatel\Desktop\inverness.xlsx
2022-12-10 18:35 - 2021-03-18 07:23 - 000000928 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2022-12-10 18:35 - 2021-03-18 07:23 - 000000924 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
==================== Files in the root of some directories ========
2022-02-11 15:34 - 2022-02-11 15:34 - 000000204 _____ () C:\Users\Uzivatel\AppData\Roaming\359a9ea7-9833-4059-bf05-b7eefa6ef5b7.tmp
2022-01-26 17:49 - 2022-01-26 17:49 - 000000371 _____ () C:\Users\Uzivatel\AppData\Roaming\5daa97cb-195f-4dd7-9cbf-c06510b65b3e.tmp
2020-09-03 11:54 - 2020-09-03 12:18 - 047902775 _____ () C:\Users\Uzivatel\AppData\Roaming\gta5_patch.bin
2020-09-03 11:54 - 2020-09-03 11:54 - 000332800 _____ () C:\Users\Uzivatel\AppData\Roaming\patcher.dll
2021-04-04 19:19 - 2022-03-21 00:40 - 000000081 _____ () C:\Users\Uzivatel\AppData\Local\.bidstack.fault
2020-04-22 16:57 - 2022-01-25 23:02 - 000007597 _____ () C:\Users\Uzivatel\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-12-2022
Ran by Uzivatel (05-01-2023 12:33:57)
Running from C:\Users\Uzivatel\Desktop
Microsoft Windows 10 Home Version 22H2 19045.2364 (X64) (2020-08-04 16:47:59)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2567049384-1476051938-1418897080-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2567049384-1476051938-1418897080-503 - Limited - Disabled)
Guest (S-1-5-21-2567049384-1476051938-1418897080-501 - Limited - Disabled)
Uzivatel (S-1-5-21-2567049384-1476051938-1418897080-1001 - Administrator - Enabled) => C:\Users\Uzivatel
WDAGUtilityAccount (S-1-5-21-2567049384-1476051938-1418897080-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Security (Enabled - Up to date) {DF8BEACB-94C9-218A-73AD-A78362A8C516}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.003.20282 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Assassin's Creed Odyssey (HKLM-x32\...\Uplay Install 5059) (Version: - Ubisoft)
Assassin's Creed Origins (HKLM-x32\...\Uplay Install 3539) (Version: - Ubisoft)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 108.1.46.144 - Autoři prohlížeče Brave)
Brother iPrint&Scan (HKLM-x32\...\{566A27C1-043E-4A17-AC78-338559A4953B}) (Version: 10.0.0.120 - Brother Industries, Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{7ef8cf92-cb09-4d1f-a0ed-8c84f4e7a478}) (Version: 10.0.0.120 - Brother Industries, Ltd.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon G3010 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_G3010_series) (Version: 1.01 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - )
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.5.3 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.05.1.51 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.4.0.16 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.4.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
Canon TS5000 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS5000_series) (Version: 1.03 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.07 - Piriform)
Dolby Audio X2 Windows API SDK (HKLM\...\{F290F786-5F69-48D4-B20B-D21C7DE56EF0}) (Version: 0.8.8.88 - Dolby Laboratories, Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 164.4.7914 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.685.1 - Dropbox, Inc.) Hidden
ESET Endpoint Antivirus (HKLM\...\{F8DE2A0C-AE50-4915-9F99-12A9B1DFCADA}) (Version: 9.1.2060.0 - ESET, spol. s r.o.)
Evernote 10.49.4 (HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\e4251011-875e-51f3-a464-121adaff5aaa) (Version: 10.49.4 - Evernote Corporation)
FIFA 18 (HKLM-x32\...\{213CC10A-B8CB-4EBA-B277-6B08B7C22A65}) (Version: 1.0.57.57320 - Electronic Arts)
FIFA 19 (HKLM-x32\...\{3391E07D-8484-4124-817E-FCBDA859FD62}) (Version: 1.0.61.54442 - Electronic Arts)
Flawless Widescreen version 1.0.15 (HKLM-x32\...\{7348D82E-8C68-48FF-BA2D-8C97B5B4B3D8}_is1) (Version: 1.0.15 - Flawless Widescreen)
FM Genie Scout 22 version 1.0 22.4.1 beta 13 (HKLM\...\FM Genie Scout 22_is1) (Version: 1.0 22.4.1 beta 13 - )
FMRTE 20.4.4.47 (HKLM-x32\...\{14A58A15-B038-4C19-A024-3B6016F86A14}_is1) (Version: 20.4.4.47 - FMRTE)
FMRTE 22.4.1.23 (HKLM-x32\...\{34EDE299-09F3-48D9-95E9-92EFF3265F81}_is1) (Version: 22.4.1.23 - FMRTE)
FormatFactory 5.4.5.0 (HKLM-x32\...\FormatFactory) (Version: 5.4.5.0 - Free Time)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM\...\{6A6D3422-8127-3867-A83C-56B555636ECA}) (Version: 108.0.5359.125 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.101.0 - Google LLC) Hidden
HttpToUsbBridge (HKLM-x32\...\{3F9BB162-F826-4EBC-AA60-42020CA134CD}) (Version: 2.0.10.1 - Brother Industries Ltd.)
Intel(R) Computing Improvement Program (HKLM\...\{EFE4A88A-FF8B-4D0E-8354-E0B7C3ED9E50}) (Version: 2.4.08840 - Intel Corporation)
Krtek a jeho veliké dobrodružství (HKLM-x32\...\{5DF18D93-076F-4E90-B6CF-3CF96110F1D4}_is1) (Version: - Play sp. z o. o.)
Lenovo Nerve Sense (HKLM\...\{DCB4DFB5-93CA-4BDD-9D08-CE880626B46E}_is1) (Version: 2.6.11.8 - Lenovo)
Microsoft .NET Core Host - 3.1.28 (x64) (HKLM\...\{26ECE92F-518E-40AF-9108-7B7B444A46DE}) (Version: 24.112.31513 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.28 (x64) (HKLM\...\{CDEA72F4-1367-4E0A-AC5F-0EBAF7C6825A}) (Version: 24.112.31513 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.28 (x64) (HKLM\...\{3691148D-EF42-4812-8956-AE11FC413B8D}) (Version: 24.112.31513 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.28 (x64) (HKLM-x32\...\{231e3b76-4d0f-4e60-9d69-f11c9c448630}) (Version: 3.1.28.31513 - Microsoft Corporation)
Microsoft Access MUI (Czech) 2013 (HKLM\...\{90150000-0015-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft DCF MUI (Czech) 2013 (HKLM\...\{90150000-0090-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 108.0.1462.54 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 108.0.1462.54 - Microsoft Corporation)
Microsoft Excel MUI (Czech) 2013 (HKLM\...\{90150000-0016-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (Czech) 2013 (HKLM\...\{90150000-00BA-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (Czech) 2013 (HKLM\...\{90150000-0044-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (Czech) 2013 (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Czech) 2013 (HKLM\...\{90150000-00E1-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Czech) 2013 (HKLM\...\{90150000-00E2-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Proofing (Czech) 2013 (HKLM\...\{90150000-002C-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (Czech) 2013 (HKLM\...\{90150000-00C1-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2013 (HKLM\...\{90150000-006E-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (Czech) 2013 (HKLM\...\{90150000-00A1-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Czech) 2013 (HKLM\...\{90150000-001A-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Czech) 2013 (HKLM\...\{90150000-0018-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (Czech) 2013 (HKLM\...\{90150000-0019-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Update Health Tools (HKLM\...\{80F1AF52-7AC0-42A3-9AF0-689BFB271D1D}) (Version: 3.68.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31332 (HKLM-x32\...\{3746f21b-c990-4045-bb33-1cf98cff7a68}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31332 (HKLM-x32\...\{a98dc6ff-d360-4878-9f0a-915eba86eaf3}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31332 (HKLM\...\{F4499EE3-A166-496C-81BB-51D1BCDC70A9}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31332 (HKLM\...\{3407B900-37F5-4CC2-B612-5CD5D580A163}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Word MUI (Czech) 2013 (HKLM\...\{90150000-001B-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mount and Blade: Warband (HKLM-x32\...\1207666913_is1) (Version: 2.059 - GOG.com)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 108.0.1 (x64 cs)) (Version: 108.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 86.0.1 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
NVIDIA FrameView SDK 1.2.7521.31103277 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.7521.31103277 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.25.1.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.25.1.27 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 512.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 512.15 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.110.50000 - Electronic Arts, Inc.)
Qustodio (HKLM-x32\...\Qustodio) (Version: 185.0.1170.0 - Qustodio)
Red Dead Redemption 2 (HKLM-x32\...\Red Dead Redemption 2) (Version: 1.0.1491.16 - Rockstar Games)
Registrace tiskárny (HKLM-x32\...\Canon EISRegistration) (Version: 1.8.0 - Canon Inc.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.67.1178 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.1.6.5 - Rockstar Games)
Slack (HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\slack) (Version: 4.28.171 - Slack Technologies Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Witcher 3: Wild Hunt - Game of the Year Edition (HKLM-x32\...\1495134320_is1) (Version: 1.32 - GOG.com)
Theophilos 3 (HKLM-x32\...\Theophilos_is1) (Version: - )
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 123.1.10526 - Ubisoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Zoom (HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\ZoomUMX) (Version: 5.11.4 (7185) - Zoom Video Communications, Inc.)
Packages:
=========
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2022-04-12] (Canon Inc.)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-01-25] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_141.2.441.0_x64__v10z8vjag6ke6 [2022-12-06] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-01-25] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-01-25] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-20] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2022-10-16] (NVIDIA Corp.)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4232.0_x64__8j3eq9eme6ctt [2022-12-20] (INTEL CORP) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2567049384-1476051938-1418897080-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Uzivatel\Dropbox [2021-03-18 07:26]
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-11-03] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files\FormatFactory\ShellEx_108.dll [2020-08-04] (Free Time) [File not signed]
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-11-03] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files\FormatFactory\ShellEx_108.dll [2020-08-04] (Free Time) [File not signed]
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvltig.inf_amd64_0d04d46e99e0e8d9\nvshext.dll [2022-03-18] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-11-03] (ESET, spol. s r.o. -> ESET)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Vysor.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=gidgenkbbabolejbgbpnhbimgjbffefm
==================== Loaded Modules (Whitelisted) =============
2020-04-22 16:53 - 2012-06-14 16:18 - 000359936 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2020-08-04 10:46 - 2020-08-04 10:46 - 000341504 _____ (Free Time) [File not signed] C:\Program Files\FormatFactory\ShellEx_108.dll
2019-10-11 08:30 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2022-12-15 09:45 - 2022-12-15 09:45 - 041845248 _____ (Intel Corporation) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4232.0_x64__8j3eq9eme6ctt\IGCC.dll
2022-02-05 21:03 - 2022-02-05 21:03 - 002122240 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll
2019-07-31 17:28 - 2019-07-31 17:28 - 005112440 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Qustodio\qapp\Qt5Core.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Uzivatel\Desktop\slawek.txt:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Uzivatel\Downloads\jeststar.JPG:com.dropbox.attrs [54]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\qwfp => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2019-08-19] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Uzivatel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "iPSNotifier.lnk"
HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX2"
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "QAppTray"
HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\StartupApproved\Run: => "launchOnStartup"
HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\StartupApproved\Run: => "com.squirrel.slack.slack"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{00735113-238B-4D55-B5BF-FA74B81163DB}] => (Allow) D:\Steam\steamapps\common\Gothic 3\Gothic3.exe (Pluto 13 GmbH) [File not signed]
FirewallRules: [{C0930574-F9F1-4CD8-B630-D4EB21DDC8B5}] => (Allow) D:\Steam\steamapps\common\Gothic 3\Gothic3.exe (Pluto 13 GmbH) [File not signed]
FirewallRules: [UDP Query User{644E18D1-1B61-4EA3-BF24-05A0167CA5F4}D:\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\rockstar games\grand theft auto v\gta5.exe => No File
FirewallRules: [TCP Query User{C6881EB2-ADD8-4CF3-A74A-6AF1BC34328F}D:\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\rockstar games\grand theft auto v\gta5.exe => No File
FirewallRules: [{82DFF841-3DBD-4F28-AAD8-0B2CA12BAA34}] => (Allow) D:\Steam\steamapps\common\Risen 3\system\Risen3.exe (Piranha Bytes) [File not signed]
FirewallRules: [{C5667492-043F-4C53-8A4F-DE3E2BA93DAD}] => (Allow) D:\Steam\steamapps\common\Risen 3\system\Risen3.exe (Piranha Bytes) [File not signed]
FirewallRules: [{766C82F3-9D99-474F-90A4-D61EB53F8D48}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{221ECB11-F95C-4DFE-8113-8B4A29028802}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{236872B9-42B6-4AF3-88CC-26D235F7FFA8}D:\fifa 18\fifa18.exe] => (Allow) D:\fifa 18\fifa18.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [TCP Query User{6524545F-07A5-4666-B077-0086B3B82660}D:\fifa 18\fifa18.exe] => (Allow) D:\fifa 18\fifa18.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{E2FB3F5D-97B8-4E5D-839B-DC41D359D472}] => (Allow) D:\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{9C4431C4-9C06-450B-978A-2837075984DB}] => (Allow) D:\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1C74673D-BF51-4CF8-9F38-389FE2E7DC88}] => (Allow) C:\Users\Uzivatel\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{8E9D4316-6F0E-4566-A0DA-238A236B19B8}] => (Allow) C:\Users\Uzivatel\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{4B742B35-886E-46C3-8A4D-655C374106C7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{773FC684-73C2-40E6-BB6F-9FB8FD7AA2E4}] => (Allow) C:\Program Files\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [{2E07F165-71F8-4BC5-AFF4-CFA0847D4DEC}] => (Allow) D:\Steam\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{FCE38A7E-68CD-4F6F-AE19-87D0287201D7}] => (Allow) D:\Steam\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{F637B890-FBCA-4D32-8E20-823B347FE805}] => (Allow) D:\FIFA 18\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{40573400-EA71-4A1B-B808-41B48F02984B}] => (Allow) D:\FIFA 18\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [TCP Query User{49022A4D-8ACE-4715-974A-4E6D53981A00}D:\fifa 19\fifa 19\fifa19.exe] => (Allow) D:\fifa 19\fifa 19\fifa19.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [UDP Query User{AB6AB948-FFD7-418B-AB04-01A1D9EE4DBF}D:\fifa 19\fifa 19\fifa19.exe] => (Allow) D:\fifa 19\fifa 19\fifa19.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{F9F85BB8-7F06-477C-93DB-DA82F136ABAD}] => (Allow) D:\FIFA 19\FIFA 19\FIFASetup\fifaconfig.exe () [File not signed]
FirewallRules: [{CB5873C6-A3E7-4B89-A635-45BB4CD40584}] => (Allow) D:\FIFA 19\FIFA 19\FIFASetup\fifaconfig.exe () [File not signed]
FirewallRules: [{DEB3BFF9-370C-42E1-A9BA-78F3D73BB8F2}] => (Allow) D:\Steam\steamapps\common\Football Manager 2020 Touch\fm.exe (Sports Interactive) [File not signed]
FirewallRules: [{2A5BE423-7356-423B-A12C-FB71FAB89C6E}] => (Allow) D:\Steam\steamapps\common\Football Manager 2020 Touch\fm.exe (Sports Interactive) [File not signed]
FirewallRules: [{81DCE5DE-A739-4D8E-8632-3A99DAE5428D}] => (Allow) D:\Steam\steamapps\common\Football Manager 2020\fm.exe (Sports Interactive) [File not signed]
FirewallRules: [{210E095D-BC8C-45FF-8C94-6713336DDABE}] => (Allow) D:\Steam\steamapps\common\Football Manager 2020\fm.exe (Sports Interactive) [File not signed]
FirewallRules: [{0F333F60-50AF-42BE-A30E-5BB034C29303}] => (Allow) D:\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe (WB Games, Inc.) [File not signed]
FirewallRules: [{88FFAB28-128A-4BC8-A9BF-807D07B10BB2}] => (Allow) D:\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe (WB Games, Inc.) [File not signed]
FirewallRules: [{BF168841-42B5-42FC-B265-30D7CBEC7EB1}] => (Allow) D:\Steam\steamapps\common\ShadowOfWar\x64\ShadowOfWar.exe (WB Games Inc. -> WB Games, Inc.) [File not signed]
FirewallRules: [{22BCD8F0-2BFC-418B-9BFB-D9167A7CB430}] => (Allow) D:\Steam\steamapps\common\ShadowOfWar\x64\ShadowOfWar.exe (WB Games Inc. -> WB Games, Inc.) [File not signed]
FirewallRules: [{12E07712-A987-4C11-A08C-2EA50EABBE66}] => (Allow) D:\UPlay\Assassin's Creed Origins\ACOrigins_plus.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{716B9874-62AF-463B-B4BF-4A5DD3902733}] => (Allow) D:\UPlay\Assassin's Creed Origins\ACOrigins_plus.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [TCP Query User{D48F1406-913C-4F80-A8C2-040B63D888BE}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{BCB72D83-E59E-4A0B-B182-251BD7F03B99}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6A5E991B-B25D-4951-A11B-3E5C64DE98A6}] => (Allow) D:\UPlay\Assassin's Creed Odyssey\ACOdyssey_plus.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{9108980F-D7A1-4F71-8A7F-5BCA048FF9F9}] => (Allow) D:\UPlay\Assassin's Creed Odyssey\ACOdyssey_plus.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{031762BA-2BA5-4C92-838C-0D4E609CDE4C}] => (Allow) D:\Steam\steamapps\common\Catan Universe\CatanUniverse.exe () [File not signed]
FirewallRules: [{D009F778-D698-41CC-A819-FBF04BA9A199}] => (Allow) D:\Steam\steamapps\common\Catan Universe\CatanUniverse.exe () [File not signed]
FirewallRules: [{CC914DF9-0017-42BD-AC9B-32E17C1B2F70}] => (Allow) D:\Rockstar Games\Red Dead Redemption 2\RDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{0976C554-E931-42C1-AF79-8D95C6AE71F6}] => (Allow) D:\Rockstar Games\Red Dead Redemption 2\RDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{1B0DDD8E-D95D-4F0B-B922-8A6AE143C15B}] => (Allow) LPort=54950
FirewallRules: [{AC175C69-731E-41C3-98DD-43D15D67FF79}] => (Allow) LPort=54955
FirewallRules: [{508A7BC4-7250-41F5-8AD0-57996D813EBB}] => (Allow) D:\Steam\steamapps\common\Risen 2\system\Risen2.exe (Valve Corp. -> Piranha Bytes) [File not signed]
FirewallRules: [{2ECE0799-6FA3-461F-9A53-4C0A439BEF5A}] => (Allow) D:\Steam\steamapps\common\Risen 2\system\Risen2.exe (Valve Corp. -> Piranha Bytes) [File not signed]
FirewallRules: [{5492A6DF-E14B-4E43-B2D4-9A2B5E25EBA9}] => (Allow) D:\Steam\steamapps\common\Medieval Dynasty\Medieval_Dynasty.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{BA974E4C-2B94-4633-AE13-1E9F09D19899}] => (Allow) D:\Steam\steamapps\common\Medieval Dynasty\Medieval_Dynasty.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{C4D29110-C13B-4C44-BD76-A37233CFBC03}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe => No File
FirewallRules: [{A450FA28-EF3C-40F6-B555-49C237BB5B80}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe => No File
FirewallRules: [{1369DEFB-766C-4F1A-8ADF-7649CCAF04A5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{C526FAE7-C0CB-44BB-B7F5-3D2553C46247}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{6726ED58-D550-43E7-8774-E656E4E4344F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{6BD08E7D-8737-4AE3-AE04-559BF63AD53B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{81636135-2429-4DA0-9210-BBD9B62D56FC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{25707C2B-F9F9-433A-8720-C35BFEFAD1C9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{3F400233-B679-45B4-BDBB-65A3BEB2C3ED}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{9D7D09E2-9E06-48BD-92C8-ED54420F97E4}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{95F21196-616E-4AFC-846E-3B213EC3C4F4}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{4797DE98-8E7C-48F8-B6FE-43DB0CB675AF}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{C30672CE-34ED-484C-A09F-7661F04C3024}] => (Allow) D:\Rockstar Games\Red Dead Redemption 2\RDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{56FEB94E-F5DB-4780-8A5A-90A0AE5A3C5E}] => (Allow) D:\Rockstar Games\Red Dead Redemption 2\RDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{6930E813-A37D-409E-B9E6-1E8F3CBCB955}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe => No File
FirewallRules: [{9C376D9E-E3A2-4667-8BA9-C7FD8A08723F}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe => No File
FirewallRules: [{56A2A261-92EE-41A5-8694-0FE9A88EDEB8}] => (Allow) D:\Steam\steamapps\common\Football Manager 2022\fm.exe (Sports Interactive) [File not signed]
FirewallRules: [{F566C02B-9337-4BFB-BC90-291C2976A6A3}] => (Allow) D:\Steam\steamapps\common\Football Manager 2022\fm.exe (Sports Interactive) [File not signed]
FirewallRules: [{9751D6EB-47B5-42F6-AB6D-6F10E4AE4555}] => (Allow) C:\Users\Uzivatel\AppData\Local\Programs\Opera\79.0.4143.22\opera.exe => No File
FirewallRules: [{67CB8CCB-CD66-4B34-9E24-3BC6D9684849}] => (Allow) D:\Steam\steamapps\common\Football Manager 2022 Editor\editor.exe (Sports Interactive) [File not signed]
FirewallRules: [{C3F4BB73-7B00-46B2-9724-6EE17C03101F}] => (Allow) D:\Steam\steamapps\common\Football Manager 2022 Editor\editor.exe (Sports Interactive) [File not signed]
FirewallRules: [{006DEAF7-F4E7-47EE-9046-A2AF220634F8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0796CF7E-01D3-433A-9E70-3001AE5109E1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F8C6246F-952F-4BD1-9012-2A3C97526FB1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{847274F3-A417-4A5B-BCA8-BE757BE3DE14}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CFA7EBAB-2409-4052-89FA-1083C42D78BA}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{39872C3A-4842-4DDB-8384-29AB685BCB3D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{ABD3A1D8-0745-40A7-8B60-2AD16AFAF987}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\108.0.1462.54\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6143D70D-FC79-4AB3-BABB-1D4E32AA07B6}] => (Allow) D:\Steam\steamapps\common\Mount and Blade\runme.exe () [File not signed]
FirewallRules: [{F87A277F-F011-4371-B796-47E6122CF7B0}] => (Allow) D:\Steam\steamapps\common\Mount and Blade\runme.exe () [File not signed]
FirewallRules: [{7762CBE7-084D-4923-93EF-267BB4DAC99A}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{AC950703-FF4E-4EA0-9ED9-2D02C8F4DED9}] => (Allow) %programfiles%\Qustodio\qapp\qwelcomewzd.exe => No File
FirewallRules: [{6843848A-D26D-4258-81F1-ED2F8B35589D}] => (Allow) %programfiles%\Qustodio\qapp\QUpdateService.exe => No File
FirewallRules: [{D5C61116-E139-4514-B74A-16037B0A4F88}] => (Allow) %programfiles%\Qustodio\qapp\QReport.exe => No File
FirewallRules: [{D44972D9-C0A0-4860-A902-ACEAD8130725}] => (Allow) %programfiles%\Qustodio\qproxy\qengine.exe => No File
FirewallRules: [{31651338-5E56-4711-9E2D-911682A06427}] => (Allow) %programfiles%\Qustodio\qapp\QAppTray.exe => No File
==================== Restore Points =========================
25-12-2022 22:08:06 Naplánovaný kontrolní bod
02-01-2023 16:53:55 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/05/2023 12:32:29 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: MICHALA)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (01/05/2023 12:28:30 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Broadcast Receiver Server...
Error: (01/05/2023 12:28:30 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Wait Workflow Commands request from device.
Error: (01/05/2023 12:28:30 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...
Error: (01/05/2023 12:28:30 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...
Error: (01/05/2023 12:28:30 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[1]: 127.0.0.1
Error: (01/05/2023 12:28:30 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[0]: ::1
Error: (01/05/2023 12:28:30 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList.Length: 2
System errors:
=============
Error: (01/05/2023 11:50:58 AM) (Source: DCOM) (EventID: 10010) (User: MICHALA)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/05/2023 11:50:58 AM) (Source: DCOM) (EventID: 10010) (User: MICHALA)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/05/2023 11:50:58 AM) (Source: DCOM) (EventID: 10010) (User: MICHALA)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/05/2023 11:50:58 AM) (Source: DCOM) (EventID: 10010) (User: MICHALA)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/05/2023 11:50:57 AM) (Source: DCOM) (EventID: 10010) (User: MICHALA)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/05/2023 11:50:57 AM) (Source: DCOM) (EventID: 10010) (User: MICHALA)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/05/2023 11:50:57 AM) (Source: DCOM) (EventID: 10010) (User: MICHALA)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/05/2023 11:50:57 AM) (Source: DCOM) (EventID: 10010) (User: MICHALA)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
================Event[0]:
Date: 2022-01-25 20:13:40
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.327.251.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x800706d9
Popis chyby: Pro mapovač koncových bodů nejsou k dispozici další koncové body.
Date: 2022-01-25 20:13:40
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.327.251.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x800706d9
Popis chyby: Pro mapovač koncových bodů nejsou k dispozici další koncové body.
Date: 2022-01-25 20:13:40
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.327.251.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x800706d9
Popis chyby: Pro mapovač koncových bodů nejsou k dispozici další koncové body.
Date: 2022-01-25 20:13:40
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.327.251.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x800706d9
Popis chyby: Pro mapovač koncových bodů nejsou k dispozici další koncové body.
Date: 2022-01-25 20:13:40
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.327.251.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x800706d9
Popis chyby: Pro mapovač koncových bodů nejsou k dispozici další koncové body.
CodeIntegrity:
===============
Date: 2023-01-05 12:32:39
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2023-01-05 12:30:42
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume5\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO 4KCN45WW 01/11/2019
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i5-7300HQ CPU @ 2.50GHz
Percentage of memory in use: 42%
Total physical RAM: 16276.16 MB
Available physical RAM: 9428.21 MB
Total Virtual: 30964.16 MB
Available Virtual: 23160.13 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:118.61 GB) (Free:18.83 GB) (Model: NVMe SAMSUNG MZVLW128) NTFS
Drive d: (Nový svazek) (Fixed) (Total:931.51 GB) (Free:74.03 GB) (Model: WDC WD10SPZX-24Z10T0) NTFS
\\?\Volume{bf75a89a-4757-4644-acd6-1ed682d5a1d4}\ () (Fixed) (Total:0.52 GB) (Free:0.04 GB) NTFS
\\?\Volume{9baaef05-ab17-4428-90f5-e209f4afca61}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 9786842D)
Partition: GPT.
==========================================================
Disk: 1 (Size: 119.2 GB) (Disk ID: 4BA21061)
Partition: GPT.
==================== End of Addition.txt =======================
mám podezření na nějaký malware, prosím o kontrolu logu. Moc díky!
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-12-2022
Ran by Uzivatel (administrator) on MICHALA (LENOVO 80WK) (05-01-2023 12:32:38)
Running from C:\Users\Uzivatel\Desktop
Loaded Profiles: Uzivatel
Platform: Microsoft Windows 10 Home Version 22H2 19045.2364 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\Qustodio\qapp\QUpdateService.exe ->) (Qustodio Technologies SL -> ) C:\Program Files (x86)\Qustodio\qapp\crashpad_handler.exe <3>
(C:\Program Files (x86)\Qustodio\qproxy\qengine.exe ->) (Qustodio Technologies SL -> Qustodio Technologies) C:\Program Files (x86)\Qustodio\qapp\QAppTray.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxEM.exe
(explorer.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4232.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <31>
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\Family First\DDnsChecker\DnsCheckerService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_c2ac023763d5d3ad\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_e3f96af62737a898\RstMwService.exe
(services.exe ->) (LENOVO -> Lenovo(beijing) Limited) C:\Program Files\Lenovo\Nerve Center\bin\x64\PluginLoaderSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe
(services.exe ->) (Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvltig.inf_amd64_0d04d46e99e0e8d9\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Qustodio Technologies SL -> Qustodio Technologies) C:\Program Files (x86)\Qustodio\qapp\QUpdateService.exe
(services.exe ->) (Qustodio Technologies SL -> Qustodio Technologies) C:\Program Files (x86)\Qustodio\qproxy\qengine.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(svchost.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4232.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (LENOVO -> Lenovo(beijing) Limited) C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenterUpdateAgent.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22102.229.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19677688 2021-10-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617784 2021-10-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617784 2021-10-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [194480 2022-11-03] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11327200 2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [QAppTray] => C:\Program Files (x86)\Qustodio\qapp\QAppTray.exe [5817888 2022-09-23] (Qustodio Technologies SL -> Qustodio Technologies)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [279240 2016-12-09] (Canon Inc. -> CANON INC.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\Run: [launchOnStartup] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [13799776 2022-03-21] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\Run: [Steam] => D:\Steam\steam.exe [4246376 2022-12-15] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38916432 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\Run: [com.squirrel.slack.slack] => C:\Users\Uzivatel\AppData\Local\slack\slack.exe [309040 2022-08-31] (Slack Technologies, Inc. -> Slack Technologies Inc.)
HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\MountPoints2: {4fbf8dc8-fa2c-11ec-adc3-54e1ad4b7247} - "E:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\Canon G3010 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDEI.DLL [482816 2017-08-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon TS5000 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDF.DLL [30720 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor G3010 series: C:\WINDOWS\system32\CNMLMEI.DLL [1303040 2017-08-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5300 series: CNMLMAT.DLL (No File)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS5000 series: C:\WINDOWS\system32\CNMLMDF.DLL [485376 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS5000 series XPS: C:\WINDOWS\system32\CNMXLMDF.DLL [487424 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [359936 2012-06-14] (CANON INC.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\108.0.5359.125\Installer\chrmstp.exe [2022-12-16] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\108.1.46.144\Installer\chrmstp.exe [2022-12-15] (Brave Software, Inc. -> Brave Software, Inc.)
GroupPolicy\User: Restriction ? <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {02276FA8-2F26-4150-B8BF-51C0AD1C7BEB} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {0FDAAC7E-54CC-42D3-81C8-64B220F6E612} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2567049384-1476051938-1418897080-1002 => C:\Users\Uzivatel\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (No File)
Task: {1001AFA4-6FD5-41D1-9947-F6D1D6608426} - System32\Tasks\Opera scheduled assistant Autoupdate 1656611901 => C:\Users\Uzivatel\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Uzivatel\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {1683CC96-F947-4DAD-8D7F-C388FBFFAEE2} - System32\Tasks\Opera scheduled Autoupdate 1656611895 => C:\Users\Uzivatel\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {19FCE532-E3E3-4CD5-B322-2898E6A1F1A6} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {29A72C34-32DC-4F07-9604-57EEE19E599C} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {3070743D-48EF-4580-9B8D-7AF2BFE073BE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {37DF3989-B35D-416D-97D6-955BF6B40BA0} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {3A83F326-857D-4092-9692-A2F8CDF072E3} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-12-09] (Piriform Software Ltd -> Piriform)
Task: {3EA38098-76CC-487A-BB78-4C3025E80648} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3077448 2021-12-13] (Intel Corporation -> Intel Corporation)
Task: {4A318BEE-B304-4FB7-A059-DE978439D427} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {4FD19FF7-92AD-44BE-A093-191FE9511092} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {509436D4-DAAA-4C40-B6C5-9CD48C4A7AE9} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4669264 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "1351fa5c-2ac1-4f85-a3a0-4de5e77ad4ec" --version "6.07.10191" --silent
Task: {518F092C-C398-4788-8D59-2E58EABE786B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-01] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {51ADEE62-7337-4038-9DF3-674806DAF427} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {58BD1CEE-AFAD-472D-9CF9-7B229E424DBC} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2567049384-1476051938-1418897080-1002 => C:\Users\Uzivatel\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {5D9E662D-407A-4E94-BF2E-7294BDA7B4F8} - System32\Tasks\CCleanerSkipUAC - Uzivatel => C:\Program Files\CCleaner\CCleaner.exe [32602448 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {63CC4E57-26E7-44F9-9E8B-DEE607E1D013} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {65A96F5D-1447-475D-8177-EAFB2E46939B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {67506DFB-2FDD-4999-8DA5-2773D83BE552} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe /CM -search R -action INSTALL -includerebootpackages 1,3,4 -noicon -noreboot -nolicense -defaultupdate -schtask (No File)
Task: {74EA52C1-1E75-45EB-BDD8-F6EA087AB992} - System32\Tasks\GoogleUpdateTaskMachineCore{79EC1C55-1C31-40FC-A573-A9D45B7262A9} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-10-11] (Google Inc -> Google LLC)
Task: {794177E9-F5AC-44DE-90E7-8D46F9FC3186} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {79D2EFCE-7F3B-4458-9433-2C285FAC211D} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {7EE6C38D-C04B-42CA-BAA2-A3202D4B969B} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342080 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {8B746C94-F7D0-400F-92C9-530B45939C15} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {9D326BD3-C485-460B-ACD8-655979BCEE16} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162456 2021-12-18] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {9D8250B7-30FE-418F-AEF2-AD6D95BE7FAC} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {A17FCD6C-655F-4518-AFF1-D625717A0664} - System32\Tasks\GoogleUpdateTaskMachineUA{840A3A40-9A02-4585-B354-6E9D393B94AA} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-10-11] (Google Inc -> Google LLC)
Task: {A724C4B6-C811-4825-A025-204E820A767D} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {A7986DE1-334C-4A42-A6AA-FDCA819193C4} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162456 2021-12-18] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {AB5DF58E-66C9-4610-8103-9EC70023DFC0} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3077448 2021-12-13] (Intel Corporation -> Intel Corporation)
Task: {D9B587DE-F8F3-4A01-8754-D67AE9F6054A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646344 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {E218548D-EF9E-47ED-A06D-BB5A4ADA92BF} - System32\Tasks\NerveCenterUpdate => C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenterUpdateAgent.exe [744800 2017-04-28] (LENOVO -> Lenovo(beijing) Limited)
Task: {F7866A90-CE98-4729-8EC4-6FABEDEA486E} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File)
Task: {F7920DBF-32FC-4719-85C6-C245E9DF19A0} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe PendingTask (No File)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{048e9000-5619-41aa-b32e-01d2d585c78b}: [DhcpNameServer] 192.168.2.1 0.0.0.0
Tcpip\..\Interfaces\{e5ea96d8-3994-4a08-886a-d1c2a3fe2cbc}: [DhcpNameServer] 192.168.1.1
Edge:
=======
DownloadDir: C:\Users\Uzivatel\Downloads
Edge Profile: C:\Users\Uzivatel\AppData\Local\Microsoft\Edge\User Data\Default [2022-12-22]
Edge DownloadDir: Default -> C:\Users\Uzivatel\Downloads
Edge StartupUrls: Default -> "hxxps://r-pass.cz/"
FireFox:
========
FF DefaultProfile: 37tql1uz.default
FF ProfilePath: C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\37tql1uz.default [2023-01-05]
FF ProfilePath: C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\vp2ps7ar.default-release-1630156417128 [2023-01-05]
FF Notifications: Mozilla\Firefox\Profiles\vp2ps7ar.default-release-1630156417128 -> hxxps://aukro.cz; hxxps://voyo.nova.cz; hxxps://jaknaletenky.cz; hxxps://meet.google.com
FF Extension: (LastPass: Free Password Manager) - C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\vp2ps7ar.default-release-1630156417128\Extensions\support@lastpass.com.xpi [2022-12-20]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2023-01-05]
Chrome:
=======
CHR Profile: C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default [2023-01-03]
CHR Notifications: Default -> hxxps://www.facebook.com
CHR StartupUrls: Default -> "hxxp://www.r-pass.cz/"
CHR Extension: (Dokumenty Google offline) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-12-23]
CHR Extension: (Vysor) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gidgenkbbabolejbgbpnhbimgjbffefm [2021-12-29]
CHR Extension: (Story Saver) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafcolokinicfdmlidhaebadidhdehpk [2023-01-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
Brave:
=======
BRA Profile: C:\Users\Uzivatel\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2022-12-13]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\Uzivatel\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2022-11-07]
BRA Extension: (Brave NTP background images) - C:\Users\Uzivatel\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2022-08-30]
BRA Extension: (Wallet Data Files Updater) - C:\Users\Uzivatel\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2022-10-15]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\Uzivatel\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2022-11-07]
BRA Extension: (Brave NTP sponsored images) - C:\Users\Uzivatel\AppData\Local\BraveSoftware\Brave-Browser\User Data\efkihffiamafhbhefjaljejgdpkelpal [2022-11-07]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\Uzivatel\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2022-03-30]
BRA Extension: (Brave Ad Block Updater (CZE, SVK: EasyList Czech and Slovak)) - C:\Users\Uzivatel\AppData\Local\BraveSoftware\Brave-Browser\User Data\omkkefoeihpbpebhhbhmjekpnegokpbj [2022-11-07]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\Uzivatel\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2022-11-07]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162456 2021-12-18] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162456 2021-12-18] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1003344 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
R2 DnsCheckerService; C:\Program Files (x86)\Family First\DDnsChecker\DnsCheckerService.exe [13824 2021-01-19] () [File not signed]
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2019-01-21] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
S3 EHttpSrv; C:\Program Files\ESET\ESET Security\ehttpsrv.exe [53880 2022-11-03] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3428784 2022-11-03] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3428784 2022-11-03] (ESET, spol. s r.o. -> ESET)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1959776 2022-03-21] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6484832 2022-03-21] (GOG Sp. z o.o. -> GOG.com)
S3 GameRecorderSVC; C:\Program Files\Lenovo\Nerve Center\bin\x86\GameRecorderSVC.exe [392032 2017-04-28] (LENOVO -> Lenovo(beijing) Limited)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [445432 2021-04-19] (Canon Inc. -> )
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2562776 2022-01-31] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3481312 2022-01-31] (Electronic Arts, Inc. -> Electronic Arts)
R2 PluginLoaderSvc; C:\Program Files\Lenovo\Nerve Center\bin\x64\PluginLoaderSvc.exe [966496 2017-04-28] (LENOVO -> Lenovo(beijing) Limited)
R2 qengine; C:\Program Files (x86)\Qustodio\qproxy\qengine.exe [5621288 2022-09-22] (Qustodio Technologies SL -> Qustodio Technologies)
R2 qupdate; C:\Program Files (x86)\Qustodio\qapp\QUpdateService.exe [2348064 2022-09-23] (Qustodio Technologies SL -> Qustodio Technologies)
S3 Rockstar Service; D:\Rockstar Games\Launcher\RockstarService.exe [2703192 2022-12-12] (Rockstar Games, Inc. -> Rockstar Games)
R2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [12288 2021-11-19] (Microsoft) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\NisSrv.exe [2372048 2020-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MsMpEng.exe [128376 2020-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe [20480 2021-11-19] (Microsoft) [File not signed]
S3 BraveElevationService; "C:\Program Files\BraveSoftware\Brave-Browser\Application\108.1.46.144\elevation_service.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvltig.inf_amd64_0d04d46e99e0e8d9\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvltig.inf_amd64_0d04d46e99e0e8d9\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 BHTPCRDR; C:\WINDOWS\System32\drivers\bhtpcrdr.sys [174496 2021-10-16] (BayHub Technology Inc. -> BayHubTech/O2Micro)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [194336 2022-11-03] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [118400 2022-11-03] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [16336 2022-08-31] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [235632 2022-11-03] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [80664 2022-11-03] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [121000 2022-11-03] (ESET, spol. s r.o. -> ESET)
S3 FBNetFilter; C:\Windows\system32\Drivers\FBNetFlt.sys [46576 2017-04-28] (Lenovo (Beijing) Co., Ltd. -> Lenovo(beijing) Limited)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S3 pelmouse; C:\WINDOWS\system32\DRIVERS\pelmouse.sys [26880 2016-07-11] (WDKTestCert idd,131110062695071623 -> TPMX Electronics Ltd.)
S3 pelusblf; C:\WINDOWS\system32\DRIVERS\pelusblf.sys [33048 2016-07-11] (WDKTestCert idd,131110062695071623 -> )
R1 qwdf64; C:\WINDOWS\system32\Drivers\qwdf64.sys [41872 2022-06-28] (Qustodio Technologies, SL -> Qustodio Technologies)
R1 qwdr64; C:\WINDOWS\system32\Drivers\qwdr64.sys [55696 2022-06-28] (Qustodio Technologies, SL -> Qustodio Technologies)
R2 qwfp; C:\WINDOWS\system32\Drivers\qwfp64.sys [47640 2022-06-28] (Microsoft Windows Hardware Compatibility Publisher -> Qustodio Technologies)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-11-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [428264 2020-11-03] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69864 2020-11-03] (Microsoft Windows -> Microsoft Corporation)
U3 avgbdisk; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-01-05 12:33 - 2023-01-05 12:33 - 001222144 _____ C:\Users\Uzivatel\Desktop\RSITx64.exe
2023-01-05 12:32 - 2023-01-05 12:33 - 000032527 _____ C:\Users\Uzivatel\Desktop\FRST.txt
2023-01-05 12:31 - 2023-01-05 12:31 - 002376192 _____ (Farbar) C:\Users\Uzivatel\Desktop\FRST64.exe
2023-01-04 15:08 - 2023-01-04 15:08 - 000018777 _____ C:\Users\Uzivatel\Desktop\planovaci-kalendar-vyska zdroj-web.xlsx
2023-01-04 13:26 - 2023-01-04 14:47 - 000018785 _____ C:\Users\Uzivatel\Downloads\planovaci-kalendar-vyska zdroj-web.xlsx
2023-01-04 09:19 - 2023-01-04 09:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2023-01-03 10:48 - 2023-01-03 10:48 - 001300377 _____ C:\Users\Uzivatel\Downloads\potvrzení_Equip-1.pdf
2023-01-03 10:47 - 2023-01-03 10:47 - 001300377 _____ C:\Users\Uzivatel\Downloads\potvrzení_Equip.pdf
2023-01-03 10:46 - 2023-01-03 10:46 - 001300377 _____ C:\Users\Uzivatel\Desktop\potvrzení_Equip.pdf
2023-01-03 09:21 - 2023-01-03 09:21 - 000107523 _____ C:\Users\Uzivatel\Downloads\hb_potvrzeni_uroky_587995-1_20230101_009.pdf
2023-01-03 08:33 - 2023-01-03 08:33 - 000768068 _____ C:\Users\Uzivatel\Desktop\KoloemociCZ.pdf
2022-12-25 00:54 - 2022-12-25 00:54 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2022-12-20 19:20 - 2022-12-20 19:58 - 000000000 ____D C:\Users\Uzivatel\Documents\Mount&Blade Savegames
2022-12-20 19:19 - 2022-12-20 20:11 - 000000000 ____D C:\Users\Uzivatel\AppData\Roaming\Mount&Blade
2022-12-20 19:01 - 2022-12-20 19:01 - 000116165 _____ C:\Users\Uzivatel\Downloads\2022123083.pdf
2022-12-20 18:09 - 2022-12-20 18:09 - 000000000 ____D C:\Users\Uzivatel\Documents\Mount&Blade Warband Savegames
2022-12-20 18:08 - 2022-12-20 20:43 - 000000000 ____D C:\Users\Uzivatel\Documents\Mount&Blade Warband
2022-12-20 18:08 - 2022-12-20 18:08 - 000000000 ____D C:\Users\Uzivatel\AppData\Roaming\Mount&Blade Warband
2022-12-18 12:57 - 2022-12-18 12:57 - 000048745 _____ C:\Users\Uzivatel\Downloads\Pohyb_25826003110_na_uctu_2000340629.pdf
2022-12-18 08:19 - 2022-12-18 08:19 - 000000000 ___HD C:\$WinREAgent
2022-12-06 13:21 - 2022-12-06 13:21 - 000100698 _____ C:\Users\Uzivatel\Downloads\AC-Statistika-CITYHOUSE-2022(1).xlsx
2022-12-06 12:27 - 2022-12-06 12:27 - 000010745 _____ C:\Users\Uzivatel\Downloads\Leadership Conference, Vienna 2022 - Timetable & Sesisons.xlsx
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-01-05 12:33 - 2021-04-11 09:16 - 000013104 _____ C:\WINDOWS\SysWOW64\qengineOff.ini
2023-01-05 12:33 - 2021-04-11 09:16 - 000013104 _____ C:\WINDOWS\system32\qengineOff.ini
2023-01-05 12:32 - 2021-10-30 10:56 - 000000000 ____D C:\FRST
2023-01-05 12:31 - 2021-04-12 13:31 - 000000000 ____D C:\ProgramData\Qustodio
2023-01-05 12:30 - 2022-02-11 10:23 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-01-05 12:30 - 2021-12-11 09:21 - 000000000 ____D C:\Program Files\CCleaner
2023-01-05 12:30 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-01-05 12:30 - 2019-10-11 08:29 - 000000000 ____D C:\Program Files (x86)\Google
2023-01-05 12:29 - 2020-04-22 15:14 - 000000000 ____D C:\Users\Uzivatel\AppData\LocalLow\Mozilla
2023-01-05 12:28 - 2022-04-17 19:28 - 000000000 __SHD C:\Users\Uzivatel\IntelGraphicsProfiles
2023-01-05 12:28 - 2022-04-15 08:57 - 000000000 ____D C:\ProgramData\NVIDIA
2023-01-05 12:28 - 2021-12-11 10:55 - 000008192 ___SH C:\DumpStack.log.tmp
2023-01-05 12:28 - 2021-04-11 09:16 - 000000000 ____D C:\ProgramData\boost_interprocess
2023-01-05 12:28 - 2020-08-04 17:47 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-01-05 12:28 - 2019-10-11 08:30 - 000000000 ____D C:\Intel
2023-01-05 12:26 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-01-05 12:25 - 2020-04-29 12:48 - 000000000 ____D C:\Users\Uzivatel\AppData\Roaming\vlc
2023-01-05 12:01 - 2020-08-04 17:44 - 001693268 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-01-05 12:01 - 2019-12-07 15:41 - 000718024 _____ C:\WINDOWS\system32\perfh005.dat
2023-01-05 12:01 - 2019-12-07 15:41 - 000145166 _____ C:\WINDOWS\system32\perfc005.dat
2023-01-05 12:01 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-01-05 11:27 - 2020-08-04 14:11 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-01-05 08:56 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-01-05 08:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-01-04 22:58 - 2021-12-11 09:21 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-01-04 14:46 - 2019-10-11 08:25 - 000000000 ____D C:\Users\Uzivatel\AppData\Local\Packages
2023-01-04 12:39 - 2021-03-18 07:30 - 000000000 ____D C:\Users\Uzivatel\AppData\Roaming\Evernote
2023-01-04 09:20 - 2022-03-30 09:56 - 000000000 ____D C:\Users\Uzivatel\AppData\Roaming\DropboxElectron
2023-01-04 09:19 - 2021-03-18 07:23 - 000000000 ____D C:\Users\Uzivatel\AppData\Local\Dropbox
2023-01-04 09:19 - 2021-03-18 07:23 - 000000000 ____D C:\Program Files (x86)\Dropbox
2023-01-04 09:01 - 2020-08-04 17:47 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-01-04 09:01 - 2020-08-04 17:47 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-01-03 22:20 - 2022-10-03 03:07 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-01-02 23:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-12-28 11:06 - 2022-02-23 16:56 - 000000000 ____D C:\ProgramData\CanonIJPLM
2022-12-23 15:52 - 2022-04-17 19:29 - 000000000 ____D C:\Users\Uzivatel\AppData\Local\D3DSCache
2022-12-23 09:56 - 2022-10-03 03:07 - 000003476 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2022-12-23 09:56 - 2022-01-24 22:45 - 000000000 ____D C:\Users\Uzivatel\AppData\Local\CrashDumps
2022-12-20 19:27 - 2021-03-18 07:21 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-12-20 19:27 - 2020-07-07 14:36 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-12-20 09:29 - 2021-10-10 19:45 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-12-20 09:29 - 2021-03-18 07:21 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-12-18 14:59 - 2020-08-04 14:11 - 000450512 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemApps
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-12-18 08:29 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-12-18 08:26 - 2020-08-04 17:43 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-12-18 08:16 - 2020-04-22 19:03 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-12-18 08:13 - 2020-04-22 19:03 - 148633544 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-12-17 11:35 - 2020-08-03 10:30 - 000000000 ____D C:\Users\Uzivatel
2022-12-16 13:03 - 2019-10-11 08:30 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-12-16 12:13 - 2020-07-09 09:25 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-12-15 08:20 - 2021-12-18 17:48 - 000002364 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2022-12-15 08:20 - 2021-12-18 17:48 - 000002323 _____ C:\Users\Public\Desktop\Brave.lnk
2022-12-10 22:18 - 2022-02-19 14:17 - 000014263 _____ C:\Users\Uzivatel\Desktop\inverness.xlsx
2022-12-10 18:35 - 2021-03-18 07:23 - 000000928 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2022-12-10 18:35 - 2021-03-18 07:23 - 000000924 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
==================== Files in the root of some directories ========
2022-02-11 15:34 - 2022-02-11 15:34 - 000000204 _____ () C:\Users\Uzivatel\AppData\Roaming\359a9ea7-9833-4059-bf05-b7eefa6ef5b7.tmp
2022-01-26 17:49 - 2022-01-26 17:49 - 000000371 _____ () C:\Users\Uzivatel\AppData\Roaming\5daa97cb-195f-4dd7-9cbf-c06510b65b3e.tmp
2020-09-03 11:54 - 2020-09-03 12:18 - 047902775 _____ () C:\Users\Uzivatel\AppData\Roaming\gta5_patch.bin
2020-09-03 11:54 - 2020-09-03 11:54 - 000332800 _____ () C:\Users\Uzivatel\AppData\Roaming\patcher.dll
2021-04-04 19:19 - 2022-03-21 00:40 - 000000081 _____ () C:\Users\Uzivatel\AppData\Local\.bidstack.fault
2020-04-22 16:57 - 2022-01-25 23:02 - 000007597 _____ () C:\Users\Uzivatel\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-12-2022
Ran by Uzivatel (05-01-2023 12:33:57)
Running from C:\Users\Uzivatel\Desktop
Microsoft Windows 10 Home Version 22H2 19045.2364 (X64) (2020-08-04 16:47:59)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2567049384-1476051938-1418897080-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2567049384-1476051938-1418897080-503 - Limited - Disabled)
Guest (S-1-5-21-2567049384-1476051938-1418897080-501 - Limited - Disabled)
Uzivatel (S-1-5-21-2567049384-1476051938-1418897080-1001 - Administrator - Enabled) => C:\Users\Uzivatel
WDAGUtilityAccount (S-1-5-21-2567049384-1476051938-1418897080-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Security (Enabled - Up to date) {DF8BEACB-94C9-218A-73AD-A78362A8C516}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.003.20282 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Assassin's Creed Odyssey (HKLM-x32\...\Uplay Install 5059) (Version: - Ubisoft)
Assassin's Creed Origins (HKLM-x32\...\Uplay Install 3539) (Version: - Ubisoft)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 108.1.46.144 - Autoři prohlížeče Brave)
Brother iPrint&Scan (HKLM-x32\...\{566A27C1-043E-4A17-AC78-338559A4953B}) (Version: 10.0.0.120 - Brother Industries, Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{7ef8cf92-cb09-4d1f-a0ed-8c84f4e7a478}) (Version: 10.0.0.120 - Brother Industries, Ltd.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon G3010 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_G3010_series) (Version: 1.01 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - )
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.5.3 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.05.1.51 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.4.0.16 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.4.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
Canon TS5000 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS5000_series) (Version: 1.03 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.07 - Piriform)
Dolby Audio X2 Windows API SDK (HKLM\...\{F290F786-5F69-48D4-B20B-D21C7DE56EF0}) (Version: 0.8.8.88 - Dolby Laboratories, Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 164.4.7914 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.685.1 - Dropbox, Inc.) Hidden
ESET Endpoint Antivirus (HKLM\...\{F8DE2A0C-AE50-4915-9F99-12A9B1DFCADA}) (Version: 9.1.2060.0 - ESET, spol. s r.o.)
Evernote 10.49.4 (HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\e4251011-875e-51f3-a464-121adaff5aaa) (Version: 10.49.4 - Evernote Corporation)
FIFA 18 (HKLM-x32\...\{213CC10A-B8CB-4EBA-B277-6B08B7C22A65}) (Version: 1.0.57.57320 - Electronic Arts)
FIFA 19 (HKLM-x32\...\{3391E07D-8484-4124-817E-FCBDA859FD62}) (Version: 1.0.61.54442 - Electronic Arts)
Flawless Widescreen version 1.0.15 (HKLM-x32\...\{7348D82E-8C68-48FF-BA2D-8C97B5B4B3D8}_is1) (Version: 1.0.15 - Flawless Widescreen)
FM Genie Scout 22 version 1.0 22.4.1 beta 13 (HKLM\...\FM Genie Scout 22_is1) (Version: 1.0 22.4.1 beta 13 - )
FMRTE 20.4.4.47 (HKLM-x32\...\{14A58A15-B038-4C19-A024-3B6016F86A14}_is1) (Version: 20.4.4.47 - FMRTE)
FMRTE 22.4.1.23 (HKLM-x32\...\{34EDE299-09F3-48D9-95E9-92EFF3265F81}_is1) (Version: 22.4.1.23 - FMRTE)
FormatFactory 5.4.5.0 (HKLM-x32\...\FormatFactory) (Version: 5.4.5.0 - Free Time)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM\...\{6A6D3422-8127-3867-A83C-56B555636ECA}) (Version: 108.0.5359.125 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.101.0 - Google LLC) Hidden
HttpToUsbBridge (HKLM-x32\...\{3F9BB162-F826-4EBC-AA60-42020CA134CD}) (Version: 2.0.10.1 - Brother Industries Ltd.)
Intel(R) Computing Improvement Program (HKLM\...\{EFE4A88A-FF8B-4D0E-8354-E0B7C3ED9E50}) (Version: 2.4.08840 - Intel Corporation)
Krtek a jeho veliké dobrodružství (HKLM-x32\...\{5DF18D93-076F-4E90-B6CF-3CF96110F1D4}_is1) (Version: - Play sp. z o. o.)
Lenovo Nerve Sense (HKLM\...\{DCB4DFB5-93CA-4BDD-9D08-CE880626B46E}_is1) (Version: 2.6.11.8 - Lenovo)
Microsoft .NET Core Host - 3.1.28 (x64) (HKLM\...\{26ECE92F-518E-40AF-9108-7B7B444A46DE}) (Version: 24.112.31513 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.28 (x64) (HKLM\...\{CDEA72F4-1367-4E0A-AC5F-0EBAF7C6825A}) (Version: 24.112.31513 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.28 (x64) (HKLM\...\{3691148D-EF42-4812-8956-AE11FC413B8D}) (Version: 24.112.31513 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.28 (x64) (HKLM-x32\...\{231e3b76-4d0f-4e60-9d69-f11c9c448630}) (Version: 3.1.28.31513 - Microsoft Corporation)
Microsoft Access MUI (Czech) 2013 (HKLM\...\{90150000-0015-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft DCF MUI (Czech) 2013 (HKLM\...\{90150000-0090-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 108.0.1462.54 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 108.0.1462.54 - Microsoft Corporation)
Microsoft Excel MUI (Czech) 2013 (HKLM\...\{90150000-0016-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (Czech) 2013 (HKLM\...\{90150000-00BA-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (Czech) 2013 (HKLM\...\{90150000-0044-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (Czech) 2013 (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Czech) 2013 (HKLM\...\{90150000-00E1-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Czech) 2013 (HKLM\...\{90150000-00E2-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Proofing (Czech) 2013 (HKLM\...\{90150000-002C-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (Czech) 2013 (HKLM\...\{90150000-00C1-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2013 (HKLM\...\{90150000-006E-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (Czech) 2013 (HKLM\...\{90150000-00A1-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Czech) 2013 (HKLM\...\{90150000-001A-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Czech) 2013 (HKLM\...\{90150000-0018-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (Czech) 2013 (HKLM\...\{90150000-0019-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Update Health Tools (HKLM\...\{80F1AF52-7AC0-42A3-9AF0-689BFB271D1D}) (Version: 3.68.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31332 (HKLM-x32\...\{3746f21b-c990-4045-bb33-1cf98cff7a68}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31332 (HKLM-x32\...\{a98dc6ff-d360-4878-9f0a-915eba86eaf3}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31332 (HKLM\...\{F4499EE3-A166-496C-81BB-51D1BCDC70A9}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31332 (HKLM\...\{3407B900-37F5-4CC2-B612-5CD5D580A163}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Word MUI (Czech) 2013 (HKLM\...\{90150000-001B-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mount and Blade: Warband (HKLM-x32\...\1207666913_is1) (Version: 2.059 - GOG.com)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 108.0.1 (x64 cs)) (Version: 108.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 86.0.1 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
NVIDIA FrameView SDK 1.2.7521.31103277 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.7521.31103277 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.25.1.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.25.1.27 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 512.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 512.15 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.110.50000 - Electronic Arts, Inc.)
Qustodio (HKLM-x32\...\Qustodio) (Version: 185.0.1170.0 - Qustodio)
Red Dead Redemption 2 (HKLM-x32\...\Red Dead Redemption 2) (Version: 1.0.1491.16 - Rockstar Games)
Registrace tiskárny (HKLM-x32\...\Canon EISRegistration) (Version: 1.8.0 - Canon Inc.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.67.1178 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.1.6.5 - Rockstar Games)
Slack (HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\slack) (Version: 4.28.171 - Slack Technologies Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Witcher 3: Wild Hunt - Game of the Year Edition (HKLM-x32\...\1495134320_is1) (Version: 1.32 - GOG.com)
Theophilos 3 (HKLM-x32\...\Theophilos_is1) (Version: - )
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 123.1.10526 - Ubisoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Zoom (HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\ZoomUMX) (Version: 5.11.4 (7185) - Zoom Video Communications, Inc.)
Packages:
=========
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2022-04-12] (Canon Inc.)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-01-25] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_141.2.441.0_x64__v10z8vjag6ke6 [2022-12-06] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-01-25] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-01-25] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-20] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2022-10-16] (NVIDIA Corp.)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4232.0_x64__8j3eq9eme6ctt [2022-12-20] (INTEL CORP) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2567049384-1476051938-1418897080-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Uzivatel\Dropbox [2021-03-18 07:26]
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-11-03] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files\FormatFactory\ShellEx_108.dll [2020-08-04] (Free Time) [File not signed]
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-11-03] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files\FormatFactory\ShellEx_108.dll [2020-08-04] (Free Time) [File not signed]
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvltig.inf_amd64_0d04d46e99e0e8d9\nvshext.dll [2022-03-18] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-11-03] (ESET, spol. s r.o. -> ESET)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Vysor.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=gidgenkbbabolejbgbpnhbimgjbffefm
==================== Loaded Modules (Whitelisted) =============
2020-04-22 16:53 - 2012-06-14 16:18 - 000359936 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2020-08-04 10:46 - 2020-08-04 10:46 - 000341504 _____ (Free Time) [File not signed] C:\Program Files\FormatFactory\ShellEx_108.dll
2019-10-11 08:30 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2022-12-15 09:45 - 2022-12-15 09:45 - 041845248 _____ (Intel Corporation) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4232.0_x64__8j3eq9eme6ctt\IGCC.dll
2022-02-05 21:03 - 2022-02-05 21:03 - 002122240 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll
2019-07-31 17:28 - 2019-07-31 17:28 - 005112440 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Qustodio\qapp\Qt5Core.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Uzivatel\Desktop\slawek.txt:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Uzivatel\Downloads\jeststar.JPG:com.dropbox.attrs [54]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\qwfp => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2019-08-19] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Uzivatel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "iPSNotifier.lnk"
HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX2"
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "QAppTray"
HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\StartupApproved\Run: => "launchOnStartup"
HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\StartupApproved\Run: => "com.squirrel.slack.slack"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{00735113-238B-4D55-B5BF-FA74B81163DB}] => (Allow) D:\Steam\steamapps\common\Gothic 3\Gothic3.exe (Pluto 13 GmbH) [File not signed]
FirewallRules: [{C0930574-F9F1-4CD8-B630-D4EB21DDC8B5}] => (Allow) D:\Steam\steamapps\common\Gothic 3\Gothic3.exe (Pluto 13 GmbH) [File not signed]
FirewallRules: [UDP Query User{644E18D1-1B61-4EA3-BF24-05A0167CA5F4}D:\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\rockstar games\grand theft auto v\gta5.exe => No File
FirewallRules: [TCP Query User{C6881EB2-ADD8-4CF3-A74A-6AF1BC34328F}D:\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\rockstar games\grand theft auto v\gta5.exe => No File
FirewallRules: [{82DFF841-3DBD-4F28-AAD8-0B2CA12BAA34}] => (Allow) D:\Steam\steamapps\common\Risen 3\system\Risen3.exe (Piranha Bytes) [File not signed]
FirewallRules: [{C5667492-043F-4C53-8A4F-DE3E2BA93DAD}] => (Allow) D:\Steam\steamapps\common\Risen 3\system\Risen3.exe (Piranha Bytes) [File not signed]
FirewallRules: [{766C82F3-9D99-474F-90A4-D61EB53F8D48}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{221ECB11-F95C-4DFE-8113-8B4A29028802}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{236872B9-42B6-4AF3-88CC-26D235F7FFA8}D:\fifa 18\fifa18.exe] => (Allow) D:\fifa 18\fifa18.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [TCP Query User{6524545F-07A5-4666-B077-0086B3B82660}D:\fifa 18\fifa18.exe] => (Allow) D:\fifa 18\fifa18.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{E2FB3F5D-97B8-4E5D-839B-DC41D359D472}] => (Allow) D:\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{9C4431C4-9C06-450B-978A-2837075984DB}] => (Allow) D:\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1C74673D-BF51-4CF8-9F38-389FE2E7DC88}] => (Allow) C:\Users\Uzivatel\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{8E9D4316-6F0E-4566-A0DA-238A236B19B8}] => (Allow) C:\Users\Uzivatel\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{4B742B35-886E-46C3-8A4D-655C374106C7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{773FC684-73C2-40E6-BB6F-9FB8FD7AA2E4}] => (Allow) C:\Program Files\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [{2E07F165-71F8-4BC5-AFF4-CFA0847D4DEC}] => (Allow) D:\Steam\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{FCE38A7E-68CD-4F6F-AE19-87D0287201D7}] => (Allow) D:\Steam\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{F637B890-FBCA-4D32-8E20-823B347FE805}] => (Allow) D:\FIFA 18\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{40573400-EA71-4A1B-B808-41B48F02984B}] => (Allow) D:\FIFA 18\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [TCP Query User{49022A4D-8ACE-4715-974A-4E6D53981A00}D:\fifa 19\fifa 19\fifa19.exe] => (Allow) D:\fifa 19\fifa 19\fifa19.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [UDP Query User{AB6AB948-FFD7-418B-AB04-01A1D9EE4DBF}D:\fifa 19\fifa 19\fifa19.exe] => (Allow) D:\fifa 19\fifa 19\fifa19.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{F9F85BB8-7F06-477C-93DB-DA82F136ABAD}] => (Allow) D:\FIFA 19\FIFA 19\FIFASetup\fifaconfig.exe () [File not signed]
FirewallRules: [{CB5873C6-A3E7-4B89-A635-45BB4CD40584}] => (Allow) D:\FIFA 19\FIFA 19\FIFASetup\fifaconfig.exe () [File not signed]
FirewallRules: [{DEB3BFF9-370C-42E1-A9BA-78F3D73BB8F2}] => (Allow) D:\Steam\steamapps\common\Football Manager 2020 Touch\fm.exe (Sports Interactive) [File not signed]
FirewallRules: [{2A5BE423-7356-423B-A12C-FB71FAB89C6E}] => (Allow) D:\Steam\steamapps\common\Football Manager 2020 Touch\fm.exe (Sports Interactive) [File not signed]
FirewallRules: [{81DCE5DE-A739-4D8E-8632-3A99DAE5428D}] => (Allow) D:\Steam\steamapps\common\Football Manager 2020\fm.exe (Sports Interactive) [File not signed]
FirewallRules: [{210E095D-BC8C-45FF-8C94-6713336DDABE}] => (Allow) D:\Steam\steamapps\common\Football Manager 2020\fm.exe (Sports Interactive) [File not signed]
FirewallRules: [{0F333F60-50AF-42BE-A30E-5BB034C29303}] => (Allow) D:\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe (WB Games, Inc.) [File not signed]
FirewallRules: [{88FFAB28-128A-4BC8-A9BF-807D07B10BB2}] => (Allow) D:\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe (WB Games, Inc.) [File not signed]
FirewallRules: [{BF168841-42B5-42FC-B265-30D7CBEC7EB1}] => (Allow) D:\Steam\steamapps\common\ShadowOfWar\x64\ShadowOfWar.exe (WB Games Inc. -> WB Games, Inc.) [File not signed]
FirewallRules: [{22BCD8F0-2BFC-418B-9BFB-D9167A7CB430}] => (Allow) D:\Steam\steamapps\common\ShadowOfWar\x64\ShadowOfWar.exe (WB Games Inc. -> WB Games, Inc.) [File not signed]
FirewallRules: [{12E07712-A987-4C11-A08C-2EA50EABBE66}] => (Allow) D:\UPlay\Assassin's Creed Origins\ACOrigins_plus.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{716B9874-62AF-463B-B4BF-4A5DD3902733}] => (Allow) D:\UPlay\Assassin's Creed Origins\ACOrigins_plus.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [TCP Query User{D48F1406-913C-4F80-A8C2-040B63D888BE}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{BCB72D83-E59E-4A0B-B182-251BD7F03B99}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6A5E991B-B25D-4951-A11B-3E5C64DE98A6}] => (Allow) D:\UPlay\Assassin's Creed Odyssey\ACOdyssey_plus.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{9108980F-D7A1-4F71-8A7F-5BCA048FF9F9}] => (Allow) D:\UPlay\Assassin's Creed Odyssey\ACOdyssey_plus.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{031762BA-2BA5-4C92-838C-0D4E609CDE4C}] => (Allow) D:\Steam\steamapps\common\Catan Universe\CatanUniverse.exe () [File not signed]
FirewallRules: [{D009F778-D698-41CC-A819-FBF04BA9A199}] => (Allow) D:\Steam\steamapps\common\Catan Universe\CatanUniverse.exe () [File not signed]
FirewallRules: [{CC914DF9-0017-42BD-AC9B-32E17C1B2F70}] => (Allow) D:\Rockstar Games\Red Dead Redemption 2\RDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{0976C554-E931-42C1-AF79-8D95C6AE71F6}] => (Allow) D:\Rockstar Games\Red Dead Redemption 2\RDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{1B0DDD8E-D95D-4F0B-B922-8A6AE143C15B}] => (Allow) LPort=54950
FirewallRules: [{AC175C69-731E-41C3-98DD-43D15D67FF79}] => (Allow) LPort=54955
FirewallRules: [{508A7BC4-7250-41F5-8AD0-57996D813EBB}] => (Allow) D:\Steam\steamapps\common\Risen 2\system\Risen2.exe (Valve Corp. -> Piranha Bytes) [File not signed]
FirewallRules: [{2ECE0799-6FA3-461F-9A53-4C0A439BEF5A}] => (Allow) D:\Steam\steamapps\common\Risen 2\system\Risen2.exe (Valve Corp. -> Piranha Bytes) [File not signed]
FirewallRules: [{5492A6DF-E14B-4E43-B2D4-9A2B5E25EBA9}] => (Allow) D:\Steam\steamapps\common\Medieval Dynasty\Medieval_Dynasty.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{BA974E4C-2B94-4633-AE13-1E9F09D19899}] => (Allow) D:\Steam\steamapps\common\Medieval Dynasty\Medieval_Dynasty.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{C4D29110-C13B-4C44-BD76-A37233CFBC03}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe => No File
FirewallRules: [{A450FA28-EF3C-40F6-B555-49C237BB5B80}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe => No File
FirewallRules: [{1369DEFB-766C-4F1A-8ADF-7649CCAF04A5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{C526FAE7-C0CB-44BB-B7F5-3D2553C46247}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{6726ED58-D550-43E7-8774-E656E4E4344F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{6BD08E7D-8737-4AE3-AE04-559BF63AD53B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{81636135-2429-4DA0-9210-BBD9B62D56FC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{25707C2B-F9F9-433A-8720-C35BFEFAD1C9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{3F400233-B679-45B4-BDBB-65A3BEB2C3ED}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{9D7D09E2-9E06-48BD-92C8-ED54420F97E4}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{95F21196-616E-4AFC-846E-3B213EC3C4F4}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{4797DE98-8E7C-48F8-B6FE-43DB0CB675AF}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{C30672CE-34ED-484C-A09F-7661F04C3024}] => (Allow) D:\Rockstar Games\Red Dead Redemption 2\RDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{56FEB94E-F5DB-4780-8A5A-90A0AE5A3C5E}] => (Allow) D:\Rockstar Games\Red Dead Redemption 2\RDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{6930E813-A37D-409E-B9E6-1E8F3CBCB955}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe => No File
FirewallRules: [{9C376D9E-E3A2-4667-8BA9-C7FD8A08723F}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe => No File
FirewallRules: [{56A2A261-92EE-41A5-8694-0FE9A88EDEB8}] => (Allow) D:\Steam\steamapps\common\Football Manager 2022\fm.exe (Sports Interactive) [File not signed]
FirewallRules: [{F566C02B-9337-4BFB-BC90-291C2976A6A3}] => (Allow) D:\Steam\steamapps\common\Football Manager 2022\fm.exe (Sports Interactive) [File not signed]
FirewallRules: [{9751D6EB-47B5-42F6-AB6D-6F10E4AE4555}] => (Allow) C:\Users\Uzivatel\AppData\Local\Programs\Opera\79.0.4143.22\opera.exe => No File
FirewallRules: [{67CB8CCB-CD66-4B34-9E24-3BC6D9684849}] => (Allow) D:\Steam\steamapps\common\Football Manager 2022 Editor\editor.exe (Sports Interactive) [File not signed]
FirewallRules: [{C3F4BB73-7B00-46B2-9724-6EE17C03101F}] => (Allow) D:\Steam\steamapps\common\Football Manager 2022 Editor\editor.exe (Sports Interactive) [File not signed]
FirewallRules: [{006DEAF7-F4E7-47EE-9046-A2AF220634F8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0796CF7E-01D3-433A-9E70-3001AE5109E1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F8C6246F-952F-4BD1-9012-2A3C97526FB1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{847274F3-A417-4A5B-BCA8-BE757BE3DE14}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CFA7EBAB-2409-4052-89FA-1083C42D78BA}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{39872C3A-4842-4DDB-8384-29AB685BCB3D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{ABD3A1D8-0745-40A7-8B60-2AD16AFAF987}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\108.0.1462.54\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6143D70D-FC79-4AB3-BABB-1D4E32AA07B6}] => (Allow) D:\Steam\steamapps\common\Mount and Blade\runme.exe () [File not signed]
FirewallRules: [{F87A277F-F011-4371-B796-47E6122CF7B0}] => (Allow) D:\Steam\steamapps\common\Mount and Blade\runme.exe () [File not signed]
FirewallRules: [{7762CBE7-084D-4923-93EF-267BB4DAC99A}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{AC950703-FF4E-4EA0-9ED9-2D02C8F4DED9}] => (Allow) %programfiles%\Qustodio\qapp\qwelcomewzd.exe => No File
FirewallRules: [{6843848A-D26D-4258-81F1-ED2F8B35589D}] => (Allow) %programfiles%\Qustodio\qapp\QUpdateService.exe => No File
FirewallRules: [{D5C61116-E139-4514-B74A-16037B0A4F88}] => (Allow) %programfiles%\Qustodio\qapp\QReport.exe => No File
FirewallRules: [{D44972D9-C0A0-4860-A902-ACEAD8130725}] => (Allow) %programfiles%\Qustodio\qproxy\qengine.exe => No File
FirewallRules: [{31651338-5E56-4711-9E2D-911682A06427}] => (Allow) %programfiles%\Qustodio\qapp\QAppTray.exe => No File
==================== Restore Points =========================
25-12-2022 22:08:06 Naplánovaný kontrolní bod
02-01-2023 16:53:55 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/05/2023 12:32:29 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: MICHALA)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (01/05/2023 12:28:30 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Broadcast Receiver Server...
Error: (01/05/2023 12:28:30 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Wait Workflow Commands request from device.
Error: (01/05/2023 12:28:30 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...
Error: (01/05/2023 12:28:30 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...
Error: (01/05/2023 12:28:30 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[1]: 127.0.0.1
Error: (01/05/2023 12:28:30 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[0]: ::1
Error: (01/05/2023 12:28:30 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList.Length: 2
System errors:
=============
Error: (01/05/2023 11:50:58 AM) (Source: DCOM) (EventID: 10010) (User: MICHALA)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/05/2023 11:50:58 AM) (Source: DCOM) (EventID: 10010) (User: MICHALA)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/05/2023 11:50:58 AM) (Source: DCOM) (EventID: 10010) (User: MICHALA)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/05/2023 11:50:58 AM) (Source: DCOM) (EventID: 10010) (User: MICHALA)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/05/2023 11:50:57 AM) (Source: DCOM) (EventID: 10010) (User: MICHALA)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/05/2023 11:50:57 AM) (Source: DCOM) (EventID: 10010) (User: MICHALA)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/05/2023 11:50:57 AM) (Source: DCOM) (EventID: 10010) (User: MICHALA)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/05/2023 11:50:57 AM) (Source: DCOM) (EventID: 10010) (User: MICHALA)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
================Event[0]:
Date: 2022-01-25 20:13:40
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.327.251.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x800706d9
Popis chyby: Pro mapovač koncových bodů nejsou k dispozici další koncové body.
Date: 2022-01-25 20:13:40
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.327.251.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x800706d9
Popis chyby: Pro mapovač koncových bodů nejsou k dispozici další koncové body.
Date: 2022-01-25 20:13:40
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.327.251.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x800706d9
Popis chyby: Pro mapovač koncových bodů nejsou k dispozici další koncové body.
Date: 2022-01-25 20:13:40
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.327.251.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x800706d9
Popis chyby: Pro mapovač koncových bodů nejsou k dispozici další koncové body.
Date: 2022-01-25 20:13:40
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.327.251.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x800706d9
Popis chyby: Pro mapovač koncových bodů nejsou k dispozici další koncové body.
CodeIntegrity:
===============
Date: 2023-01-05 12:32:39
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2023-01-05 12:30:42
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume5\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO 4KCN45WW 01/11/2019
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i5-7300HQ CPU @ 2.50GHz
Percentage of memory in use: 42%
Total physical RAM: 16276.16 MB
Available physical RAM: 9428.21 MB
Total Virtual: 30964.16 MB
Available Virtual: 23160.13 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:118.61 GB) (Free:18.83 GB) (Model: NVMe SAMSUNG MZVLW128) NTFS
Drive d: (Nový svazek) (Fixed) (Total:931.51 GB) (Free:74.03 GB) (Model: WDC WD10SPZX-24Z10T0) NTFS
\\?\Volume{bf75a89a-4757-4644-acd6-1ed682d5a1d4}\ () (Fixed) (Total:0.52 GB) (Free:0.04 GB) NTFS
\\?\Volume{9baaef05-ab17-4428-90f5-e209f4afca61}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 9786842D)
Partition: GPT.
==========================================================
Disk: 1 (Size: 119.2 GB) (Disk ID: 4BA21061)
Partition: GPT.
==================== End of Addition.txt =======================