VIRY.CZ

Dobrý den, prosím o kontrolu LOGu. Kolegyně při kontrole nevyžádané pošty v klientu Thunderbird zjistila podivné chování klienta - nešla smazat nevyžádaná pošta. Defender zjitil 3 hrozby viz. prinscreen v příloze. Zasílam i výstupy z FRST. Předem moc děkuji za analýzu. Lukáš.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-05-2023 01
Ran by Uživatel (administrator) on PAVLINA-PC (MSI MS-7816) (15-05-2023 15:28:34)
Running from C:\Users\Uživatel\Desktop\FRST64.exe
Loaded Profiles: Uživatel
Platform: Microsoft Windows 10 Home Version 22H2 19045.2965 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(C:\Program Files\HP\HP Deskjet 5520 series\Bin\ScanToPCActivationApp.exe ->) (HP Inc. -> Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 5520 series\Bin\HPNetworkCommunicator.exe
(C:\Users\Uživatel\AppData\Local\SynologyDrive\SynologyDrive.app\bin\cloud-drive-ui.exe ->) (Synology Inc. -> Synology Inc.) C:\Users\Uživatel\AppData\Local\SynologyDrive\SynologyDrive.app\bin\cloud-drive-connect.exe
(C:\Users\Uživatel\AppData\Local\SynologyDrive\SynologyDrive.app\bin\cloud-drive-ui.exe ->) (Synology Inc. -> Synology Inc.) C:\Users\Uživatel\AppData\Local\SynologyDrive\SynologyDrive.app\bin\cloud-drive-daemon.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <7>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <11>
(explorer.exe ->) (HP Inc. -> Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 5520 series\Bin\ScanToPCActivationApp.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\NisSrv.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
(services.exe ->) (pdfforge GmbH -> © pdfforge GmbH.) C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe
(services.exe ->) (pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 4\creator-ws.exe
(services.exe ->) (Synology Inc. -> ) C:\Program Files (x86)\Synology\SynologyDrive\bin\vss-service-x64.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Synology Inc. -> Synology Inc.) C:\Users\Uživatel\AppData\Local\SynologyDrive\SynologyDrive.app\bin\cloud-drive-ui.exe
(Xerox Corporation -> Xerox Corporation) C:\Windows\System32\spool\drivers\x64\3\x3jobt3X.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8484056 2015-06-12] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1172256 2014-11-10] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11327200 2023-05-02] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [ICAMaintenance_ICAPKIService_RegKeysRefresh] => C:\Program Files (x86)\I.CA\I.CA Maintenance\ICAMaintenance.exe [283904 2019-08-02] (Prvni certifikacni autorita, a.s. -> I.CA, a.s.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-450401166-1016523066-3138213836-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [40412984 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-450401166-1016523066-3138213836-1000\...\Run: [HP Deskjet 5520 series (NET)] => C:\Program Files\HP\HP Deskjet 5520 series\Bin\ScanToPCActivationApp.exe [2572960 2021-12-02] (HP Inc. -> Hewlett-Packard Co.)
HKU\S-1-5-21-450401166-1016523066-3138213836-1000\...\Run: [MicrosoftEdgeAutoLaunch_83C387DA30640047C508B0EE92F9D83E] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4152256 2023-05-11] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-450401166-1016523066-3138213836-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [224768 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\XeroxV5Print: C:\Windows\System32\spool\prtprocs\x64\x5print.dll [90112 2022-04-01] (Microsoft Windows Hardware Compatibility Publisher -> Xerox Corporation)
HKLM\...\Print\Monitors\HP B611 Status Monitor: C:\WINDOWS\system32\hpinkstsB611LM.dll [331664 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 5520 series): C:\WINDOWS\system32\HPDiscoPMB611.dll [741536 2021-12-02] (HP Inc. -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\LIDIL hpzllw71: C:\WINDOWS\system32\hpzllw71.dll [53248 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\pdfcmon: C:\WINDOWS\system32\pdfcmon.dll [115200 2016-12-01] (pdfforge GmbH) [File not signed]
HKLM\...\Print\Monitors\Port pro virtualizaci Xerox: C:\WINDOWS\system32\x5lrsl.dll [129024 2022-04-01] (Microsoft Windows Hardware Compatibility Publisher -> Xerox Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\113.0.5672.93\Installer\chrmstp.exe [2023-05-12] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Startup: C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Deskjet 5520 series (Síť).lnk [2022-07-18]
ShortcutAndArgument: Sledovat výstrahy inkoustu - HP Deskjet 5520 series (Síť).lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP Deskjet 5520 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN3CH610WP05SX;CONNECTION=NW;MONITOR=1;
Startup: C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Synology Drive Client.lnk [2023-05-15]
ShortcutTarget: Synology Drive Client.lnk -> C:\Program Files (x86)\Synology\SynologyDrive\bin\launcher.exe (Synology Inc. -> Synology Inc.)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0009868E-C595-4608-AFCC-93C7D694DCD3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-05-31] (Google Inc -> Google Inc.)
Task: {026140A9-FFD3-4272-A5E7-7BE362196712} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {17B62CE6-CC7F-41C6-BDC4-625A70C2162B} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe/RestartRecording
Task: {20DE0441-F525-468A-83EE-6C7DEA201511} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe/OCURActivate
Task: {244B8014-7E8B-4049-9F51-D75D071F2079} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
Task: {2FD0FC22-287F-4B39-9F44-A98625526FDB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe/wait:7 /PBDADiscovery
Task: {33285AA4-54D5-436E-BA67-018069CBB4CE} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => C:\WINDOWS\system32\sipnotify.exe-Daily
Task: {3BD1C11C-F2D2-4F42-A283-29201AC0A7D5} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe/DoActivateWindowsSearch
Task: {3C964AF7-F2E4-49F0-8910-86C27B71DEC3} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {428C1349-38E6-4596-A1BC-DFD58864C840} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {474D078F-8254-46BB-B2F4-4931BB59440C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4999A7BA-E17D-4547-ADB6-F43C716998C9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4A460418-C196-4A1D-8728-B08D92814258} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4D7ED8B9-2C8F-48D2-A8D3-EC2AFBCC824C} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {5095AD7F-6EE9-4E85-A8D3-81C31C0495DE} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe-ObjectStoreRecoveryTask
Task: {5228881E-E683-425D-83DF-D5C4BFD28D67} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe-pscn 0
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {6232C677-DA7E-4935-94E3-4578707C872E} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe/OCURDiscovery $(Arg0)
Task: {62E37B04-FD48-4CF0-992F-521DE0E63491} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
Task: {68C2F922-6634-4EC0-A800-0CEA0E7AB0CE} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [676768 2023-05-12] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {6EECA3EF-ECBC-4118-8DF1-D1568C8810BF} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe-SqlLiteRecoveryTask
Task: {79D59129-0CCB-4609-91CC-F9CC12C1FF41} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {87DBEE3D-770E-4F10-A516-90BAE93F0BF3} - \Microsoft\Windows\Setup\EOSNotify2 -> No File <==== ATTENTION
Task: {8AF5FA82-11BA-4A64-8D63-B43E1497450C} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-09] (Adobe Inc. -> Adobe)
Task: {8BBC646F-0989-4A5A-8E64-1B0E978FAEA3} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe-MediaCenterRecoveryTask
Task: {8CE1A989-D0D1-4BEC-818A-4A25A49F64B2} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe$(Arg0)
Task: {8E0A9B9F-B423-4199-A07A-F6029E96E8E3} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe/DoRegisterSearch $(Arg0)
Task: {9D16D8C4-E40B-4780-92F6-782984525A81} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {A1D0D37E-8F38-43A2-8274-B10D359957BC} - \Microsoft\Windows\Setup\EOSNotify -> No File <==== ATTENTION
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B954110E-604A-4A86-8BBD-BD58AD5A7028} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe/DoUpdateRecordPath $(Arg0)
Task: {BDE6FC05-95BD-4D1A-A100-75F06A82C04D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe/wait:90 /PBDADiscovery
Task: {C23BCDE7-A5AA-4DCC-9629-F8A7400174BB} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [732064 2023-05-12] (Mozilla Corporation -> Mozilla Foundation)
Task: {CD404E88-A06E-468A-96A6-10883247532F} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe/InstallPlayReady $(Arg0)
Task: {D464D5F3-3DC5-4413-9AD3-E47E3040BAA2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe/PBDADiscovery
Task: {D522DE68-5722-4592-B6BA-CDE9BACAF1B8} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe/DRMInit
Task: {E000265B-A696-4448-A578-64A11FC3524D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-05-31] (Google Inc -> Google Inc.)
Task: {E0C9574C-5CFA-4488-BFEA-137E686AE660} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EBCA26F1-8AB2-4F50-B111-2DE49DEF56C4} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe/DoRecoveryTasks $(Arg0)
Task: {F08C6A79-D118-460C-94B1-7F198461D150} - System32\Tasks\CCleanerSkipUAC - Uživatel => C:\Program Files\CCleaner\CCleaner.exe [34159416 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {F267BCD2-D5FF-437D-90EF-C946CCDA32E9} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => C:\WINDOWS\system32\sipnotify.exe-LogonOrUnlock
Task: {F69B71A6-6CE8-4066-B25B-84F51239A50E} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {F6EE27A9-7FDD-4724-8B7A-33A204777801} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe-PvrSchedule
Task: {F9354884-260D-4369-8854-0B93873EBFD2} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
Task: {FA16494B-72CF-465D-BF45-20D3131A8FAF} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe/DoReindexSearchRoot
Task: {FBE7FCCC-6133-47F8-8BE0-74D070672214} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703544 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "ab1b473f-8ac4-4719-b8cf-6593d199e944" --version "6.11.10455" --silent
Task: {FC7873AD-A1C1-46D7-8728-B5210F0106AF} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe/DoConfigureInternetTimeService
Task: {FEE2E4EA-28F4-486A-A8DF-BD40F492DB5A} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe-PvrRecoveryTask

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{392B0698-C84C-4562-AF22-87D0A905702C}: [DhcpNameServer] 10.0.0.138

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Uživatel\AppData\Local\Microsoft\Edge\User Data\Default [2023-05-15]
Edge Extension: (Edge relevant text changes) - C:\Users\Uživatel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-04-24]

FireFox:
========
FF DefaultProfile: bw4qkonu.default
FF ProfilePath: C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\bw4qkonu.default [2023-05-15]
FF DownloadDir: C:\Users\Pavlína\Desktop
FF Homepage: Mozilla\Firefox\Profiles\bw4qkonu.default -> hxxp://www.seznam.cz/
FF Notifications: Mozilla\Firefox\Profiles\bw4qkonu.default -> hxxps://novaplus.nova.cz; hxxps://www.invia.cz
FF Extension: (FormApps Extension) - C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\bw4qkonu.default\Extensions\{69F080C9-A1D8-42F8-BD83-3D54D4BC81B3}.xpi [2021-04-06]
FF Extension: (No Name) - C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\bw4qkonu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2023-03-30]
FF Extension: (Seznam doplněk - Email) - C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\bw4qkonu.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2023-03-07]
FF Extension: (JavaScript Debugger) - C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\bw4qkonu.default\Extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}.xpi [2016-06-03] [Legacy]
FF HKLM\...\Firefox\Extensions: [pdf_architect_4_conv@pdfarchitect.org] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension
FF Extension: (PDF Architect 4 Creator) - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2016-12-01] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-05-04] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-11-10] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-11-10] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: PDF Architect 4 -> C:\Program Files (x86)\PDF Architect 4\np-previewer.dll [2016-08-05] (pdfforge GmbH -> pdfforge GmbH)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default [2023-05-15]
CHR Notifications: Default -> hxxps://businesscenter.podnikatel.cz; hxxps://calendar.google.com; hxxps://novaplus.nova.cz; hxxps://www.facebook.com
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/","hxxps://calendar.googl ... r/r?tab=wc"
CHR Extension: (uBlock Origin) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-04-27]
CHR Extension: (Elektronický podpis ČSOB) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahecpanklnlonjjlojnjjcigcbflego [2022-09-26]
CHR Extension: (Adobe Acrobat: nástroje pro úpravu, převod a podpis souborů PDF) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-05-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-25]
CHR Extension: (FormApps Extension) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2022-10-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-03]
CHR Profile: C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-06-24]
CHR Profile: C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\System Profile [2019-06-24]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2023-05-02] (Dropbox, Inc -> Dropbox, Inc.)
S3 I.CA Maintenance Service; C:\Program Files (x86)\I.CA\I.CA Maintenance\ICAMaintenance.exe [283904 2019-08-02] (Prvni certifikacni autorita, a.s. -> I.CA, a.s.)
S3 I.CA Maintenance Service2; C:\Program Files (x86)\I.CA\I.CA Maintenance2\ICAMaintenance.exe [298872 2021-10-04] (Prvni certifikacni autorita, a.s. -> I.CA, a.s.)
S3 intelsba; C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [54976 2014-03-27] (Intel Corporation - Business Client Platform Division -> Intel Corporation)
R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> MICRO-STAR INTERNATIONAL CO., LTD.)
S3 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2438880 2016-08-05] (pdfforge GmbH -> pdfforge GmbH)
S3 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2016-08-05] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [851168 2016-08-05] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 4 Manager; C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe [972056 2016-05-18] (pdfforge GmbH -> © pdfforge GmbH.)
R2 Synology Drive VSS Service x64; C:\Program Files (x86)\Synology\SynologyDrive\bin\vss-service-x64.exe [360320 2023-02-02] (Synology Inc. -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [15593272 2023-05-02] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\NisSrv.exe [3216064 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe [133544 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 GemCCID; C:\WINDOWS\System32\drivers\GemCCID.sys [137712 2016-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Gemalto)
S3 KMWDFILTER; C:\WINDOWS\System32\drivers\KMWDFILTER.sys [30208 2009-04-29] (MLK Technologies Limited -> Windows (R) Codename Longhorn DDK provider)
R3 MpKsl715a28f0; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F1106DF9-7C1D-46BB-9B98-85413BE60B14}\MpKslDrv.sys [212264 2023-05-15] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2023-05-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [498944 2023-05-03] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99608 2023-05-03] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-05-15 15:28 - 2023-05-15 15:29 - 000029322 _____ C:\Users\Uživatel\Desktop\FRST.txt
2023-05-15 15:28 - 2023-05-15 15:28 - 000000000 ____D C:\FRST
2023-05-15 15:26 - 2023-05-15 15:26 - 002382848 _____ (Farbar) C:\Users\Uživatel\Desktop\FRST64.exe
2023-05-15 14:32 - 2023-05-15 14:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synology
2023-05-12 10:01 - 2023-05-15 10:41 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2023-05-11 14:31 - 2023-05-11 14:31 - 000000000 ___HD C:\$WinREAgent
2023-05-09 14:55 - 2023-05-09 14:55 - 000065218 _____ C:\Users\Uživatel\Downloads\csob_export_pohyby_20230509_14_55.pdf
2023-05-09 10:52 - 2023-05-15 10:41 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-05-09 10:52 - 2023-05-09 10:52 - 000003474 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-05-09 10:52 - 2023-05-09 10:52 - 000002906 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Uživatel
2023-05-04 12:20 - 2023-05-04 12:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2023-05-04 12:16 - 2023-05-04 12:16 - 000000000 ____D C:\Users\Uživatel\AppData\Local\DropboxUpdate
2023-05-02 15:59 - 2023-05-02 15:59 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2023-05-02 15:14 - 2023-05-02 15:14 - 000067256 _____ C:\Users\Uživatel\Downloads\183447234_20230430_4_MCZB.pdf
2023-05-02 15:12 - 2023-05-02 15:12 - 000082279 _____ C:\Users\Uživatel\Downloads\csob_export_pohyby_20230502_15_12.pdf
2023-05-02 15:03 - 2023-05-02 15:03 - 000403875 _____ C:\Users\Uživatel\Downloads\csob_export_pohyby_20230502_15_03.pdf
2023-04-30 20:00 - 2023-04-30 20:00 - 000021720 _____ C:\Users\Uživatel\Downloads\183904239_20221031_10_MCZB.pdf
2023-04-26 14:14 - 2023-05-15 10:41 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2023-04-24 13:51 - 2023-04-24 13:51 - 000081175 _____ C:\Users\Uživatel\Downloads\csob_export_pohyby_20230424_13_51.pdf
2023-04-24 13:30 - 2023-04-24 13:30 - 000224457 _____ C:\Users\Uživatel\Downloads\OZV č. 6-2021 - odpad.pdf
2023-04-24 13:28 - 2023-04-24 13:28 - 000126054 _____ C:\Users\Uživatel\Downloads\ČLÁNEK - MP zpravodaj 01-2023.pdf
2023-04-19 18:03 - 2023-04-19 18:03 - 000441713 _____ C:\Users\Uživatel\Downloads\893680495.pdf
2023-04-17 18:49 - 2023-04-17 18:49 - 000003655 _____ C:\Users\Uživatel\Downloads\DPZMB1-6203252275-20230417-184746-559211580-potvrzeni.pdf
2023-04-17 18:45 - 2023-04-17 18:45 - 000000650 _____ C:\Users\Uživatel\Desktop\Žádost III.2023.xml
2023-04-17 18:27 - 2023-04-17 18:27 - 000003537 _____ C:\Users\Uživatel\Downloads\DPHDP3-6203252275-20230417-182627-1628839853-potvrzeni.pdf
2023-04-17 18:23 - 2023-04-17 18:23 - 000003532 _____ C:\Users\Uživatel\Downloads\DPHKH1-6203252275-20230417-182219-1628839820-potvrzeni.pdf
2023-04-17 18:17 - 2023-04-17 18:17 - 000007202 _____ C:\Users\Uživatel\Desktop\KH I. Q 2023.xml
2023-04-17 18:01 - 2023-04-17 18:01 - 000001745 _____ C:\Users\Uživatel\Desktop\DPH I.Q 2023.xml
2023-04-17 15:23 - 2023-04-17 15:23 - 000082996 _____ C:\Users\Uživatel\Downloads\csob_export_pohyby_20230417_15_23.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-05-15 15:26 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-05-15 15:12 - 2022-02-10 11:12 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-05-15 15:12 - 2016-11-18 12:29 - 000000000 ____D C:\Users\Uživatel\AppData\LocalLow\Mozilla
2023-05-15 15:10 - 2022-10-06 16:08 - 000000000 ____D C:\ProgramData\I.CA SecureStore
2023-05-15 15:09 - 2023-02-06 16:10 - 000000000 ____D C:\Stereo2023 v25
2023-05-15 14:54 - 2016-06-03 13:11 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2023-05-15 14:46 - 2016-05-31 11:16 - 000000000 ____D C:\Program Files (x86)\Google
2023-05-15 14:32 - 2020-10-19 12:12 - 000000000 ___RD C:\Users\Uživatel\Shared with me
2023-05-15 14:32 - 2020-10-19 12:11 - 000000000 ___RD C:\SynologyDrive
2023-05-15 14:32 - 2020-10-19 12:10 - 000001360 _____ C:\Users\Public\Desktop\Synology Drive Client.lnk
2023-05-15 14:32 - 2020-10-19 12:10 - 000000000 ____D C:\Users\Uživatel\AppData\Local\SynologyDrive
2023-05-15 14:32 - 2020-10-19 12:10 - 000000000 ____D C:\Program Files (x86)\Synology
2023-05-15 13:46 - 2019-01-15 11:24 - 000000000 ____D C:\Scaner
2023-05-15 13:45 - 2020-10-12 09:49 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-05-15 10:52 - 2017-05-25 12:30 - 000000000 ____D C:\Program Files\CCleaner
2023-05-15 10:49 - 2022-05-26 11:10 - 000000000 ____D C:\Users\Uživatel\AppData\Roaming\DropboxElectron
2023-05-15 10:49 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-05-15 10:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-05-15 10:49 - 2016-06-03 15:27 - 000000000 ____D C:\Users\Uživatel\AppData\Local\Dropbox
2023-05-15 10:49 - 2016-05-31 11:08 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2023-05-15 10:49 - 2016-05-31 11:06 - 000000000 __SHD C:\Users\Uživatel\IntelGraphicsProfiles
2023-05-15 10:47 - 2020-10-12 09:59 - 001796828 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-05-15 10:47 - 2019-12-07 16:41 - 000750852 _____ C:\WINDOWS\system32\perfh005.dat
2023-05-15 10:47 - 2019-12-07 16:41 - 000162426 _____ C:\WINDOWS\system32\perfc005.dat
2023-05-15 10:47 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-05-15 10:46 - 2023-01-17 13:51 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-05-15 10:46 - 2020-06-10 09:24 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-05-15 10:41 - 2020-10-12 09:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-05-15 10:41 - 2020-10-12 09:49 - 000352448 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-05-15 10:41 - 2020-10-12 09:49 - 000008192 ___SH C:\DumpStack.log.tmp
2023-05-15 10:41 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2023-05-15 10:41 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\system32\cs
2023-05-15 10:41 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-05-15 10:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-05-15 10:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-05-15 10:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-05-15 10:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2023-05-15 10:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-05-15 10:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-05-15 10:41 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-05-15 10:41 - 2016-06-03 15:27 - 000000912 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2023-05-15 10:41 - 2016-06-03 15:27 - 000000908 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2023-05-15 10:41 - 2016-06-03 11:55 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-05-12 14:53 - 2016-06-03 11:55 - 000001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-05-12 14:28 - 2016-06-03 13:35 - 000000000 ____D C:\Users\Uživatel\AppData\Roaming\Microsoft\Word
2023-05-12 11:02 - 2020-10-12 09:55 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-05-12 11:01 - 2022-10-13 16:02 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-05-12 11:01 - 2022-10-13 16:02 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-05-12 10:02 - 2020-10-12 09:55 - 000004206 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{3414EC85-4196-4CFC-91DE-6D620C022C30}
2023-05-12 10:00 - 2016-05-31 11:16 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-05-12 10:00 - 2016-05-31 11:16 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-05-12 09:59 - 2020-10-12 09:55 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-05-12 09:59 - 2020-10-12 09:55 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-05-11 17:42 - 2016-06-03 13:09 - 000000000 ____D C:\Users\Uživatel\TapinRadio
2023-05-11 14:42 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-05-11 14:40 - 2020-10-12 09:50 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-05-11 14:29 - 2020-09-30 11:02 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-05-11 14:29 - 2016-05-31 15:04 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-05-11 14:25 - 2016-05-31 15:04 - 159583304 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-05-10 11:15 - 2021-12-13 12:17 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-450401166-1016523066-3138213836-1000
2023-05-10 11:15 - 2020-10-12 09:55 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-450401166-1016523066-3138213836-1000
2023-05-10 11:15 - 2020-10-12 09:51 - 000002426 _____ C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-05-09 10:52 - 2020-10-12 09:55 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-05-04 12:20 - 2016-06-03 15:27 - 000000000 ____D C:\Program Files (x86)\Dropbox
2023-05-03 11:00 - 2020-02-19 19:14 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-05-02 10:43 - 2020-10-12 09:55 - 000003972 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2023-05-02 10:43 - 2020-10-12 09:55 - 000003740 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2023-04-27 10:27 - 2016-06-03 11:56 - 000001209 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2023-04-26 12:41 - 2020-10-12 09:55 - 000003768 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-04-26 12:41 - 2020-10-12 09:55 - 000003644 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-04-21 14:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-04-21 14:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-04-21 14:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-04-21 14:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-04-21 14:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-04-21 14:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-04-21 14:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-05-2023 01
Ran by Uživatel (15-05-2023 15:30:02)
Running from C:\Users\Uživatel\Desktop
Microsoft Windows 10 Home Version 22H2 19045.2965 (X64) (2020-10-12 07:55:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-450401166-1016523066-3138213836-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-450401166-1016523066-3138213836-503 - Limited - Disabled)
Guest (S-1-5-21-450401166-1016523066-3138213836-501 - Limited - Enabled)
Uživatel (S-1-5-21-450401166-1016523066-3138213836-1000 - Administrator - Enabled) => C:\Users\Uživatel
WDAGUtilityAccount (S-1-5-21-450401166-1016523066-3138213836-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
ACS Unified PC/SC Driver 4.3.1.0 (HKLM\...\{70105406-1CAF-4162-8A0B-C47361317A78}) (Version: 4.3.1.0 - Advanced Card Systems Ltd.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 23.001.20174 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Balíček ovladače systému Windows - Advanced Card Systems Ltd. Unified PC/SC Driver (01/08/2019 4.3.1.0) (HKLM\...\F0BF7B36B8B2F7E24302D9C217904BB74C70A5BE) (Version: 01/08/2019 4.3.1.0 - Advanced Card Systems Ltd.)
Balíček ovladače systému Windows - ICASecureStore Minidriver SmartCard (05/29/2021 3.0.0.0) (HKLM\...\3E0B23DD1DE869F3B876AC4D03BB9FF5BC3887A5) (Version: 05/29/2021 3.0.0.0 - ICASecureStore Minidriver)
CCleaner (HKLM\...\CCleaner) (Version: 6.11 - Piriform)
Dropbox (HKLM-x32\...\Dropbox) (Version: 173.4.6706 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.761.1 - Dropbox, Inc.) Hidden
FormApps Signing Extension (HKLM-x32\...\{2ADAFEB7-56C5-497F-8960-67DA46A81838}) (Version: 2.27.0.46 - Software602 a.s.)
GemPcCCID (HKLM\...\{39417D48-AC92-47A7-9F53-3CA2049231B0}) (Version: 2.0.7 - Gemalto)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 113.0.5672.93 - Google LLC)
HID OMNIKEY 4040 PC/SC Driver (HKLM-x32\...\{E0F53D39-900E-40CA-969A-643DEF6D0B93}) (Version: 3.0.0.2 - HID Global Corporation)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
I.CA Diagnostic (HKLM-x32\...\{3B3DA42B-7740-41A2-945B-505000D11434}) (Version: 1.3.3.0 - První certifikační autorita, a.s.) Hidden
I.CA Diagnostic (HKLM-x32\...\I.CA Diagnostic 1.3.3.0) (Version: 1.3.3.0 - První certifikační autorita, a.s.)
I.CA Maintenance (HKLM-x32\...\{A26EE07C-9196-4BB9-BB81-1608D0A99887}) (Version: 1.3.2.0 - První certifikační autorita, a.s.) Hidden
I.CA Maintenance (HKLM-x32\...\I.CA Maintenance 1.3.2.0) (Version: 1.3.2.0 - První certifikační autorita, a.s.)
I.CA Maintenance2 (HKLM-x32\...\{CDA1F45F-AAE1-469F-9A3D-0852DC4280D9}) (Version: 2.0.1032.0 - První certifikační autorita, a.s.) Hidden
I.CA Maintenance2 (HKLM-x32\...\I.CA Maintenance2 2.0.1032.0) (Version: 2.0.1032.0 - První certifikační autorita, a.s.)
I.CA PKIServiceHost (HKLM\...\{DE1B351A-70D5-48E2-AA23-8FED45881890}) (Version: 2.2.3.0 - První certifikační autorita, a.s.) Hidden
I.CA PKIServiceHost (HKLM-x32\...\I.CA PKIServiceHost 2.2.3.0) (Version: 2.2.3.0 - První certifikační autorita, a.s.)
I.CA SecureStore (HKLM\...\{A9C6ABB6-64C1-4A64-B80D-03EB662AF45F}) (Version: 6.15.0 - První certifikační autorita, a.s.)
Intel(R) Chipset Device Software (HKLM\...\{55398EAC-F58E-4F19-B553-BDF8B9EFD839}) (Version: 10.1.1.9 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.31.1000 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{5F6F9FDB-4B94-4912-8966-77356C01303C}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{74541060-2DB1-4E8C-B239-3A78EA50F2F6}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{CA07FCB1-DAE9-4F8A-8698-F9C30D1E375F}) (Version: 10.0.31.1000 - Intel Corporation) Hidden
Intel(R) ME UninstallLegacy (HKLM\...\{43A76F9B-48F1-4E0D-A9B4-8E4F6C42E28C}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4264 - Intel Corporation)
Intel(R) Small Business Advantage (HKLM-x32\...\{6A6D86CD-B004-46b7-8951-7BB75A776F8C}) (Version: 2.2.51.8439 - Intel(R) Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{20F70BB1-9240-43D2-985C-A8F5C6AAA1C7}) (Version: 5.0.10.2907 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{608E1B9B-A2E8-4A1F-8BAB-874EB0DD25E3}) (Version: 1.0.0.36888 - Intel Corporation) Hidden
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.5.69 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel® Trusted Connect Service Client (HKLM\...\{1B444AF9-1DBE-4884-8F35-969BEFCF69A8}) (Version: 1.35.133.1 - Intel Corporation) Hidden
K-Lite Mega Codec Pack 14.1.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.1.5 - KLCP)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Magic ISO Maker v5.5 (build 0281) (HKLM-x32\...\Magic ISO Maker v5.5 (build 0281)) (Version: - )
Manager (HKLM-x32\...\{38251B9A-C44B-42D9-9A6A-0697986E334A}) (Version: 4.1.4.27792 - 2015 pdfforge GmbH. All rights reserved) Hidden
Microsoft .NET Framework 4.8 (CSY) (HKLM\...\{39DC4515-B8C1-3AD9-AA88-D7C8A333612F}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 (HKLM\...\{16735AF7-1D8D-3681-94A5-C578A61EC832}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 113.0.1774.42 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 113.0.1774.42 - Microsoft Corporation)
Microsoft Office Access MUI (Czech) 2007 (HKLM-x32\...\{90120000-0015-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Excel MUI (Czech) 2007 (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Czech) 2007 (HKLM-x32\...\{90120000-00BA-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Czech) 2007 (HKLM-x32\...\{90120000-0044-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (HKLM\...\{90120000-002A-0000-1000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2007 (HKLM-x32\...\{90120000-00A1-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2007 (HKLM-x32\...\{90120000-001A-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2007 (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proof (Czech) 2007 (HKLM-x32\...\{90120000-001F-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2007 (HKLM-x32\...\{90120000-001F-041B-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2007 (HKLM-x32\...\{90120000-002C-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Czech) 2007 (HKLM-x32\...\{90120000-0019-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2007 (HKLM\...\{90120000-002A-0405-1000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2007 (HKLM-x32\...\{90120000-006E-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2007 (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-450401166-1016523066-3138213836-1000\...\OneDriveSetup.exe) (Version: 23.086.0423.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24212 (HKLM\...\{F20396E5-D84E-3505-A7A8-7358F0155F6C}) (Version: 14.0.24212 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24212 (HKLM\...\{FAAD7243-0141-3987-AA2F-E56B20F80E41}) (Version: 14.0.24212 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24212 (HKLM-x32\...\{844ECB74-9B63-3D5C-958C-30BD23F19EE4}) (Version: 14.0.24212 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24212 (HKLM-x32\...\{37B55901-995A-3650-80B1-BBFD047E2911}) (Version: 14.0.24212 - Microsoft Corporation) Hidden
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 113.0 (x64 cs)) (Version: 113.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 113.0.0.8524 - Mozilla)
Mozilla Thunderbird (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 102.10.1 (x86 cs)) (Version: 102.10.1 - Mozilla)
PDF Architect 4 Create Module (HKLM\...\{72B9DF2C-76FA-40B5-A469-16EAB159CE72}) (Version: 4.1.5.29097 - pdfforge GmbH) Hidden
PDF Architect 4 Edit Module (HKLM\...\{BDF7326B-7ED4-4034-B867-F4E88D4E628B}) (Version: 4.1.5.29097 - pdfforge GmbH) Hidden
PDF Architect 4 View Module (HKLM\...\{03E04B47-9270-4613-8D7E-DA4AD2B259A0}) (Version: 4.1.5.29097 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.4.1 - pdfforge GmbH)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22391 - Microsoft Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.92.115.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7534 - Realtek Semiconductor Corp.)
Stereo 2017 - ekonomický software (HKLM-x32\...\suc19_is1) (Version: 19.1 - KASTNER software s.r.o.)
Stereo 2018 - ekonomický software (HKLM-x32\...\suc20_is1) (Version: 20.1 - KASTNER software s.r.o.)
Stereo 2018 - ekonomický software, aktualizace (HKLM-x32\...\suc18_is1) (Version: 20.1 - KASTNER software s.r.o.)
Stereo 2019 - ekonomický software, aktualizace (HKLM-x32\...\suc21_is1) (Version: 21.1 - KASTNER software s.r.o.)
Stereo 2020 - ekonomický software (HKLM-x32\...\suc22_is1) (Version: 22.1 - KASTNER software s.r.o.)
Stereo 2021 - ekonomický software (HKLM-x32\...\suc23_is1) (Version: 23.1 - KASTNER software s.r.o.)
Stereo 2022 - ekonomický software (HKLM-x32\...\suc24_is1) (Version: 24.1 - KASTNER software s.r.o.)
Stereo 2023 - ekonomický software (HKLM-x32\...\suc25_is1) (Version: 25.1 - KASTNER software s.r.o.)
Synology Drive Client (remove only) (HKLM\...\Synology Drive) (Version: 7.2.1.13272 - Synology, Inc.)
TapinRadio 1.72.6 (x64) (HKLM-x32\...\TapinRadio_is1) (Version: - Raimersoft)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.41.9 - TeamViewer)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.50a - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C22F49B1-0F67-47DC-A490-E8B4B6558EA9}) (Version: 8.91.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
VGA Boost (HKLM-x32\...\{809ACFAE-9A4D-4C60-9223-D8B615CD8CBA}}_is1) (Version: 1.0.0.8 - MSI)
Základní software zařízení HP Deskjet 5520 series (HKLM\...\{20681B22-5991-460A-87FB-3D4D045ED17B}) (Version: 28.1.1320.0 - Hewlett-Packard Co.)

Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.33.22.0_x64__kgqvnymyfvs32 [2023-05-03] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_3.1.5.0_x64__kgqvnymyfvs32 [2023-04-26] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2521.1.0_x64__kgqvnymyfvs32 [2023-05-15] (king.com)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-10-07] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_145.2.1084.0_x64__v10z8vjag6ke6 [2023-05-09] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-01-28] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-01-28] (Microsoft Corporation) [MS Ad]
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-03-22] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0 [2023-05-02] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-450401166-1016523066-3138213836-1000_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-450401166-1016523066-3138213836-1000_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\Uživatel\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\ContextMenu.dll (Synology Inc. -> )
CustomCLSID: HKU\S-1-5-21-450401166-1016523066-3138213836-1000_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-450401166-1016523066-3138213836-1000_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\Uživatel\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll (Synology Inc. -> TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-450401166-1016523066-3138213836-1000_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\Uživatel\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll (Synology Inc. -> TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-450401166-1016523066-3138213836-1000_Classes\CLSID\{4DF09B25-15FA-40DC-862E-88C888F420BD} -> [Synology Drive - NASBorek] => C:\Users\Uživatel\AppData\Local\SynologyDrive\SystemFolders\1 [2020-10-19 12:12]
CustomCLSID: HKU\S-1-5-21-450401166-1016523066-3138213836-1000_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\Uživatel\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll (Synology Inc. -> TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-450401166-1016523066-3138213836-1000_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\Uživatel\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll (Synology Inc. -> TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-450401166-1016523066-3138213836-1000_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\Uživatel\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll (Synology Inc. -> TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-450401166-1016523066-3138213836-1000_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Dropbox [2016-06-03 17:48]
ShellIconOverlayIdentifiers: [ 01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => C:\Users\Uživatel\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll [2023-05-15] (Synology Inc. -> TODO: <Company name>)
ShellIconOverlayIdentifiers: [ 02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => C:\Users\Uživatel\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll [2023-05-15] (Synology Inc. -> TODO: <Company name>)
ShellIconOverlayIdentifiers: [ 03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => C:\Users\Uživatel\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll [2023-05-15] (Synology Inc. -> TODO: <Company name>)
ShellIconOverlayIdentifiers: [ 04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => C:\Users\Uživatel\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll [2023-05-15] (Synology Inc. -> TODO: <Company name>)
ShellIconOverlayIdentifiers: [ 05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => C:\Users\Uživatel\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll [2023-05-15] (Synology Inc. -> TODO: <Company name>)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll [2008-05-22] (MagicISO, Inc.) [File not signed]
ContextMenuHandlers1: [PDFArchitect4_ManagerExt] -> {3AECFCB3-8472-48E9-BC7B-5A3CD945C886} => C:\Program Files\PDF Architect 4\creator-context-menu.dll [2016-08-05] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2016-11-18] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll [2008-05-22] (MagicISO, Inc.) [File not signed]
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-02] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll [2008-05-22] (MagicISO, Inc.) [File not signed]
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers1_S-1-5-21-450401166-1016523066-3138213836-1000: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\Uživatel\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\ContextMenu.dll [2023-05-15] (Synology Inc. -> )
ContextMenuHandlers6_S-1-5-21-450401166-1016523066-3138213836-1000: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\Uživatel\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\ContextMenu.dll [2023-05-15] (Synology Inc. -> )

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.X264] => C:\WINDOWS\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\system32\lagarith.dll [148992 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\system32\xvidvfw.dll [311296 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\WINDOWS\system32\ff_vfw.dll [126976 2015-10-24] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284672 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-06-05 16:03 - 2019-02-21 18:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2017-05-25 12:51 - 2008-05-22 23:25 - 000043520 _____ (MagicISO, Inc.) [File not signed] C:\Program Files (x86)\MagicISO\misosh64.dll
2016-12-01 10:23 - 2016-12-01 10:23 - 000115200 _____ (pdfforge GmbH) [File not signed] C:\WINDOWS\System32\pdfcmon.dll
2022-04-01 12:13 - 2019-01-23 12:11 - 000323072 _____ (Xerox Corporation) [File not signed] C:\WINDOWS\system32\spool\DRIVERS\x64\3\Xerox\Language Data\V5.0\cs\x3txt3X.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Uživatel\Desktop\PPS-vzor.doc:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Uživatel\Documents\!ELIŠKA!:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Uživatel\Documents\IMG_4539.JPG:com.dropbox.attributes [168]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-450401166-1016523066-3138213836-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
BHO-x32: PDF Architect 4 Helper -> {38279E1A-7019-40C1-B579-E99DFB3312E8} -> C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll [2016-08-05] (pdfforge GmbH -> pdfforge GmbH)
Toolbar: HKLM-x32 - PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - C:\Program Files (x86)\PDF Architect 4\creator-ie-plugin.dll [2016-08-05] (pdfforge GmbH -> pdfforge GmbH)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-450401166-1016523066-3138213836-1000\...\*.capgemini.com -> hxxp://*.capgemini.com
IE trusted site: HKU\S-1-5-21-450401166-1016523066-3138213836-1000\...\*.capgemini.com -> hxxps://*.capgemini.com
IE trusted site: HKU\S-1-5-21-450401166-1016523066-3138213836-1000\...\*.cnb.cz -> hxxp://*.cnb.cz
IE trusted site: HKU\S-1-5-21-450401166-1016523066-3138213836-1000\...\*.cnb.cz -> hxxps://*.cnb.cz
IE trusted site: HKU\S-1-5-21-450401166-1016523066-3138213836-1000\...\*.csob.cz -> hxxps://*.csob.cz
IE trusted site: HKU\S-1-5-21-450401166-1016523066-3138213836-1000\...\*.csob.sk -> hxxps://*.csob.sk
IE trusted site: HKU\S-1-5-21-450401166-1016523066-3138213836-1000\...\*.erasvet.cz -> hxxps://*.erasvet.cz
IE trusted site: HKU\S-1-5-21-450401166-1016523066-3138213836-1000\...\*.fnplzen.cz -> hxxp://*.fnplzen.cz
IE trusted site: HKU\S-1-5-21-450401166-1016523066-3138213836-1000\...\*.fnplzen.cz -> hxxps://*.fnplzen.cz
IE trusted site: HKU\S-1-5-21-450401166-1016523066-3138213836-1000\...\*.ica.cz -> hxxp://*.ica.cz
IE trusted site: HKU\S-1-5-21-450401166-1016523066-3138213836-1000\...\*.ica.cz -> hxxps://*.ica.cz
IE trusted site: HKU\S-1-5-21-450401166-1016523066-3138213836-1000\...\*.nkcr.cz -> hxxp://*.nkcr.cz
IE trusted site: HKU\S-1-5-21-450401166-1016523066-3138213836-1000\...\*.nkcr.cz -> hxxps://*.nkcr.cz
IE trusted site: HKU\S-1-5-21-450401166-1016523066-3138213836-1000\...\*.postovnisporitelna.cz -> hxxps://*.postovnisporitelna.cz
IE trusted site: HKU\S-1-5-21-450401166-1016523066-3138213836-1000\...\*.proebiz.com -> hxxp://*.proebiz.com
IE trusted site: HKU\S-1-5-21-450401166-1016523066-3138213836-1000\...\*.proebiz.com -> hxxps://*.proebiz.com
IE trusted site: HKU\S-1-5-21-450401166-1016523066-3138213836-1000\...\*.sbcz.cz -> hxxp://*.sbcz.cz
IE trusted site: HKU\S-1-5-21-450401166-1016523066-3138213836-1000\...\*.sbcz.cz -> hxxps://*.sbcz.cz
IE trusted site: HKU\S-1-5-21-450401166-1016523066-3138213836-1000\...\*.sberbank.cz -> hxxp://*.sberbank.cz
IE trusted site: HKU\S-1-5-21-450401166-1016523066-3138213836-1000\...\*.sberbank.cz -> hxxps://*.sberbank.cz

There are 3 more sites.


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2018-11-05 10:23 - 000000862 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-450401166-1016523066-3138213836-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{4DA06B2C-FCDB-45EF-A587-9147501ECF16}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{2267E561-6370-4070-98F4-FCA7E6698A93}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [UDP Query User{55EF5FE7-44E4-48A2-8C2C-529007C76230}C:\program files\tapinradio\tapinradio.exe] => (Block) C:\program files\tapinradio\tapinradio.exe (Raimersoft) [File not signed]
FirewallRules: [TCP Query User{07764F15-220D-498B-9F75-B7031149A53E}C:\program files\tapinradio\tapinradio.exe] => (Block) C:\program files\tapinradio\tapinradio.exe (Raimersoft) [File not signed]
FirewallRules: [{AF7BDB83-639E-4B00-A553-921E5D9C8120}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{72FA4615-D2CE-4428-8565-484C75681355}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{8F07887B-5B11-45BB-A4C1-2228F7AC2532}C:\users\uživatel\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-connect.exe] => (Block) C:\users\uživatel\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-connect.exe (Synology Inc. -> Synology Inc.)
FirewallRules: [UDP Query User{CC17FDD7-F015-4B1E-B612-122720EE8863}C:\users\uživatel\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-connect.exe] => (Block) C:\users\uživatel\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-connect.exe (Synology Inc. -> Synology Inc.)
FirewallRules: [TCP Query User{393E756B-FFC5-4598-B236-C65A4DFB9A54}C:\users\uživatel\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-connect.exe] => (Block) C:\users\uživatel\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-connect.exe (Synology Inc. -> Synology Inc.)
FirewallRules: [UDP Query User{9F76A870-60FA-450B-8D48-435B5C2CD69D}C:\users\uživatel\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-connect.exe] => (Block) C:\users\uživatel\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-connect.exe (Synology Inc. -> Synology Inc.)
FirewallRules: [{52A31FF6-B60B-49C8-8F52-E7C2F39878C6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{145EEB85-E415-49B1-B91C-34F82E1FDBAE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{6DA8F71E-5B6F-4B31-9478-5F494FE481F3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A463EE19-1B6D-427B-9B65-81B6C53D9605}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{994B5A14-B171-4AEC-95AA-603AB44E5F18}] => (Allow) C:\Program Files\HP\HP Deskjet 5520 series\Bin\DeviceSetup.exe (HP Inc. -> Hewlett-Packard Co.)
FirewallRules: [{13269F79-7511-4170-9D5A-ACE826F4BAA6}] => (Allow) C:\Program Files\HP\HP Deskjet 5520 series\Bin\HPNetworkCommunicator.exe (HP Inc. -> Hewlett-Packard Co.)
FirewallRules: [{26003F49-C51C-4D14-BE80-7D1F3AC12CDF}] => (Allow) C:\Program Files\HP\HP Deskjet 5520 series\Bin\HPNetworkCommunicatorCom.exe (HP Inc. -> Hewlett-Packard Co.)
FirewallRules: [{E730DE78-AA1E-4170-BB3D-F0C80293ED9A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9619B981-4AE8-4C00-9C70-ED65F4F4E781}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9DCC6A29-369B-4BA1-8EF2-165FEEB5B47E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A126D078-F7FC-40CD-B424-1D581B9E21B3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6AF6040F-5F80-4332-A6F3-E006A24E324F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C3CFF4F6-64A3-4C49-9D44-15ACA6FF10BD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9695C16D-9FDF-4855-8D29-7DF34A764D27}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BD73F86E-EA96-48DC-854D-03B8C1E47549}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B77EB8E2-9FAF-4552-9E77-BD52AAD19285}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{95115968-1200-47CD-9459-D8ABF6CC12E7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4F59C36F-067D-470A-8E36-4A6300982B36}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{9E591EC0-765B-4FCB-B4B7-2FDCECEB635B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E6CD9514-E58D-4A03-9410-37177FAE0E8B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E05D8006-F3BF-4EA2-A4E0-E686EB7E469F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{8843EB18-54CA-4561-A2FB-7C6B1C856E35}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{21A798D8-F8A4-4669-9226-09E9BC094089}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{BC7E3A03-238F-452E-97C4-533E6F210A9D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D3F4EBD6-7AF6-44E1-B06E-7650D3A4428A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{64A1AD4A-55B1-4871-80C4-A1A84E5CA1A4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{86BC596D-20BD-433F-AED9-7D34E9C210B7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{09130616-3B1D-46E7-922F-24BB227673E3}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\113.0.1774.42\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:111.69 GB) (Free:23.5 GB) (21%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (05/15/2023 03:09:45 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {7e47b561-971a-46e6-96b9-696eeaa53b2a}
Název modulu pro zápis: MSMQ Writer (MSMQ)
Název instance zapisovače: MSMQ Writer (MSMQ)
ID instance modulu pro zápis: {573465c5-cd93-402c-a6b5-d7294d605c93}

Error: (05/15/2023 03:09:45 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {92af9163-cfa9-41a8-89c6-9cdc8ed42331}

Error: (05/12/2023 03:00:19 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {7e47b561-971a-46e6-96b9-696eeaa53b2a}
Název modulu pro zápis: MSMQ Writer (MSMQ)
Název instance zapisovače: MSMQ Writer (MSMQ)
ID instance modulu pro zápis: {5130ae35-5d47-4e52-ae53-1060a506d20e}

Error: (05/12/2023 03:00:19 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {84ed58ce-69be-47d2-8614-60dcfa14aac0}

Error: (05/11/2023 05:38:28 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {7e47b561-971a-46e6-96b9-696eeaa53b2a}
Název modulu pro zápis: MSMQ Writer (MSMQ)
Název instance zapisovače: MSMQ Writer (MSMQ)
ID instance modulu pro zápis: {5130ae35-5d47-4e52-ae53-1060a506d20e}

Error: (05/11/2023 05:38:28 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {84ed58ce-69be-47d2-8614-60dcfa14aac0}

Error: (05/10/2023 03:47:39 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {7e47b561-971a-46e6-96b9-696eeaa53b2a}
Název modulu pro zápis: MSMQ Writer (MSMQ)
Název instance zapisovače: MSMQ Writer (MSMQ)
ID instance modulu pro zápis: {5130ae35-5d47-4e52-ae53-1060a506d20e}

Error: (05/10/2023 03:47:39 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {84ed58ce-69be-47d2-8614-60dcfa14aac0}


System errors:
=============
Error: (05/15/2023 10:41:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Audiosrv neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.

Error: (05/15/2023 10:41:32 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba Audiosrv se nemohla přihlásit jako NT AUTHORITY\LocalService s aktuálně konfigurovaným heslem z důvodu následující chyby:
Požadavek není podporován.


Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (05/15/2023 10:41:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba UserManager neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (05/15/2023 10:41:31 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (14:45:35, ‎12.‎05.‎2023) bylo neočekávané.

Error: (05/15/2023 10:40:58 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225684Při zpracování obnovovacích dat došlo k závažné chybě.

Error: (05/04/2023 06:33:59 PM) (Source: SCardSvr) (EventID: 610) (User: )
Description: Čtečka čipových karet Gemplus USB Smart Card Reader 0 odmítla signál IOCTL POWER: Zařízení nezná tento příkaz.. Pokud chyba přetrvává, čipová karta nebo čtečka pravděpodobně nefungují správně.

Záhlaví příkazu: 01 00 00 00

Error: (05/04/2023 06:33:59 PM) (Source: SCardSvr) (EventID: 610) (User: )
Description: Čtečka čipových karet Gemplus USB Smart Card Reader 0 odmítla signál IOCTL POWER: Zařízení nezná tento příkaz.. Pokud chyba přetrvává, čipová karta nebo čtečka pravděpodobně nefungují správně.

Záhlaví příkazu: 01 00 00 00

Error: (05/04/2023 06:33:59 PM) (Source: SCardSvr) (EventID: 610) (User: )
Description: Čtečka čipových karet Gemplus USB Smart Card Reader 0 odmítla signál IOCTL POWER: Čipová karta nereaguje na signál Reset.. Pokud chyba přetrvává, čipová karta nebo čtečka pravděpodobně nefungují správně.

Záhlaví příkazu: 01 00 00 00


Windows Defender:
================
Date: 2023-05-15 15:12:58
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Exploit:O97M/CVE-2017-11882!KZH
Závažnost: Vážné
Kategorie: Zneužití
Cesta: file:_C:\Users\Uživatel\AppData\Roaming\Thunderbird\Profiles\5f7byz6o.default\ImapMail\mail.profitux.cz\INBOX.sbd\Trash->(part7507:INV-77624109.xlsx)->xl/embeddings/N4H.BI
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: PAVLINA-PC\Uživatel
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.389.1334.0, AS: 1.389.1334.0, NIS: 1.389.1334.0
Verze modulu: AM: 1.1.20300.3, NIS: 1.1.20300.3

Date: 2023-05-15 15:12:58
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:MSIL/AgentTesla.DKF!MTB
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Uživatel\AppData\Roaming\Thunderbird\Profiles\5f7byz6o.default\ImapMail\mail.profitux.cz\INBOX.sbd\Trash->(part7191:SRV7387387.LZH)
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: PAVLINA-PC\Uživatel
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.389.1334.0, AS: 1.389.1334.0, NIS: 1.389.1334.0
Verze modulu: AM: 1.1.20300.3, NIS: 1.1.20300.3

Date: 2023-05-15 15:12:58
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:MSIL/AgentTesla.RT!MTB
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Uživatel\AppData\Roaming\Thunderbird\Profiles\5f7byz6o.default\ImapMail\mail.profitux.cz\INBOX.sbd\Trash->(part7140:Kopie dokladu o transakci_14_09_2021.7z)
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: PAVLINA-PC\Uživatel
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.389.1334.0, AS: 1.389.1334.0, NIS: 1.389.1334.0
Verze modulu: AM: 1.1.20300.3, NIS: 1.1.20300.3

Date: 2023-05-15 15:12:57
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:MSIL/AgentTesla!MTB
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Uživatel\AppData\Roaming\Thunderbird\Profiles\5f7byz6o.default\ImapMail\mail.profitux.cz\INBOX.sbd\Trash->(part7105:Swift_003393993056-10-07-2021.7z)
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: PAVLINA-PC\Uživatel
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.389.1334.0, AS: 1.389.1334.0, NIS: 1.389.1334.0
Verze modulu: AM: 1.1.20300.3, NIS: 1.1.20300.3

Date: 2023-05-15 15:12:57
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:O97M/Frauddoc.PB!MTB
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Uživatel\AppData\Roaming\Thunderbird\Profiles\5f7byz6o.default\ImapMail\mail.profitux.cz\INBOX.sbd\Trash->(part7081:EU-Business-Register.pdf)
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: PAVLINA-PC\Uživatel
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.389.1334.0, AS: 1.389.1334.0, NIS: 1.389.1334.0
Verze modulu: AM: 1.1.20300.3, NIS: 1.1.20300.3

CodeIntegrity:
===============
Date: 2023-05-15 10:59:26
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-04-24 12:37:24
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-03-30 14:13:10
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-03-30 10:36:15
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2023-03-30 10:36:15
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2023-03-30 10:36:15
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2023-03-30 10:36:14
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. V3.10 04/01/2015
Motherboard: MSI B85-G43 (MS-7816)
Processor: Intel(R) Core(TM) i3-4170 CPU @ 3.70GHz
Percentage of memory in use: 56%
Total physical RAM: 8053.99 MB
Available physical RAM: 3499.98 MB
Total Virtual: 16245.99 MB
Available Virtual: 11099.46 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.69 GB) (Free:23.5 GB) (Model: KINGSTON SV300S37A120G) NTFS

\\?\Volume{70c277eb-273d-11e6-9baf-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 96D57F8C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Zdravím"
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 05-15-2023
# Duration: 00:00:07
# OS: Windows 10 (Build 19045.2965)
# Scanned: 32094
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########


# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-15-2023
# Duration: 00:00:00
# OS: Windows 10 (Build 19045.2965)
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1420 octets] - [15/05/2023 16:01:09]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
Task: {0009868E-C595-4608-AFCC-93C7D694DCD3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-05-31] (Google Inc -> Google Inc.)
Task: {87DBEE3D-770E-4F10-A516-90BAE93F0BF3} - \Microsoft\Windows\Setup\EOSNotify2 -> No File <==== ATTENTION
Task: {A1D0D37E-8F38-43A2-8274-B10D359957BC} - \Microsoft\Windows\Setup\EOSNotify -> No File <==== ATTENTION
Task: {E000265B-A696-4448-A578-64A11FC3524D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-05-31] (Google Inc -> Google Inc.)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
U3 idsvc; no ImagePath
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
AlternateDataStreams: C:\Users\Uživatel\Desktop\PPS-vzor.doc:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Uživatel\Documents\!ELIŠKA!:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Uživatel\Documents\IMG_4539.JPG:com.dropbox.attributes [168]
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
C:\Users\Uživatel\AppData\Roaming\Thunderbird\Profiles\5f7byz6o

EmptyTemo:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 12-05-2023 01
Ran by Uživatel (15-05-2023 17:24:04) Run:1
Running from C:\Users\Uživatel\Desktop
Loaded Profiles: Uživatel
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
Task: {0009868E-C595-4608-AFCC-93C7D694DCD3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-05-31] (Google Inc -> Google Inc.)
Task: {87DBEE3D-770E-4F10-A516-90BAE93F0BF3} - \Microsoft\Windows\Setup\EOSNotify2 -> No File <==== ATTENTION
Task: {A1D0D37E-8F38-43A2-8274-B10D359957BC} - \Microsoft\Windows\Setup\EOSNotify -> No File <==== ATTENTION
Task: {E000265B-A696-4448-A578-64A11FC3524D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-05-31] (Google Inc -> Google Inc.)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
U3 idsvc; no ImagePath
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
AlternateDataStreams: C:\Users\Uživatel\Desktop\PPS-vzor.doc:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Uživatel\Documents\!ELIŠKA!:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Uživatel\Documents\IMG_4539.JPG:com.dropbox.attributes [168]
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
C:\Users\Uživatel\AppData\Roaming\Thunderbird\Profiles\5f7byz6o

EmptyTemo:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0009868E-C595-4608-AFCC-93C7D694DCD3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0009868E-C595-4608-AFCC-93C7D694DCD3}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{87DBEE3D-770E-4F10-A516-90BAE93F0BF3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{87DBEE3D-770E-4F10-A516-90BAE93F0BF3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\EOSNotify2" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A1D0D37E-8F38-43A2-8274-B10D359957BC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A1D0D37E-8F38-43A2-8274-B10D359957BC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\EOSNotify" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E000265B-A696-4448-A578-64A11FC3524D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E000265B-A696-4448-A578-64A11FC3524D}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
HKLM\System\CurrentControlSet\Services\idsvc => removed successfully
idsvc => service removed successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
C:\Users\Uživatel\Desktop\PPS-vzor.doc => ":com.dropbox.attributes" ADS removed successfully
C:\Users\Uživatel\Documents\!ELIŠKA! => ":com.dropbox.attributes" ADS removed successfully
C:\Users\Uživatel\Documents\IMG_4539.JPG => ":com.dropbox.attributes" ADS removed successfully
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) => Error: No automatic fix found for this entry.
"C:\Users\Uživatel\AppData\Roaming\Thunderbird\Profiles\5f7byz6o" => not found
EmptyTemo: => Error: No automatic fix found for this entry.


The system needed a reboot.

==== End of Fixlog 17:24:05 ====

Smazáno, log by již měl být OK.

Moc děkuji za pomoc. Pošlu $ na pivko. Pěkný den bez havěti. Lukáš.

Nemáte zač a my děkujeme za příspěvek.