Prosím o kontrolu
Napsal: 24 úno 2023 20:01
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-02-2023
Ran by hynek (24-02-2023 19:50:22)
Running from C:\Users\hynek\OneDrive\Plocha
Microsoft Windows 10 Home Version 2004 19041.508 (X64) (2020-09-07 07:44:49)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1695572103-1893823028-2198395607-500 - Administrator - Disabled)
brydl (S-1-5-21-1695572103-1893823028-2198395607-1004 - Limited - Disabled)
ca (S-1-5-21-1695572103-1893823028-2198395607-1006 - Limited - Disabled)
dagma (S-1-5-21-1695572103-1893823028-2198395607-1003 - Limited - Disabled)
DefaultAccount (S-1-5-21-1695572103-1893823028-2198395607-503 - Limited - Disabled)
Guest (S-1-5-21-1695572103-1893823028-2198395607-501 - Limited - Disabled)
Host (S-1-5-21-1695572103-1893823028-2198395607-1011 - Limited - Enabled) => C:\Users\Host
hynek (S-1-5-21-1695572103-1893823028-2198395607-1001 - Administrator - Enabled) => C:\Users\hynek
vendu (S-1-5-21-1695572103-1893823028-2198395607-1002 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1695572103-1893823028-2198395607-504 - Limited - Disabled)
zdene (S-1-5-21-1695572103-1893823028-2198395607-1005 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.003.20322 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601042}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.18 - ASUS)
Balíček ovladače systému Windows - SALTO SYSTEMS S.L. (WinUSB) USB (04/08/2013 4.0.0.0) (HKLM\...\F32B78D41EE27E123D05633D86F2858D095E5042) (Version: 04/08/2013 4.0.0.0 - SALTO SYSTEMS S.L.)
Bonjour (HKLM\...\{2EF5C74A-1137-46B1-A7BA-5A39ED27A22A}) (Version: 1.0.105 - Apple Inc.)
Corel Graphics - Windows Shell Extension (HKLM\...\_{340C451C-F2FD-4309-B259-580FD5E44025}) (Version: 18.1.0.661 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\{340C451C-F2FD-4309-B259-580FD5E44025}) (Version: 18.1.661 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit Keys (HKLM\...\{B86D7255-2418-45F1-A36F-7E1FF617550C}) (Version: 18.1.661 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 12 (HKLM-x32\...\{505AFDC0-5E72-4928-8368-5DEA385E3647}) (Version: 12.0.0.458 - Corel Corporation)
FortiClient VPN (HKLM\...\{32123CA3-C24D-4A99-9347-70049B8E4C23}) (Version: 7.0.7.0345 - Fortinet Technologies Inc)
GanttProject (HKLM-x32\...\GanttProject) (Version: - )
GeneralZoomy (HKU\S-1-5-21-1695572103-1893823028-2198395607-1001\...\GeneralZoomy) (Version: - )
Ghost Trap 1.2.9.10 (HKLM-x32\...\Ghost Trap_is1) (Version: - Chris Dance, PaperCut Software Int. Pty. Ltd.)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 71.0.3.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 110.0.5481.105 - Google LLC)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{6309F485-5713-4A87-9F3F-C47A08BA53DC}) (Version: 18.1.1525.1445 - Intel Corporation)
iPhotoDraw 2.6 (HKLM-x32\...\{3C4C9BAC-248B-4466-B889-8582360F5151}) (Version: 2.6.0.0 - Simen Wu)
Java 8 Update 281 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180281F0}) (Version: 8.0.2810.9 - Oracle Corporation)
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.13801.20266 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 110.0.1587.50 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 110.0.1587.50 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1695572103-1893823028-2198395607-1001\...\OneDriveSetup.exe) (Version: 23.033.0212.0001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1695572103-1893823028-2198395607-1011\...\OneDriveSetup.exe) (Version: 21.180.0905.0007 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1695572103-1893823028-2198395607-1001\...\Teams) (Version: 1.3.00.28779 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.23506 (HKLM\...\{B0B194F8-E0CE-33FE-AA11-636428A4B73D}) (Version: 14.0.23506 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.23506 (HKLM\...\{A1C31BA5-5438-3A07-9EEE-A5FB2D0FDE36}) (Version: 14.0.23506 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 Finalizer (HKLM-x32\...\{20D2A362-23EB-3BDB-BAD3-F4510B2B32A5}) (Version: 14.0.23217 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2015 x64 Hosting Support (HKLM\...\{6D0ED930-AE5C-3289-ADA3-E6C3B13050DE}) (Version: 14.0.23217 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2015 x86 Hosting Support (HKLM-x32\...\{84DD3A17-A979-39BC-8816-8226CB7DF8A7}) (Version: 14.0.23217 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13801.20182 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13801.20182 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13801.20182 - Microsoft Corporation) Hidden
PaperCut Mobility Print (HKLM-x32\...\PaperCut Mobility Print_is1) (Version: - PaperCut Software International Pty Ltd)
PDF-XChange Editor (HKLM\...\{937C4E9D-C00A-4F8A-A1CF-4FD358BC1DEB}) (Version: 7.0.326.1 - Tracker Software Products (Canada) Ltd.) Hidden
PDF-XChange Editor (HKLM-x32\...\{d8a38cca-ed58-496c-aa9d-b75df8ea7a98}) (Version: 7.0.326.1 - Tracker Software Products (Canada) Ltd.)
Průvodce přenosem dat pro Windows (HKLM-x32\...\{1316CC3A-F576-469A-9C54-B98D2DC6E5AE}) (Version: 2.1.2.0 - Apple Inc.)
QuickTime Alternative 3.2.2 (HKLM-x32\...\QuicktimeAlt_is1) (Version: 3.2.2 - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
Saal Designer (HKLM-x32\...\SaalDesigner) (Version: 4.0 - )
SADPTool (HKLM-x32\...\{7D9B79C2-B1B2-433B-844F-F4299B86F26E}) (Version: 2.2.3.6 - hikvision)
SALTO Local IO Bridge (HKLM-x32\...\{b3e7fc8b-e2bd-401a-9b2a-b4bd1706340a}) (Version: 1.3.0.0 - SALTO Systems S.L.)
SaltoLocalIOBridge Setup (HKLM-x32\...\{EEFECA3D-E704-463A-BDE5-AC65C52D978F}) (Version: 1.3.0.0 - SALTO Systems S.L.) Hidden
Signal 6.6.0 (HKU\S-1-5-21-1695572103-1893823028-2198395607-1001\...\7d96caee-06e6-597c-9f2f-c7bb2e0948b4) (Version: 6.6.0 - Signal Messenger, LLC)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.32.3 - TeamViewer)
Ubiquiti UniFi (remove only) (HKLM-x32\...\Ubiquiti UniFi) (Version: - )
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
WireGuard (HKLM\...\{2FDB79CE-5193-4A39-82BB-E00158CC1533}) (Version: 0.5.3 - WireGuard LLC)
Zoom (HKU\S-1-5-21-1695572103-1893823028-2198395607-1001\...\ZoomUMX) (Version: 5.13.7 (12602) - Zoom Video Communications, Inc.)
Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.6.36.0_x86__kgqvnymyfvs32 [2021-07-06] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.60.1.0_x86__kgqvnymyfvs32 [2021-06-24] (king.com)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-07-28] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-16] (Microsoft Corporation)
Free Virtual Keyboard -> C:\Program Files\WindowsApps\ComfortSoftwareGroup.FreeVirtualKeyboard_5.0.0.0_x64__2tsmkga83t66w [2021-09-24] (Comfort Software Group)
Kiosk Browser -> C:\Program Files\WindowsApps\Microsoft.KioskBrowser_1.0.4.0_x64__8wekyb3d8bbwe [2020-09-15] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-07-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-07-20] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.6151.0_x64__8wekyb3d8bbwe [2021-06-19] (Microsoft Studios) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-15] (Netflix, Inc.)
Raw Image Extension -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_1.0.41311.0_x64__8wekyb3d8bbwe [2021-06-10] (Microsoft Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0 [2021-06-29] (Spotify AB) [Startup Task]
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x64__8wekyb3d8bbwe [2023-02-23] (Microsoft Corporation)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x86__8wekyb3d8bbwe [2023-02-23] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1695572103-1893823028-2198395607-1001_Classes\CLSID\{04271989-C4D2-49B4-7572-AE77FCFD0D9A} -> [OneDrive - DER Touristik CZ] => C:\Users\hynek\OneDrive - DER Touristik CZ [2022-12-14 16:08]
CustomCLSID: HKU\S-1-5-21-1695572103-1893823028-2198395607-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\hynek\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1695572103-1893823028-2198395607-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\hynek\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\71.0.3.0\drivefsext.dll [2023-02-22] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\71.0.3.0\drivefsext.dll [2023-02-22] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\71.0.3.0\drivefsext.dll [2023-02-22] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\71.0.3.0\drivefsext.dll [2023-02-22] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\71.0.3.0\drivefsext.dll [2023-02-22] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\71.0.3.0\drivefsext.dll [2023-02-22] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\71.0.3.0\drivefsext.dll [2023-02-22] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\hynek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Google Keep.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=eilembjdkfgodjkcjnpgpaenohkicgjd
ShortcutWithArgument: C:\Users\hynek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Kiosk (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 2" --app-id=afhcomalholahplbjhnmahkoekoijban
ShortcutWithArgument: C:\Users\hynek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Keep – poznámky a seznamy.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
==================== Loaded Modules (Whitelisted) =============
2008-08-29 08:54 - 2008-08-29 08:54 - 000193024 _____ (Apple Inc.) [File not signed] C:\Program Files\Bonjour\mdnsNSP.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-1695572103-1893823028-2198395607-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://ra.fischer.cz/
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_281\bin\ssv.dll [2021-02-03] (Oracle America, Inc. -> Oracle Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech Inc -> Logitech, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_281\bin\jp2ssv.dll [2021-02-03] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech Inc -> Logitech, Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1695572103-1893823028-2198395607-1001\...\sharepoint.com -> hxxps://dertouristikcz-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 05:49 - 2023-02-24 15:02 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
2019-08-06 21:39 - 2021-07-23 20:39 - 000000587 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.1 DESKTOP-80FHSG7.mshome.net # 2026 7 3 22 19 39 24 239
192.168.137.22 LGSmartTV.mshome.net # 2021 7 5 30 19 39 24 239
30 40 365
192.168.137.114 LGSmartTV.mshome.net # 2020 5 6 9 15 56 31 918
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %C_EM64T_REDIST11%bin\Intel64;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\QuickTime Alternative\QTSystem;C:\Program Files\WireGuard\
HKU\S-1-5-21-1695572103-1893823028-2198395607-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\hynek\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
HKU\S-1-5-21-1695572103-1893823028-2198395607-1011\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 10.0.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
Network Binding:
=============
Wi-Fi: FortiClient NDIS 6.3 Packet Filter Driver -> ft_fortifilter (enabled)
Ethernet 2: FortiClient NDIS 6.3 Packet Filter Driver -> ft_fortifilter (enabled)
Ethernet 3: FortiClient NDIS 6.3 Packet Filter Driver -> ft_fortifilter (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{050E5BD7-769E-404B-83F6-36917A5CE086}C:\program files (x86)\sadptool\sadptool.exe] => (Allow) C:\program files (x86)\sadptool\sadptool.exe (HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> )
FirewallRules: [TCP Query User{4F155120-BD8C-4BBD-B541-FB73561634A6}C:\program files (x86)\sadptool\sadptool.exe] => (Allow) C:\program files (x86)\sadptool\sadptool.exe (HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> )
FirewallRules: [{C4419699-A68B-4D67-BBDB-FA0A5075D3F4}] => (Allow) C:\Users\hynek\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{D7D4FBF2-D8BB-411D-A30A-6217FC22EF9D}] => (Allow) C:\Users\hynek\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{F657D0FF-58E7-44C1-8736-24AB47F3C86B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9B7B7020-C8E9-495A-AE61-65B1A38BA09D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E2837EF7-605B-4E91-95C8-E7C50E51B160}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{BAB7EAF7-F80C-4A70-8321-8146E78010E9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{E0C17448-8061-4297-AB6A-252CD920E76D}C:\users\hynek\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\hynek\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{F333B2BB-57A2-4367-8D9B-4AC2C15799B7}C:\users\hynek\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\hynek\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2A0F8F7C-8FCE-4167-BC8D-57A2897BCC96}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{BAC77EA7-9F74-48F5-A279-0FEB6D05077D}C:\program files (x86)\common files\oracle\java\javapath_target_7596796\javaw.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_7596796\javaw.exe
FirewallRules: [UDP Query User{C31555FD-6493-4463-90CE-3690ED709274}C:\program files (x86)\common files\oracle\java\javapath_target_7596796\javaw.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_7596796\javaw.exe
FirewallRules: [{1788616D-03EB-44E6-A655-08950B73A405}] => (Allow) C:\Program Files\Java\jre1.8.0_281\bin\java.exe
FirewallRules: [{499F681F-9847-47A4-A1A7-ECC65A8629E0}] => (Allow) C:\Program Files\Java\jre1.8.0_281\bin\java.exe
FirewallRules: [{51A2C605-15A5-4D56-A6E7-D4987EF86191}] => (Allow) C:\Users\hynek\Ubiquiti UniFi\bin\mongod.exe (MongoDB, Inc) [File not signed]
FirewallRules: [{03C7854C-8566-4560-9B3D-70049FC949E5}] => (Allow) C:\Users\hynek\Ubiquiti UniFi\bin\mongod.exe (MongoDB, Inc) [File not signed]
FirewallRules: [{C2DCDA8E-4436-41F6-8EFD-027291CF4FD8}] => (Allow) LPort=9163
FirewallRules: [{23211DB1-A05C-4BD2-BDC9-5CA100122863}] => (Allow) LPort=9164
FirewallRules: [{579B483E-7B02-49DF-A61A-37448045AB13}] => (Allow) LPort=5353
FirewallRules: [{2F49922E-3FB7-4E0D-870A-FEB8E67040E0}] => (Allow) LPort=53
FirewallRules: [{D3BA936C-F949-4948-BB89-E1B3FE69E327}] => (Allow) LPort=53
FirewallRules: [{2904CF0C-6771-4BA2-9E88-4EF99445CC0F}] => (Allow) C:\Program Files (x86)\PaperCut Mobility Print\pc-updater.exe (PaperCut Software International Pty. Ltd. -> )
FirewallRules: [{E19F8ECB-D565-4508-B02E-87259A955657}] => (Allow) C:\Program Files (x86)\PaperCut Mobility Print\pc-updater.exe (PaperCut Software International Pty. Ltd. -> )
FirewallRules: [{DC2A01F7-2176-4AE8-B417-C29D378E5811}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3E8DEA00-B1FB-4507-A7A3-9FAF45A4BBA0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BABCA958-E342-475F-B398-BC3FA71B0830}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D5424263-DC41-42FA-870D-AD90FD9DE971}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{A54E20C0-05EE-4820-B6B9-8B737B78A644}C:\program files\java\jre1.8.0_281\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_281\bin\javaw.exe
FirewallRules: [UDP Query User{2D52DDD1-2F26-425D-A2F0-A2D5A31D8B27}C:\program files\java\jre1.8.0_281\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_281\bin\javaw.exe
FirewallRules: [{F7E1A743-ECE6-4716-B78D-F6048550E96A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AB6D1808-65A1-4AB7-AE79-4C24BE909EB6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B5FF6244-0F27-435C-831E-9DD16AC25148}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DEE1F30E-571E-4ABA-815D-F31860194746}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E16D0A5B-71C4-4057-B871-7A5D9D68EBC2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D55D391E-2F9D-4564-AB75-B020CC029F49}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B2F30803-280F-4D87-B0B8-9A3E71419A5C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E635EF21-C86E-4FB1-B76E-DD3357A1BB9D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{ABFC4F58-5354-4E48-8B7A-151F39B6229B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{8487B54D-4A70-4C8A-9493-0B8ADD9D0551}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A3F34578-A89F-452A-8EB2-F1A29BC99A53}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{7B1D4F3C-4297-4DF8-964B-A105F632FBC3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{51F84A71-90FE-4AB5-B2A9-A5794B2E7837}C:\users\hynek\onedrive\plocha\winbox.exe] => (Allow) C:\users\hynek\onedrive\plocha\winbox.exe (Mikrotikls SIA -> )
FirewallRules: [UDP Query User{65457697-AE4B-4B59-A95C-384811A680BA}C:\users\hynek\onedrive\plocha\winbox.exe] => (Allow) C:\users\hynek\onedrive\plocha\winbox.exe (Mikrotikls SIA -> )
FirewallRules: [TCP Query User{B51E72D3-C376-4CED-9D17-75252AA735E3}C:\users\hynek\downloads\anydesk.exe] => (Allow) C:\users\hynek\downloads\anydesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [UDP Query User{017721EF-BC68-4FE1-A49B-101E5510E528}C:\users\hynek\downloads\anydesk.exe] => (Allow) C:\users\hynek\downloads\anydesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{F034DABF-8AB9-4392-82CE-51E3F75B2227}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8EB2ABC2-C974-4859-A5E8-0571EB55517B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9031811A-1FC5-4534-9C9C-2538CADAEC11}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Windows Migration Assistant\MigrationAssistant.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FEF2C250-E463-4D6D-A23A-B5F00EAA30EE}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Windows Migration Assistant\MigrationAssistant.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{B2900A25-0337-4A4B-A6C9-28B1F5728C8D}C:\users\hynek\downloads\anydesk (1).exe] => (Allow) C:\users\hynek\downloads\anydesk (1).exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [UDP Query User{6F313DF4-0FEE-466C-9D21-56D70086019D}C:\users\hynek\downloads\anydesk (1).exe] => (Allow) C:\users\hynek\downloads\anydesk (1).exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{3F05D1DB-29D5-4CF0-9A99-43B305ED98BF}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\110.0.1587.50\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D2B10ABE-395A-4F35-9A7F-40D34F3EF755}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{5B10B87D-2093-4FF8-8FB8-81AC3E36F333}C:\users\hynek\onedrive\plocha\winbox-desktop-8gl7ptv.exe] => (Allow) C:\users\hynek\onedrive\plocha\winbox-desktop-8gl7ptv.exe (Mikrotikls SIA -> )
FirewallRules: [UDP Query User{02AEA412-5E1A-4094-BAA2-065A205B07BF}C:\users\hynek\onedrive\plocha\winbox-desktop-8gl7ptv.exe] => (Allow) C:\users\hynek\onedrive\plocha\winbox-desktop-8gl7ptv.exe (Mikrotikls SIA -> )
FirewallRules: [{3451C751-E1CA-4414-92EC-BA98DB2C825F}] => (Block) C:\users\hynek\onedrive\plocha\winbox-desktop-8gl7ptv.exe (Mikrotikls SIA -> )
FirewallRules: [{590A8D2E-1AE2-457C-A628-CFB58C9D5D96}] => (Block) C:\users\hynek\onedrive\plocha\winbox-desktop-8gl7ptv.exe (Mikrotikls SIA -> )
==================== Restore Points =========================
10-02-2023 11:15:12 Naplánovaný kontrolní bod
19-02-2023 23:28:40 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
Name: Fortinet SSL VPN Virtual Ethernet Adapter
Description: Fortinet SSL VPN Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Fortinet Inc
Service: ftsvnic
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Řadič PCI pro získávání dat a zpracování signálu
Description: Řadič PCI pro získávání dat a zpracování signálu
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: LG FH6 (49) Stereo
Description: Zdroj Microsoft Bluetooth A2dp
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthA2dp
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (02/24/2023 04:14:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: OLicenseHeartbeat.exe, verze: 16.0.13801.20182, časové razítko: 0x602dd932
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.488, časové razítko: 0x5b4a3325
Kód výjimky: 0xc06d007e
Posun chyby: 0x0000000000023e49
ID chybujícího procesu: 0x1904
Čas spuštění chybující aplikace: 0x01d947fe19db25c1
Cesta k chybující aplikaci: C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 807910c8-2131-4caf-8528-5c7277146b32
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/23/2023 09:17:43 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (02/23/2023 05:04:18 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Služba Windows Search byla zastavena, protože došlo k problému s indexovacím modulem The catalog is corrupt.
Podrobnosti:
Katalog indexu obsahu je poškozený. 0xc0041801 (0xc0041801)
Error: (02/23/2023 05:04:18 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vyhledávací služby zjistila, že index {id=4810 - onecoreuap\base\appmodel\search\search\ytrip\tripoli\inverted\decodinglayeroccurrences.cpp (600)} obsahuje poškozené datové soubory. Služba se pokusí tyto potíže automaticky odstranit vytvořením nového indexu.
Podrobnosti:
Neplatné údaje. 0x8007000d (0x8007000d)
Error: (02/23/2023 02:16:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: OLicenseHeartbeat.exe, verze: 16.0.13801.20182, časové razítko: 0x602dd932
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.488, časové razítko: 0x5b4a3325
Kód výjimky: 0xc06d007e
Posun chyby: 0x0000000000023e49
ID chybujícího procesu: 0xa6c
Čas spuštění chybující aplikace: 0x01d94724798e8b15
Cesta k chybující aplikaci: C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 2b878f1e-4804-4837-8aea-8d27d8161541
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/22/2023 03:28:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: OLicenseHeartbeat.exe, verze: 16.0.13801.20182, časové razítko: 0x602dd932
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.488, časové razítko: 0x5b4a3325
Kód výjimky: 0xc06d007e
Posun chyby: 0x0000000000023e49
ID chybujícího procesu: 0x1368
Čas spuštění chybující aplikace: 0x01d946654e35957b
Cesta k chybující aplikaci: C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: dc103884-9fbc-465c-8891-41e9818d55ff
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/21/2023 11:57:36 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (02/21/2023 01:29:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: OLicenseHeartbeat.exe, verze: 16.0.13801.20182, časové razítko: 0x602dd932
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.488, časové razítko: 0x5b4a3325
Kód výjimky: 0xc06d007e
Posun chyby: 0x0000000000023e49
ID chybujícího procesu: 0x1ad4
Čas spuštění chybující aplikace: 0x01d9458b9930a31a
Cesta k chybující aplikaci: C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 787d6642-a8de-4b98-ac7f-e5cc7e698fef
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (02/24/2023 03:01:55 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (12:05:35, 24.02.2023) bylo neočekávané.
Error: (02/24/2023 11:12:49 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (7:42:07, 24.02.2023) bylo neočekávané.
Error: (02/24/2023 07:42:24 AM) (Source: NetBT) (EventID: 4311) (User: )
Description: Inicializace se nezdařila, protože ovladač zařízení nemohl být vytvořen.
K identifikaci rozhraní, jehož inicializace se nezdařila, lze použít
řetězec %2. Je reprezentován adresou MAC tohoto rozhraní nebo globálně
jedinečným identifikátorem (GUID), pokud nemohlo rozhraní NetBT
získat adresu MAC podle identifikátoru GUID. Pokud nebyla k dispozici adresa MAC
ani identifikátor GUID, je řetězec reprezentován názvem zařízení clusteru.
Error: (02/24/2023 07:42:24 AM) (Source: NetBT) (EventID: 4311) (User: )
Description: Inicializace se nezdařila, protože ovladač zařízení nemohl být vytvořen.
K identifikaci rozhraní, jehož inicializace se nezdařila, lze použít
řetězec %2. Je reprezentován adresou MAC tohoto rozhraní nebo globálně
jedinečným identifikátorem (GUID), pokud nemohlo rozhraní NetBT
získat adresu MAC podle identifikátoru GUID. Pokud nebyla k dispozici adresa MAC
ani identifikátor GUID, je řetězec reprezentován názvem zařízení clusteru.
Error: (02/24/2023 07:42:07 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (4:11:25, 24.02.2023) bylo neočekávané.
Error: (02/24/2023 04:11:25 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (0:34:13, 24.02.2023) bylo neočekávané.
Error: (02/23/2023 08:34:25 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Inicializace se nezdařila, protože ovladač zařízení nemohl být vytvořen.
K identifikaci rozhraní, jehož inicializace se nezdařila, lze použít
řetězec %2. Je reprezentován adresou MAC tohoto rozhraní nebo globálně
jedinečným identifikátorem (GUID), pokud nemohlo rozhraní NetBT
získat adresu MAC podle identifikátoru GUID. Pokud nebyla k dispozici adresa MAC
ani identifikátor GUID, je řetězec reprezentován názvem zařízení clusteru.
Error: (02/23/2023 08:34:25 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Inicializace se nezdařila, protože ovladač zařízení nemohl být vytvořen.
K identifikaci rozhraní, jehož inicializace se nezdařila, lze použít
řetězec %2. Je reprezentován adresou MAC tohoto rozhraní nebo globálně
jedinečným identifikátorem (GUID), pokud nemohlo rozhraní NetBT
získat adresu MAC podle identifikátoru GUID. Pokud nebyla k dispozici adresa MAC
ani identifikátor GUID, je řetězec reprezentován názvem zařízení clusteru.
Windows Defender:
================
Date: 2023-02-24 19:47:35
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUADlManager:Win32/Seznam
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\hynek\Downloads\ganttproject-2.8.9-r2335.exe; file:_C:\Users\hynek\Downloads\iphotodraw.exe; file:_C:\Users\hynek\Downloads\QuickTime_Alternative_322.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-80FHSG7\hynek
Název procesu: C:\Users\hynek\OneDrive\Plocha\FRST64.exe
Verze bezpečnostních informací: AV: 1.383.559.0, AS: 1.383.559.0, NIS: 1.383.559.0
Verze modulu: AM: 1.1.20000.2, NIS: 1.1.20000.2
Date: 2023-02-24 19:47:11
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUADlManager:Win32/Seznam
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\hynek\Downloads\ganttproject-2.8.9-r2335.exe; file:_C:\Users\hynek\Downloads\iphotodraw.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-80FHSG7\hynek
Název procesu: C:\Users\hynek\OneDrive\Plocha\FRST64.exe
Verze bezpečnostních informací: AV: 1.383.559.0, AS: 1.383.559.0, NIS: 1.383.559.0
Verze modulu: AM: 1.1.20000.2, NIS: 1.1.20000.2
Date: 2023-02-24 19:46:57
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUADlManager:Win32/Seznam
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\hynek\Downloads\ganttproject-2.8.9-r2335.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-80FHSG7\hynek
Název procesu: C:\Users\hynek\OneDrive\Plocha\FRST64.exe
Verze bezpečnostních informací: AV: 1.383.559.0, AS: 1.383.559.0, NIS: 1.383.559.0
Verze modulu: AM: 1.1.20000.2, NIS: 1.1.20000.2
Date: 2023-02-23 08:26:48
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {CCC86EF5-F20E-4A84-BA11-8B15564F0C3D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:
Date: 2023-02-22 22:00:34
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.383.440.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20000.2
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Date: 2023-01-26 17:41:49
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.381.2731.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19900.2
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.
Date: 2023-01-26 17:41:49
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.381.2731.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19900.2
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.
CodeIntegrity:
===============
Date: 2023-02-24 19:36:10
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. UX302LA.210 06/16/2014
Motherboard: ASUSTeK COMPUTER INC. UX302LA
Processor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Percentage of memory in use: 52%
Total physical RAM: 8078.34 MB
Available physical RAM: 3845.31 MB
Total Virtual: 11024.03 MB
Available Virtual: 6013.75 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.13 GB) (Free:19.36 GB) (Model: WDC WDS500G2B0A-00SM50) NTFS
Drive g: (Google Drive) (Fixed) (Total:15 GB) (Free:0 GB) (Model: WDC WDS500G2B0A-00SM50) FAT32
\\?\Volume{b9d9ae16-ea76-4a6a-947c-360a513be276}\ () (Fixed) (Total:0.52 GB) (Free:0.04 GB) NTFS
\\?\Volume{5eb413b0-c14f-4eec-acf5-4e025660f874}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Size: 14.9 GB) (Disk ID: 3E78F963)
Partition: GPT.
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-02-2023
Ran by hynek (administrator) on DESKTOP-80FHSG7 (ASUSTeK COMPUTER INC. UX302LA) (24-02-2023 19:43:30)
Running from C:\Users\hynek\OneDrive\Plocha
Loaded Profiles: hynek
Platform: Microsoft Windows 10 Home Version 2004 19041.508 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe ->) (ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe ->) (ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\110.0.1587.50\identity_helper.exe
(C:\Program Files\Fortinet\FortiClient\scheduler.exe ->) (Fortinet Technologies (Canada) ULC -> Fortinet Inc.) C:\Program Files\Fortinet\FortiClient\FCDBLog.exe
(C:\Program Files\Fortinet\FortiClient\scheduler.exe ->) (Fortinet Technologies (Canada) ULC -> Fortinet Inc.) C:\Program Files\Fortinet\FortiClient\FortiSettings.exe
(C:\Program Files\Fortinet\FortiClient\scheduler.exe ->) (Fortinet Technologies (Canada) ULC -> Fortinet Inc.) C:\Program Files\Fortinet\FortiClient\FortiSSLVPNdaemon.exe
(C:\Program Files\Fortinet\FortiClient\scheduler.exe ->) (Fortinet Technologies (Canada) ULC -> Fortinet Inc.) C:\Program Files\Fortinet\FortiClient\FortiTray.exe
(C:\Program Files\Logitech\SetPointP\SetPoint.exe ->) (Logitech -> Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCopyAccelerator.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\71.0.3.0\crashpad_handler.exe <2>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\71.0.3.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel\DPTF\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <9>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(services.exe ->) (Fortinet Technologies (Canada) ULC -> Fortinet Inc.) C:\Program Files\Fortinet\FortiClient\scheduler.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe
(services.exe ->) (PaperCut Software International Pty. Ltd. -> ) C:\Program Files (x86)\PaperCut Mobility Print\pc-mobility-print.exe
(services.exe ->) (Salto Systems S.L.) [File not signed] C:\SALTO\Local IO Bridge\SaltoLocalIOBridge.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (WireGuard LLC -> WireGuard LLC) C:\Program Files\WireGuard\wireguard.exe <3>
(Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0\Spotify.exe <6>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\hynek\AppData\Local\Microsoft\OneDrive\23.033.0212.0001\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(svchost.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3951024 2019-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-12-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\71.0.3.0\GoogleDriveFS.exe [52571928 2023-02-22] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\71.0.3.0\GoogleDriveFS.exe [52571928 2023-02-22] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1695572103-1893823028-2198395607-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\71.0.3.0\GoogleDriveFS.exe [52571928 2023-02-22] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1695572103-1893823028-2198395607-1001\...\Run: [MicrosoftEdgeAutoLaunch_7157C86D8E139DAF9F76A72DBA4E1F89] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4243360 2023-02-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1695572103-1893823028-2198395607-1001\...\MountPoints2: {1fa46193-bccd-11ec-8897-806e6f6e6963} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1695572103-1893823028-2198395607-1001\...\MountPoints2: {772aca3a-8e08-11eb-bee2-5c514f3ffda9} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1695572103-1893823028-2198395607-1001\...\MountPoints2: {c23672e9-3faf-11eb-bc6e-5c514f3ffdad} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1695572103-1893823028-2198395607-1001\...\MountPoints2: {fb2e2697-f389-11eb-822b-5c514f3ffda9} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\71.0.3.0\GoogleDriveFS.exe [52571928 2023-02-22] (Google LLC -> Google, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\110.0.5481.105\Installer\chrmstp.exe [2023-02-23] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {103390A3-7ADC-469E-A2F5-F129430E2D51} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-20] (Google Inc -> Google LLC)
Task: {13D9C2BC-D6FC-4B10-8ADF-96723E15FD3E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23080304 2021-02-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {152B2D77-2A71-458B-A57E-09EF3035A29D} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1511288 2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {59E98452-3A70-454C-A34F-F4CD904B8B99} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14049536 2015-07-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {5C0BC97E-8324-46D0-97AD-2C6C649DD1EE} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-07-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {5C71F24C-96A3-4834-8F3E-89BA39C5CD79} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1510808 2002-02-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {5F90A50F-54E1-4706-9176-10C535D4759B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5FA85842-6F40-4B34-9B1B-206228C863DB} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141184 2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {74E29553-E1A3-40E6-A87D-1645393EA034} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23080304 2021-02-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {74E33745-8096-409F-9CFF-5624E7D8E84F} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141184 2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {766D223C-E82B-44DA-AB66-574EE00FD4FE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1560056 2023-02-01] (Adobe Inc. -> Adobe Inc.)
Task: {95C0BC77-7B11-43E9-A064-58581B3B449E} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-07-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {9CA47FE7-B9AB-40EA-9213-F324448AD027} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AEEEC3F5-2CD6-43B5-BD69-13049AC31A4D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-20] (Google Inc -> Google LLC)
Task: {BFD0191F-0996-47B5-88A9-56B5EB0870F5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C521CDB2-04E0-468F-8C9F-D6269A74EE25} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D084E54B-8409-4DE6-9256-8BDC3B50CB63} - System32\Tasks\CorelUpdateHelperTask-3014B226FF372FCF15F4964DE35C6FC8 => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe -resume (No File)
Task: {FEF3D880-AF9F-45EC-B539-684B05E81B89} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18400 2017-03-09] (ASUSTeK Computer Inc. -> AsusTek)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [193024 2008-08-29] (Apple Inc.) [File not signed]
Tcpip\Parameters: [DhcpNameServer] 10.0.2.1
Tcpip\..\Interfaces\{f28ceb74-3dc1-4f12-900a-e729fb925015}: [DhcpNameServer] 10.0.2.1
Tcpip\..\Interfaces\{fec86f06-80bc-46ca-87a6-7d1ef3449c62}: [DhcpNameServer] 10.0.4.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\hynek\AppData\Local\Microsoft\Edge\User Data\Default [2023-02-24]
Edge Notifications: Default -> hxxps://www.facebook.com
Edge Extension: (Edge relevant text changes) - C:\Users\hynek\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-01-24]
Edge Extension: (Virtuální klávesnice pro Microsoft Edge) - C:\Users\hynek\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pcdickjcmegnimaejnpckgfbhlbnpgan [2021-09-20]
Edge Profile: C:\Users\hynek\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2022-01-14]
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2020-10-18] [Legacy] [not signed]
FF Plugin: @java.com/DTPlugin,version=11.281.2 -> C:\Program Files\Java\jre1.8.0_281\bin\dtplugin\npDeployJava1.dll [2021-02-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.281.2 -> C:\Program Files\Java\jre1.8.0_281\bin\plugin2\npjp2.dll [2021-02-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-07-25] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-07-25] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-07-25] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-02-14] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2018-07-25] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2018-07-25] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2018-07-25] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-07-25] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-07-25] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-07-25] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1695572103-1893823028-2198395607-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-07-25] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1695572103-1893823028-2198395607-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-07-25] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1695572103-1893823028-2198395607-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-07-25] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Default [2023-02-24]
CHR Notifications: Default -> hxxps://aukro.cz; hxxps://calendar.google.com; hxxps://drive.google.com; hxxps://teams.microsoft.com; hxxps://www.messenger.com
CHR NewTab: Default -> Not-active:"chrome-extension://kmhlclefmkbikbnpmoemeendjcgbkbha/newtab.html"
CHR Extension: (Hot Virtual Keyboard Extension) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdejgojmfhngmomodldpdppfbhoajadl [2021-09-20]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2023-02-09]
CHR Extension: (Virtual Keyboard for Google Chrome™) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecjkcanpimnagobhegghdeeiagffoidk [2022-03-28]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-02-24]
CHR Extension: (Google Docs Offline) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-01-25]
CHR Extension: (Chrome Extension Manager) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Default\Extensions\iddkjobhhfbocgpebgnadlbdodajapel [2020-08-28]
CHR Extension: (Comfort On-Screen Keyboard Pro Extension) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiahaffkmigpdgabgoeipffondmlnhdn [2022-11-16]
CHR Extension: (Zoom Scheduler) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgjfgplpablkjnlkjmjdecgdpfankdle [2023-01-10]
CHR Extension: (Google Home™ for PC & Windows/Mac -New Tab BG) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhlclefmkbikbnpmoemeendjcgbkbha [2022-03-09]
CHR Extension: (Google Keep Chrome Extension) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2023-02-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Virtual Keyboard) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflmllfnnabikmfkkaddkoolinlfninn [2021-09-20]
CHR Profile: C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-02-24]
CHR Profile: C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 2 [2023-01-08]
CHR Extension: (The Cook Company) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\afhcomalholahplbjhnmahkoekoijban [2021-09-20]
CHR Extension: (Plná Peněženka Lištička) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ecmgkhgjmodembdmiimbacpjgcdimiek [2023-01-08]
CHR Extension: (Google Docs Offline) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-01-08]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-09-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-20]
CHR Extension: (Virtual Keyboard) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pflmllfnnabikmfkkaddkoolinlfninn [2021-09-20]
CHR Profile: C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 4 [2023-01-08]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-01-08]
CHR Extension: (Google Docs Offline) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-01-08]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-12-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-12-02]
CHR Profile: C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 5 [2023-02-24]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-02-24]
CHR Extension: (Google Docs Offline) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-01-30]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-01-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-10-05]
CHR Profile: C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 6 [2022-12-02]
CHR Extension: (Adobe Acrobat: nástroje pro úpravu, převod a podpis souborů PDF) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-12-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-12-02]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2022-12-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-12-02]
CHR Profile: C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 7 [2023-01-08]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-01-08]
CHR Extension: (Google Docs Offline) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-12-02]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2022-12-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-12-02]
CHR Profile: C:\Users\hynek\AppData\Local\Google\Chrome\User Data\System Profile [2023-02-24]
CHR HKU\S-1-5-21-1695572103-1893823028-2198395607-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\hynek\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx <not found>
CHR HKU\S-1-5-21-1695572103-1893823028-2198395607-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-02-01] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8988552 2021-02-22] (Microsoft Corporation -> Microsoft Corporation)
R2 FA_Scheduler; C:\Program Files\Fortinet\FortiClient\scheduler.exe [413784 2022-08-31] (Fortinet Technologies (Canada) ULC -> Fortinet Inc.)
R2 ibtsiva.exe; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [135408 2015-06-18] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R2 pc-mobility-print; C:\Program Files (x86)\PaperCut Mobility Print\pc-mobility-print.exe [5274992 2021-02-23] (PaperCut Software International Pty. Ltd. -> )
R2 SaltoLocalIOBridge; C:\SALTO\Local IO Bridge\SaltoLocalIOBridge.exe [189440 2019-08-05] (Salto Systems S.L.) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [14621592 2022-07-13] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe [3191256 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe [133576 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WireGuardManager; C:\Program Files\WireGuard\wireguard.exe [8185648 2021-12-22] (WireGuard LLC -> WireGuard LLC)
R2 WireGuardTunnel$Rubyk-Brydl; C:\Program Files\WireGuard\wireguard.exe [8185648 2021-12-22] (WireGuard LLC -> WireGuard LLC)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AmPeStor; C:\WINDOWS\system32\drivers\AmPeStor.sys [159920 2015-07-24] (AlcorMicro, Corp. -> Alcor Micro, Corp.)
R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [128024 2017-03-09] (ASUSTeK Computer Inc. -> ASUS Corporation)
R1 FortiFilter; C:\WINDOWS\system32\DRIVERS\FortiFilter.sys [35400 2022-08-31] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
S3 Fortips; C:\WINDOWS\System32\drivers\fortips.sys [165056 2022-08-31] (Fortinet, Inc. -> Fortinet Inc)
S3 FortiTransCtrl; C:\WINDOWS\System32\drivers\FortiTransCtrl.sys [85696 2022-08-31] (Fortinet, Inc. -> Fortinet Inc)
S3 ftsvnic; C:\WINDOWS\System32\drivers\ftsvnic.sys [72800 2022-08-31] (Fortinet, Inc. -> Fortinet Inc.)
R3 ft_vnic; C:\WINDOWS\System32\drivers\ftvnic.sys [70368 2022-08-31] (Fortinet Technologies (Canada) Inc. -> Fortinet Corporation)
R1 googledrivefs31092; C:\WINDOWS\System32\DRIVERS\googledrivefs31092.sys [384600 2023-02-07] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32680 2019-08-07] (ASUSTek Computer Inc. -> ASUS)
S3 MpKsl1d4ebba4; C:\WINDOWS\system32\MpEngineStore\MpKslDrv.sys [134376 2022-01-17] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl93cef076; C:\WINDOWS\system32\MpEngineStore\MpKslDrv.sys [134376 2022-01-17] (Microsoft Windows -> Microsoft Corporation)
R2 NPF; C:\Windows\SysWOW64\drivers\npf64.sys [36600 2015-04-28] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2023-02-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [473336 2023-02-15] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99576 2023-02-15] (Microsoft Windows -> Microsoft Corporation)
R3 WireGuard; C:\WINDOWS\system32\DRIVERS\wireguard.sys [489368 2021-10-25] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-02-24 19:34 - 2023-02-24 19:44 - 000000000 ____D C:\FRST
2023-02-23 14:01 - 2023-02-23 14:01 - 000000000 ____D C:\Users\hynek\AppData\Local\Zoom
2023-02-23 14:00 - 2023-02-23 14:00 - 000000000 ____D C:\Users\hynek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2023-02-21 15:26 - 2023-02-21 15:26 - 000000089 _____ C:\Users\hynek\Downloads\recovery_codes.txt
2023-02-21 14:33 - 2023-02-21 14:33 - 000375838 _____ C:\Users\hynek\Downloads\Metodicke_doporuceni-Blue_03-1 (4).pdf
2023-02-21 12:08 - 2023-02-21 12:09 - 108504945 _____ C:\Users\hynek\Downloads\20230222.zip
2023-02-20 16:48 - 2023-02-20 16:48 - 001510610 _____ C:\Users\hynek\Downloads\Příloha 04 Projektová dokumentace_FVE Štýřice (2).pdf
2023-02-20 13:26 - 2023-02-20 13:26 - 000239733 _____ C:\Users\hynek\Downloads\9120011692.pdf
2023-02-20 13:26 - 2023-02-20 13:26 - 000225012 _____ C:\Users\hynek\Downloads\6120114101 (1).pdf
2023-02-20 13:26 - 2023-02-20 13:26 - 000220010 _____ C:\Users\hynek\Downloads\9120024517.pdf
2023-02-20 13:25 - 2023-02-20 13:25 - 000242074 _____ C:\Users\hynek\Downloads\6120214145.pdf
2023-02-20 13:04 - 2023-02-20 13:04 - 003683273 _____ C:\Users\hynek\Downloads\Příloha č. 1_FVE 44,46 kWp B.D.H.Kovo.pdf
2023-02-20 13:03 - 2023-02-20 13:03 - 001510610 _____ C:\Users\hynek\Downloads\Příloha 04 Projektová dokumentace_FVE Štýřice (1).pdf
2023-02-20 13:00 - 2023-02-20 13:00 - 001510610 _____ C:\Users\hynek\Downloads\Příloha 04 Projektová dokumentace_FVE Štýřice.pdf
2023-02-20 12:43 - 2023-02-20 12:43 - 002477653 _____ C:\Users\hynek\Downloads\madrid_en.pdf
2023-02-20 12:43 - 2023-02-20 12:43 - 000226821 _____ C:\Users\hynek\Downloads\voucher-DC-4655610.pdf
2023-02-20 06:59 - 2023-02-20 07:03 - 000183220 _____ C:\Users\hynek\Downloads\F_Karta_Reklamace2.pdf
2023-02-19 19:55 - 2023-02-19 20:07 - 000184169 _____ C:\Users\hynek\Downloads\F_Karta_Reklamace.pdf
2023-02-18 18:08 - 2023-02-18 18:08 - 002825123 _____ C:\Users\hynek\Downloads\1662641157_Manuál pro vytvoření účtu v AIS_v3.pdf
2023-02-16 16:31 - 2023-02-16 16:31 - 000251749 _____ C:\Users\hynek\Downloads\6463_6455_Smlouva_o_zajezdu_platne_infocesta.03.xlsx
2023-02-16 16:13 - 2023-02-16 16:13 - 000003133 _____ C:\Users\hynek\Downloads\index_2023-02-01_2023-02-15.xlsx
2023-02-16 16:12 - 2023-02-16 16:12 - 000005120 _____ C:\Users\hynek\Downloads\consommation_2023-02-01_2023-02-15.xls
2023-02-13 20:17 - 2023-02-13 20:17 - 000000000 ____D C:\Users\hynek\OneDrive\Dokumenty\PDF Architect
2023-02-09 13:33 - 2023-02-09 13:34 - 202575587 _____ C:\Users\hynek\Downloads\zasilka-HN7F9WDV37NYNAXE.zip
2023-02-09 09:04 - 2023-02-20 13:42 - 000000000 ____D C:\WINDOWS\Minidump
2023-02-01 10:37 - 2023-02-01 10:38 - 157247270 _____ C:\Users\hynek\Downloads\20230201.zip
2023-02-01 09:42 - 2023-02-02 18:47 - 000833932 _____ C:\Users\hynek\Downloads\Exim_FM-2023_letak_A4_vylohy.pdf
2023-02-01 09:42 - 2023-02-02 18:46 - 000870758 _____ C:\Users\hynek\Downloads\Fischer_FM-2023_letak_A4_vylohy.pdf
2023-01-30 15:20 - 2023-01-30 15:20 - 000285488 _____ C:\Users\hynek\Downloads\96880208.pdf
2023-01-26 09:03 - 2023-01-26 09:03 - 000406476 _____ C:\Users\hynek\Downloads\rm09_usneseni_16.01.2023.pdf
2023-01-25 08:53 - 2023-01-25 08:53 - 000306436 _____ C:\Users\hynek\Downloads\CestovniSmlouva-OP674358575-S0002-TD00179150.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-02-24 19:43 - 2021-09-07 19:03 - 000000000 ____D C:\Users\Host
2023-02-24 19:43 - 2019-07-20 11:17 - 000000000 ____D C:\Users\hynek\OneDrive\Dokumenty\Soubory aplikace Outlook
2023-02-24 19:31 - 2022-12-14 16:08 - 000000000 ___RD C:\Users\hynek\OneDrive - DER Touristik CZ
2023-02-24 19:31 - 2019-08-06 21:00 - 000000000 ___RD C:\Users\hynek\Disk Google
2023-02-24 19:31 - 2019-07-20 10:27 - 000000000 ___RD C:\Users\hynek\OneDrive
2023-02-24 19:30 - 2021-01-10 16:57 - 000000000 ____D C:\Users\hynek\AppData\Roaming\Signal
2023-02-24 19:30 - 2020-09-07 01:38 - 000000000 ____D C:\Users\hynek
2023-02-24 19:30 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-02-24 19:30 - 2019-07-21 16:30 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2023-02-24 19:30 - 2019-07-21 16:30 - 000000000 __SHD C:\Users\hynek\IntelGraphicsProfiles
2023-02-24 19:30 - 2019-07-20 11:22 - 000000000 ____D C:\Program Files (x86)\Google
2023-02-24 19:30 - 2019-07-20 10:26 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2023-02-24 19:11 - 2020-09-07 08:38 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-02-24 15:10 - 2020-09-07 08:44 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-02-24 15:06 - 2020-09-07 08:48 - 094580676 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-02-24 15:06 - 2019-12-07 15:41 - 093391652 _____ C:\WINDOWS\system32\perfh005.dat
2023-02-24 15:06 - 2019-12-07 15:41 - 028772280 _____ C:\WINDOWS\system32\perfc005.dat
2023-02-24 15:02 - 2019-08-16 17:34 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2023-02-24 15:01 - 2020-09-07 08:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-02-24 15:01 - 2020-09-07 08:38 - 000008192 ___SH C:\DumpStack.log.tmp
2023-02-24 15:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-02-24 11:43 - 2019-07-20 10:24 - 000000000 ____D C:\Users\hynek\AppData\Local\Packages
2023-02-23 16:19 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-02-23 16:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-02-23 14:01 - 2020-03-27 18:41 - 000000000 ____D C:\Users\hynek\AppData\Roaming\Zoom
2023-02-23 09:13 - 2019-07-20 11:24 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-02-23 08:16 - 2021-12-14 13:16 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1695572103-1893823028-2198395607-1001
2023-02-23 08:16 - 2021-06-29 13:14 - 000002381 _____ C:\Users\hynek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-02-23 08:16 - 2020-09-07 08:44 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1695572103-1893823028-2198395607-1001
2023-02-22 16:03 - 2021-09-22 18:23 - 000002057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2023-02-19 11:14 - 2020-06-08 23:17 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-02-18 10:11 - 2022-10-13 13:06 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-02-15 01:38 - 2019-07-20 10:03 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-02-10 11:08 - 2020-09-07 08:44 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-02-10 11:08 - 2020-09-07 08:44 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Ran by hynek (24-02-2023 19:50:22)
Running from C:\Users\hynek\OneDrive\Plocha
Microsoft Windows 10 Home Version 2004 19041.508 (X64) (2020-09-07 07:44:49)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1695572103-1893823028-2198395607-500 - Administrator - Disabled)
brydl (S-1-5-21-1695572103-1893823028-2198395607-1004 - Limited - Disabled)
ca (S-1-5-21-1695572103-1893823028-2198395607-1006 - Limited - Disabled)
dagma (S-1-5-21-1695572103-1893823028-2198395607-1003 - Limited - Disabled)
DefaultAccount (S-1-5-21-1695572103-1893823028-2198395607-503 - Limited - Disabled)
Guest (S-1-5-21-1695572103-1893823028-2198395607-501 - Limited - Disabled)
Host (S-1-5-21-1695572103-1893823028-2198395607-1011 - Limited - Enabled) => C:\Users\Host
hynek (S-1-5-21-1695572103-1893823028-2198395607-1001 - Administrator - Enabled) => C:\Users\hynek
vendu (S-1-5-21-1695572103-1893823028-2198395607-1002 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1695572103-1893823028-2198395607-504 - Limited - Disabled)
zdene (S-1-5-21-1695572103-1893823028-2198395607-1005 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.003.20322 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601042}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.18 - ASUS)
Balíček ovladače systému Windows - SALTO SYSTEMS S.L. (WinUSB) USB (04/08/2013 4.0.0.0) (HKLM\...\F32B78D41EE27E123D05633D86F2858D095E5042) (Version: 04/08/2013 4.0.0.0 - SALTO SYSTEMS S.L.)
Bonjour (HKLM\...\{2EF5C74A-1137-46B1-A7BA-5A39ED27A22A}) (Version: 1.0.105 - Apple Inc.)
Corel Graphics - Windows Shell Extension (HKLM\...\_{340C451C-F2FD-4309-B259-580FD5E44025}) (Version: 18.1.0.661 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\{340C451C-F2FD-4309-B259-580FD5E44025}) (Version: 18.1.661 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit Keys (HKLM\...\{B86D7255-2418-45F1-A36F-7E1FF617550C}) (Version: 18.1.661 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 12 (HKLM-x32\...\{505AFDC0-5E72-4928-8368-5DEA385E3647}) (Version: 12.0.0.458 - Corel Corporation)
FortiClient VPN (HKLM\...\{32123CA3-C24D-4A99-9347-70049B8E4C23}) (Version: 7.0.7.0345 - Fortinet Technologies Inc)
GanttProject (HKLM-x32\...\GanttProject) (Version: - )
GeneralZoomy (HKU\S-1-5-21-1695572103-1893823028-2198395607-1001\...\GeneralZoomy) (Version: - )
Ghost Trap 1.2.9.10 (HKLM-x32\...\Ghost Trap_is1) (Version: - Chris Dance, PaperCut Software Int. Pty. Ltd.)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 71.0.3.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 110.0.5481.105 - Google LLC)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{6309F485-5713-4A87-9F3F-C47A08BA53DC}) (Version: 18.1.1525.1445 - Intel Corporation)
iPhotoDraw 2.6 (HKLM-x32\...\{3C4C9BAC-248B-4466-B889-8582360F5151}) (Version: 2.6.0.0 - Simen Wu)
Java 8 Update 281 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180281F0}) (Version: 8.0.2810.9 - Oracle Corporation)
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.13801.20266 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 110.0.1587.50 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 110.0.1587.50 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1695572103-1893823028-2198395607-1001\...\OneDriveSetup.exe) (Version: 23.033.0212.0001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1695572103-1893823028-2198395607-1011\...\OneDriveSetup.exe) (Version: 21.180.0905.0007 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1695572103-1893823028-2198395607-1001\...\Teams) (Version: 1.3.00.28779 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.23506 (HKLM\...\{B0B194F8-E0CE-33FE-AA11-636428A4B73D}) (Version: 14.0.23506 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.23506 (HKLM\...\{A1C31BA5-5438-3A07-9EEE-A5FB2D0FDE36}) (Version: 14.0.23506 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 Finalizer (HKLM-x32\...\{20D2A362-23EB-3BDB-BAD3-F4510B2B32A5}) (Version: 14.0.23217 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2015 x64 Hosting Support (HKLM\...\{6D0ED930-AE5C-3289-ADA3-E6C3B13050DE}) (Version: 14.0.23217 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2015 x86 Hosting Support (HKLM-x32\...\{84DD3A17-A979-39BC-8816-8226CB7DF8A7}) (Version: 14.0.23217 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13801.20182 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13801.20182 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13801.20182 - Microsoft Corporation) Hidden
PaperCut Mobility Print (HKLM-x32\...\PaperCut Mobility Print_is1) (Version: - PaperCut Software International Pty Ltd)
PDF-XChange Editor (HKLM\...\{937C4E9D-C00A-4F8A-A1CF-4FD358BC1DEB}) (Version: 7.0.326.1 - Tracker Software Products (Canada) Ltd.) Hidden
PDF-XChange Editor (HKLM-x32\...\{d8a38cca-ed58-496c-aa9d-b75df8ea7a98}) (Version: 7.0.326.1 - Tracker Software Products (Canada) Ltd.)
Průvodce přenosem dat pro Windows (HKLM-x32\...\{1316CC3A-F576-469A-9C54-B98D2DC6E5AE}) (Version: 2.1.2.0 - Apple Inc.)
QuickTime Alternative 3.2.2 (HKLM-x32\...\QuicktimeAlt_is1) (Version: 3.2.2 - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
Saal Designer (HKLM-x32\...\SaalDesigner) (Version: 4.0 - )
SADPTool (HKLM-x32\...\{7D9B79C2-B1B2-433B-844F-F4299B86F26E}) (Version: 2.2.3.6 - hikvision)
SALTO Local IO Bridge (HKLM-x32\...\{b3e7fc8b-e2bd-401a-9b2a-b4bd1706340a}) (Version: 1.3.0.0 - SALTO Systems S.L.)
SaltoLocalIOBridge Setup (HKLM-x32\...\{EEFECA3D-E704-463A-BDE5-AC65C52D978F}) (Version: 1.3.0.0 - SALTO Systems S.L.) Hidden
Signal 6.6.0 (HKU\S-1-5-21-1695572103-1893823028-2198395607-1001\...\7d96caee-06e6-597c-9f2f-c7bb2e0948b4) (Version: 6.6.0 - Signal Messenger, LLC)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.32.3 - TeamViewer)
Ubiquiti UniFi (remove only) (HKLM-x32\...\Ubiquiti UniFi) (Version: - )
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
WireGuard (HKLM\...\{2FDB79CE-5193-4A39-82BB-E00158CC1533}) (Version: 0.5.3 - WireGuard LLC)
Zoom (HKU\S-1-5-21-1695572103-1893823028-2198395607-1001\...\ZoomUMX) (Version: 5.13.7 (12602) - Zoom Video Communications, Inc.)
Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.6.36.0_x86__kgqvnymyfvs32 [2021-07-06] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.60.1.0_x86__kgqvnymyfvs32 [2021-06-24] (king.com)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-07-28] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-16] (Microsoft Corporation)
Free Virtual Keyboard -> C:\Program Files\WindowsApps\ComfortSoftwareGroup.FreeVirtualKeyboard_5.0.0.0_x64__2tsmkga83t66w [2021-09-24] (Comfort Software Group)
Kiosk Browser -> C:\Program Files\WindowsApps\Microsoft.KioskBrowser_1.0.4.0_x64__8wekyb3d8bbwe [2020-09-15] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-07-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-07-20] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.6151.0_x64__8wekyb3d8bbwe [2021-06-19] (Microsoft Studios) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-15] (Netflix, Inc.)
Raw Image Extension -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_1.0.41311.0_x64__8wekyb3d8bbwe [2021-06-10] (Microsoft Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0 [2021-06-29] (Spotify AB) [Startup Task]
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x64__8wekyb3d8bbwe [2023-02-23] (Microsoft Corporation)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x86__8wekyb3d8bbwe [2023-02-23] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1695572103-1893823028-2198395607-1001_Classes\CLSID\{04271989-C4D2-49B4-7572-AE77FCFD0D9A} -> [OneDrive - DER Touristik CZ] => C:\Users\hynek\OneDrive - DER Touristik CZ [2022-12-14 16:08]
CustomCLSID: HKU\S-1-5-21-1695572103-1893823028-2198395607-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\hynek\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1695572103-1893823028-2198395607-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\hynek\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\71.0.3.0\drivefsext.dll [2023-02-22] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\71.0.3.0\drivefsext.dll [2023-02-22] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\71.0.3.0\drivefsext.dll [2023-02-22] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\71.0.3.0\drivefsext.dll [2023-02-22] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\71.0.3.0\drivefsext.dll [2023-02-22] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\71.0.3.0\drivefsext.dll [2023-02-22] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\71.0.3.0\drivefsext.dll [2023-02-22] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\hynek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Google Keep.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=eilembjdkfgodjkcjnpgpaenohkicgjd
ShortcutWithArgument: C:\Users\hynek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Kiosk (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 2" --app-id=afhcomalholahplbjhnmahkoekoijban
ShortcutWithArgument: C:\Users\hynek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Keep – poznámky a seznamy.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
==================== Loaded Modules (Whitelisted) =============
2008-08-29 08:54 - 2008-08-29 08:54 - 000193024 _____ (Apple Inc.) [File not signed] C:\Program Files\Bonjour\mdnsNSP.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-1695572103-1893823028-2198395607-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://ra.fischer.cz/
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_281\bin\ssv.dll [2021-02-03] (Oracle America, Inc. -> Oracle Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech Inc -> Logitech, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_281\bin\jp2ssv.dll [2021-02-03] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech Inc -> Logitech, Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1695572103-1893823028-2198395607-1001\...\sharepoint.com -> hxxps://dertouristikcz-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 05:49 - 2023-02-24 15:02 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
2019-08-06 21:39 - 2021-07-23 20:39 - 000000587 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.1 DESKTOP-80FHSG7.mshome.net # 2026 7 3 22 19 39 24 239
192.168.137.22 LGSmartTV.mshome.net # 2021 7 5 30 19 39 24 239
30 40 365
192.168.137.114 LGSmartTV.mshome.net # 2020 5 6 9 15 56 31 918
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %C_EM64T_REDIST11%bin\Intel64;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\QuickTime Alternative\QTSystem;C:\Program Files\WireGuard\
HKU\S-1-5-21-1695572103-1893823028-2198395607-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\hynek\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
HKU\S-1-5-21-1695572103-1893823028-2198395607-1011\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 10.0.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
Network Binding:
=============
Wi-Fi: FortiClient NDIS 6.3 Packet Filter Driver -> ft_fortifilter (enabled)
Ethernet 2: FortiClient NDIS 6.3 Packet Filter Driver -> ft_fortifilter (enabled)
Ethernet 3: FortiClient NDIS 6.3 Packet Filter Driver -> ft_fortifilter (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{050E5BD7-769E-404B-83F6-36917A5CE086}C:\program files (x86)\sadptool\sadptool.exe] => (Allow) C:\program files (x86)\sadptool\sadptool.exe (HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> )
FirewallRules: [TCP Query User{4F155120-BD8C-4BBD-B541-FB73561634A6}C:\program files (x86)\sadptool\sadptool.exe] => (Allow) C:\program files (x86)\sadptool\sadptool.exe (HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> )
FirewallRules: [{C4419699-A68B-4D67-BBDB-FA0A5075D3F4}] => (Allow) C:\Users\hynek\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{D7D4FBF2-D8BB-411D-A30A-6217FC22EF9D}] => (Allow) C:\Users\hynek\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{F657D0FF-58E7-44C1-8736-24AB47F3C86B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9B7B7020-C8E9-495A-AE61-65B1A38BA09D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E2837EF7-605B-4E91-95C8-E7C50E51B160}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{BAB7EAF7-F80C-4A70-8321-8146E78010E9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{E0C17448-8061-4297-AB6A-252CD920E76D}C:\users\hynek\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\hynek\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{F333B2BB-57A2-4367-8D9B-4AC2C15799B7}C:\users\hynek\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\hynek\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2A0F8F7C-8FCE-4167-BC8D-57A2897BCC96}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{BAC77EA7-9F74-48F5-A279-0FEB6D05077D}C:\program files (x86)\common files\oracle\java\javapath_target_7596796\javaw.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_7596796\javaw.exe
FirewallRules: [UDP Query User{C31555FD-6493-4463-90CE-3690ED709274}C:\program files (x86)\common files\oracle\java\javapath_target_7596796\javaw.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_7596796\javaw.exe
FirewallRules: [{1788616D-03EB-44E6-A655-08950B73A405}] => (Allow) C:\Program Files\Java\jre1.8.0_281\bin\java.exe
FirewallRules: [{499F681F-9847-47A4-A1A7-ECC65A8629E0}] => (Allow) C:\Program Files\Java\jre1.8.0_281\bin\java.exe
FirewallRules: [{51A2C605-15A5-4D56-A6E7-D4987EF86191}] => (Allow) C:\Users\hynek\Ubiquiti UniFi\bin\mongod.exe (MongoDB, Inc) [File not signed]
FirewallRules: [{03C7854C-8566-4560-9B3D-70049FC949E5}] => (Allow) C:\Users\hynek\Ubiquiti UniFi\bin\mongod.exe (MongoDB, Inc) [File not signed]
FirewallRules: [{C2DCDA8E-4436-41F6-8EFD-027291CF4FD8}] => (Allow) LPort=9163
FirewallRules: [{23211DB1-A05C-4BD2-BDC9-5CA100122863}] => (Allow) LPort=9164
FirewallRules: [{579B483E-7B02-49DF-A61A-37448045AB13}] => (Allow) LPort=5353
FirewallRules: [{2F49922E-3FB7-4E0D-870A-FEB8E67040E0}] => (Allow) LPort=53
FirewallRules: [{D3BA936C-F949-4948-BB89-E1B3FE69E327}] => (Allow) LPort=53
FirewallRules: [{2904CF0C-6771-4BA2-9E88-4EF99445CC0F}] => (Allow) C:\Program Files (x86)\PaperCut Mobility Print\pc-updater.exe (PaperCut Software International Pty. Ltd. -> )
FirewallRules: [{E19F8ECB-D565-4508-B02E-87259A955657}] => (Allow) C:\Program Files (x86)\PaperCut Mobility Print\pc-updater.exe (PaperCut Software International Pty. Ltd. -> )
FirewallRules: [{DC2A01F7-2176-4AE8-B417-C29D378E5811}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3E8DEA00-B1FB-4507-A7A3-9FAF45A4BBA0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BABCA958-E342-475F-B398-BC3FA71B0830}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D5424263-DC41-42FA-870D-AD90FD9DE971}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{A54E20C0-05EE-4820-B6B9-8B737B78A644}C:\program files\java\jre1.8.0_281\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_281\bin\javaw.exe
FirewallRules: [UDP Query User{2D52DDD1-2F26-425D-A2F0-A2D5A31D8B27}C:\program files\java\jre1.8.0_281\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_281\bin\javaw.exe
FirewallRules: [{F7E1A743-ECE6-4716-B78D-F6048550E96A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AB6D1808-65A1-4AB7-AE79-4C24BE909EB6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B5FF6244-0F27-435C-831E-9DD16AC25148}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DEE1F30E-571E-4ABA-815D-F31860194746}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E16D0A5B-71C4-4057-B871-7A5D9D68EBC2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D55D391E-2F9D-4564-AB75-B020CC029F49}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B2F30803-280F-4D87-B0B8-9A3E71419A5C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E635EF21-C86E-4FB1-B76E-DD3357A1BB9D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{ABFC4F58-5354-4E48-8B7A-151F39B6229B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{8487B54D-4A70-4C8A-9493-0B8ADD9D0551}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A3F34578-A89F-452A-8EB2-F1A29BC99A53}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{7B1D4F3C-4297-4DF8-964B-A105F632FBC3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{51F84A71-90FE-4AB5-B2A9-A5794B2E7837}C:\users\hynek\onedrive\plocha\winbox.exe] => (Allow) C:\users\hynek\onedrive\plocha\winbox.exe (Mikrotikls SIA -> )
FirewallRules: [UDP Query User{65457697-AE4B-4B59-A95C-384811A680BA}C:\users\hynek\onedrive\plocha\winbox.exe] => (Allow) C:\users\hynek\onedrive\plocha\winbox.exe (Mikrotikls SIA -> )
FirewallRules: [TCP Query User{B51E72D3-C376-4CED-9D17-75252AA735E3}C:\users\hynek\downloads\anydesk.exe] => (Allow) C:\users\hynek\downloads\anydesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [UDP Query User{017721EF-BC68-4FE1-A49B-101E5510E528}C:\users\hynek\downloads\anydesk.exe] => (Allow) C:\users\hynek\downloads\anydesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{F034DABF-8AB9-4392-82CE-51E3F75B2227}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8EB2ABC2-C974-4859-A5E8-0571EB55517B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9031811A-1FC5-4534-9C9C-2538CADAEC11}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Windows Migration Assistant\MigrationAssistant.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FEF2C250-E463-4D6D-A23A-B5F00EAA30EE}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Windows Migration Assistant\MigrationAssistant.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{B2900A25-0337-4A4B-A6C9-28B1F5728C8D}C:\users\hynek\downloads\anydesk (1).exe] => (Allow) C:\users\hynek\downloads\anydesk (1).exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [UDP Query User{6F313DF4-0FEE-466C-9D21-56D70086019D}C:\users\hynek\downloads\anydesk (1).exe] => (Allow) C:\users\hynek\downloads\anydesk (1).exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{3F05D1DB-29D5-4CF0-9A99-43B305ED98BF}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\110.0.1587.50\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D2B10ABE-395A-4F35-9A7F-40D34F3EF755}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{5B10B87D-2093-4FF8-8FB8-81AC3E36F333}C:\users\hynek\onedrive\plocha\winbox-desktop-8gl7ptv.exe] => (Allow) C:\users\hynek\onedrive\plocha\winbox-desktop-8gl7ptv.exe (Mikrotikls SIA -> )
FirewallRules: [UDP Query User{02AEA412-5E1A-4094-BAA2-065A205B07BF}C:\users\hynek\onedrive\plocha\winbox-desktop-8gl7ptv.exe] => (Allow) C:\users\hynek\onedrive\plocha\winbox-desktop-8gl7ptv.exe (Mikrotikls SIA -> )
FirewallRules: [{3451C751-E1CA-4414-92EC-BA98DB2C825F}] => (Block) C:\users\hynek\onedrive\plocha\winbox-desktop-8gl7ptv.exe (Mikrotikls SIA -> )
FirewallRules: [{590A8D2E-1AE2-457C-A628-CFB58C9D5D96}] => (Block) C:\users\hynek\onedrive\plocha\winbox-desktop-8gl7ptv.exe (Mikrotikls SIA -> )
==================== Restore Points =========================
10-02-2023 11:15:12 Naplánovaný kontrolní bod
19-02-2023 23:28:40 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
Name: Fortinet SSL VPN Virtual Ethernet Adapter
Description: Fortinet SSL VPN Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Fortinet Inc
Service: ftsvnic
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Řadič PCI pro získávání dat a zpracování signálu
Description: Řadič PCI pro získávání dat a zpracování signálu
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: LG FH6 (49) Stereo
Description: Zdroj Microsoft Bluetooth A2dp
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthA2dp
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (02/24/2023 04:14:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: OLicenseHeartbeat.exe, verze: 16.0.13801.20182, časové razítko: 0x602dd932
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.488, časové razítko: 0x5b4a3325
Kód výjimky: 0xc06d007e
Posun chyby: 0x0000000000023e49
ID chybujícího procesu: 0x1904
Čas spuštění chybující aplikace: 0x01d947fe19db25c1
Cesta k chybující aplikaci: C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 807910c8-2131-4caf-8528-5c7277146b32
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/23/2023 09:17:43 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (02/23/2023 05:04:18 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Služba Windows Search byla zastavena, protože došlo k problému s indexovacím modulem The catalog is corrupt.
Podrobnosti:
Katalog indexu obsahu je poškozený. 0xc0041801 (0xc0041801)
Error: (02/23/2023 05:04:18 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vyhledávací služby zjistila, že index {id=4810 - onecoreuap\base\appmodel\search\search\ytrip\tripoli\inverted\decodinglayeroccurrences.cpp (600)} obsahuje poškozené datové soubory. Služba se pokusí tyto potíže automaticky odstranit vytvořením nového indexu.
Podrobnosti:
Neplatné údaje. 0x8007000d (0x8007000d)
Error: (02/23/2023 02:16:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: OLicenseHeartbeat.exe, verze: 16.0.13801.20182, časové razítko: 0x602dd932
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.488, časové razítko: 0x5b4a3325
Kód výjimky: 0xc06d007e
Posun chyby: 0x0000000000023e49
ID chybujícího procesu: 0xa6c
Čas spuštění chybující aplikace: 0x01d94724798e8b15
Cesta k chybující aplikaci: C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 2b878f1e-4804-4837-8aea-8d27d8161541
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/22/2023 03:28:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: OLicenseHeartbeat.exe, verze: 16.0.13801.20182, časové razítko: 0x602dd932
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.488, časové razítko: 0x5b4a3325
Kód výjimky: 0xc06d007e
Posun chyby: 0x0000000000023e49
ID chybujícího procesu: 0x1368
Čas spuštění chybující aplikace: 0x01d946654e35957b
Cesta k chybující aplikaci: C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: dc103884-9fbc-465c-8891-41e9818d55ff
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/21/2023 11:57:36 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (02/21/2023 01:29:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: OLicenseHeartbeat.exe, verze: 16.0.13801.20182, časové razítko: 0x602dd932
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.488, časové razítko: 0x5b4a3325
Kód výjimky: 0xc06d007e
Posun chyby: 0x0000000000023e49
ID chybujícího procesu: 0x1ad4
Čas spuštění chybující aplikace: 0x01d9458b9930a31a
Cesta k chybující aplikaci: C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 787d6642-a8de-4b98-ac7f-e5cc7e698fef
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (02/24/2023 03:01:55 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (12:05:35, 24.02.2023) bylo neočekávané.
Error: (02/24/2023 11:12:49 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (7:42:07, 24.02.2023) bylo neočekávané.
Error: (02/24/2023 07:42:24 AM) (Source: NetBT) (EventID: 4311) (User: )
Description: Inicializace se nezdařila, protože ovladač zařízení nemohl být vytvořen.
K identifikaci rozhraní, jehož inicializace se nezdařila, lze použít
řetězec %2. Je reprezentován adresou MAC tohoto rozhraní nebo globálně
jedinečným identifikátorem (GUID), pokud nemohlo rozhraní NetBT
získat adresu MAC podle identifikátoru GUID. Pokud nebyla k dispozici adresa MAC
ani identifikátor GUID, je řetězec reprezentován názvem zařízení clusteru.
Error: (02/24/2023 07:42:24 AM) (Source: NetBT) (EventID: 4311) (User: )
Description: Inicializace se nezdařila, protože ovladač zařízení nemohl být vytvořen.
K identifikaci rozhraní, jehož inicializace se nezdařila, lze použít
řetězec %2. Je reprezentován adresou MAC tohoto rozhraní nebo globálně
jedinečným identifikátorem (GUID), pokud nemohlo rozhraní NetBT
získat adresu MAC podle identifikátoru GUID. Pokud nebyla k dispozici adresa MAC
ani identifikátor GUID, je řetězec reprezentován názvem zařízení clusteru.
Error: (02/24/2023 07:42:07 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (4:11:25, 24.02.2023) bylo neočekávané.
Error: (02/24/2023 04:11:25 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (0:34:13, 24.02.2023) bylo neočekávané.
Error: (02/23/2023 08:34:25 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Inicializace se nezdařila, protože ovladač zařízení nemohl být vytvořen.
K identifikaci rozhraní, jehož inicializace se nezdařila, lze použít
řetězec %2. Je reprezentován adresou MAC tohoto rozhraní nebo globálně
jedinečným identifikátorem (GUID), pokud nemohlo rozhraní NetBT
získat adresu MAC podle identifikátoru GUID. Pokud nebyla k dispozici adresa MAC
ani identifikátor GUID, je řetězec reprezentován názvem zařízení clusteru.
Error: (02/23/2023 08:34:25 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Inicializace se nezdařila, protože ovladač zařízení nemohl být vytvořen.
K identifikaci rozhraní, jehož inicializace se nezdařila, lze použít
řetězec %2. Je reprezentován adresou MAC tohoto rozhraní nebo globálně
jedinečným identifikátorem (GUID), pokud nemohlo rozhraní NetBT
získat adresu MAC podle identifikátoru GUID. Pokud nebyla k dispozici adresa MAC
ani identifikátor GUID, je řetězec reprezentován názvem zařízení clusteru.
Windows Defender:
================
Date: 2023-02-24 19:47:35
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUADlManager:Win32/Seznam
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\hynek\Downloads\ganttproject-2.8.9-r2335.exe; file:_C:\Users\hynek\Downloads\iphotodraw.exe; file:_C:\Users\hynek\Downloads\QuickTime_Alternative_322.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-80FHSG7\hynek
Název procesu: C:\Users\hynek\OneDrive\Plocha\FRST64.exe
Verze bezpečnostních informací: AV: 1.383.559.0, AS: 1.383.559.0, NIS: 1.383.559.0
Verze modulu: AM: 1.1.20000.2, NIS: 1.1.20000.2
Date: 2023-02-24 19:47:11
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUADlManager:Win32/Seznam
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\hynek\Downloads\ganttproject-2.8.9-r2335.exe; file:_C:\Users\hynek\Downloads\iphotodraw.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-80FHSG7\hynek
Název procesu: C:\Users\hynek\OneDrive\Plocha\FRST64.exe
Verze bezpečnostních informací: AV: 1.383.559.0, AS: 1.383.559.0, NIS: 1.383.559.0
Verze modulu: AM: 1.1.20000.2, NIS: 1.1.20000.2
Date: 2023-02-24 19:46:57
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUADlManager:Win32/Seznam
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\hynek\Downloads\ganttproject-2.8.9-r2335.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-80FHSG7\hynek
Název procesu: C:\Users\hynek\OneDrive\Plocha\FRST64.exe
Verze bezpečnostních informací: AV: 1.383.559.0, AS: 1.383.559.0, NIS: 1.383.559.0
Verze modulu: AM: 1.1.20000.2, NIS: 1.1.20000.2
Date: 2023-02-23 08:26:48
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {CCC86EF5-F20E-4A84-BA11-8B15564F0C3D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:
Date: 2023-02-22 22:00:34
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.383.440.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20000.2
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Date: 2023-01-26 17:41:49
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.381.2731.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19900.2
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.
Date: 2023-01-26 17:41:49
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.381.2731.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19900.2
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.
CodeIntegrity:
===============
Date: 2023-02-24 19:36:10
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. UX302LA.210 06/16/2014
Motherboard: ASUSTeK COMPUTER INC. UX302LA
Processor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Percentage of memory in use: 52%
Total physical RAM: 8078.34 MB
Available physical RAM: 3845.31 MB
Total Virtual: 11024.03 MB
Available Virtual: 6013.75 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.13 GB) (Free:19.36 GB) (Model: WDC WDS500G2B0A-00SM50) NTFS
Drive g: (Google Drive) (Fixed) (Total:15 GB) (Free:0 GB) (Model: WDC WDS500G2B0A-00SM50) FAT32
\\?\Volume{b9d9ae16-ea76-4a6a-947c-360a513be276}\ () (Fixed) (Total:0.52 GB) (Free:0.04 GB) NTFS
\\?\Volume{5eb413b0-c14f-4eec-acf5-4e025660f874}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Size: 14.9 GB) (Disk ID: 3E78F963)
Partition: GPT.
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-02-2023
Ran by hynek (administrator) on DESKTOP-80FHSG7 (ASUSTeK COMPUTER INC. UX302LA) (24-02-2023 19:43:30)
Running from C:\Users\hynek\OneDrive\Plocha
Loaded Profiles: hynek
Platform: Microsoft Windows 10 Home Version 2004 19041.508 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe ->) (ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe ->) (ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\110.0.1587.50\identity_helper.exe
(C:\Program Files\Fortinet\FortiClient\scheduler.exe ->) (Fortinet Technologies (Canada) ULC -> Fortinet Inc.) C:\Program Files\Fortinet\FortiClient\FCDBLog.exe
(C:\Program Files\Fortinet\FortiClient\scheduler.exe ->) (Fortinet Technologies (Canada) ULC -> Fortinet Inc.) C:\Program Files\Fortinet\FortiClient\FortiSettings.exe
(C:\Program Files\Fortinet\FortiClient\scheduler.exe ->) (Fortinet Technologies (Canada) ULC -> Fortinet Inc.) C:\Program Files\Fortinet\FortiClient\FortiSSLVPNdaemon.exe
(C:\Program Files\Fortinet\FortiClient\scheduler.exe ->) (Fortinet Technologies (Canada) ULC -> Fortinet Inc.) C:\Program Files\Fortinet\FortiClient\FortiTray.exe
(C:\Program Files\Logitech\SetPointP\SetPoint.exe ->) (Logitech -> Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCopyAccelerator.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\71.0.3.0\crashpad_handler.exe <2>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\71.0.3.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel\DPTF\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <9>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(services.exe ->) (Fortinet Technologies (Canada) ULC -> Fortinet Inc.) C:\Program Files\Fortinet\FortiClient\scheduler.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe
(services.exe ->) (PaperCut Software International Pty. Ltd. -> ) C:\Program Files (x86)\PaperCut Mobility Print\pc-mobility-print.exe
(services.exe ->) (Salto Systems S.L.) [File not signed] C:\SALTO\Local IO Bridge\SaltoLocalIOBridge.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (WireGuard LLC -> WireGuard LLC) C:\Program Files\WireGuard\wireguard.exe <3>
(Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0\Spotify.exe <6>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\hynek\AppData\Local\Microsoft\OneDrive\23.033.0212.0001\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(svchost.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3951024 2019-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-12-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\71.0.3.0\GoogleDriveFS.exe [52571928 2023-02-22] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\71.0.3.0\GoogleDriveFS.exe [52571928 2023-02-22] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1695572103-1893823028-2198395607-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\71.0.3.0\GoogleDriveFS.exe [52571928 2023-02-22] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1695572103-1893823028-2198395607-1001\...\Run: [MicrosoftEdgeAutoLaunch_7157C86D8E139DAF9F76A72DBA4E1F89] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4243360 2023-02-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1695572103-1893823028-2198395607-1001\...\MountPoints2: {1fa46193-bccd-11ec-8897-806e6f6e6963} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1695572103-1893823028-2198395607-1001\...\MountPoints2: {772aca3a-8e08-11eb-bee2-5c514f3ffda9} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1695572103-1893823028-2198395607-1001\...\MountPoints2: {c23672e9-3faf-11eb-bc6e-5c514f3ffdad} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1695572103-1893823028-2198395607-1001\...\MountPoints2: {fb2e2697-f389-11eb-822b-5c514f3ffda9} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\71.0.3.0\GoogleDriveFS.exe [52571928 2023-02-22] (Google LLC -> Google, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\110.0.5481.105\Installer\chrmstp.exe [2023-02-23] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {103390A3-7ADC-469E-A2F5-F129430E2D51} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-20] (Google Inc -> Google LLC)
Task: {13D9C2BC-D6FC-4B10-8ADF-96723E15FD3E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23080304 2021-02-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {152B2D77-2A71-458B-A57E-09EF3035A29D} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1511288 2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {59E98452-3A70-454C-A34F-F4CD904B8B99} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14049536 2015-07-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {5C0BC97E-8324-46D0-97AD-2C6C649DD1EE} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-07-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {5C71F24C-96A3-4834-8F3E-89BA39C5CD79} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1510808 2002-02-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {5F90A50F-54E1-4706-9176-10C535D4759B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5FA85842-6F40-4B34-9B1B-206228C863DB} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141184 2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {74E29553-E1A3-40E6-A87D-1645393EA034} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23080304 2021-02-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {74E33745-8096-409F-9CFF-5624E7D8E84F} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141184 2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {766D223C-E82B-44DA-AB66-574EE00FD4FE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1560056 2023-02-01] (Adobe Inc. -> Adobe Inc.)
Task: {95C0BC77-7B11-43E9-A064-58581B3B449E} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-07-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {9CA47FE7-B9AB-40EA-9213-F324448AD027} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AEEEC3F5-2CD6-43B5-BD69-13049AC31A4D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-20] (Google Inc -> Google LLC)
Task: {BFD0191F-0996-47B5-88A9-56B5EB0870F5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C521CDB2-04E0-468F-8C9F-D6269A74EE25} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D084E54B-8409-4DE6-9256-8BDC3B50CB63} - System32\Tasks\CorelUpdateHelperTask-3014B226FF372FCF15F4964DE35C6FC8 => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe -resume (No File)
Task: {FEF3D880-AF9F-45EC-B539-684B05E81B89} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18400 2017-03-09] (ASUSTeK Computer Inc. -> AsusTek)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [193024 2008-08-29] (Apple Inc.) [File not signed]
Tcpip\Parameters: [DhcpNameServer] 10.0.2.1
Tcpip\..\Interfaces\{f28ceb74-3dc1-4f12-900a-e729fb925015}: [DhcpNameServer] 10.0.2.1
Tcpip\..\Interfaces\{fec86f06-80bc-46ca-87a6-7d1ef3449c62}: [DhcpNameServer] 10.0.4.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\hynek\AppData\Local\Microsoft\Edge\User Data\Default [2023-02-24]
Edge Notifications: Default -> hxxps://www.facebook.com
Edge Extension: (Edge relevant text changes) - C:\Users\hynek\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-01-24]
Edge Extension: (Virtuální klávesnice pro Microsoft Edge) - C:\Users\hynek\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pcdickjcmegnimaejnpckgfbhlbnpgan [2021-09-20]
Edge Profile: C:\Users\hynek\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2022-01-14]
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2020-10-18] [Legacy] [not signed]
FF Plugin: @java.com/DTPlugin,version=11.281.2 -> C:\Program Files\Java\jre1.8.0_281\bin\dtplugin\npDeployJava1.dll [2021-02-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.281.2 -> C:\Program Files\Java\jre1.8.0_281\bin\plugin2\npjp2.dll [2021-02-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-07-25] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-07-25] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-07-25] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-02-14] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2018-07-25] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2018-07-25] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2018-07-25] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-07-25] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-07-25] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-07-25] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1695572103-1893823028-2198395607-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-07-25] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1695572103-1893823028-2198395607-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-07-25] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1695572103-1893823028-2198395607-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-07-25] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Default [2023-02-24]
CHR Notifications: Default -> hxxps://aukro.cz; hxxps://calendar.google.com; hxxps://drive.google.com; hxxps://teams.microsoft.com; hxxps://www.messenger.com
CHR NewTab: Default -> Not-active:"chrome-extension://kmhlclefmkbikbnpmoemeendjcgbkbha/newtab.html"
CHR Extension: (Hot Virtual Keyboard Extension) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdejgojmfhngmomodldpdppfbhoajadl [2021-09-20]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2023-02-09]
CHR Extension: (Virtual Keyboard for Google Chrome™) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecjkcanpimnagobhegghdeeiagffoidk [2022-03-28]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-02-24]
CHR Extension: (Google Docs Offline) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-01-25]
CHR Extension: (Chrome Extension Manager) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Default\Extensions\iddkjobhhfbocgpebgnadlbdodajapel [2020-08-28]
CHR Extension: (Comfort On-Screen Keyboard Pro Extension) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiahaffkmigpdgabgoeipffondmlnhdn [2022-11-16]
CHR Extension: (Zoom Scheduler) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgjfgplpablkjnlkjmjdecgdpfankdle [2023-01-10]
CHR Extension: (Google Home™ for PC & Windows/Mac -New Tab BG) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhlclefmkbikbnpmoemeendjcgbkbha [2022-03-09]
CHR Extension: (Google Keep Chrome Extension) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2023-02-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Virtual Keyboard) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflmllfnnabikmfkkaddkoolinlfninn [2021-09-20]
CHR Profile: C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-02-24]
CHR Profile: C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 2 [2023-01-08]
CHR Extension: (The Cook Company) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\afhcomalholahplbjhnmahkoekoijban [2021-09-20]
CHR Extension: (Plná Peněženka Lištička) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ecmgkhgjmodembdmiimbacpjgcdimiek [2023-01-08]
CHR Extension: (Google Docs Offline) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-01-08]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-09-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-20]
CHR Extension: (Virtual Keyboard) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pflmllfnnabikmfkkaddkoolinlfninn [2021-09-20]
CHR Profile: C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 4 [2023-01-08]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-01-08]
CHR Extension: (Google Docs Offline) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-01-08]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-12-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-12-02]
CHR Profile: C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 5 [2023-02-24]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-02-24]
CHR Extension: (Google Docs Offline) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-01-30]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-01-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-10-05]
CHR Profile: C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 6 [2022-12-02]
CHR Extension: (Adobe Acrobat: nástroje pro úpravu, převod a podpis souborů PDF) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-12-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-12-02]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2022-12-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-12-02]
CHR Profile: C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 7 [2023-01-08]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-01-08]
CHR Extension: (Google Docs Offline) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-12-02]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2022-12-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\hynek\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-12-02]
CHR Profile: C:\Users\hynek\AppData\Local\Google\Chrome\User Data\System Profile [2023-02-24]
CHR HKU\S-1-5-21-1695572103-1893823028-2198395607-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\hynek\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx <not found>
CHR HKU\S-1-5-21-1695572103-1893823028-2198395607-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-02-01] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8988552 2021-02-22] (Microsoft Corporation -> Microsoft Corporation)
R2 FA_Scheduler; C:\Program Files\Fortinet\FortiClient\scheduler.exe [413784 2022-08-31] (Fortinet Technologies (Canada) ULC -> Fortinet Inc.)
R2 ibtsiva.exe; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [135408 2015-06-18] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R2 pc-mobility-print; C:\Program Files (x86)\PaperCut Mobility Print\pc-mobility-print.exe [5274992 2021-02-23] (PaperCut Software International Pty. Ltd. -> )
R2 SaltoLocalIOBridge; C:\SALTO\Local IO Bridge\SaltoLocalIOBridge.exe [189440 2019-08-05] (Salto Systems S.L.) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [14621592 2022-07-13] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe [3191256 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe [133576 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WireGuardManager; C:\Program Files\WireGuard\wireguard.exe [8185648 2021-12-22] (WireGuard LLC -> WireGuard LLC)
R2 WireGuardTunnel$Rubyk-Brydl; C:\Program Files\WireGuard\wireguard.exe [8185648 2021-12-22] (WireGuard LLC -> WireGuard LLC)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AmPeStor; C:\WINDOWS\system32\drivers\AmPeStor.sys [159920 2015-07-24] (AlcorMicro, Corp. -> Alcor Micro, Corp.)
R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [128024 2017-03-09] (ASUSTeK Computer Inc. -> ASUS Corporation)
R1 FortiFilter; C:\WINDOWS\system32\DRIVERS\FortiFilter.sys [35400 2022-08-31] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
S3 Fortips; C:\WINDOWS\System32\drivers\fortips.sys [165056 2022-08-31] (Fortinet, Inc. -> Fortinet Inc)
S3 FortiTransCtrl; C:\WINDOWS\System32\drivers\FortiTransCtrl.sys [85696 2022-08-31] (Fortinet, Inc. -> Fortinet Inc)
S3 ftsvnic; C:\WINDOWS\System32\drivers\ftsvnic.sys [72800 2022-08-31] (Fortinet, Inc. -> Fortinet Inc.)
R3 ft_vnic; C:\WINDOWS\System32\drivers\ftvnic.sys [70368 2022-08-31] (Fortinet Technologies (Canada) Inc. -> Fortinet Corporation)
R1 googledrivefs31092; C:\WINDOWS\System32\DRIVERS\googledrivefs31092.sys [384600 2023-02-07] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32680 2019-08-07] (ASUSTek Computer Inc. -> ASUS)
S3 MpKsl1d4ebba4; C:\WINDOWS\system32\MpEngineStore\MpKslDrv.sys [134376 2022-01-17] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl93cef076; C:\WINDOWS\system32\MpEngineStore\MpKslDrv.sys [134376 2022-01-17] (Microsoft Windows -> Microsoft Corporation)
R2 NPF; C:\Windows\SysWOW64\drivers\npf64.sys [36600 2015-04-28] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2023-02-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [473336 2023-02-15] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99576 2023-02-15] (Microsoft Windows -> Microsoft Corporation)
R3 WireGuard; C:\WINDOWS\system32\DRIVERS\wireguard.sys [489368 2021-10-25] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-02-24 19:34 - 2023-02-24 19:44 - 000000000 ____D C:\FRST
2023-02-23 14:01 - 2023-02-23 14:01 - 000000000 ____D C:\Users\hynek\AppData\Local\Zoom
2023-02-23 14:00 - 2023-02-23 14:00 - 000000000 ____D C:\Users\hynek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2023-02-21 15:26 - 2023-02-21 15:26 - 000000089 _____ C:\Users\hynek\Downloads\recovery_codes.txt
2023-02-21 14:33 - 2023-02-21 14:33 - 000375838 _____ C:\Users\hynek\Downloads\Metodicke_doporuceni-Blue_03-1 (4).pdf
2023-02-21 12:08 - 2023-02-21 12:09 - 108504945 _____ C:\Users\hynek\Downloads\20230222.zip
2023-02-20 16:48 - 2023-02-20 16:48 - 001510610 _____ C:\Users\hynek\Downloads\Příloha 04 Projektová dokumentace_FVE Štýřice (2).pdf
2023-02-20 13:26 - 2023-02-20 13:26 - 000239733 _____ C:\Users\hynek\Downloads\9120011692.pdf
2023-02-20 13:26 - 2023-02-20 13:26 - 000225012 _____ C:\Users\hynek\Downloads\6120114101 (1).pdf
2023-02-20 13:26 - 2023-02-20 13:26 - 000220010 _____ C:\Users\hynek\Downloads\9120024517.pdf
2023-02-20 13:25 - 2023-02-20 13:25 - 000242074 _____ C:\Users\hynek\Downloads\6120214145.pdf
2023-02-20 13:04 - 2023-02-20 13:04 - 003683273 _____ C:\Users\hynek\Downloads\Příloha č. 1_FVE 44,46 kWp B.D.H.Kovo.pdf
2023-02-20 13:03 - 2023-02-20 13:03 - 001510610 _____ C:\Users\hynek\Downloads\Příloha 04 Projektová dokumentace_FVE Štýřice (1).pdf
2023-02-20 13:00 - 2023-02-20 13:00 - 001510610 _____ C:\Users\hynek\Downloads\Příloha 04 Projektová dokumentace_FVE Štýřice.pdf
2023-02-20 12:43 - 2023-02-20 12:43 - 002477653 _____ C:\Users\hynek\Downloads\madrid_en.pdf
2023-02-20 12:43 - 2023-02-20 12:43 - 000226821 _____ C:\Users\hynek\Downloads\voucher-DC-4655610.pdf
2023-02-20 06:59 - 2023-02-20 07:03 - 000183220 _____ C:\Users\hynek\Downloads\F_Karta_Reklamace2.pdf
2023-02-19 19:55 - 2023-02-19 20:07 - 000184169 _____ C:\Users\hynek\Downloads\F_Karta_Reklamace.pdf
2023-02-18 18:08 - 2023-02-18 18:08 - 002825123 _____ C:\Users\hynek\Downloads\1662641157_Manuál pro vytvoření účtu v AIS_v3.pdf
2023-02-16 16:31 - 2023-02-16 16:31 - 000251749 _____ C:\Users\hynek\Downloads\6463_6455_Smlouva_o_zajezdu_platne_infocesta.03.xlsx
2023-02-16 16:13 - 2023-02-16 16:13 - 000003133 _____ C:\Users\hynek\Downloads\index_2023-02-01_2023-02-15.xlsx
2023-02-16 16:12 - 2023-02-16 16:12 - 000005120 _____ C:\Users\hynek\Downloads\consommation_2023-02-01_2023-02-15.xls
2023-02-13 20:17 - 2023-02-13 20:17 - 000000000 ____D C:\Users\hynek\OneDrive\Dokumenty\PDF Architect
2023-02-09 13:33 - 2023-02-09 13:34 - 202575587 _____ C:\Users\hynek\Downloads\zasilka-HN7F9WDV37NYNAXE.zip
2023-02-09 09:04 - 2023-02-20 13:42 - 000000000 ____D C:\WINDOWS\Minidump
2023-02-01 10:37 - 2023-02-01 10:38 - 157247270 _____ C:\Users\hynek\Downloads\20230201.zip
2023-02-01 09:42 - 2023-02-02 18:47 - 000833932 _____ C:\Users\hynek\Downloads\Exim_FM-2023_letak_A4_vylohy.pdf
2023-02-01 09:42 - 2023-02-02 18:46 - 000870758 _____ C:\Users\hynek\Downloads\Fischer_FM-2023_letak_A4_vylohy.pdf
2023-01-30 15:20 - 2023-01-30 15:20 - 000285488 _____ C:\Users\hynek\Downloads\96880208.pdf
2023-01-26 09:03 - 2023-01-26 09:03 - 000406476 _____ C:\Users\hynek\Downloads\rm09_usneseni_16.01.2023.pdf
2023-01-25 08:53 - 2023-01-25 08:53 - 000306436 _____ C:\Users\hynek\Downloads\CestovniSmlouva-OP674358575-S0002-TD00179150.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-02-24 19:43 - 2021-09-07 19:03 - 000000000 ____D C:\Users\Host
2023-02-24 19:43 - 2019-07-20 11:17 - 000000000 ____D C:\Users\hynek\OneDrive\Dokumenty\Soubory aplikace Outlook
2023-02-24 19:31 - 2022-12-14 16:08 - 000000000 ___RD C:\Users\hynek\OneDrive - DER Touristik CZ
2023-02-24 19:31 - 2019-08-06 21:00 - 000000000 ___RD C:\Users\hynek\Disk Google
2023-02-24 19:31 - 2019-07-20 10:27 - 000000000 ___RD C:\Users\hynek\OneDrive
2023-02-24 19:30 - 2021-01-10 16:57 - 000000000 ____D C:\Users\hynek\AppData\Roaming\Signal
2023-02-24 19:30 - 2020-09-07 01:38 - 000000000 ____D C:\Users\hynek
2023-02-24 19:30 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-02-24 19:30 - 2019-07-21 16:30 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2023-02-24 19:30 - 2019-07-21 16:30 - 000000000 __SHD C:\Users\hynek\IntelGraphicsProfiles
2023-02-24 19:30 - 2019-07-20 11:22 - 000000000 ____D C:\Program Files (x86)\Google
2023-02-24 19:30 - 2019-07-20 10:26 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2023-02-24 19:11 - 2020-09-07 08:38 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-02-24 15:10 - 2020-09-07 08:44 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-02-24 15:06 - 2020-09-07 08:48 - 094580676 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-02-24 15:06 - 2019-12-07 15:41 - 093391652 _____ C:\WINDOWS\system32\perfh005.dat
2023-02-24 15:06 - 2019-12-07 15:41 - 028772280 _____ C:\WINDOWS\system32\perfc005.dat
2023-02-24 15:02 - 2019-08-16 17:34 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2023-02-24 15:01 - 2020-09-07 08:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-02-24 15:01 - 2020-09-07 08:38 - 000008192 ___SH C:\DumpStack.log.tmp
2023-02-24 15:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-02-24 11:43 - 2019-07-20 10:24 - 000000000 ____D C:\Users\hynek\AppData\Local\Packages
2023-02-23 16:19 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-02-23 16:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-02-23 14:01 - 2020-03-27 18:41 - 000000000 ____D C:\Users\hynek\AppData\Roaming\Zoom
2023-02-23 09:13 - 2019-07-20 11:24 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-02-23 08:16 - 2021-12-14 13:16 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1695572103-1893823028-2198395607-1001
2023-02-23 08:16 - 2021-06-29 13:14 - 000002381 _____ C:\Users\hynek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-02-23 08:16 - 2020-09-07 08:44 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1695572103-1893823028-2198395607-1001
2023-02-22 16:03 - 2021-09-22 18:23 - 000002057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2023-02-19 11:14 - 2020-06-08 23:17 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-02-18 10:11 - 2022-10-13 13:06 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-02-15 01:38 - 2019-07-20 10:03 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-02-10 11:08 - 2020-09-07 08:44 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-02-10 11:08 - 2020-09-07 08:44 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
