VIRY.CZ

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-12-2024
Ran by notebook (administrator) on LEGION (LENOVO 82JU) (11-12-2024 23:24:39)
Running from C:\Users\notebook\Downloads\FRST64.exe
Loaded Profiles: notebook
Platform: Microsoft Windows 10 Home Version 22H2 19045.5247 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\hppusg.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(A-Volute SAS -> A-Volute) C:\Users\notebook\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe
(BIT4ID SRL -> Bit4id) C:\Windows\SysWOW64\b4notify.exe
(C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\LenovoVantage-(DeviceSettingsSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\LenovoVantage-(GenericMessagingAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\LenovoVantage-(GenericTelemetryAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\LenovoVantage-(LenovoGamingSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\LenovoVantage-(LenovoSystemUpdateAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files (x86)\NetSetMan Pro\nsmservice.exe ->) (NetSetMan GmbH -> ) [File not signed] C:\Program Files (x86)\NetSetMan Pro\netsetman.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\js\node_modules\adobe-cr\build\Release\Adobe Crash Processor.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(C:\Program Files\Synaptics\SynFP\SynaFPService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated.) C:\Program Files\Synaptics\SynFP\SynaU2F.exe
(C:\Program Files\TeamViewer\TeamViewer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.86\msedgewebview2.exe <6>
(C:\Program Files\TeamViewer\TeamViewer.exe ->) (TeamViewer Germany GmbH -> ) C:\Program Files\TeamViewer\crashpad_handler.exe <2>
(C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\tv_x64.exe
(C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.138.0_x64__nzyj5cx40ttqa\iCloud\iCloudHome.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.138.0_x64__nzyj5cx40ttqa\iCloud\iCloudCKKS.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(Canva -> Canva Pty Ltd) C:\Users\notebook\AppData\Local\Programs\Canva\Canva.exe <2>
(cmd.exe ->) (Lenovo (Beijing) Limited -> Lenovo Group Limited) C:\Users\notebook\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
(DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_505ce8c12d5d3d71\LenovoUtilityService.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_505ce8c12d5d3d71\FnHotkeyCapsLKNumLK.exe
(DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_505ce8c12d5d3d71\LenovoUtilityService.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_505ce8c12d5d3d71\FnHotkeyUtility.exe
(DriverStore\FileRepository\u0371192.inf_amd64_c5a25be7573aa550\B369681\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0371192.inf_amd64_c5a25be7573aa550\B369681\atieclxx.exe
(explorer.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.138.0_x64__nzyj5cx40ttqa\iCloud\iCloudDrive.exe
(explorer.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.138.0_x64__nzyj5cx40ttqa\iCloud\iCloudHome.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Gen Digital Inc. -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Hangzhou Hikvision Digital Tech.Co.,Ltd -> ) C:\Program Files (x86)\LocalServiceComponents\LocalServiceControl.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <34>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0371192.inf_amd64_c5a25be7573aa550\B369681\atiesrxx.exe
(services.exe ->) (AnyDesk Software GmbH -> AnyDesk Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <2>
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\efwd.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (geek software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_505ce8c12d5d3d71\LenovoUtilityService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (NetSetMan GmbH -> ) [File not signed] C:\Program Files (x86)\NetSetMan Pro\nsmservice.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_f08209179a3354de\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_74518f403e753586\RtkAudUService64.exe <2>
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated.) C:\Program Files\Synaptics\SynFP\SynaFPService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2447.5.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.138.0_x64__nzyj5cx40ttqa\iCloud\ApplePhotoStreams.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.138.0_x64__nzyj5cx40ttqa\iCloud\APSDaemon.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.138.0_x64__nzyj5cx40ttqa\iCloud\iCloudOutlookConfig.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple, Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.138.0_x64__nzyj5cx40ttqa\iCloud\secd.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\mmgaserver.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_74518f403e753586\RtkAudUService64.exe [1219312 2020-12-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [196520 2024-11-04] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [587000 2021-11-15] (geek software GmbH -> geek software GmbH)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (No File)
HKLM\...\Run: [WSVCUUpdateHelper.exe] => C:\Program Files (x86)\Wondershare\Video Converter Ultimate\WSVCUUpdateHelper.exe [33384 2018-12-06] (Wondershare Technology Co.,Ltd -> )
HKLM\...\Run: [SynaU2F] => C:\Program Files\Synaptics\SynFP\SynaU2F.exe [151992 2023-04-10] (Synaptics Incorporated -> Synaptics Incorporated.)
HKLM\...\Run: [bit4id csp store register (M x64)] => "RUNDLL32.EXE" "C:\Windows\system32\bit4upki-store.dll",RunImportServer [267776 2022-01-28] (bit4id srl) [File not signed]
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [369488 2024-10-12] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-09-27] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [NetSetMan] => C:\Program Files (x86)\NetSetMan Pro\netsetman.exe [13245592 2021-06-02] (NetSetMan GmbH -> ) [File not signed]
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133216 2017-03-23] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HPUsageTracking] => "C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\hppusg.exe" "C:\Program Files (x86)\Hewlett-Packard\HP UT\" [0 0000-00-00] () <==== ATTENTION [zero byte File/Folder]
HKLM-x32\...\Run: [bit4id csp store register (M)] => "C:\Windows\SysWOW64\RUNDLL32.EXE" "C:\Windows\system32\bit4upki-store.dll",RunImportServer [208896 2022-01-28] (bit4id srl) [File not signed]
HKLM-x32\...\Run: [Bit4id Notifications] => C:\Windows\SysWOW64\b4notify.exe [401128 2022-01-26] (BIT4ID SRL -> Bit4id)
HKLM-x32\...\Run: [LocalServiceControl] => C:\Program Files (x86)\LocalServiceComponents\LocalServiceControl.exe [502784 2023-11-16] (Hangzhou Hikvision Digital Tech.Co.,Ltd -> )
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [1130416 2024-10-11] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [133128 2024-10-11] (Adobe Inc. -> Adobe Inc.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-974978354-1573850093-2182889052-1001\...\Run: [Mozilla-Firefox-308046B0AF4A39CB] => "C:\Program Files\Mozilla Firefox\firefox.exe" -os-autostart [671808 2024-12-11] (Mozilla Corporation -> Mozilla Corporation)
HKU\S-1-5-21-974978354-1573850093-2182889052-1001\...\Run: [CanvaAutoLaunchAvailabilityCheckAgent] => C:\Users\notebook\AppData\Local\Programs\Canva\Canva.exe [166402704 2024-06-11] (Canva -> Canva Pty Ltd)
HKU\S-1-5-21-974978354-1573850093-2182889052-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [12304792 2024-12-05] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-974978354-1573850093-2182889052-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45381424 2024-12-04] (Gen Digital Inc. -> Piriform Software Ltd)
HKU\S-1-5-21-974978354-1573850093-2182889052-1001\...\MountPoints2: {175e9985-3aef-11ec-8a78-744ca1a9f4f2} - "E:\setup.EXE" /AUTORUN
HKU\S-1-5-21-974978354-1573850093-2182889052-1001\...\MountPoints2: {72b2b7c5-7ce5-11ec-8a91-744ca1a9f4f2} - "I:\SISetup.exe"
HKU\S-1-5-21-974978354-1573850093-2182889052-1003\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\ZPS 19 CZ\Program32\ZPSTRAY.EXE [790512 2020-08-18] (ZONER software, a.s. -> ZONER software)
HKLM\...\Windows x64\Print Processors\HP1005PrintProc: C:\Windows\System32\spool\prtprocs\x64\HP1005PP.dll [65024 2013-04-01] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\HP1005LM: C:\Windows\system32\HP1005LM.DLL [178688 2013-04-01] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\131.0.6778.109\Installer\chrmstp.exe [2024-12-06] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2023-02-20]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {463B63E6-3A55-4E98-B177-9C5BDDBADE3E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1574856 2024-09-25] (Adobe Inc. -> Adobe Inc.)
Task: {EBCA713E-D3D6-4B85-8DBB-887533F32A37} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [617096 2022-02-25] (Apple Inc. -> Apple Inc.)
Task: {86122D42-4459-4E94-AB43-6C2737C8EE5F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [829408 2024-12-04] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {60A2576C-040C-49D0-BFD9-3FF94D825BA5} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5983536 2024-12-04] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "3672c2bf-2a0c-4e20-9eab-fc908a784ed7" --version "6.31.11415" --silent
Task: {E2693B62-2C91-4995-82AF-4173702A35A2} - System32\Tasks\CCleanerSkipUAC - notebook => C:\Program Files\CCleaner\CCleaner.exe [39151920 2024-12-04] (Gen Digital Inc. -> Piriform Software Ltd)
Task: {7DD4BF07-0D65-4D95-BFDB-C03ED87890EC} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{6866240C-1D77-4369-8244-4B8D8151EA5B} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {24DC6BFE-B65F-4F27-9F52-59F022236FE9} - System32\Tasks\Launch Adobe CCXProcess => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [194048 2024-12-04] (Adobe Inc. -> Adobe Inc.)
Task: {D704820D-BB45-410F-A72F-71D141D6E5D2} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\Windows\system32\ImController.InfInstaller.exe [94496 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {2A4B4CBE-C69B-4CE9-A60B-C05CE09FFC21} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => C:\Windows\system32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> START ImControllerService
Task: {CD31C189-BCB4-4C98-9D5D-92DF49CE2FFF} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => C:\Windows\System32\reg.exe [77312 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {874AF35B-D069-4059-BF33-3AB0282CF021} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\125130d3-9e8e-43cf-b2a2-40664f667ebe => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {216A0F04-43E0-470A-9D11-76F233EF3DCD} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\3455d773-eafc-4086-8878-b6e0559e39b4 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {80CEE927-F9E4-4D14-BA19-0DA339A3AD26} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\8ac1abf3-6b35-4c64-9961-f1f49268f4f0 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {D3D24F02-4165-49F9-9508-4E1A7B9F47FA} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\a5fe8dbd-d0d8-46e6-90db-7d4f697eae45 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {7A6A2AEC-E63A-4423-84D4-261A77B34F44} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\fccc5e07-2747-4799-b200-db68ccb92099 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {D06CE567-7CD3-49E8-84E4-5C4EBB9F2C61} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-974978354-1573850093-2182889052-1001 => C:\Users\notebook\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [88584 2024-05-17] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {F58B7D95-19EF-4947-A593-94B8CC6C828C} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => C:\Windows\system32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> start LenovoVantageService
Task: {8968AABE-62D6-4E86-A8D7-44A19CCB2535} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {89E0D694-71C7-4D70-B803-38597AD0E8E6} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {8C8BD037-1093-4A58-A680-23D6292A0399} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {1D4CD714-CBD5-46C6-8057-87F6C1E2229F} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {09470572-073D-486A-8761-099137DED853} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {DAD921AC-D4BB-4DBB-B113-0812EB53377C} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {ECA64FA1-5C95-449F-B23B-B5BD9C3008F3} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {C7861D87-DE49-439A-B87E-BF3EC2D4563A} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {992AE996-4018-47A2-AC1B-BAF4354E69F2} - System32\Tasks\Lenovo\Vantage\Schedule\NotificationCenter => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe NotificationCenter (No File)
Task: {C7F1A824-21E9-455B-884A-EE2BC3C38DAC} - System32\Tasks\Lenovo\Vantage\Schedule\SettingsWidgetAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {BCE58B8B-77D4-456C-96EE-28195D9BD672} - System32\Tasks\Lenovo\Vantage\Schedule\SmartPerformance.ExpireReminder => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {71F9C304-3618-4DC9-BBEF-5F0D18BFF5E5} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinIdleScheduleTask => C:\ProgramData\Lenovo\Vantage\Addins\VantageCoreAddin\1.0.0.181\x64\IdleScheduleEventAction.exe [143768 2024-11-01] (Lenovo -> )
Task: {141A157A-CE29-4A8F-8999-C861DFCF6BD1} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinWeekScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {B0493EFC-63F5-421E-9140-E87677CA4485} - System32\Tasks\Lenovo\Vantage\StartupFixPlan => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\uninstall.exe [340968 2024-09-12] (Lenovo -> Lenovo)
Task: {65F73F54-9600-49DD-B615-6F197C148597} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-974978354-1573850093-2182889052-1001 => C:\ProgramData\MEGAsync\MEGAupdater.exe [2531496 2022-03-30] (Mega Limited -> )
Task: {70549A00-A832-41B3-936D-0FBA0F9F1EEA} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28644032 2024-11-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {9C31694B-E875-4372-81A2-F7F7CFAC9156} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28644032 2024-11-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {5F753BA3-8F86-4E97-A609-90E3A5077C9B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [223344 2024-11-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {18A3C1EC-A3D7-4DE3-971F-077D47FF4C17} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [223344 2024-11-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {F2695451-EE18-4860-8C71-D4E0E73BF5AA} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671808 2024-12-11] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {F2D2C0BE-CF08-4858-82E7-3CCD93638104} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-974978354-1573850093-2182889052-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671808 2024-12-11] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {61925639-FBB2-4E4B-9EEF-B3F40831D22C} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-974978354-1573850093-2182889052-1003 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671808 2024-12-11] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {AF8A05CB-4AC5-49DD-81A7-2B2D8868233B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34368 2024-12-11] (Mozilla Corporation -> Mozilla Foundation)
Task: {2A295A38-79E7-4249-B8D0-00A2099CCEC5} - System32\Tasks\NiceHash QuickMiner => C:\STAZENO\NHQM_v0.5.2.0\NHQM_v0.5.2.0\NiceHashQuickMiner.exe -> C:\STAZENO\NHQM_v0.5.2.0\NHQM_v0.5.2.0\--count
Task: {BB366E37-0C5F-4104-AB8E-D18D743A31E4} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {E78514CE-483D-49F3-BFFC-2FFF5A64374E} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {A997792E-4837-498B-AF37-7C0167B8628C} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A10B2C0F-2532-4AAE-9DED-FCFF49BEE6C5} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {AEE343CE-458B-4BE9-916F-E8571459BE1D} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A7104A3E-293F-4ACE-9020-936E7AF0A30D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CB41F9D2-F925-434C-A520-5B3090795C1D} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {20C79BFD-F5D4-4991-9C65-A3123D31DD87} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7CF87CB7-9608-453B-9746-DBBAAD5BC373} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {83233CB5-61D6-421A-8E67-8A4A7B332733} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BF3ACEC7-B9AC-4F72-A5D8-AA82CA9207FB} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-974978354-1573850093-2182889052-1003 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (No File)
Task: {C36737E7-685F-42F3-B0F8-F7BABD07F7B3} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-974978354-1573850093-2182889052-1003 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {76F2F448-14AC-47FF-AE79-14D22EE61ABE} - System32\Tasks\Opera scheduled assistant Autoupdate 1635765698 => C:\Users\notebook\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\notebook\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {F3B2383E-A9B0-4DA4-870F-63373B6D5F46} - System32\Tasks\Opera scheduled Autoupdate 1635765696 => C:\Users\notebook\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {A8A2BA59-45EB-47FF-AF4B-D987E65997BC} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1904536 2024-07-15] (Lenovo -> )
Task: {D74780DC-A86F-4348-847C-00E41B37DDC6} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1904536 2024-07-15] (Lenovo -> )

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Hosts: 0.0.0.0 account.zoner.com
Tcpip\..\Interfaces\{76bd6161-3f08-4915-b90d-3f2bb1c9f432}: [NameServer] 84.16.96.225,84.16.96.2
Tcpip\..\Interfaces\{7a586f10-d902-4650-92df-32185a88358f}: [DhcpNameServer] 10.10.7.1

Edge:
=======
Edge Profile: C:\Users\notebook\AppData\Local\Microsoft\Edge\User Data\Default [2024-12-11]
Edge Extension: (Dokumenty Google offline) - C:\Users\notebook\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-07-18]
Edge Extension: (Edge relevant text changes) - C:\Users\notebook\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge Extension: (ESET Browser Privacy & Security) - C:\Users\notebook\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nkapkmklnmidbbgjaipbgpcnbomnaakc [2024-06-08]
Edge HKLM-x32\...\Edge\Extension: [nkapkmklnmidbbgjaipbgpcnbomnaakc]

FireFox:
========
FF DefaultProfile: oirhxdng.default
FF ProfilePath: C:\Users\notebook\AppData\Roaming\Mozilla\Firefox\Profiles\oirhxdng.default [2021-10-31]
FF ProfilePath: C:\Users\notebook\AppData\Roaming\Mozilla\Firefox\Profiles\u4yv3822.default-release [2024-12-11]
FF DownloadDir: D:\dc++\!!!dokonceno!!!
FF Homepage: Mozilla\Firefox\Profiles\u4yv3822.default-release -> hxxp://www.seznam.cz/
FF Notifications: Mozilla\Firefox\Profiles\u4yv3822.default-release -> hxxps://calendar.google.com; hxxps://www.interactivebrokers.co.uk; hxxps://app.freelo.io
FF Extension: (Crypto Web Extension) - C:\Users\notebook\AppData\Roaming\Mozilla\Firefox\Profiles\u4yv3822.default-release\Extensions\pjohlogcennenjhkfclfgaganagadkkm@tescosw.cz.xpi [2024-10-17] [UpdateUrl:hxxps://download.tescosw.cz/crypto/files/firefox_updates.json]
FF Extension: (Simple Translate) - C:\Users\notebook\AppData\Roaming\Mozilla\Firefox\Profiles\u4yv3822.default-release\Extensions\simple-translate@sienori.xpi [2024-05-15]
FF Extension: (Open Google Calendar in a new tab) - C:\Users\notebook\AppData\Roaming\Mozilla\Firefox\Profiles\u4yv3822.default-release\Extensions\{40c9c847-d965-4817-8dc0-29ce513cdc54}.xpi [2024-04-26]
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-12-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2024-10-11] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.311.2 -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\dtplugin\npDeployJava1.dll [2021-10-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.311.2 -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\plugin2\npjp2.dll [2021-10-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-09-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2024-10-11] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: Web Components -> C:\Program Files (x86)\Web Components\npWebVideoPlugin.dll [2018-10-08] (HANGZHOU HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> )
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2024-12-11]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\notebook\AppData\Local\Google\Chrome\User Data\Default [2024-12-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\notebook\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\notebook\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-06-30]
CHR Profile: C:\Users\notebook\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-12-11]
CHR HKLM-x32\...\Chrome\Extension: [oombnmpbbhbakfpfgdflaajkhicgfaam]

Opera:
=======
OPR Profile: C:\Users\notebook\AppData\Roaming\Opera Software\Opera Stable [2024-12-11]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\notebook\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-11-01]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\notebook\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-11-01]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-09-25] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [944048 2024-10-11] (Adobe Inc. -> Adobe Inc.)
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [5328200 2024-05-25] (AnyDesk Software GmbH -> AnyDesk Software GmbH)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [103776 2024-08-27] (Apple Inc. -> Apple Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1087792 2024-12-04] (Gen Digital Inc. -> Piriform Software Ltd)
S3 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\132.0.6834.12\remoting_host.exe [73824 2024-11-19] (Google LLC -> Google LLC)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13652176 2024-11-16] (Microsoft Corporation -> Microsoft Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4955536 2021-11-01] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 efwd; C:\Program Files\ESET\ESET Security\efwd.exe [5563760 2024-11-04] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [4240120 2024-11-04] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [4240120 2024-11-04] (ESET, spol. s r.o. -> ESET)
R2 ImControllerService; C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoFnAndFunctionKeys; C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_505ce8c12d5d3d71\LenovoUtilityService.exe [180176 2024-10-15] (Lenovo -> Lenovo)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\LenovoVantageService.exe [34256 2024-09-12] (Lenovo -> Lenovo)
R2 NahimicService; C:\Windows\system32\NahimicService.exe [1633288 2020-12-09] (A-Volute SAS -> Nahimic)
R2 nsmService; C:\Program Files (x86)\NetSetMan Pro\nsmservice.exe [2329240 2021-06-02] (NetSetMan GmbH -> ) [File not signed]
R2 PDF24; C:\Program Files\PDF24\pdf24.exe [587000 2021-11-15] (geek software GmbH -> geek software GmbH)
R2 SynFPService; C:\Program Files\Synaptics\SynFP\SynaFPService.exe [197008 2023-04-10] (Synaptics Incorporated -> Synaptics Incorporated.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [22502192 2024-11-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [746736 2021-10-18] (Oracle Corporation -> Oracle Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\NisSrv.exe [3216064 2023-05-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe [133544 2023-05-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\Video Converter Ultimate\Transfer\DriverInstall.exe [107624 2018-12-06] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_f08209179a3354de\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_f08209179a3354de\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [42256 2021-11-01] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [63696 2021-11-01] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [220520 2024-10-28] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [121864 2024-10-28] (Microsoft Windows Hardware Compatibility Publisher -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [16336 2022-08-23] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [268568 2024-10-28] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [57872 2024-10-28] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [87784 2024-10-28] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [128552 2024-10-28] (ESET, spol. s r.o. -> ESET)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [34496 2018-10-18] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R0 EPMVolFlt; C:\Windows\System32\drivers\EPMVolFlt.sys [30416 2018-10-18] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows (R) Codename Longhorn DDK provider)
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2018-10-24] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
S3 MpKslbf383e78; C:\Windows\system32\MpEngineStore\MpKslDrv.sys [271648 2024-06-12] (Microsoft Windows -> Microsoft Corporation)
R3 Nahimic_Mirroring; C:\Windows\System32\drivers\Nahimic_Mirroring.sys [85592 2020-06-16] (A-Volute -> Windows (R) Win 7 DDK provider)
S3 Netaapl; C:\Windows\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R2 NPF; C:\Program Files (x86)\iVMS-4200 Site\Drivers\npf64.sys [36600 2024-06-12] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 nvpcf; C:\Windows\System32\drivers\nvpcf.sys [233984 2022-12-05] (Nvidia Corporation -> NVIDIA Corporation)
S3 rtump64x64; C:\Windows\System32\drivers\rtump64x64.sys [1418184 2024-04-21] (Realtek Semiconductor Corp. -> Realtek Corporation)
R3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [239664 2021-10-18] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [249568 2021-10-18] (Oracle Corporation -> Oracle Corporation)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49616 2023-05-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [498944 2023-05-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99608 2023-05-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-12-11 23:24 - 2024-12-11 23:24 - 002402304 _____ (Farbar) C:\Users\notebook\Downloads\FRST64.exe
2024-12-11 23:24 - 2024-12-11 23:24 - 000044596 _____ C:\Users\notebook\Downloads\FRST.txt
2024-12-11 23:24 - 2024-12-11 23:24 - 000000000 ____D C:\FRST
2024-12-11 23:17 - 2024-12-11 23:17 - 000000000 ____D C:\Windows\system32\AMD
2024-12-11 23:17 - 2024-12-11 23:17 - 000000000 ____D C:\Program Files\AMD
2024-12-11 23:06 - 2024-12-11 23:06 - 008415088 _____ (ESET) C:\Users\notebook\Downloads\esetonlinescanner.exe
2024-12-11 23:06 - 2024-12-11 23:06 - 000001417 _____ C:\Users\notebook\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2024-12-11 23:00 - 2024-12-11 23:16 - 000000000 ____D C:\Program Files\CCleaner
2024-12-11 23:00 - 2024-12-11 23:14 - 000000666 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2024-12-11 23:00 - 2024-12-11 23:00 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2024-12-11 23:00 - 2024-12-11 23:00 - 000003380 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2024-12-11 23:00 - 2024-12-11 23:00 - 000002898 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - notebook
2024-12-11 23:00 - 2024-12-11 23:00 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2024-12-11 23:00 - 2024-12-11 23:00 - 000000000 ____D C:\ProgramData\Piriform
2024-12-11 23:00 - 2024-12-11 23:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2024-12-11 22:59 - 2024-12-11 22:59 - 086377472 _____ (Piriform Software Ltd) C:\Users\notebook\Downloads\ccsetup631.exe
2024-12-11 06:28 - 2024-12-11 06:28 - 000022205 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-12-11 06:27 - 2024-12-11 06:27 - 000022205 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2024-12-11 06:18 - 2024-12-11 06:18 - 000000000 ___HD C:\$WinREAgent
2024-12-09 08:00 - 2024-12-09 08:00 - 000382943 _____ C:\Users\notebook\Desktop\Štítek_pro_vrácení_Lidl.pdf
2024-12-08 22:07 - 2024-12-08 22:07 - 020033440 _____ C:\Users\notebook\Downloads\CCTV-2024.pdf
2024-12-08 21:38 - 2024-12-08 21:38 - 000406511 _____ C:\Users\notebook\Downloads\Navod L8RDALIZHAGA.pdf
2024-12-08 21:37 - 2024-12-08 21:37 - 000509821 _____ C:\Users\notebook\Downloads\Návod P8R0110Z.pdf
2024-12-08 21:29 - 2024-12-08 21:29 - 000598829 _____ C:\Users\notebook\Downloads\asset-13234047_LEDLUM220 LINK ZHAGA BLUETOOTH® LOW ENERGY MESH CONTROLLER.pdf
2024-12-08 21:27 - 2024-12-08 21:27 - 000239797 _____ C:\Users\notebook\Downloads\Bluetooth Mesh Zhaga Node SILVAIR based_v3.pdf
2024-12-08 10:21 - 2024-12-08 10:21 - 000514967 _____ C:\Users\notebook\Downloads\pozadavkynapripravuodbernehomistaprosdilenielektriny.pdf
2024-12-08 10:18 - 2024-12-08 10:18 - 000051117 _____ C:\Users\notebook\Downloads\cenik_sluzeb_k_01112024.pdf
2024-12-08 09:59 - 2024-12-08 09:59 - 000049608 _____ C:\Users\notebook\Downloads\archiv.pdf
2024-12-01 22:08 - 2024-12-01 22:08 - 000001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom Classic.lnk
2024-11-29 16:10 - 2024-12-09 20:26 - 000001078 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop (Beta).lnk
2024-11-29 16:04 - 2024-11-29 16:04 - 000001064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2025.lnk
2024-11-27 18:01 - 2024-11-27 18:01 - 000633302 _____ C:\Users\notebook\Downloads\datasheet-of-ds-2de3a404iwg-e.pdf
2024-11-15 22:11 - 2024-11-15 22:11 - 002601127 _____ C:\Users\notebook\Downloads\ST-1916-SL-GHE-(Greenice).pdf
2024-11-13 07:38 - 2024-11-13 07:38 - 001383248 _____ C:\Users\notebook\Downloads\CCT99100_HW_2016_49_CS.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-12-11 23:22 - 2022-05-11 10:46 - 000661186 _____ C:\Windows\system32\perfh005.dat
2024-12-11 23:22 - 2022-05-11 10:46 - 000136420 _____ C:\Windows\system32\perfc005.dat
2024-12-11 23:22 - 2021-10-24 21:42 - 001562480 _____ C:\Windows\system32\PerfStringBackup.INI
2024-12-11 23:22 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2024-12-11 23:20 - 2024-08-12 12:20 - 000007612 _____ C:\Users\notebook\AppData\Local\Resmon.ResmonCfg
2024-12-11 23:18 - 2021-10-24 21:39 - 000000000 ____D C:\Users\notebook\AppData\Local\Packages
2024-12-11 23:18 - 2021-10-24 21:39 - 000000000 ____D C:\ProgramData\Packages
2024-12-11 23:18 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-12-11 23:18 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2024-12-11 23:17 - 2022-02-10 19:10 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-12-11 23:17 - 2021-10-24 21:45 - 000000000 ____D C:\ProgramData\NVIDIA
2024-12-11 23:16 - 2024-10-28 17:46 - 000000000 ___RD C:\Users\notebook\iCloudDrive
2024-12-11 23:16 - 2024-03-30 08:40 - 000000000 ____D C:\Users\notebook\AppData\Roaming\Canva
2024-12-11 23:15 - 2021-10-25 15:51 - 000000000 ____D C:\Program Files\TeamViewer
2024-12-11 23:15 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-12-11 23:15 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2024-12-11 23:14 - 2021-12-16 12:22 - 000000000 ____D C:\Windows\SystemTemp
2024-12-11 23:14 - 2021-10-24 21:37 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-12-11 23:14 - 2021-10-24 21:36 - 000008192 ___SH C:\DumpStack.log.tmp
2024-12-11 23:14 - 2021-10-24 21:36 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-12-11 23:14 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState
2024-12-11 23:13 - 2021-11-10 09:33 - 000000000 ____D C:\Program Files (x86)\NetSetMan Pro
2024-12-11 23:06 - 2021-11-07 22:40 - 000000000 ____D C:\Users\notebook\AppData\Local\ESET
2024-12-11 23:02 - 2021-12-25 23:29 - 000000000 ____D C:\Users\notebook\AppData\Local\RealVNC
2024-12-11 23:02 - 2021-12-08 16:20 - 000000000 ____D C:\Windows\Minidump
2024-12-11 23:02 - 2021-10-30 19:26 - 000000000 ____D C:\Users\notebook\AppData\Local\CrashDumps
2024-12-11 23:02 - 2021-10-24 22:36 - 000000000 ____D C:\Windows\Panther
2024-12-11 22:53 - 2021-12-01 10:54 - 000011598 _____ C:\Windows\storelibdebug.txt
2024-12-11 22:42 - 2023-10-15 09:35 - 000000000 ____D C:\Users\Anezka
2024-12-11 22:38 - 2021-10-24 21:42 - 000000000 ____D C:\Users\notebook\AppData\Local\PlaceholderTileLogoFolder
2024-12-11 22:36 - 2023-02-20 23:18 - 000000000 ____D C:\Program Files (x86)\AnyDesk
2024-12-11 22:36 - 2019-12-07 10:03 - 001310720 _____ C:\Windows\system32\config\BBI
2024-12-11 22:17 - 2021-12-01 10:50 - 000000000 ____D C:\Program Files\Common Files\Adobe
2024-12-11 22:17 - 2021-10-24 21:53 - 000000000 ____D C:\Users\notebook\AppData\Local\D3DSCache
2024-12-11 22:15 - 2021-10-24 21:38 - 000000000 ____D C:\Users\notebook
2024-12-11 22:13 - 2022-05-12 12:21 - 000497272 _____ C:\Windows\system32\FNTCACHE.DAT
2024-12-11 22:12 - 2024-07-10 23:41 - 000000000 ____D C:\Windows\system32\compatrel
2024-12-11 22:12 - 2021-10-24 22:38 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-12-11 22:12 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\PrintDialog
2024-12-11 22:12 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-12-11 22:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2024-12-11 22:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2024-12-11 22:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\ShellExperiences
2024-12-11 22:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2024-12-11 22:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2024-12-11 22:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2024-12-11 22:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\appraiser
2024-12-11 22:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellExperiences
2024-12-11 22:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellComponents
2024-12-11 22:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2024-12-11 15:15 - 2024-06-13 18:07 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-12-11 15:15 - 2021-10-24 22:38 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-12-11 12:28 - 2021-11-02 20:02 - 000000000 ____D C:\Users\notebook\Documents\Soubory aplikace Outlook
2024-12-11 06:27 - 2021-10-24 21:40 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2024-12-11 04:08 - 2024-10-11 21:37 - 000003558 _____ C:\Windows\system32\Tasks\Launch Adobe CCXProcess
2024-12-10 18:33 - 2022-10-14 03:28 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-12-10 18:33 - 2022-10-14 03:28 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2024-12-10 18:33 - 2021-11-02 19:02 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2024-12-08 21:45 - 2021-11-01 12:27 - 000000000 ____D C:\Users\notebook\AppData\Roaming\Microsoft\Word
2024-12-06 15:48 - 2021-11-05 08:03 - 000000000 ____D C:\Users\notebook\AppData\Roaming\Microsoft\Excel
2024-12-06 04:40 - 2022-06-30 19:11 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-12-06 04:40 - 2022-06-30 19:11 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-12-05 09:26 - 2022-07-15 20:54 - 000000000 ____D C:\Users\notebook\AppData\Roaming\AnyDesk
2024-12-03 12:17 - 2022-12-18 12:43 - 000000000 ____D C:\Users\notebook\Desktop\urad
2024-12-02 19:40 - 2022-06-30 19:11 - 000000000 ____D C:\Program Files (x86)\Google
2024-12-01 22:08 - 2021-12-01 10:51 - 000000000 ____D C:\Program Files\Adobe
2024-12-01 21:59 - 2024-10-25 20:21 - 000000000 ____D C:\Users\notebook\AppData\Roaming\substanceconnectoropentcp
2024-12-01 20:48 - 2023-03-27 18:14 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2024-11-30 12:57 - 2024-10-08 17:09 - 000000000 ____D C:\Users\notebook\Documents\Allavsoft
2024-11-30 04:08 - 2023-10-15 09:37 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-974978354-1573850093-2182889052-1003
2024-11-30 04:08 - 2023-10-15 09:36 - 000003362 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-974978354-1573850093-2182889052-1003
2024-11-30 04:08 - 2023-10-15 09:36 - 000002416 _____ C:\Users\Anezka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-11-25 21:58 - 2024-03-19 20:32 - 000000000 ____D C:\Users\notebook\Desktop\zpravodaj
2024-11-25 06:05 - 2021-10-25 21:26 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-11-25 06:05 - 2021-10-25 21:26 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-11-22 07:24 - 2024-01-05 11:07 - 000000000 ____D C:\Users\notebook\Desktop\hasiči
2024-11-17 17:32 - 2022-01-14 20:59 - 000000000 ____D C:\Users\notebook\AppData\Roaming\WhatsApp
2024-11-17 16:38 - 2021-11-01 12:36 - 000000000 ____D C:\ProgramData\Adobe
2024-11-16 12:15 - 2021-11-01 12:25 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2024-11-14 00:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2024-11-13 16:29 - 2021-10-25 21:14 - 000000000 ____D C:\Windows\system32\MRT
2024-11-13 16:26 - 2021-10-25 21:14 - 202035632 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories ========

2021-10-30 19:24 - 2021-11-01 09:39 - 000000432 _____ () C:\Users\notebook\IP_Log_Data.js
2021-10-31 18:03 - 2021-11-01 09:19 - 000000068 _____ () C:\Users\notebook\Network_Meter_Data.js
2021-11-03 17:08 - 2021-11-03 17:07 - 000050176 _____ (Digital Wired Limited) C:\Users\notebook\WolCmd.exe
2021-11-02 10:30 - 2014-10-07 09:54 - 000114176 _____ () C:\Program Files\winbox.exe
2021-10-30 19:23 - 2021-10-30 19:26 - 000000626 _____ () C:\Users\notebook\AppData\Roaming\All CPU MeterV3_Settings.ini
2021-10-30 19:23 - 2021-10-30 19:23 - 000000839 _____ () C:\Users\notebook\AppData\Roaming\Drives Meter_Settings.ini
2021-10-30 19:22 - 2021-10-30 19:22 - 000000281 _____ () C:\Users\notebook\AppData\Roaming\GPU MeterV2_Settings.ini
2021-10-30 19:24 - 2021-10-30 19:26 - 000000763 _____ () C:\Users\notebook\AppData\Roaming\Network Meter_Settings.ini
2022-06-16 18:09 - 2022-08-19 23:20 - 000000128 _____ () C:\Users\notebook\AppData\Roaming\winscp.rnd
2021-12-05 20:23 - 2022-09-06 18:59 - 000000128 _____ () C:\Users\notebook\AppData\Local\PUTTY.RND
2024-08-12 12:20 - 2024-12-11 23:20 - 000007612 _____ () C:\Users\notebook\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-12-2024
Ran by notebook (11-12-2024 23:25:21)
Running from C:\Users\notebook\Downloads
Microsoft Windows 10 Home Version 22H2 19045.5247 (X64) (2021-10-24 20:38:12)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-974978354-1573850093-2182889052-500 - Administrator - Disabled)
Anezka (S-1-5-21-974978354-1573850093-2182889052-1003 - Limited - Enabled) => C:\Users\Anezka
DefaultAccount (S-1-5-21-974978354-1573850093-2182889052-503 - Limited - Disabled)
Guest (S-1-5-21-974978354-1573850093-2182889052-501 - Limited - Enabled)
notebook (S-1-5-21-974978354-1573850093-2182889052-1001 - Administrator - Enabled) => C:\Users\notebook
WDAGUtilityAccount (S-1-5-21-974978354-1573850093-2182889052-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {DF8BEACB-94C9-218A-73AD-A78362A8C516}
AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {26E0861C-6FB9-CEF9-E4F0-531986211ACE}
FW: ESET Firewall (Enabled) {E7B06BEE-DEA6-20D2-58F2-0EB69C7B826D}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}
FW: ESET Firewall (Enabled) {1EDB0739-25D6-CFA1-CFAF-FA2C78F25DB5}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4K Video Downloader (HKLM\...\{492E083C-91B8-4B34-BF34-5F1FBE2E4ABB}) (Version: 4.32.0.0108 - Open Media LLC) Hidden
4K Video Downloader (HKLM-x32\...\{1a9e60b1-94e7-4aac-9607-8f8b3967f23f}) (Version: 4.29.0.5640 - Open Media LLC)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 24.005.20320 - Adobe)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 6.4.0.361 - Adobe Inc.)
Adobe Lightroom (HKLM-x32\...\LRCC_8_0) (Version: 8.0 - Adobe Inc.)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_14_0_1) (Version: 14.0.1 - Adobe Inc.)
Adobe Photoshop (Beta) (HKLM-x32\...\PHSPBETA_26_3) (Version: 26.3.0.2899 - Adobe Inc.)
Adobe Photoshop 2024 (HKLM-x32\...\PHSP_25_12) (Version: 25.12.0.806 - Adobe Inc.)
Adobe Photoshop 2025 (HKLM-x32\...\PHSP_26_1) (Version: 26.1.0.121 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601102}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Altap Salamander 4.0 (x64) (HKLM\...\Altap Salamander 4.0 (x64)) (Version: 4.0 - ALTAP)
AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 8.0.10 - AnyDesk Software GmbH)
Apple Mobile Device Support (HKLM\...\{AF0C3D84-6909-4B48-A335-2EC35087BAB0}) (Version: 18.0.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{B292D163-23D2-4523-A699-1ABEC1875609}) (Version: 2.7.0.3 - Apple Inc.)
Ashampoo Burning Studio FREE (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.24.13 - Ashampoo GmbH & Co. KG)
Asian Language And Spelling Dictionaries Support For Adobe Acrobat Reader (HKLM\...\{AC76BA86-7AD7-0000-0000-BC16014E7500}) (Version: 22.001.20085 - Adobe Systems Incorporated)
balenaEtcher 1.7.9 (HKU\S-1-5-21-974978354-1573850093-2182889052-1001\...\d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b) (Version: 1.7.9 - Balena Inc.)
Balíček ovladače systému Windows - Apple, Inc. (USBAAPL) USB (05/19/2017 6.0.9999.69) (HKLM\...\7771A0176A543725D7BBF70A546C096A4EE2DD40) (Version: 05/19/2017 6.0.9999.69 - Apple, Inc.)
Bit4id - Universal MW 1.4.10.698 (HKLM-x32\...\Bit4id - Universal MW (x)) (Version: 1.4.10.698 - Bit4id)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canva (HKU\S-1-5-21-974978354-1573850093-2182889052-1001\...\3d0ba22d-e02b-5c6d-93a1-4e2a9af9c1f2) (Version: 1.88.0 - Canva Pty Ltd)
CCleaner (HKLM\...\CCleaner) (Version: 6.31 - Piriform)
Crypto Native App verze 24.02.8878 (HKLM\...\{79D8049F-2978-4E91-90BD-3428C8FF2E69}_is1) (Version: 24.02.8878 - TESCO SW a.s.)
CrystalDiskMark 8.0.4 (HKLM\...\CrystalDiskMark8_is1) (Version: 8.0.4 - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 11.0.0.1920 - Disc Soft Ltd)
DLOADX v1.20.000 (HKLM-x32\...\DLOADX_is1) (Version: - Satel sp. z o.o.)
EaseUS Partition Master 13.0 Trial Edition (HKLM-x32\...\EaseUS Partition Master Trial Edition_is1) (Version: - EaseUS)
Eaton RF-System CZ verze 2.78 (HKU\S-1-5-21-974978354-1573850093-2182889052-1001\...\{C5BA8F14-9954-452E-88EC-6F0B1F4C4A4F}_is1) (Version: 2.78 - Eaton Industries (Austria) GmbH)
eObčanka (HKLM\...\{ED161D20-FDCF-4C7C-A84E-45B7E05B9BC1}) (Version: 3.3.1.22411 - MONET+, a.s. pro Ministerstvo vnitra České republiky)
ESET Security (HKLM\...\{4DB10B50-978B-4DB0-8127-79F8D302AC5A}) (Version: 18.0.12.0 - ESET, spol. s r.o.)
Fakturky 7.9.0 (HKLM-x32\...\Fakturky 7.9.0_is1) (Version: 7.9.0 - Milan Bánovský)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 131.0.6778.109 - Google LLC)
GX Soft (HKLM\...\GX SOFT_is1) (Version: 01.03.012 - Satel sp. z o.o.)
HP LaserJet M1005 MFP (HKLM\...\HP LaserJet M1005 MFP) (Version: - )
Chrome Remote Desktop Host (HKLM-x32\...\{55B47BFA-C370-41D4-A925-4169F0B4967C}) (Version: 132.0.6834.12 - Google LLC)
iCloud Outlook (HKLM\...\{F35C51FC-B854-4106-89D2-50709F12A4B5}) (Version: 12.5.0.74 - Apple Inc.)
iTunes (HKLM\...\{655EA96D-A278-4566-BECF-50417EF47F1E}) (Version: 12.13.4.4 - Apple Inc.)
iVMS-4200 (HKLM-x32\...\{CE2F96D0-63D2-4B9C-A8D6-0D1A60840BD8}) (Version: 3.11.1.7 - Hangzhou Hikvision Digital Technology Co., Ltd.)
iVMS-4200 Lite_EN (HKLM-x32\...\{DB03E757-F619-463F-9370-28D16DB168C2}) (Version: 1.0.0.5 - hikvision)
iVMS-4200(V2.8.2.2_ML) (HKLM-x32\...\{7697245D-2E00-4B83-AD27-C051DE314D1F}) (Version: 2.8.2.2 - hikvision)
Java 8 Update 311 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180311F0}) (Version: 8.0.3110.11 - Oracle Corporation)
Kutools for Word (HKLM-x32\...\{D37472B8-7ED8-4E3F-BCDA-DBC2485966B6}) (Version: 16.00.10 - ExtendOffice.com) Hidden
Kutools for Word (HKLM-x32\...\Kutools for Word 16.00.10) (Version: 16.00.10 - ExtendOffice.com)
Legion Arena (HKLM-x32\...\Legion Arena_is1) (Version: 1.3.1.1 - Lenovo Group Ltd.)
Lenovo Service Bridge (HKU\S-1-5-21-974978354-1573850093-2182889052-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 5.0.2.17 - Lenovo)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.08.03.59 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 4.2.24.0 - Lenovo Group Ltd.)
LocalServiceComponents (HKLM-x32\...\{80DDB8B4-9C6F-44A2-81AD-155EE6917A9A}_is1) (Version: 1.0.0.82 - )
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 131.0.2903.86 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Retail - cs-cz) (Version: 16.0.18129.20158 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-974978354-1573850093-2182889052-1003\...\OneDriveSetup.exe) (Version: 24.221.1103.0003 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-974978354-1573850093-2182889052-1001\...\Teams) (Version: 1.6.00.1381 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{56F27690-F6EA-3356-980A-02BA379506EE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{1b103cea-f037-4504-81de-956057b442c3}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31326 (HKLM-x32\...\{2d507699-404c-4c8b-a54a-38e352f32cdd}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31326 (HKLM-x32\...\{817e21c1-6b3a-4bc1-8c49-67e4e1887b3a}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31326 (HKLM\...\{38624EB5-356D-4B08-8357-C33D89A5C0C5}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31326 (HKLM\...\{C96241EA-9900-4FE8-85B3-1E238D509DF6}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31326 (HKLM-x32\...\{A250E750-DB3F-40C1-8460-8EF77C7582DA}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31326 (HKLM-x32\...\{46E11E7F-01E1-44D0-BB86-C67342D253DD}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 133.0.3 (x64 cs)) (Version: 133.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 93.0 - Mozilla)
MSI Afterburner 4.6.4 (HKLM-x32\...\Afterburner) (Version: 4.6.4 - MSI Co., LTD)
NetSetMan Pro 5.0.6 (HKLM-x32\...\NetSetMan_is1) (Version: 5.0.6 - NetSetMan GmbH)
NiceHash Miner 3.0.9.2 (only current user) (HKU\S-1-5-21-974978354-1573850093-2182889052-1001\...\8abad8e2-b957-48ed-92ba-4339c2a40e78) (Version: 3.0.9.2 - H-BIT, d.o.o.)
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.39.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.16 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 527.99 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 527.99 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.18129.20100 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.18129.20100 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.18129.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.14026.20302 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 6.1.28 (HKLM\...\{73A88925-78D8-43C3-9F9F-24D4E5DFCD75}) (Version: 6.1.28 - Oracle Corporation)
PDF24 Creator 10.7.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 10.7.0 - PDF24.org)
PERFECTA Soft v1.05.002 (HKLM-x32\...\PERFECTA Soft_is1) (Version: - Satel sp. z o.o.)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22391 - Microsoft Corporation)
PuTTY release 0.76 (64-bit) (HKLM\...\{1E0D5689-40F1-4E46-ABBB-EAAC68B5CD89}) (Version: 0.76.0.0 - Simon Tatham)
Samsung Data Migration (HKLM-x32\...\{3B304604-0BF5-488E-AB95-F2F2E31206F3}) (Version: 4.0.0.18 - Samsung)
SAP Crystal Reports runtime engine for .NET Framework 4 (32-bit) (HKLM-x32\...\{083988D7-BDA9-4244-983B-409A634BBC09}) (Version: 13.0.1.220 - SAP)
Scan To (HKLM\...\{4611EDAA-C48E-4733-87A6-F7901B6983CC}) (Version: 2.0.1 - HP)
SketchUp Language Pack [cs] (HKLM\...\{6cd781ac-8451-52c2-3059-13fd9cfe8fb8}) (Version: 21.1.299.99 - Název společnosti:) Hidden
SketchUp Pro 2021 (HKLM-x32\...\{09480c81-5458-4d69-ab73-ee488fe8c297}) (Version: 21.1.299 - Trimble, Inc.)
SketchUpPro 2021 (HKLM\...\{babe0750-0103-e5e9-d9b7-ad9807e4902d}) (Version: 21.1.299.99 - Název společnosti:) Hidden
Stacher (HKU\S-1-5-21-974978354-1573850093-2182889052-1001\...\Stacher) (Version: 6.0.28 - StacherIO)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.60.3 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\{8B0F211E-5846-4FB2-B0B9-4EB31546FDF9}}_is1) (Version: 2.43.0 - TechPowerUp)
Telegram Desktop (HKU\S-1-5-21-974978354-1573850093-2182889052-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 3.5.1 - Telegram FZ-LLC)
The Dude (HKLM-x32\...\Dude) (Version: - )
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 10.00 - Ghisler Software GmbH)
Trezor Suite 23.11.5 (HKLM\...\978be57b-9286-5cd7-a60b-54c81352a986) (Version: 23.11.5 - SatoshiLabs)
Unet (HKU\S-1-5-21-974978354-1573850093-2182889052-1001\...\5b58f7d685545acb) (Version: 1.3.1.25 - Unet)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation)
UXP WebView Support (HKLM-x32\...\UXPW_1_2_0) (Version: 1.2.0 - Adobe Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN)
VNC Viewer 6.21.1109 (HKLM\...\{BE69C60A-878F-4E3B-A66D-21AC2A9DBA47}) (Version: 6.21.1109.45988 - RealVNC)
Web Components (HKLM-x32\...\{03B13AF8-9625-478A-AF0E-205337B9415A}_is1) (Version: 3.0.6.46 - )
WhatsApp (Outdated) (HKU\S-1-5-21-974978354-1573850093-2182889052-1001\...\WhatsApp) (Version: 2.2326.10 - WhatsApp)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
WinSCP 5.21.2 (HKLM-x32\...\winscp3_is1) (Version: 5.21.2 - Martin Prikryl)
Wondershare Helper Compact 2.5.3 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.3 - Wondershare)
Wondershare Video Converter Ultimate(Build 10.4.1.188) (HKLM-x32\...\Video Converter Ultimate_is1) (Version: 10.4.1.188 - Wondershare Software)
ZPS 19 CZ (HKU\S-1-5-21-974978354-1573850093-2182889052-1001\...\{E83AA227-7862-F115-2E87-46DCA9E3D879}) (Version: v.19.2004.2.262 - 18.08.2020 - libbi)

Chrome apps:
============
Disk Google (HKU\S-1-5-21-974978354-1573850093-2182889052-1003\...\ed2ca5b644b04e751abd20ecf720888f) (Version: 1.0 - Google\Chrome)
Dokumenty (HKU\S-1-5-21-974978354-1573850093-2182889052-1003\...\1dac72e7aa6f5ed46cee3c482c3ee048) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-974978354-1573850093-2182889052-1003\...\8e8129ce2aaf5783859ad07be4261ba5) (Version: 1.0 - Google\Chrome)
Prezentace (HKU\S-1-5-21-974978354-1573850093-2182889052-1003\...\fff6fd4b8312579937c74c9a5719de33) (Version: 1.0 - Google\Chrome)
Tabulky (HKU\S-1-5-21-974978354-1573850093-2182889052-1003\...\8ed95ce042e73f9e7744aae8577373b4) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-974978354-1573850093-2182889052-1003\...\4aab3158d9ae096e412d5cf87b1fb476) (Version: 1.0 - Google\Chrome)

Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-12-10] ()
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_6.0.0.1_x86__enpm4xejd91yc [2024-10-11] (Adobe Systems Incorporated)
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.40028.0_x64__0a9344xs7nr4m [2024-12-11] (Advanced Micro Devices Inc.) [Startup Task]
Convert HEIC to JPG -> C:\Program Files\WindowsApps\SoftOrbits.ConvertHEICtoJPG_10.1.0.0_x64__9808nkjsftezr [2023-10-14] (SoftOrbits)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-10-31] (Microsoft Corporation)
EOB PT-WIFI -> C:\Program Files\WindowsApps\ELEKTROBOCKCZs.r.o.EOBPT-WIFI_1.1.165.0_x86__essevpzypqcq2 [2024-09-09] (ELEKTROBOCK CZ s.r.o.)
ChatGPT -> C:\Program Files\WindowsApps\OpenAI.ChatGPT-Desktop_1.2024.337.0_x64__2p2nqsd0c76g0 [2024-12-05] (OpenAI) [Startup Task]
iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.138.0_x64__nzyj5cx40ttqa [2024-11-18] (Apple Inc.) [Startup Task]
Lenovo Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2411.25.0_x64__k1h2ywk1493x8 [2024-12-09] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-10-25] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-10-25] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.966.0_x64__56jybvy8sckqj [2024-04-24] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.22.240.0_x64__dt26b99r8h8gj [2023-10-15] (Realtek Semiconductor Corp)
Spotify – hudba a podcasty -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0 [2024-12-05] (Spotify AB) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2447.5.0_x64__cv1g1gvanyjgm [2024-12-07] (WhatsApp Inc.) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-974978354-1573850093-2182889052-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\notebook\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler) [File not signed]
CustomCLSID: HKU\S-1-5-21-974978354-1573850093-2182889052-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\notebook\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler) [File not signed]
CustomCLSID: HKU\S-1-5-21-974978354-1573850093-2182889052-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\notebook\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.22349.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-974978354-1573850093-2182889052-1001_Classes\CLSID\{20894375-46AE-46E2-BAFD-CB38975CDCE6}\InprocServer32 -> C:\Users\notebook\AppData\Local\Microsoft\OneDrive\21.196.0921.0007\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-974978354-1573850093-2182889052-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-974978354-1573850093-2182889052-1001_Classes\CLSID\{308EB8CF-0318-4766-AD83-98078233887A} -> [iCloud Drive] => C:\Users\notebook\iCloudDrive [2024-10-28 17:46]
CustomCLSID: HKU\S-1-5-21-974978354-1573850093-2182889052-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-974978354-1573850093-2182889052-1001_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\localserver32 -> "C:\Users\notebook\AppData\Local\Microsoft\OneDrive\21.196.0921.0007\Microsoft.SharePoint.exe" => No File
CustomCLSID: HKU\S-1-5-21-974978354-1573850093-2182889052-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\notebook\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS -> A-Volute)
CustomCLSID: HKU\S-1-5-21-974978354-1573850093-2182889052-1001_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\localserver32 -> "C:\Users\notebook\AppData\Local\Microsoft\OneDrive\21.196.0921.0007\Microsoft.SharePoint.exe" => No File
CustomCLSID: HKU\S-1-5-21-974978354-1573850093-2182889052-1001_Classes\CLSID\{C78B614F-F3EA-11D2-94A1-00E0292A01E3}\InprocServer32 -> C:\Program Files\Altap Salamander\utils\salextx64.dll (Fine spol. s r.o. -> ALTAP)
CustomCLSID: HKU\S-1-5-21-974978354-1573850093-2182889052-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\notebook\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-974978354-1573850093-2182889052-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2022-03-30] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2022-03-30] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2022-03-30] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-10-11] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-10-11] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-10-11] (Adobe Inc. -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-10-11] (Adobe Inc. -> )
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-11-04] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2022-03-30] (Mega Limited -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2021-11-01] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-11-04] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2022-03-30] (Mega Limited -> )
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2021-11-01] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2022-03-30] (Mega Limited -> )
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2022-03-30] (Mega Limited -> )
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Windows\System32\atiacm64.dll [2021-08-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_f08209179a3354de\nvshext.dll [2023-03-09] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-10-11] (Adobe Inc. -> )
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-11-04] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2006-04-23 18:56 - 2006-04-23 18:56 - 000036864 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\Enumeration.dll
2006-04-23 18:56 - 2006-04-23 18:56 - 000106496 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\HPToolkit.dll
2006-04-23 18:56 - 2006-04-23 18:56 - 000057344 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\HPTools.dll
2006-04-23 19:02 - 2006-04-23 19:02 - 000057344 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\HPUsageTracking.dll
2021-11-29 15:49 - 2021-11-29 15:49 - 000010752 _____ () [File not signed] [File is in use] C:\Windows\assembly\GAC\Interop.hpqusg\3.0.0.0__a53cf5803f4c3827\Interop.hpqusg.dll
2024-09-08 12:16 - 2023-11-16 14:50 - 002354688 _____ () [File not signed] C:\Program Files (x86)\LocalServiceComponents\AudioIntercom.dll
2024-09-08 12:16 - 2023-11-16 14:50 - 000666112 _____ () [File not signed] C:\Program Files (x86)\LocalServiceComponents\AudioProcess.dll
2024-09-08 12:16 - 2023-11-16 14:50 - 000151552 _____ () [File not signed] C:\Program Files (x86)\LocalServiceComponents\AudioRender.dll
2024-09-08 12:16 - 2023-11-16 14:50 - 000306688 _____ () [File not signed] C:\Program Files (x86)\LocalServiceComponents\CascadeClient.dll
2024-09-08 12:16 - 2023-11-16 14:50 - 000947712 _____ () [File not signed] C:\Program Files (x86)\LocalServiceComponents\hlog.dll
2024-09-08 12:16 - 2023-11-16 14:50 - 000180736 _____ () [File not signed] C:\Program Files (x86)\LocalServiceComponents\hpr.dll
2024-09-08 12:16 - 2023-11-16 14:51 - 000503808 _____ () [File not signed] C:\Program Files (x86)\LocalServiceComponents\NetStream.dll
2024-09-08 12:16 - 2023-11-16 14:50 - 000375808 _____ () [File not signed] C:\Program Files (x86)\LocalServiceComponents\OpenAL32.dll
2024-09-08 12:16 - 2023-11-16 14:50 - 004978688 _____ () [File not signed] C:\Program Files (x86)\LocalServiceComponents\PlayCtrl.dll
2024-09-08 12:16 - 2023-11-16 14:50 - 000722432 _____ () [File not signed] C:\Program Files (x86)\LocalServiceComponents\StreamTransClient.dll
2024-09-08 12:16 - 2023-11-16 14:50 - 000822784 _____ () [File not signed] C:\Program Files (x86)\LocalServiceComponents\SystemTransform.dll
2024-09-08 12:16 - 2023-11-16 14:50 - 000213128 _____ () [File not signed] C:\Program Files (x86)\LocalServiceComponents\VBCSystemTransform.dll
2024-09-08 12:16 - 2023-11-16 14:53 - 001023488 _____ () [File not signed] C:\Program Files (x86)\LocalServiceComponents\video_control.dll
2024-03-30 08:40 - 2024-06-11 02:59 - 002881536 _____ () [File not signed] C:\Users\notebook\AppData\Local\Programs\Canva\ffmpeg.dll
2024-09-08 12:16 - 2023-11-16 14:50 - 000380416 _____ (<杭州海康威视系统技术有限公司>) [File not signed] C:\Program Files (x86)\LocalServiceComponents\media_client.dll
2024-09-08 12:16 - 2023-11-16 14:50 - 000195072 _____ (<杭州海康威视系统技术有限公司>) [File not signed] C:\Program Files (x86)\LocalServiceComponents\vag_playctrl.dll
2022-02-24 15:43 - 2022-02-24 15:43 - 002121936 _____ (Bit4id srl hxxp://www.bit4id.com) [File not signed] C:\Windows\system32\bit4xpki.dll
2022-01-28 16:51 - 2022-01-28 16:51 - 000267776 _____ (bit4id srl) [File not signed] C:\Windows\system32\bit4upki-store.dll
2024-09-08 12:16 - 2023-11-16 14:50 - 000038400 _____ (HangZhou Hikvision System Technology Co., Ltd.) [File not signed] C:\Program Files (x86)\LocalServiceComponents\htrace.dll
2005-09-23 01:28 - 2005-09-23 01:28 - 000344064 _____ (Hewlett-Packard Development Company, L.P.) [File not signed] C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpqusg.dll
2024-09-08 12:16 - 2023-11-16 14:50 - 000411136 _____ (Hikvision) [File not signed] C:\Program Files (x86)\LocalServiceComponents\AnalyzeData.dll
2024-09-08 12:16 - 2023-11-16 14:50 - 001480192 _____ (Hikvision) [File not signed] C:\Program Files (x86)\LocalServiceComponents\HPSClient.dll
2024-09-08 12:16 - 2023-11-16 14:50 - 002007552 _____ (Hikvision) [File not signed] C:\Program Files (x86)\LocalServiceComponents\NPClient.dll
2024-09-08 12:16 - 2023-11-16 14:50 - 000183296 _____ (HIKVISION) [File not signed] C:\Program Files (x86)\LocalServiceComponents\slf.dll
2021-11-01 12:26 - 2021-11-01 12:26 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems32.dll] C:\Program Files (x86)\Microsoft Office\root\Office16\AppvIsvSubsystems32.dll
2021-11-01 12:26 - 2021-11-01 12:26 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R32.dll] C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll
2024-09-08 12:16 - 2023-11-16 14:50 - 002113024 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\LocalServiceComponents\libcrypto-1_1.dll
2024-09-08 12:16 - 2023-11-16 14:50 - 000502272 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\LocalServiceComponents\libssl-1_1.dll
2024-09-08 12:16 - 2023-11-16 14:50 - 001020928 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\LocalServiceComponents\platforms\qwindows.dll
2024-09-08 12:16 - 2023-11-16 14:50 - 004666368 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\LocalServiceComponents\Qt5Core.dll
2024-09-08 12:16 - 2023-11-16 14:50 - 005013504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\LocalServiceComponents\Qt5Gui.dll
2024-09-08 12:16 - 2023-11-16 14:50 - 000851968 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\LocalServiceComponents\Qt5Network.dll
2024-09-08 12:16 - 2023-11-16 14:50 - 004459008 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\LocalServiceComponents\Qt5Widgets.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============

HKU\S-1-5-21-974978354-1573850093-2182889052-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://dohled.unet.cz/gis/GisUnetApp.xbap
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2024-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2024-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\ssv.dll [2021-10-24] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\jp2ssv.dll [2021-10-24] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2024-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2024-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2024-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2024-10-31] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-974978354-1573850093-2182889052-1001\...\unet.cz -> hxxps://dohled.unet.cz

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2022-01-06 17:36 - 000000859 _____ C:\Windows\system32\drivers\etc\hosts
0.0.0.0 account.zoner.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\PuTTY\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-974978354-1573850093-2182889052-1001\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-974978354-1573850093-2182889052-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Anezka\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 84.16.96.225 - 84.16.96.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

Network Binding:
=============
Wi-Fi: Realtek RTL8852AE WiFi 6 802.11ax PCIe Adapter -> rtwlane6.sys
Ethernet: Realtek PCIe GbE Family Controller -> rt640x64.sys
Síťové připojení Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys
VirtualBox Host-Only Network: VirtualBox Host-Only Ethernet Adapter -> VBoxNetAdp6.sys

oracle_VBoxNetLwf: VirtualBox NDIS6 Bridged Networking Driver

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "PDF24"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-974978354-1573850093-2182889052-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C172E5D3-CCE4-4A80-9C48-BE9430CA2E19}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6945290B-C002-40DF-AA09-82019D2F9F94}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{5333B7E7-9680-4518-9654-152FC07AAB01}C:\users\notebook\downloads\winbox64.exe] => (Allow) C:\users\notebook\downloads\winbox64.exe (Mikrotikls SIA -> )
FirewallRules: [UDP Query User{A6A24F1D-B815-44B7-9C24-BC54939428EB}C:\users\notebook\downloads\winbox64.exe] => (Allow) C:\users\notebook\downloads\winbox64.exe (Mikrotikls SIA -> )
FirewallRules: [{2067CB11-D060-488A-A8BB-90497586DB38}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{9F4F4C27-A22F-4316-B1EE-9DC30E9265F5}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{A25E739A-7A9F-4B3C-8FE5-679B4B35F975}] => (Allow) C:\Users\notebook\AppData\Local\Programs\Opera\80.0.4170.72\opera.exe => No File
FirewallRules: [{A759E5E3-1D3F-4263-9E99-5E2FE7514CE7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BC577A20-4264-4F2B-ADF8-E46A290D12D2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{DDE15377-7F0F-414E-9BE0-EAE092489173}C:\windows\winbox.exe] => (Allow) C:\windows\winbox.exe () [File not signed]
FirewallRules: [UDP Query User{76C8108C-B35D-414D-8244-5F26F0C3E020}C:\windows\winbox.exe] => (Allow) C:\windows\winbox.exe () [File not signed]
FirewallRules: [TCP Query User{00725739-4E00-4916-B558-02CF5A544E1B}C:\users\notebook\desktop\winbox.exe] => (Allow) C:\users\notebook\desktop\winbox.exe (SIA "Mikrotīkls" -> )
FirewallRules: [UDP Query User{07253949-8EE4-4973-A500-98CD2F12F4AF}C:\users\notebook\desktop\winbox.exe] => (Allow) C:\users\notebook\desktop\winbox.exe (SIA "Mikrotīkls" -> )
FirewallRules: [{9ACF88C4-2BBA-4045-B1D3-8A1B79AED3A9}] => (Allow) C:\Users\notebook\AppData\Local\Temp\7zS00E2\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{C6C330E0-D2E7-42CB-B056-55CB4CFB5D84}] => (Allow) C:\Users\notebook\AppData\Local\Temp\7zS00E2\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{BE1F0660-2994-4A4E-8870-F48FF9042CC2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{240D08E5-3F24-440F-9EBD-91A9AD08B9F3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{471D58DE-AC87-454F-B2CE-12BF3C6BBBDF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A6BDDBEC-EBA6-4FF6-92B6-5A981F42508A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{994F715A-C5E4-4E06-A447-49AE0B0EF6F7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{40C7B497-EF52-4252-9415-F08A5E08EF9F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{55B16A25-E0E2-4B81-A72B-1910080C2279}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManager.exe => No File
FirewallRules: [{851BBE08-05B4-42C7-8332-FFEB405FC970}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManager.exe => No File
FirewallRules: [{6E1A3C19-C507-4E5A-B451-A5275F575F85}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManagerCoreServices.exe => No File
FirewallRules: [{A3588C12-D4CF-4CB8-8B8F-F13AEEAD1CDB}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManagerCoreServices.exe => No File
FirewallRules: [{0D73D1BC-0459-4F5B-ACFB-3C6D27110CA0}] => (Allow) C:\STAZENO\icarefone.exe (Tenorshare Co., Ltd. -> Tenorshare Co., Ltd.)
FirewallRules: [{4E2DBFBB-F97E-4993-B635-EA2C20DF26C8}] => (Allow) C:\STAZENO\icarefone.exe (Tenorshare Co., Ltd. -> Tenorshare Co., Ltd.)
FirewallRules: [{7AA412DB-A86E-4F07-968D-5499427824E8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4A760018-090B-4A09-B1F9-2C26456EF8DE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B1C7BA93-D9CC-4BFE-B895-DAB95B9A0D2C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E38B53C3-A24C-4BFB-9A32-E288E94AC7F6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EDAAB580-C07E-4F4C-87F6-F35CB5FD3981}] => (Allow) C:\Program Files (x86)\Syncios\Syncios Mobile Manager\Syncios Mobile Manager.exe => No File
FirewallRules: [{716E9E08-2570-41EE-91E7-7EC424315C7C}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E008911E-C653-4D33-B5B4-43D524C8AEE5}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{EE60A29F-8AC4-47E5-9716-1C8A2BE5825C}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C7EB3334-D5FF-4767-8EDC-971D8AE10249}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{964E1A56-2A1F-46B7-9EF7-BE9C04C39552}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A40149E7-EC61-46CA-81A1-325B2A904AE2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B84F5B95-072C-4418-A5EC-26ECBCCD78DD}] => (Allow) C:\STAZENO\hitpaw-video-converter_11722095696502683701.exe => No File
FirewallRules: [{918F09AB-6F11-40D0-A7A1-771F6352CBA4}] => (Allow) C:\STAZENO\hitpaw-video-converter_11722095696502683701.exe => No File
FirewallRules: [{821E0BCE-9E28-4583-8821-E8D010C0545B}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> Lenovo)
FirewallRules: [{2A178C92-F3E9-4708-A15B-2093EE77F90E}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> Lenovo)
FirewallRules: [{AF5430D0-A872-464D-94D4-E674A864428E}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D98952AD-8FCB-4B78-A85B-8F5B174C6956}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{99DB5AF5-9972-4C89-B4F8-5127F97F78C3}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{5D233C4E-41E2-49CA-B4A0-736EE769F782}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D67D1635-D398-4DCD-8A2E-B1B70924DDEB}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{87F2C801-AA91-46D7-BBD2-1ABF6D8DB49A}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{FE02E39E-3472-447C-A969-5EC1D79A4E67}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\132.0.6834.12\remoting_host.exe (Google LLC -> Google LLC)
FirewallRules: [{794F8EE2-087A-4EE3-899D-45C5BB7CD9E0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.133.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0862A73B-653A-4CCC-8461-184DD282B428}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.133.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D2E66B96-926A-474E-B855-C15AC017DD9F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.133.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D8101A23-38F7-41E4-A341-D4463C91D864}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.133.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{96ECE230-8E23-4CE1-B29E-414197ED69FF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1CE22B97-7961-48EC-A9DC-267141E705F6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D27597FE-4053-4071-841F-9BC045879E83}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BA8D0637-7FD1-4CD0-8F2A-F44FCD328A06}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{CF629772-9AF2-4C25-A126-EA100B328C32}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EB92ABCB-3D22-4C04-889C-29012176BD42}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1E321E64-3505-4A6D-A5BF-95F5254BCCA0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B5E0B8F6-3BED-430F-935B-E61AEA2F4FE8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{96637346-5394-4BD8-A6C2-B142F981026F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A1970887-1AB2-4580-8A7D-159F2D620452}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{10658BF7-0C82-4403-B206-75C09547828E}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{2C24853C-4FD6-4AB2-81C8-A3FD90273D02}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.86\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{812977CC-B0DD-41FC-92E2-135F06FBA2D4}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{030F3C0D-2B74-4EB3-9A35-713E790DA9CB}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{66BB45D0-CD8E-4CDA-9633-19B7D14F5464}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{1729E0D9-E5C4-46A3-BCF5-0F65C0EDF40C}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{4A87216A-42D0-40A5-9583-9264239B0125}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{C23E29BA-61C4-4F9E-821D-4309986F6BE0}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (12/11/2024 11:18:08 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Windows\system32\svchost.exe -k netsvcs -p -s wuauserv; Popis = Windows Update; Chyba = 0x80070422).

Error: (12/11/2024 11:17:24 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Windows\system32\svchost.exe -k netsvcs -p -s wuauserv; Popis = Windows Update; Chyba = 0x80070422).

Error: (12/11/2024 11:15:45 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.5071_none_7e3c4e707c6a2679\TiWorker.exe -Embedding; Popis = Instalační služba modulů systému Windows; Chyba = 0x80070422).

Error: (12/11/2024 11:15:12 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro DOMA\LEGION$ přes https://AMD-KeyId-52fb59e29aa83a962fb9e ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 11 Dec 2024 22:15:12 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: fbd41fa6-d720-4f6b-a391-01317a7662eb

Metoda: GET(328ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (12/11/2024 11:12:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program firefox.exe verze 133.0.3.387 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 2d60

Čas spuštění: 01db4c18da7382e0

Čas ukončení: 11

Cesta k aplikaci: C:\Program Files\Mozilla Firefox\firefox.exe

ID hlášení: 3de42c14-8ca9-4169-9546-18a165cf67ad

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (12/11/2024 11:04:14 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1000) (User: NT AUTHORITY)
Description: Přístup k datům o výkonu byl odepřen pro uživatele SYSTEM (hodnota z GetUsera() pro běžící vlákno), když došlo k příslušnému pokusu z modulu C:\Windows\system32\wbem\wmiprvse.exe (hodnota z GetModuleFileName() pro binární soubor, který vystavil dotaz).

Error: (12/11/2024 10:37:20 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro DOMA\LEGION$ přes https://AMD-KeyId-52fb59e29aa83a962fb9e ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 11 Dec 2024 21:37:20 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: e3303fc2-41c2-4339-a767-fb71fb4a256b

Metoda: GET(516ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (12/11/2024 10:36:32 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro DOMA\LEGION$ přes https://AMD-KeyId-52fb59e29aa83a962fb9e ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 11 Dec 2024 21:36:31 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 939e9356-a32f-4ed8-81b9-174a817eb110

Metoda: GET(391ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)


System errors:
=============
Error: (12/11/2024 11:17:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (12/11/2024 11:17:12 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (60000 ms).

Error: (12/11/2024 11:14:58 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (22:36:59, ‎11.‎12.‎2024) bylo neočekávané.

Error: (12/11/2024 11:01:38 PM) (Source: DCOM) (EventID: 10000) (User: LEGION)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (12/11/2024 10:39:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (12/11/2024 10:39:04 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (60000 ms).

Error: (12/11/2024 10:36:04 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (22:27:00, ‎11.‎12.‎2024) bylo neočekávané.

Error: (12/11/2024 10:32:34 PM) (Source: DCOM) (EventID: 10010) (User: LEGION)
Description: Server {CE6AF8E5-3A75-4AF5-BD59-C42E7228B4F4} se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
================
Date: 2023-05-17 02:42:13
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {0941E23A-7584-4697-897D-6B87B1A7CEA2}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-05-16 02:42:12
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D920A963-AAE1-4CBA-A852-0E96F5A5CF64}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-05-15 02:42:11
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5C958202-F6AF-42BE-8C5E-01BE26E02A43}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-05-14 02:42:11
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {ADE9F70A-6221-484E-A500-C887EC37B5F6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-05-13 02:42:10
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {A11E8EAE-3212-4136-A23C-3F9BCBC2EE30}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2024-12-11 23:24:41
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO GKCN65WW 01/16/2024
Motherboard: LENOVO LNVNB161216
Processor: AMD Ryzen 5 5600H with Radeon Graphics
Percentage of memory in use: 43%
Total physical RAM: 14188.06 MB
Available physical RAM: 8060.58 MB
Total Virtual: 18284.06 MB
Available Virtual: 11092.97 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.9 GB) (Free:535.65 GB) (Model: Samsung SSD 980 1TB) NTFS
Drive d: () (Fixed) (Total:476.94 GB) (Free:201.9 GB) (Model: Micron MTFDHBA512TDV) NTFS

\\?\Volume{befef8f7-3d99-11ec-8a7e-744ca1a9f4f2}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS
\\?\Volume{ebd50061-274f-4c9c-ba63-eeedfc4f9391}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 7ACDD208)

Partition: GPT.

==========================================================
Disk: 1 (Size: 476.9 GB) (Disk ID: 7ACDD208)

Partition: GPT.

==================== End of Addition.txt =======================

Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM-x32\...\Run: [HPUsageTracking] => "C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\hppusg.exe" "C:\Program Files (x86)\Hewlett-Packard\HP UT\" [0 0000-00-00] () <==== ATTENTION [zero byte File/Folder]
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-974978354-1573850093-2182889052-1001\...\MountPoints2: {175e9985-3aef-11ec-8a78-744ca1a9f4f2} - "E:\setup.EXE" /AUTORUN
HKU\S-1-5-21-974978354-1573850093-2182889052-1001\...\MountPoints2: {72b2b7c5-7ce5-11ec-8a91-744ca1a9f4f2} - "I:\SISetup.exe"
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {7DD4BF07-0D65-4D95-BFDB-C03ED87890EC} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{6866240C-1D77-4369-8244-4B8D8151EA5B} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {BF3ACEC7-B9AC-4F72-A5D8-AA82CA9207FB} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-974978354-1573850093-2182889052-1003 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (No File)
Task: {C36737E7-685F-42F3-B0F8-F7BABD07F7B3} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-974978354-1573850093-2182889052-1003 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {F3B2383E-A9B0-4DA4-870F-63373B6D5F46} - System32\Tasks\Opera scheduled Autoupdate 1635765696 => C:\Users\notebook\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {BF3ACEC7-B9AC-4F72-A5D8-AA82CA9207FB} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-974978354-1573850093-2182889052-1003 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (No File)
Task: {C36737E7-685F-42F3-B0F8-F7BABD07F7B3} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-974978354-1573850093-2182889052-1003 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {76F2F448-14AC-47FF-AE79-14D22EE61ABE} - System32\Tasks\Opera scheduled assistant Autoupdate 1635765698 => C:\Users\notebook\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\notebook\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {F3B2383E-A9B0-4DA4-870F-63373B6D5F46} - System32\Tasks\Opera scheduled Autoupdate 1635765696 => C:\Users\notebook\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
C:\DumpStack.log.tmp
CustomCLSID: HKU\S-1-5-21-974978354-1573850093-2182889052-1001_Classes\CLSID\{20894375-46AE-46E2-BAFD-CB38975CDCE6}\InprocServer32 -> C:\Users\notebook\AppData\Local\Microsoft\OneDrive\21.196.0921.0007\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-974978354-1573850093-2182889052-1001_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\localserver32 -> "C:\Users\notebook\AppData\Local\Microsoft\OneDrive\21.196.0921.0007\Microsoft.SharePoint.exe" => No File
CustomCLSID: HKU\S-1-5-21-974978354-1573850093-2182889052-1001_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\localserver32 -> "C:\Users\notebook\AppData\Local\Microsoft\OneDrive\21.196.0921.0007\Microsoft.SharePoint.exe" => No File
FirewallRules: [{A25E739A-7A9F-4B3C-8FE5-679B4B35F975}] => (Allow) C:\Users\notebook\AppData\Local\Programs\Opera\80.0.4170.72\opera.exe => No File
FirewallRules: [{9ACF88C4-2BBA-4045-B1D3-8A1B79AED3A9}] => (Allow) C:\Users\notebook\AppData\Local\Temp\7zS00E2\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{C6C330E0-D2E7-42CB-B056-55CB4CFB5D84}] => (Allow) C:\Users\notebook\AppData\Local\Temp\7zS00E2\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{55B16A25-E0E2-4B81-A72B-1910080C2279}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManager.exe => No File
FirewallRules: [{851BBE08-05B4-42C7-8332-FFEB405FC970}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManager.exe => No File
FirewallRules: [{6E1A3C19-C507-4E5A-B451-A5275F575F85}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManagerCoreServices.exe => No File
FirewallRules: [{A3588C12-D4CF-4CB8-8B8F-F13AEEAD1CDB}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManagerCoreServices.exe => No File
FirewallRules: [{EDAAB580-C07E-4F4C-87F6-F35CB5FD3981}] => (Allow) C:\Program Files (x86)\Syncios\Syncios Mobile Manager\Syncios Mobile Manager.exe => No File
FirewallRules: [{B84F5B95-072C-4418-A5EC-26ECBCCD78DD}] => (Allow) C:\STAZENO\hitpaw-video-converter_11722095696502683701.exe => No File
FirewallRules: [{918F09AB-6F11-40D0-A7A1-771F6352CBA4}] => (Allow) C:\STAZENO\hitpaw-video-converter_11722095696502683701.exe => No File

EmptyTemp:
Hosts:
End

Uložte do C:\Users\notebook\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.