Prosím o prev. kontrolu. PC mně hlasilo pokusy o neoprávnšné přihlášeí k mému účtu.
Napsal: 23 bře 2025 12:57
f an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{D6FE37A1-1D14-4D1D-984E-5E79C2C55BD1}] => (Block) C:\users\o\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{66DBF78D-7F33-413B-A784-8BB554FFBD06}] => (Block) C:\users\o\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{E3972142-1428-4B40-93A7-479B4EA9CF3D}C:\users\o\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\o\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{60B11243-D286-4A87-A86D-2B083836908E}C:\users\o\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\o\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{39E9C860-4CC5-48E0-BA99-079BCDC6F42A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4E58E12F-0CA7-442C-9A8F-04BBCA046A13}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{74EF2E72-8999-4C9D-B3C9-45C71A20E2AB}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Gen Digital Inc. -> Gen Digital Inc.)
FirewallRules: [{8AD5C1B0-4316-4CFE-A003-4C9099F9D275}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Gen Digital Inc. -> Gen Digital Inc.)
FirewallRules: [{27D8CC21-59B4-4206-8E71-4D7D04B68A9A}] => (Allow) C:\Program Files\HP\HP DeskJet 5820 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{85CDAB00-8A8C-4601-92E8-737E46FD87CE}] => (Allow) LPort=5357
FirewallRules: [{E284F53D-7B83-4FC4-96C3-B1D53163CE89}] => (Allow) C:\Program Files\HP\HP DeskJet 5820 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{A2492D2F-CAD6-42FB-B6BE-F1E0F5213805}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{973784AC-3C10-4CC2-A6EC-14618B4E8884}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{20659D71-2ED4-4A69-B291-AE289623B913}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{042D4FB7-32E2-4C3B-BC9B-3FDE7EF07EED}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{8E423AD2-509D-402C-B180-1F6EAF3BF7DE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{ED181480-39C5-40DD-BEEC-21E3B135F706}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{AC70D577-A9F8-4065-9208-78C8531EA168}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{428D4519-758F-430B-BFDB-76D3DA169E42}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{94D30273-EE3D-4474-B927-A6C6CBF3F9C0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{03F11D38-2F5A-4286-B8C3-500386FD3219}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{E88FC328-2386-4CA7-953D-1465185B4327}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{642A033F-7F45-4902-AFA2-C135FFABE257}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{6503B5CD-0E9F-4321-BA30-FAB82F11F850}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\134.0.3124.72\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8AB44E49-9FA3-4B73-91E2-523B164A5BC1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{A5408503-D489-4A18-B959-E864252B5BCB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3209.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A89B24FD-32EC-44CA-9ADE-9124A42CEB06}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3209.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1C26CE84-B060-424F-BA00-CE593B605066}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3209.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6E5FDF43-89C2-4930-9D3A-4C7B55AD189E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3209.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
26-02-2025 08:10:55 Instalační služba modulů systému Windows
11-03-2025 13:14:41 Naplánovaný kontrolní bod
12-03-2025 07:48:13 Instalační služba modulů systému Windows
21-03-2025 08:01:30 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
Name: Standardní klávesnice PS/2
Description: Standardní klávesnice PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní klávesnice)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Myš Microsoft PS/2
Description: Myš Microsoft PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: ========================
Application errors:
==================
Error: (03/22/2025 05:24:11 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002
Error: (03/22/2025 05:24:11 PM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002
Error: (03/22/2025 05:24:11 PM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003
Error: (03/21/2025 05:07:56 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002
Error: (03/21/2025 05:07:56 PM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002
Error: (03/21/2025 05:07:56 PM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003
Error: (03/21/2025 08:01:11 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (03/21/2025 07:31:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GameBar.exe, verze: 7.225.2131.0, časové razítko: 0x67ae29f1
Název chybujícího modulu: GameBar.exe, verze: 7.225.2131.0, časové razítko: 0x67ae29f1
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000408b6
ID chybujícího procesu: 0x24f8
Čas spuštění chybující aplikace: 0x01db9a2af187ee01
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_7.225.2131.0_x64__8wekyb3d8bbwe\GameBar.exe
Cesta k chybujícímu modulu: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_7.225.2131.0_x64__8wekyb3d8bbwe\GameBar.exe
ID zprávy: d4737338-4916-40e8-90e2-1c6aa517c138
Úplný název chybujícího balíčku: Microsoft.XboxGamingOverlay_7.225.2131.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App
System errors:
=============
Error: (03/23/2025 07:47:43 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931
Error: (03/23/2025 07:44:49 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Zprostředkovatel monitorování Ochrany System Guard v režimu runtime byla ukončena s následující chybou:
%%3489660935
Error: (03/23/2025 07:44:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Google Update (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (03/23/2025 07:44:48 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Google Update (gupdate) bylo dosaženo časového limitu (30000 ms).
Error: (03/23/2025 07:42:48 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_6bdd6 byla ukončena s následující chybou:
Zařízení není připraveno.
Error: (03/22/2025 07:27:05 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931
Error: (03/22/2025 07:24:11 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Zprostředkovatel monitorování Ochrany System Guard v režimu runtime byla ukončena s následující chybou:
%%3489660935
Error: (03/22/2025 07:24:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Google Update (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Windows Defender:
================
Date: 2020-12-06 10:14:56
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {388A04F6-1781-437E-BCC1-6D9A722BF871}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-12-06 07:18:31
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5D7C26DB-716E-4592-94E5-50101B0BED4E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-12-04 15:14:05
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {BAA004E1-8477-4695-9CB6-DF8FDCA4F1B7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-12-04 12:35:34
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {76996594-6B4E-4B25-8E9B-C101E076753D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-12-04 10:14:07
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {C01D6D25-4571-4111-BFD6-03BAA402C7CE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
CodeIntegrity:
===============
Date: 2025-03-23 12:24:26
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. C.70 05/23/2016
Motherboard: MSI B150 PC MATE (MS-7971)
Processor: Intel(R) Core(TM) i5-6500 CPU @ 3.20GHz
Percentage of memory in use: 55%
Total physical RAM: 8155.09 MB
Available physical RAM: 3599.63 MB
Total Virtual: 9435.09 MB
Available Virtual: 2668.18 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:222.52 GB) (Free:79.43 GB) (Model: KINGSTON SUV400S37240G) NTFS
Drive d: () (Fixed) (Total:931.39 GB) (Free:337.4 GB) (Model: WDC WD10EZEX-00WN4A0) NTFS
\\?\Volume{dda794df-29ce-4260-955c-5d488ec41ee3}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.13 GB) NTFS
\\?\Volume{b390ac81-48ab-40dc-b785-5bc87a2d3889}\ () (Fixed) (Total:0.5 GB) (Free:0.07 GB) NTFS
\\?\Volume{0e88439b-e7a7-474c-b178-fade1ac6c8f1}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(C:\Program Files\Mozilla Firefox\firefox.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\BrowserPrivacyAndSecurity.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\AlwaysOnTop\PowerToys.AlwaysOnTop.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\Awake\PowerToys.Awake.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\ColorPicker\PowerToys.ColorPickerUI.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\FancyZones\PowerToys.FancyZones.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\KeyboardManager\KeyboardManagerEngine\PowerToys.KeyboardManagerEngine.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\launcher\PowerToys.PowerLauncher.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\PowerOCR\PowerToys.PowerOCR.exe
(explorer.exe ->) (1539F157-3B11-4C68-B0C7-6E8113B7B1BD -> ) C:\Program Files\WindowsApps\15191PeakPlayer.NeatOffice_3.4.11.0_x64__y5c4dfz5b21fm\FileWatcher\FileWatcher.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <13>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\efwd.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmd.inf_amd64_aa54f7a758543a0a\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2509.4.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\PowerToys.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (VS REVO GROUP OOD -> VS Revo Group Ltd.) C:\Program Files\VS Revo Group\Revo Uninstaller\RevoUninHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8811776 2016-05-05] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [196520 2024-10-30] (ESET, spol. s r.o. -> ESET)
HKU\S-1-5-21-2671679121-1364000227-736312402-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\PhotoScreensaver.scr [619520 2024-04-24] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2671679121-1364000227-736312402-1003\...\Run: [Spotify] => C:\Users\o\AppData\Roaming\Spotify\Spotify.exe [20475256 2023-04-21] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2671679121-1364000227-736312402-1003\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45452080 2025-02-18] (Gen Digital Inc. -> Gen Digital Inc.)
HKU\S-1-5-21-2671679121-1364000227-736312402-1003\...\Run: [eM Client] => C:\Program Files (x86)\eM Client\MailClient.exe [259912 2024-11-07] (eM Client s.r.o. -> eM Client s.r.o.)
HKU\S-1-5-21-2671679121-1364000227-736312402-1003\...\Run: [MicrosoftEdgeAutoLaunch_D00C0CEE96A4247AC77E9CCCCA600BF0] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4291144 2025-03-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2671679121-1364000227-736312402-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\PhotoScreensaver.scr [619520 2024-04-24] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP DeskJet 5820 series): C:\WINDOWS\system32\HPDiscoPMEE11.dll [807056 2016-08-04] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKLM\...\Print\Monitors\HP EE11 Status Monitor: C:\WINDOWS\system32\hpinkstsEE11LM.dll [383496 2015-08-31] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\134.0.6998.118\Installer\chrmstp.exe [2025-03-20] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [2018-08-06]
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe () [File not signed]
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {4D7CC2C5-2A19-4AD9-829C-FF33715DC1F5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2024-12-18] (Adobe Inc. -> Adobe Inc.)
Task: {F4FC5CE8-6F8D-4C06-B44C-4A41DAB6DF52} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [3480504 2025-02-18] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {58BE21AC-B925-4E5C-96D5-A6E1ED08A8F6} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [6139696 2025-02-18] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "e2cd71d7-1b0f-431f-9e15-b7e0ab2840d3" --version "6.33.0.11465" --silent
Task: {BDB3C620-56B7-4357-8C51-DC3F1A3DA378} - System32\Tasks\CCleanerSkipUAC - o => C:\Program Files\CCleaner\CCleaner.exe [39224624 2025-02-18] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {DCA244DE-D595-4A13-9AF9-6DBA80CD5FBF} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem135.0.7023.5{D5900B53-7F8C-4A5E-9474-02154D54DDB2} => C:\Program Files (x86)\Google\GoogleUpdater\135.0.7023.5\updater.exe [5745760 2025-03-03] (Google LLC -> Google LLC)
Task: {908F6C75-3F37-44AC-9B6F-7512DA2DE27E} - System32\Tasks\HPCustParticipation HP DeskJet 5820 series => C:\Program Files\HP\HP DeskJet 5820 series\Bin\HPCustPartic.exe [6104720 2016-08-04] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
Task: {CC3B15F9-3A5C-4A7C-9EE1-604E5BF343C3} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_fc84dfa25a6a7727\lib\IntelPTTEKRecertification.exe [855664 2023-12-14] (Intel Corporation -> Intel(R) Corporation)
Task: {8606ED69-96C9-4A95-A195-D6936EEE70AF} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [682560 2025-03-19] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {830EA260-1BCF-49A1-9BDA-06A7D5D261D1} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-2671679121-1364000227-736312402-1003 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [682560 2025-03-19] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {F892EB1D-E204-49A5-AE30-86EF7F19252F} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34880 2025-03-19] (Mozilla Corporation -> Mozilla Foundation)
Task: {266D3F8B-3DED-4418-B8B4-36E3CD64F4CB} - System32\Tasks\OneDrive Startup Task-S-1-5-21-2671679121-1364000227-736312402-1003 => C:\Users\o\AppData\Local\Microsoft\OneDrive\25.020.0202.0001\OneDriveLauncher.exe /startInstances (No File)
Task: {83A11FF9-2712-46E1-A4AD-8FBE7E89A8FA} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-2671679121-1364000227-736312402-1003 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\WINDOWS\System32\wpninprc.dll [24064 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {8D424971-306B-4B76-BB17-3B94343CA126} - System32\Tasks\PowerToys\Autorun for o => C:\Program Files\PowerToys\PowerToys.exe [1103296 2023-03-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {2DC9A022-4A35-4131-92FE-2DA98AB1AF8F} - System32\Tasks\VS Revo Group\RevoHelperFreeStartup => C:\Program Files\VS Revo Group\Revo Uninstaller\RevoUninHelper.exe [4053672 2024-12-10] (VS REVO GROUP OOD -> VS Revo Group Ltd.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{7ca960af-b27a-4434-a2b9-ddc5ddff558b}: [DhcpNameServer] 10.0.0.138
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\o\AppData\Local\Microsoft\Edge\User Data\Default [2025-03-23]
Edge Notifications: Default -> hxxps://www.eurosport.com; hxxps://www.facebook.com
Edge Extension: (Dokumenty Google offline) - C:\Users\o\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-03-03]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Edge relevant text changes) - C:\Users\o\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge HKLM-x32\...\Edge\Extension: [nkapkmklnmidbbgjaipbgpcnbomnaakc]
FireFox:
========
FF DefaultProfile: wztggr6w.default-1642687018808
FF ProfilePath: C:\Users\o\AppData\Roaming\Mozilla\Firefox\Profiles\wztggr6w.default-1642687018808 [2025-03-23]
FF Homepage: Mozilla\Firefox\Profiles\wztggr6w.default-1642687018808 -> hxxps://atlas.centrum.cz/?redirected=1533474501
FF Notifications: Mozilla\Firefox\Profiles\wztggr6w.default-1642687018808 -> hxxps://messages.google.com
FF Extension: (AdBlocker Ultimate) - C:\Users\o\AppData\Roaming\Mozilla\Firefox\Profiles\wztggr6w.default-1642687018808\Extensions\adblockultimate@adblockultimate.net.xpi [2025-02-15]
FF Extension: (ESET Browser Privacy & Security) - C:\Users\o\AppData\Roaming\Mozilla\Firefox\Profiles\wztggr6w.default-1642687018808\Extensions\browserextension@eset.com.xpi [2024-12-20]
FF Extension: (Forget Me Not - Forget cookies & other data) - C:\Users\o\AppData\Roaming\Mozilla\Firefox\Profiles\wztggr6w.default-1642687018808\Extensions\forget-me-not@lusito.info.xpi [2022-01-20]
FF Extension: (HTTPS Everywhere) - C:\Users\o\AppData\Roaming\Mozilla\Firefox\Profiles\wztggr6w.default-1642687018808\Extensions\https-everywhere@eff.org.xpi [2022-01-20]
FF Extension: (Privacy Badger) - C:\Users\o\AppData\Roaming\Mozilla\Firefox\Profiles\wztggr6w.default-1642687018808\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2025-03-12]
FF Extension: (JavaScript-Java Bridge) - C:\Users\o\AppData\Roaming\Mozilla\Firefox\Profiles\wztggr6w.default-1642687018808\Extensions\jsjbridge@advancedcontrols.com.au.xpi [2022-01-20]
FF Extension: (Firefox Relay) - C:\Users\o\AppData\Roaming\Mozilla\Firefox\Profiles\wztggr6w.default-1642687018808\Extensions\private-relay@firefox.com.xpi [2024-02-21]
FF Extension: (Video DownloadHelper) - C:\Users\o\AppData\Roaming\Mozilla\Firefox\Profiles\wztggr6w.default-1642687018808\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2025-02-01]
FF Extension: (No Name) - C:\Users\o\AppData\Roaming\Mozilla\Firefox\Profiles\wztggr6w.default-1642687018808\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2025-03-19]
FF Extension: (javascript) - C:\Users\o\AppData\Roaming\Mozilla\Firefox\Profiles\wztggr6w.default-1642687018808\Extensions\{d4bc778f-3a98-44f4-9b2e-45fab92a21db}.xpi [2023-03-01]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-03-13] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2025-03-23]
Chrome:
=======
CHR Profile: C:\Users\o\AppData\Local\Google\Chrome\User Data\Default [2025-03-23]
CHR Notifications: Default -> hxxps://club.autodoc.cz; hxxps://comment-reparer.com; hxxps://eurosport.pissedconsumer.com; hxxps://mail.google.com; hxxps://messages.google.com; hxxps://www.autodoc.cz; hxxps://www.eurosport.com; hxxps://www.global-sport.cz; hxxps://www.lavuelta.es; hxxps://www.megaknihy.cz; hxxps://www.nasejablonecko.cz; hxxps://www.semena-marihuany.cz
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\o\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-03-18]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Dokumenty Google offline) - C:\Users\o\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-02-27]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\o\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (ESET Browser Privacy & Security) - C:\Users\o\AppData\Local\Google\Chrome\User Data\Default\Extensions\oombnmpbbhbakfpfgdflaajkhicgfaam [2024-12-15]hxxps://clients2.google.com/service/update2/crx
CHR Profile: C:\Users\o\AppData\Local\Google\Chrome\User Data\System Profile [2024-11-09]
CHR HKU\S-1-5-21-2671679121-1364000227-736312402-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [oombnmpbbhbakfpfgdflaajkhicgfaam]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2024-12-18] (Adobe Inc. -> Adobe Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1088816 2025-02-18] (Gen Digital Inc. -> Gen Digital Inc.)
R2 dlpsrv; C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe [707864 2023-06-27] (ESET, spol. s r.o. -> ESET)
R2 efwd; C:\Program Files\ESET\ESET Security\efwd.exe [5563760 2024-10-30] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [4240120 2024-10-30] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [4240120 2024-10-30] (ESET, spol. s r.o. -> ESET)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [284808 2021-02-05] (HP Inc. -> HP Inc.)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmd.inf_amd64_aa54f7a758543a0a\Display.NvContainer\NVDisplay.Container.exe [1275024 2024-11-19] (NVIDIA Corporation -> NVIDIA Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe [473312 2017-03-20] (Wondershare Technology Co.,Ltd -> Wondershare)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R0 DLMFENC; C:\WINDOWS\System32\DRIVERS\DLMFENC.sys [242168 2023-06-27] (ESET, spol. s r.o. -> ESET, spol. s r.o.)
R0 DLPCRYPT; C:\WINDOWS\System32\DRIVERS\dlpcrypt.sys [121728 2023-06-27] (DESlock Limited -> DESlock Ltd.)
R0 dlpvdisk; C:\WINDOWS\System32\DRIVERS\dlpvdisk.sys [98296 2023-06-27] (DESlock Limited -> DESlock Ltd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [220520 2024-10-22] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [121864 2024-10-22] (Microsoft Windows Hardware Compatibility Publisher -> ESET)
R1 edevmonm; C:\WINDOWS\System32\DRIVERS\edevmonm.sys [124456 2024-10-22] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [16336 2022-08-23] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [268568 2024-10-22] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\System32\drivers\ekbdflt.sys [57872 2024-10-22] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [87784 2024-10-22] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [128552 2024-10-22] (ESET, spol. s r.o. -> ESET)
S3 leusbser; C:\WINDOWS\System32\drivers\leusbser.sys [238080 2015-04-14] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 qcusbwwan; C:\WINDOWS\System32\drivers\qcusbwwan.sys [557112 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
R3 RevoProcessDetector; C:\WINDOWS\System32\DRIVERS\RevoProcessDetector.sys [19504 2024-03-28] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
R2 shimano64; C:\WINDOWS\System32\shimano64.sys [14848 2022-12-04] (Microsoft Windows Hardware Compatibility Publisher -> )
R0 VDLPToken2; C:\WINDOWS\System32\DRIVERS\vdlptkn2.sys [135672 2023-06-27] (DESlock Limited -> DESlock Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
Error Reading file: "C:\ProgramData\Desktop\VLC media player.lnk"
Error Reading file: "C:\ProgramData\Desktop\UploaderForCiG.lnk"
Error Reading file: "C:\ProgramData\Desktop\Revo Uninstaller.lnk"
Error Reading file: "C:\ProgramData\Desktop\Pracujeme s pocitacem.pdf"
Error Reading file: "C:\ProgramData\Desktop\Picture Style Editor.lnk"
Error Reading file: "C:\ProgramData\Desktop\paint.net.lnk"
Error Reading file: "C:\ProgramData\Desktop\OpenOffice 4.1.5.lnk"
Error Reading file: "C:\ProgramData\Desktop\Microsoft Edge.lnk"
Error Reading file: "C:\ProgramData\Desktop\ImageBrowser EX.lnk"
Error Reading file: "C:\ProgramData\Desktop\HP Print and Scan Doctor.lnk"
Error Reading file: "C:\ProgramData\Desktop\HP Photo Creations.lnk"
Error Reading file: "C:\ProgramData\Desktop\HP DeskJet 5820 series.lnk"
Error Reading file: "C:\ProgramData\Desktop\Google Chrome.lnk"
Error Reading file: "C:\ProgramData\Desktop\Firefox.lnk"
Error Reading file: "C:\ProgramData\Desktop\ESET Zabezpečené bankovnictví a prohlížení webu.lnk"
Error Reading file: "C:\ProgramData\Desktop\EOS Utility.lnk"
Error Reading file: "C:\ProgramData\Desktop\Double Commander.lnk"
Error Reading file: "C:\ProgramData\Desktop\Digital Photo Professional.lnk"
Error Reading file: "C:\ProgramData\Desktop\desktop.ini"
Error Reading file: "C:\ProgramData\Desktop\CCleaner.lnk"
Error Reading file: "C:\ProgramData\Desktop\Adobe Acrobat.lnk"
2025-03-23 12:48 - 2025-03-23 12:48 - 000023169 _____ C:\Users\o\Downloads\FRST.txt
2025-03-23 12:46 - 2025-03-23 12:46 - 002404352 _____ (Farbar) C:\Users\o\Downloads\FRST64.exe
2025-03-19 07:30 - 2025-03-20 07:08 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-03-12 07:19 - 2025-03-12 07:19 - 000000000 ___HD C:\$WinREAgent
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-03-23 12:48 - 2019-01-15 16:30 - 000000000 ____D C:\FRST
2025-03-23 12:27 - 2022-02-08 16:23 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-03-23 12:26 - 2024-10-02 05:22 - 000000000 ____D C:\Users\o\AppData\Roaming\eM Client
2025-03-23 12:24 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-03-23 12:23 - 2018-08-05 09:15 - 000000000 _____ C:\WINDOWS\system32\Drivers\lvuvc.hs
2025-03-23 10:15 - 2020-07-29 17:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-03-23 08:12 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-03-23 08:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-03-23 07:49 - 2020-06-08 06:27 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-03-23 07:49 - 2020-06-08 06:27 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2025-03-23 07:48 - 2022-09-30 20:19 - 000003326 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2025-03-23 07:48 - 2022-09-30 20:19 - 000000670 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2025-03-23 07:46 - 2022-05-11 11:30 - 000713246 _____ C:\WINDOWS\system32\perfh005.dat
2025-03-23 07:46 - 2022-05-11 11:30 - 000143964 _____ C:\WINDOWS\system32\perfc005.dat
2025-03-23 07:46 - 2020-07-29 17:29 - 001683940 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-03-23 07:46 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2025-03-23 07:42 - 2023-03-08 13:34 - 000000000 ____D C:\WINDOWS\system32\Tasks\PowerToys
2025-03-23 07:42 - 2020-07-29 17:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-03-23 07:42 - 2020-07-29 17:25 - 000008192 ___SH C:\DumpStack.log.tmp
2025-03-23 07:42 - 2018-08-05 09:15 - 000000000 ____D C:\ProgramData\NVIDIA
2025-03-22 17:30 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2025-03-21 07:32 - 2024-02-29 08:01 - 000000000 ____D C:\Users\o\AppData\Local\CrashDumps
2025-03-21 07:31 - 2018-08-05 09:58 - 000000000 ____D C:\Users\o\AppData\Local\D3DSCache
2025-03-20 21:51 - 2021-12-17 07:38 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-03-20 21:51 - 2018-08-05 15:13 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-03-20 21:51 - 2018-08-05 15:13 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2025-03-20 15:41 - 2022-10-11 14:21 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2025-03-20 15:41 - 2022-10-11 14:21 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2025-03-20 15:41 - 2020-07-29 17:30 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2025-03-20 07:08 - 2018-08-05 14:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-03-19 07:34 - 2021-10-09 11:32 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2025-03-19 07:34 - 2018-08-05 14:06 - 000001073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-03-18 07:30 - 2021-12-14 07:41 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2671679121-1364000227-736312402-1003
2025-03-18 07:30 - 2020-07-29 17:30 - 000003370 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2671679121-1364000227-736312402-1003
2025-03-18 07:30 - 2020-07-29 12:54 - 000002365 _____ C:\Users\o\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-03-12 08:13 - 2022-05-05 05:59 - 000305408 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-03-12 08:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2025-03-12 08:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-03-12 07:55 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-03-10 13:00 - 2018-08-05 09:25 - 000000000 ____D C:\ProgramData\Packages
2025-03-10 13:00 - 2018-08-05 09:18 - 000000000 ____D C:\Users\o\AppData\Local\Packages
2025-03-10 12:55 - 2018-08-05 09:19 - 000000000 ____D C:\Users\o\AppData\Local\PlaceholderTileLogoFolder
2025-03-08 07:03 - 2020-07-29 17:30 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-03-08 07:03 - 2020-07-29 17:30 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-03-04 07:14 - 2025-02-18 13:37 - 000003562 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-2671679121-1364000227-736312402-1003
2025-03-03 07:40 - 2018-08-05 15:13 - 000000000 ____D C:\Program Files\CCleaner
2025-03-02 07:03 - 2020-07-29 17:30 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2025-02-26 08:35 - 2019-12-07 15:42 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2025-02-26 08:35 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-02-26 08:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-02-26 08:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-02-26 08:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-02-26 08:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-02-26 08:35 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2025-02-26 08:16 - 2020-07-29 17:28 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
==================== Files in the root of some directories ========
2022-10-04 06:54 - 2022-10-04 06:54 - 000003584 _____ () C:\Users\o\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2024-12-15 09:57 - 2024-12-15 09:57 - 000000877 _____ () C:\Users\o\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
=================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2671679121-1364000227-736312402-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2671679121-1364000227-736312402-503 - Limited - Disabled)
Guest (S-1-5-21-2671679121-1364000227-736312402-501 - Limited - Disabled)
o (S-1-5-21-2671679121-1364000227-736312402-1003 - Administrator - Enabled) => C:\Users\o
OEM (S-1-5-21-2671679121-1364000227-736312402-1001 - Administrator - Enabled) => C:\Users\OEM
WDAGUtilityAccount (S-1-5-21-2671679121-1364000227-736312402-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Security (Enabled - Up to date) {DF8BEACB-94C9-218A-73AD-A78362A8C516}
AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AV: ESET Security (Enabled - Up to date) {26E0861C-6FB9-CEF9-E4F0-531986211ACE}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}
FW: ESET Firewall (Enabled) {E7B06BEE-DEA6-20D2-58F2-0EB69C7B826D}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}
FW: ESET Firewall (Enabled) {1EDB0739-25D6-CFA1-CFAF-FA2C78F25DB5}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 25.001.20435 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601108}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Balíček ovladače systému Windows - SIGMA Elektro GmbH (usbser) Ports (02/20/2017 1.7.0000.0000) (HKLM\...\F11095F081576CA0F709F279E5FC84AC50628B78) (Version: 02/20/2017 1.7.0000.0000 - SIGMA Elektro GmbH)
Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.13.10.0 - Canon Inc.)
Canon Utilities EOS Sample Music (HKLM-x32\...\EOS Sample Music) (Version: 1.0.1.1 - Canon Inc.)
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.13.10.0 - Canon Inc.)
Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.5.2.8 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.13.10.0 - Canon Inc.)
Canon Utilities Uploader for CANON iMAGE GATEWAY (HKLM-x32\...\Uploader for CANON iMAGE GATEWAY Plugin) (Version: 10.0.1.2 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.33 - Piriform)
Double Commander (HKLM\...\Double Commander_is1) (Version: 1.1.22 - Alexander Koblov)
eM Client (HKLM-x32\...\{57DB06E1-8F88-4835-8DA4-3F07ED4C2BD9}) (Version: 10.1.4588.0 - eM Client s.r.o.)
ESET Premium Line Encryption (HKLM\...\{43C2B3A3-AAF7-401A-9049-5139EABE10F9}) (Version: 2.0.36.0 - ESET) Hidden
ESET Security (HKLM\...\{C26AA376-9D1B-4B7B-A1F0-DC41E8530176}) (Version: 18.0.12.0 - ESET, spol. s r.o.)
E-tube Project Normal V4 (HKLM-x32\...\{2F7F3743-DD5B-4C39-9686-2E82359D021A}) (Version: 4.0.4.11 - SHIMANO INC.) Hidden
E-tube Project Normal V4 (HKLM-x32\...\InstallShield_{2F7F3743-DD5B-4C39-9686-2E82359D021A}) (Version: 4.0.4.11 - SHIMANO INC.)
E-TUBE PROJECT Professional V5 (HKLM-x32\...\{A2566088-E4D7-4212-9030-838DED11FEEE}) (Version: 5.1.2.12 - SHIMANO INC.) Hidden
E-TUBE PROJECT Professional V5 (HKLM-x32\...\InstallShield_{A2566088-E4D7-4212-9030-838DED11FEEE}) (Version: 5.1.2.12 - SHIMANO INC.)
GIMP 2.10.18 (HKLM\...\GIMP-2_is1) (Version: 2.10.18 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 134.0.6998.118 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
HP DeskJet 5820 series Nápověda (HKLM-x32\...\{89D0B45E-D5AC-4B97-9C7D-6F0D2308A0CA}) (Version: 36.0.0 - HP)
HP Dropbox Plugin (HKLM-x32\...\{9FF252C8-B146-47A2-9336-3A1A83056F51}) (Version: 36.0.39.57346 - HP)
HP Google Drive Plugin (HKLM-x32\...\{BBF796CE-5068-47C7-8A6D-4120C0CE47E5}) (Version: 36.0.39.57346 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
Kontrola stavu osobního počítače s Windows (HKLM\...\{95548B78-8547-4E91-B0DA-1CBB82150917}) (Version: 3.7.2204.15001 - Microsoft Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{E496AFB7-CB04-46CF-8FBB-5D665BC8811B}) (Version: 3.3.2110.22002 - Microsoft Corporation)
LenovoUsbDriver 1.0.16 (HKLM-x32\...\LenovoUsbDriver) (Version: 1.0.16 - Lenovo)
Microsoft .NET Core Host - 3.1.32 (x64) (HKLM\...\{8A8E3A04-83BC-4CDE-9259-893B666C1AB1}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.32 (x64) (HKLM\...\{ABC6B3C2-1A8D-4C5E-AC16-C2AE44F02743}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.32 (x64) (HKLM\...\{A741B803-3F0E-4684-81EF-FC128D15A92C}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Host - 5.0.17 (x64) (HKLM\...\{E663ED1E-899C-40E8-91D0-8D37B95E3C69}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.36 (x64) (HKLM\...\{D6932D97-36F1-40B8-9CDC-CA8365B21000}) (Version: 48.144.23141 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.17 (x64) (HKLM\...\{8BA25391-0BE6-443A-8EBF-86A29BAFC479}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.36 (x64) (HKLM\...\{A9E32B25-994B-4856-A12B-0EBED3050410}) (Version: 48.144.23141 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM\...\{5A66E598-37BD-4C8A-A7CB-A71C32ABCD78}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.36 (x64) (HKLM\...\{C912E33F-956A-4921-9F55-CC11AE8F09AF}) (Version: 48.144.23141 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 134.0.3124.83 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 134.0.3124.72 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-2671679121-1364000227-736312402-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2671679121-1364000227-736312402-1003\...\OneDriveSetup.exe) (Version: 25.031.0217.0003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24212 (HKLM-x32\...\{844ECB74-9B63-3D5C-958C-30BD23F19EE4}) (Version: 14.0.24212 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24212 (HKLM-x32\...\{37B55901-995A-3650-80B1-BBFD047E2911}) (Version: 14.0.24212 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31326 (HKLM-x32\...\{2d507699-404c-4c8b-a54a-38e352f32cdd}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31326 (HKLM\...\{38624EB5-356D-4B08-8357-C33D89A5C0C5}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31326 (HKLM\...\{C96241EA-9900-4FE8-85B3-1E238D509DF6}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.32 (x64) (HKLM\...\{5BEE5F3E-4D78-4DE8-A8F3-36D3E9D8868C}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.32 (x64) (HKLM-x32\...\{0eddeab6-01c1-4cf7-83ba-164ea8974c90}) (Version: 3.1.32.31915 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.17 (x64) (HKLM\...\{3C31CBA1-A0D9-4B95-A807-AD2313D12F47}) (Version: 40.68.31219 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.17 (x64) (HKLM-x32\...\{20d5df4e-006c-4d6d-a0dc-490d009b9786}) (Version: 5.0.17.31219 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.36 (x64) (HKLM\...\{61D4736B-3325-4D4A-BD41-8BD206C6A86E}) (Version: 48.144.23186 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.36 (x64) (HKLM-x32\...\{0532b8f2-12d7-43de-95fc-7b87006758a8}) (Version: 6.0.36.34217 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 136.0.2 (x64 cs)) (Version: 136.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 128.1.1 - Mozilla)
NVIDIA Ovladače grafiky 560.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 560.94 - NVIDIA Corporation)
OpenOffice 4.1.5 (HKLM-x32\...\{2FEA9841-64DE-4FA5-A36F-1CD23E2790EB}) (Version: 4.15.9789 - Apache Software Foundation)
paint.net (HKLM\...\{019781E7-35CF-47A0-BD56-B1099A3E92EF}) (Version: 5.0.11 - dotPDN LLC)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.23214 - Microsoft Corporation)
Pomocník s instalací Windows 11 (HKLM-x32\...\{115DF11E-4B4C-4EA9-9A79-00DB0C7EF02D}) (Version: 1.4.19041.5003 - Microsoft Corporation)
PowerToys (Preview) (HKLM\...\{7F0C3584-ED21-4282-9931-50D173C2CCE5}) (Version: 0.68.1 - Microsoft Corporation) Hidden
PowerToys (Preview) x64 (HKLM-x32\...\{51efee50-0959-4cb6-8958-e1c1ba33fbdf}) (Version: 0.68.1 - Microsoft Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7811 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.5.7 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.5.7 - VS Revo Group, Ltd.)
Sigma Data Center 5.6 (HKLM-x32\...\Sigma Data Center5.6) (Version: 5.6 - Sigma Elektro GmbH)
Sigma Data Center 5.7 (HKLM-x32\...\Sigma Data Center5.7) (Version: 5.7 - Sigma Elektro GmbH)
Sigma Data Center 5.8 (HKLM-x32\...\Sigma Data Center5.8) (Version: 5.8 - Sigma Elektro GmbH)
Spotify (HKU\S-1-5-21-2671679121-1364000227-736312402-1003\...\Spotify) (Version: 1.2.9.743.g85d9593d - Spotify AB)
Studie vylepšování produktu HP DeskJet 5820 series (HKLM\...\{CAE450AC-801B-44FC-A200-0244F6AD5479}) (Version: 36.1.108.65692 - Hewlett-Packard Co.)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Základní software zařízení HP DeskJet 5820 series (HKLM\...\{322E6CCD-0436-478E-A61B-EB11869234C3}) (Version: 36.1.108.65692 - Hewlett-Packard Co.)
Chrome apps:
============
Google Drive (HKU\S-1-5-21-2671679121-1364000227-736312402-1003\...\749a381c7a98f1bb8bca8312078d93d6) (Version: 1.0 - Google\Chrome)
Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-12-12] ()
Adobe Photoshop Express -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobePhotoshopExpress_3.16.0.0_x64__ynb6jyjzte8ga [2025-03-21] (Adobe Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_9.9.1.0_x64__kgqvnymyfvs32 [2025-03-06] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2982.2.0_x64__kgqvnymyfvs32 [2025-03-23] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.288.300.0_x64__kgqvnymyfvs32 [2025-03-07] (king.com)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-06-12] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2023-06-12] (Microsoft Corporation)
Dragon Mania Legends -> C:\Program Files\WindowsApps\A278AB0D.DragonManiaLegends_8.4.202.0_x64__h6adky7gbf63m [2025-02-23] (Gameloft SE)
Hidden City: Hidden Object Adventure -> C:\Program Files\WindowsApps\828B5831.HiddenCityMysteryofShadows_1.81.8100.0_x64__ytsefhwckbdv6 [2025-03-19] (G5 Entertainment AB)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2023-06-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2023-06-12] (Microsoft Corporation) [MS Ad]
MyWhoosh HD -> C:\Program Files\WindowsApps\MyWhooshTechnologyService.MyWhoosh_4.0.1.0_x64__eps1123pz0kt0 [2025-03-22] (My Whoosh Technology Services L.L.C)
Neat Office -> C:\Program Files\WindowsApps\15191PeakPlayer.NeatOffice_3.4.11.0_x64__y5c4dfz5b21fm [2025-03-01] (Any DVD & Office App) [Startup Task]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.967.0_x64__56jybvy8sckqj [2024-12-25] (NVIDIA Corp.)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2509.4.0_x64__cv1g1gvanyjgm [2025-03-06] (WhatsApp Inc.) [Startup Task]
Windows App Runtime DDLM 3.469.1654.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.3.469.1654.0-x6_3.469.1654.0_x64__8wekyb3d8bbwe [2023-06-12] (Microsoft Corporation)
Windows App Runtime DDLM 3.469.1654.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.3.469.1654.0-x8_3.469.1654.0_x86__8wekyb3d8bbwe [2023-06-12] (Microsoft Corporation)
WindowsAppRuntime.Main.1.0 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WindowsAppRuntime.Main.1.0_4.528.1755.0_x64__8wekyb3d8bbwe [2023-06-12] (Microsoft Corp.)
WindowsAppRuntime.Singleton -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.Singleton_3.469.1654.0_x64__8wekyb3d8bbwe [2023-06-12] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2671679121-1364000227-736312402-1003_Classes\CLSID\{10144713-1526-46C9-88DA-1FB52807A9FF}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.SvgThumbnailProviderCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2671679121-1364000227-736312402-1003_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-2671679121-1364000227-736312402-1003_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-2671679121-1364000227-736312402-1003_Classes\CLSID\{3f5d0051-61b8-0f45-6166-996cfb4f914f}\localserver32 -> C:\Program Files\PowerToys\modules\launcher\PowerToys.PowerLauncher.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2671679121-1364000227-736312402-1003_Classes\CLSID\{60789D87-9C3C-44AF-B18C-3DE2C2820ED3}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.MarkdownPreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2671679121-1364000227-736312402-1003_Classes\CLSID\{77257004-6F25-4521-B602-50ECC6EC62A6}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.StlThumbnailProviderCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2671679121-1364000227-736312402-1003_Classes\CLSID\{9486aaf1-0930-362a-962d-8e6908739c817}\InprocServer32 -> 0xDBF08D9C069DD901DBF08D9C069DD901010000000300000000000000 => No File
CustomCLSID: HKU\S-1-5-21-2671679121-1364000227-736312402-1003_Classes\CLSID\{A0257634-8812-4CE8-AF11-FA69ACAEAFAE}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.GcodePreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2671679121-1364000227-736312402-1003_Classes\CLSID\{D8034CFA-F34B-41FE-AD45-62FCBB52A6DA}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.MonacoPreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2671679121-1364000227-736312402-1003_Classes\CLSID\{dd5cacda-7c2e-4997-a62a-04a597b58f76}\localserver32 -> C:\Program Files\PowerToys\modules\launcher\PowerToys.PowerLauncher.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2671679121-1364000227-736312402-1003_Classes\CLSID\{F2847CBE-CD03-4C83-A359-1A8052C1B9D5}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.GcodeThumbnailProviderCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2671679121-1364000227-736312402-1003_Classes\CLSID\{FCDD4EED-41AA-492F-8A84-31A1546226E0}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.SvgPreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ESD Shell Icon Overlay Identifier] -> {AF106685-9C86-48AF-8524-8F485C459E17} => C:\Program Files\ESET\ESET Secure Data\esdovrly.dll [2023-06-27] (DESlock Limited -> DESlock Limited)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-10-30] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-10-30] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [FileLocksmithExt] -> {84D68575-E186-46AD-B0CB-BAEB45EE29C0} => C:\Program Files\PowerToys\modules\FileLocksmith\PowerToys.FileLocksmithExt.dll [2023-03-06] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [FileLocksmithExt] -> {84D68575-E186-46AD-B0CB-BAEB45EE29C0} => C:\Program Files\PowerToys\modules\FileLocksmith\PowerToys.FileLocksmithExt.dll [2023-03-06] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [PowerRenameExt] -> {0440049F-D1DC-4E46-B27B-98393D79486B} => C:\Program Files\PowerToys\modules\PowerRename\PowerToys.PowerRenameExt.dll [2023-03-06] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmd.inf_amd64_aa54f7a758543a0a\nvshext.dll [2024-11-19] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-10-30] (ESET, spol. s r.o. -> ESET)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.i420] => C:\WINDOWS\system32\lvcod64.dll [475672 2008-07-26] (Logitech Inc -> Logitech Inc.)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [416280 2008-07-26] (Logitech Inc -> Logitech Inc.)
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-03-03 15:22 - 2015-02-27 10:35 - 000489984 _____ (Newtonsoft) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\Newtonsoft.Json.dll
2020-03-03 15:22 - 2017-03-20 16:13 - 000087552 _____ (Wondershare) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppCollect.dll
2020-03-03 15:22 - 2017-03-20 16:13 - 000197632 _____ (Wondershare) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppCommon.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-2671679121-1364000227-736312402-1003\Software\Classes\regfile: <==== ATTENTION
HKU\S-1-5-21-2671679121-1364000227-736312402-1003\Software\Classes\.reg: => <==== ATTENTION
HKU\S-1-5-21-2671679121-1364000227-736312402-1003\Software\Classes\.bat: => <==== ATTENTION
HKU\S-1-5-21-2671679121-1364000227-736312402-1003\Software\Classes\.cmd: => <==== ATTENTION
==================== Internet Explorer (Whitelisted) =============
SearchScopes: HKU\S-1-5-21-2671679121-1364000227-736312402-1003 -> {96F7DBBC-8149-4334-AC47-E15E9020321E} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-08-05 10:09 - 2018-08-05 10:08 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2671679121-1364000227-736312402-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\OEM\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\Tatra podzim 2017 192 (4).JPG
HKU\S-1-5-21-2671679121-1364000227-736312402-1003\Control Panel\Desktop\\Wallpaper -> c:\users\o\appdata\local\packages\microsoft.windows.photos_8wekyb3d8bbwe\localstate\photosappbackground\img_20241017_092312.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: Realtek PCIe GBE Family Controller -> rt640x64.sys
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "ImageBrowser EX Agent.lnk"
HKU\S-1-5-21-2671679121-1364000227-736312402-1003\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2671679121-1364000227-736312402-1003\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2671679121-1364000227-736312402-1003\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{D6FE37A1-1D14-4D1D-984E-5E79C2C55BD1}] => (Block) C:\users\o\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{66DBF78D-7F33-413B-A784-8BB554FFBD06}] => (Block) C:\users\o\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{E3972142-1428-4B40-93A7-479B4EA9CF3D}C:\users\o\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\o\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{60B11243-D286-4A87-A86D-2B083836908E}C:\users\o\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\o\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{39E9C860-4CC5-48E0-BA99-079BCDC6F42A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4E58E12F-0CA7-442C-9A8F-04BBCA046A13}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{74EF2E72-8999-4C9D-B3C9-45C71A20E2AB}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Gen Digital Inc. -> Gen Digital Inc.)
FirewallRules: [{8AD5C1B0-4316-4CFE-A003-4C9099F9D275}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Gen Digital Inc. -> Gen Digital Inc.)
FirewallRules: [{27D8CC21-59B4-4206-8E71-4D7D04B68A9A}] => (Allow) C:\Program Files\HP\HP DeskJet 5820 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{85CDAB00-8A8C-4601-92E8-737E46FD87CE}] => (Allow) LPort=5357
FirewallRules: [{E284F53D-7B83-4FC4-96C3-B1D53163CE89}] => (Allow) C:\Program Files\HP\HP DeskJet 5820 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{A2492D2F-CAD6-42FB-B6BE-F1E0F5213805}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{973784AC-3C10-4CC2-A6EC-14618B4E8884}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{20659D71-2ED4-4A69-B291-AE289623B913}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{042D4FB7-32E2-4C3B-BC9B-3FDE7EF07EED}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{8E423AD2-509D-402C-B180-1F6EAF3BF7DE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{ED181480-39C5-40DD-BEEC-21E3B135F706}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{AC70D577-A9F8-4065-9208-78C8531EA168}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{428D4519-758F-430B-BFDB-76D3DA169E42}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{94D30273-EE3D-4474-B927-A6C6CBF3F9C0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{03F11D38-2F5A-4286-B8C3-500386FD3219}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{E88FC328-2386-4CA7-953D-1465185B4327}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{642A033F-7F45-4902-AFA2-C135FFABE257}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{6503B5CD-0E9F-4321-BA30-FAB82F11F850}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\134.0.3124.72\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8AB44E49-9FA3-4B73-91E2-523B164A5BC1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{A5408503-D489-4A18-B959-E864252B5BCB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3209.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A89B24FD-32EC-44CA-9ADE-9124A42CEB06}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3209.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1C26CE84-B060-424F-BA00-CE593B605066}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3209.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6E5FDF43-89C2-4930-9D3A-4C7B55AD189E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3209.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
26-02-2025 08:10:55 Instalační služba modulů systému Windows
11-03-2025 13:14:41 Naplánovaný kontrolní bod
12-03-2025 07:48:13 Instalační služba modulů systému Windows
21-03-2025 08:01:30 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
Name: Standardní klávesnice PS/2
Description: Standardní klávesnice PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní klávesnice)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Myš Microsoft PS/2
Description: Myš Microsoft PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: ========================
Application errors:
==================
Error: (03/22/2025 05:24:11 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002
Error: (03/22/2025 05:24:11 PM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002
Error: (03/22/2025 05:24:11 PM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003
Error: (03/21/2025 05:07:56 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002
Error: (03/21/2025 05:07:56 PM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002
Error: (03/21/2025 05:07:56 PM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003
Error: (03/21/2025 08:01:11 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (03/21/2025 07:31:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GameBar.exe, verze: 7.225.2131.0, časové razítko: 0x67ae29f1
Název chybujícího modulu: GameBar.exe, verze: 7.225.2131.0, časové razítko: 0x67ae29f1
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000408b6
ID chybujícího procesu: 0x24f8
Čas spuštění chybující aplikace: 0x01db9a2af187ee01
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_7.225.2131.0_x64__8wekyb3d8bbwe\GameBar.exe
Cesta k chybujícímu modulu: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_7.225.2131.0_x64__8wekyb3d8bbwe\GameBar.exe
ID zprávy: d4737338-4916-40e8-90e2-1c6aa517c138
Úplný název chybujícího balíčku: Microsoft.XboxGamingOverlay_7.225.2131.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App
System errors:
=============
Error: (03/23/2025 07:47:43 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931
Error: (03/23/2025 07:44:49 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Zprostředkovatel monitorování Ochrany System Guard v režimu runtime byla ukončena s následující chybou:
%%3489660935
Error: (03/23/2025 07:44:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Google Update (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (03/23/2025 07:44:48 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Google Update (gupdate) bylo dosaženo časového limitu (30000 ms).
Error: (03/23/2025 07:42:48 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_6bdd6 byla ukončena s následující chybou:
Zařízení není připraveno.
Error: (03/22/2025 07:27:05 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931
Error: (03/22/2025 07:24:11 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Zprostředkovatel monitorování Ochrany System Guard v režimu runtime byla ukončena s následující chybou:
%%3489660935
Error: (03/22/2025 07:24:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Google Update (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Windows Defender:
================
Date: 2020-12-06 10:14:56
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {388A04F6-1781-437E-BCC1-6D9A722BF871}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-12-06 07:18:31
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5D7C26DB-716E-4592-94E5-50101B0BED4E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-12-04 15:14:05
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {BAA004E1-8477-4695-9CB6-DF8FDCA4F1B7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-12-04 12:35:34
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {76996594-6B4E-4B25-8E9B-C101E076753D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-12-04 10:14:07
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {C01D6D25-4571-4111-BFD6-03BAA402C7CE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
CodeIntegrity:
===============
Date: 2025-03-23 12:24:26
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. C.70 05/23/2016
Motherboard: MSI B150 PC MATE (MS-7971)
Processor: Intel(R) Core(TM) i5-6500 CPU @ 3.20GHz
Percentage of memory in use: 55%
Total physical RAM: 8155.09 MB
Available physical RAM: 3599.63 MB
Total Virtual: 9435.09 MB
Available Virtual: 2668.18 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:222.52 GB) (Free:79.43 GB) (Model: KINGSTON SUV400S37240G) NTFS
Drive d: () (Fixed) (Total:931.39 GB) (Free:337.4 GB) (Model: WDC WD10EZEX-00WN4A0) NTFS
\\?\Volume{dda794df-29ce-4260-955c-5d488ec41ee3}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.13 GB) NTFS
\\?\Volume{b390ac81-48ab-40dc-b785-5bc87a2d3889}\ () (Fixed) (Total:0.5 GB) (Free:0.07 GB) NTFS
\\?\Volume{0e88439b-e7a7-474c-b178-fade1ac6c8f1}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =========================================== End of FRST.txt ========================
FirewallRules: [{D6FE37A1-1D14-4D1D-984E-5E79C2C55BD1}] => (Block) C:\users\o\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{66DBF78D-7F33-413B-A784-8BB554FFBD06}] => (Block) C:\users\o\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{E3972142-1428-4B40-93A7-479B4EA9CF3D}C:\users\o\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\o\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{60B11243-D286-4A87-A86D-2B083836908E}C:\users\o\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\o\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{39E9C860-4CC5-48E0-BA99-079BCDC6F42A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4E58E12F-0CA7-442C-9A8F-04BBCA046A13}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{74EF2E72-8999-4C9D-B3C9-45C71A20E2AB}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Gen Digital Inc. -> Gen Digital Inc.)
FirewallRules: [{8AD5C1B0-4316-4CFE-A003-4C9099F9D275}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Gen Digital Inc. -> Gen Digital Inc.)
FirewallRules: [{27D8CC21-59B4-4206-8E71-4D7D04B68A9A}] => (Allow) C:\Program Files\HP\HP DeskJet 5820 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{85CDAB00-8A8C-4601-92E8-737E46FD87CE}] => (Allow) LPort=5357
FirewallRules: [{E284F53D-7B83-4FC4-96C3-B1D53163CE89}] => (Allow) C:\Program Files\HP\HP DeskJet 5820 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{A2492D2F-CAD6-42FB-B6BE-F1E0F5213805}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{973784AC-3C10-4CC2-A6EC-14618B4E8884}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{20659D71-2ED4-4A69-B291-AE289623B913}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{042D4FB7-32E2-4C3B-BC9B-3FDE7EF07EED}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{8E423AD2-509D-402C-B180-1F6EAF3BF7DE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{ED181480-39C5-40DD-BEEC-21E3B135F706}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{AC70D577-A9F8-4065-9208-78C8531EA168}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{428D4519-758F-430B-BFDB-76D3DA169E42}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{94D30273-EE3D-4474-B927-A6C6CBF3F9C0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{03F11D38-2F5A-4286-B8C3-500386FD3219}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{E88FC328-2386-4CA7-953D-1465185B4327}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{642A033F-7F45-4902-AFA2-C135FFABE257}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{6503B5CD-0E9F-4321-BA30-FAB82F11F850}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\134.0.3124.72\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8AB44E49-9FA3-4B73-91E2-523B164A5BC1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{A5408503-D489-4A18-B959-E864252B5BCB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3209.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A89B24FD-32EC-44CA-9ADE-9124A42CEB06}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3209.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1C26CE84-B060-424F-BA00-CE593B605066}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3209.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6E5FDF43-89C2-4930-9D3A-4C7B55AD189E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3209.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
26-02-2025 08:10:55 Instalační služba modulů systému Windows
11-03-2025 13:14:41 Naplánovaný kontrolní bod
12-03-2025 07:48:13 Instalační služba modulů systému Windows
21-03-2025 08:01:30 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
Name: Standardní klávesnice PS/2
Description: Standardní klávesnice PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní klávesnice)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Myš Microsoft PS/2
Description: Myš Microsoft PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: ========================
Application errors:
==================
Error: (03/22/2025 05:24:11 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002
Error: (03/22/2025 05:24:11 PM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002
Error: (03/22/2025 05:24:11 PM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003
Error: (03/21/2025 05:07:56 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002
Error: (03/21/2025 05:07:56 PM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002
Error: (03/21/2025 05:07:56 PM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003
Error: (03/21/2025 08:01:11 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (03/21/2025 07:31:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GameBar.exe, verze: 7.225.2131.0, časové razítko: 0x67ae29f1
Název chybujícího modulu: GameBar.exe, verze: 7.225.2131.0, časové razítko: 0x67ae29f1
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000408b6
ID chybujícího procesu: 0x24f8
Čas spuštění chybující aplikace: 0x01db9a2af187ee01
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_7.225.2131.0_x64__8wekyb3d8bbwe\GameBar.exe
Cesta k chybujícímu modulu: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_7.225.2131.0_x64__8wekyb3d8bbwe\GameBar.exe
ID zprávy: d4737338-4916-40e8-90e2-1c6aa517c138
Úplný název chybujícího balíčku: Microsoft.XboxGamingOverlay_7.225.2131.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App
System errors:
=============
Error: (03/23/2025 07:47:43 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931
Error: (03/23/2025 07:44:49 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Zprostředkovatel monitorování Ochrany System Guard v režimu runtime byla ukončena s následující chybou:
%%3489660935
Error: (03/23/2025 07:44:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Google Update (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (03/23/2025 07:44:48 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Google Update (gupdate) bylo dosaženo časového limitu (30000 ms).
Error: (03/23/2025 07:42:48 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_6bdd6 byla ukončena s následující chybou:
Zařízení není připraveno.
Error: (03/22/2025 07:27:05 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931
Error: (03/22/2025 07:24:11 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Zprostředkovatel monitorování Ochrany System Guard v režimu runtime byla ukončena s následující chybou:
%%3489660935
Error: (03/22/2025 07:24:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Google Update (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Windows Defender:
================
Date: 2020-12-06 10:14:56
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {388A04F6-1781-437E-BCC1-6D9A722BF871}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-12-06 07:18:31
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5D7C26DB-716E-4592-94E5-50101B0BED4E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-12-04 15:14:05
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {BAA004E1-8477-4695-9CB6-DF8FDCA4F1B7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-12-04 12:35:34
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {76996594-6B4E-4B25-8E9B-C101E076753D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-12-04 10:14:07
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {C01D6D25-4571-4111-BFD6-03BAA402C7CE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
CodeIntegrity:
===============
Date: 2025-03-23 12:24:26
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. C.70 05/23/2016
Motherboard: MSI B150 PC MATE (MS-7971)
Processor: Intel(R) Core(TM) i5-6500 CPU @ 3.20GHz
Percentage of memory in use: 55%
Total physical RAM: 8155.09 MB
Available physical RAM: 3599.63 MB
Total Virtual: 9435.09 MB
Available Virtual: 2668.18 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:222.52 GB) (Free:79.43 GB) (Model: KINGSTON SUV400S37240G) NTFS
Drive d: () (Fixed) (Total:931.39 GB) (Free:337.4 GB) (Model: WDC WD10EZEX-00WN4A0) NTFS
\\?\Volume{dda794df-29ce-4260-955c-5d488ec41ee3}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.13 GB) NTFS
\\?\Volume{b390ac81-48ab-40dc-b785-5bc87a2d3889}\ () (Fixed) (Total:0.5 GB) (Free:0.07 GB) NTFS
\\?\Volume{0e88439b-e7a7-474c-b178-fade1ac6c8f1}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(C:\Program Files\Mozilla Firefox\firefox.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\BrowserPrivacyAndSecurity.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\AlwaysOnTop\PowerToys.AlwaysOnTop.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\Awake\PowerToys.Awake.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\ColorPicker\PowerToys.ColorPickerUI.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\FancyZones\PowerToys.FancyZones.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\KeyboardManager\KeyboardManagerEngine\PowerToys.KeyboardManagerEngine.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\launcher\PowerToys.PowerLauncher.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\PowerOCR\PowerToys.PowerOCR.exe
(explorer.exe ->) (1539F157-3B11-4C68-B0C7-6E8113B7B1BD -> ) C:\Program Files\WindowsApps\15191PeakPlayer.NeatOffice_3.4.11.0_x64__y5c4dfz5b21fm\FileWatcher\FileWatcher.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <13>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\efwd.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmd.inf_amd64_aa54f7a758543a0a\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2509.4.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\PowerToys.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (VS REVO GROUP OOD -> VS Revo Group Ltd.) C:\Program Files\VS Revo Group\Revo Uninstaller\RevoUninHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8811776 2016-05-05] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [196520 2024-10-30] (ESET, spol. s r.o. -> ESET)
HKU\S-1-5-21-2671679121-1364000227-736312402-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\PhotoScreensaver.scr [619520 2024-04-24] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2671679121-1364000227-736312402-1003\...\Run: [Spotify] => C:\Users\o\AppData\Roaming\Spotify\Spotify.exe [20475256 2023-04-21] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2671679121-1364000227-736312402-1003\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45452080 2025-02-18] (Gen Digital Inc. -> Gen Digital Inc.)
HKU\S-1-5-21-2671679121-1364000227-736312402-1003\...\Run: [eM Client] => C:\Program Files (x86)\eM Client\MailClient.exe [259912 2024-11-07] (eM Client s.r.o. -> eM Client s.r.o.)
HKU\S-1-5-21-2671679121-1364000227-736312402-1003\...\Run: [MicrosoftEdgeAutoLaunch_D00C0CEE96A4247AC77E9CCCCA600BF0] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4291144 2025-03-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2671679121-1364000227-736312402-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\PhotoScreensaver.scr [619520 2024-04-24] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP DeskJet 5820 series): C:\WINDOWS\system32\HPDiscoPMEE11.dll [807056 2016-08-04] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKLM\...\Print\Monitors\HP EE11 Status Monitor: C:\WINDOWS\system32\hpinkstsEE11LM.dll [383496 2015-08-31] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\134.0.6998.118\Installer\chrmstp.exe [2025-03-20] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [2018-08-06]
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe () [File not signed]
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {4D7CC2C5-2A19-4AD9-829C-FF33715DC1F5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2024-12-18] (Adobe Inc. -> Adobe Inc.)
Task: {F4FC5CE8-6F8D-4C06-B44C-4A41DAB6DF52} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [3480504 2025-02-18] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {58BE21AC-B925-4E5C-96D5-A6E1ED08A8F6} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [6139696 2025-02-18] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "e2cd71d7-1b0f-431f-9e15-b7e0ab2840d3" --version "6.33.0.11465" --silent
Task: {BDB3C620-56B7-4357-8C51-DC3F1A3DA378} - System32\Tasks\CCleanerSkipUAC - o => C:\Program Files\CCleaner\CCleaner.exe [39224624 2025-02-18] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {DCA244DE-D595-4A13-9AF9-6DBA80CD5FBF} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem135.0.7023.5{D5900B53-7F8C-4A5E-9474-02154D54DDB2} => C:\Program Files (x86)\Google\GoogleUpdater\135.0.7023.5\updater.exe [5745760 2025-03-03] (Google LLC -> Google LLC)
Task: {908F6C75-3F37-44AC-9B6F-7512DA2DE27E} - System32\Tasks\HPCustParticipation HP DeskJet 5820 series => C:\Program Files\HP\HP DeskJet 5820 series\Bin\HPCustPartic.exe [6104720 2016-08-04] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
Task: {CC3B15F9-3A5C-4A7C-9EE1-604E5BF343C3} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_fc84dfa25a6a7727\lib\IntelPTTEKRecertification.exe [855664 2023-12-14] (Intel Corporation -> Intel(R) Corporation)
Task: {8606ED69-96C9-4A95-A195-D6936EEE70AF} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [682560 2025-03-19] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {830EA260-1BCF-49A1-9BDA-06A7D5D261D1} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-2671679121-1364000227-736312402-1003 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [682560 2025-03-19] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {F892EB1D-E204-49A5-AE30-86EF7F19252F} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34880 2025-03-19] (Mozilla Corporation -> Mozilla Foundation)
Task: {266D3F8B-3DED-4418-B8B4-36E3CD64F4CB} - System32\Tasks\OneDrive Startup Task-S-1-5-21-2671679121-1364000227-736312402-1003 => C:\Users\o\AppData\Local\Microsoft\OneDrive\25.020.0202.0001\OneDriveLauncher.exe /startInstances (No File)
Task: {83A11FF9-2712-46E1-A4AD-8FBE7E89A8FA} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-2671679121-1364000227-736312402-1003 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\WINDOWS\System32\wpninprc.dll [24064 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {8D424971-306B-4B76-BB17-3B94343CA126} - System32\Tasks\PowerToys\Autorun for o => C:\Program Files\PowerToys\PowerToys.exe [1103296 2023-03-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {2DC9A022-4A35-4131-92FE-2DA98AB1AF8F} - System32\Tasks\VS Revo Group\RevoHelperFreeStartup => C:\Program Files\VS Revo Group\Revo Uninstaller\RevoUninHelper.exe [4053672 2024-12-10] (VS REVO GROUP OOD -> VS Revo Group Ltd.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{7ca960af-b27a-4434-a2b9-ddc5ddff558b}: [DhcpNameServer] 10.0.0.138
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\o\AppData\Local\Microsoft\Edge\User Data\Default [2025-03-23]
Edge Notifications: Default -> hxxps://www.eurosport.com; hxxps://www.facebook.com
Edge Extension: (Dokumenty Google offline) - C:\Users\o\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-03-03]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Edge relevant text changes) - C:\Users\o\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge HKLM-x32\...\Edge\Extension: [nkapkmklnmidbbgjaipbgpcnbomnaakc]
FireFox:
========
FF DefaultProfile: wztggr6w.default-1642687018808
FF ProfilePath: C:\Users\o\AppData\Roaming\Mozilla\Firefox\Profiles\wztggr6w.default-1642687018808 [2025-03-23]
FF Homepage: Mozilla\Firefox\Profiles\wztggr6w.default-1642687018808 -> hxxps://atlas.centrum.cz/?redirected=1533474501
FF Notifications: Mozilla\Firefox\Profiles\wztggr6w.default-1642687018808 -> hxxps://messages.google.com
FF Extension: (AdBlocker Ultimate) - C:\Users\o\AppData\Roaming\Mozilla\Firefox\Profiles\wztggr6w.default-1642687018808\Extensions\adblockultimate@adblockultimate.net.xpi [2025-02-15]
FF Extension: (ESET Browser Privacy & Security) - C:\Users\o\AppData\Roaming\Mozilla\Firefox\Profiles\wztggr6w.default-1642687018808\Extensions\browserextension@eset.com.xpi [2024-12-20]
FF Extension: (Forget Me Not - Forget cookies & other data) - C:\Users\o\AppData\Roaming\Mozilla\Firefox\Profiles\wztggr6w.default-1642687018808\Extensions\forget-me-not@lusito.info.xpi [2022-01-20]
FF Extension: (HTTPS Everywhere) - C:\Users\o\AppData\Roaming\Mozilla\Firefox\Profiles\wztggr6w.default-1642687018808\Extensions\https-everywhere@eff.org.xpi [2022-01-20]
FF Extension: (Privacy Badger) - C:\Users\o\AppData\Roaming\Mozilla\Firefox\Profiles\wztggr6w.default-1642687018808\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2025-03-12]
FF Extension: (JavaScript-Java Bridge) - C:\Users\o\AppData\Roaming\Mozilla\Firefox\Profiles\wztggr6w.default-1642687018808\Extensions\jsjbridge@advancedcontrols.com.au.xpi [2022-01-20]
FF Extension: (Firefox Relay) - C:\Users\o\AppData\Roaming\Mozilla\Firefox\Profiles\wztggr6w.default-1642687018808\Extensions\private-relay@firefox.com.xpi [2024-02-21]
FF Extension: (Video DownloadHelper) - C:\Users\o\AppData\Roaming\Mozilla\Firefox\Profiles\wztggr6w.default-1642687018808\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2025-02-01]
FF Extension: (No Name) - C:\Users\o\AppData\Roaming\Mozilla\Firefox\Profiles\wztggr6w.default-1642687018808\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2025-03-19]
FF Extension: (javascript) - C:\Users\o\AppData\Roaming\Mozilla\Firefox\Profiles\wztggr6w.default-1642687018808\Extensions\{d4bc778f-3a98-44f4-9b2e-45fab92a21db}.xpi [2023-03-01]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-03-13] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2025-03-23]
Chrome:
=======
CHR Profile: C:\Users\o\AppData\Local\Google\Chrome\User Data\Default [2025-03-23]
CHR Notifications: Default -> hxxps://club.autodoc.cz; hxxps://comment-reparer.com; hxxps://eurosport.pissedconsumer.com; hxxps://mail.google.com; hxxps://messages.google.com; hxxps://www.autodoc.cz; hxxps://www.eurosport.com; hxxps://www.global-sport.cz; hxxps://www.lavuelta.es; hxxps://www.megaknihy.cz; hxxps://www.nasejablonecko.cz; hxxps://www.semena-marihuany.cz
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\o\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-03-18]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Dokumenty Google offline) - C:\Users\o\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-02-27]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\o\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (ESET Browser Privacy & Security) - C:\Users\o\AppData\Local\Google\Chrome\User Data\Default\Extensions\oombnmpbbhbakfpfgdflaajkhicgfaam [2024-12-15]hxxps://clients2.google.com/service/update2/crx
CHR Profile: C:\Users\o\AppData\Local\Google\Chrome\User Data\System Profile [2024-11-09]
CHR HKU\S-1-5-21-2671679121-1364000227-736312402-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [oombnmpbbhbakfpfgdflaajkhicgfaam]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2024-12-18] (Adobe Inc. -> Adobe Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1088816 2025-02-18] (Gen Digital Inc. -> Gen Digital Inc.)
R2 dlpsrv; C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe [707864 2023-06-27] (ESET, spol. s r.o. -> ESET)
R2 efwd; C:\Program Files\ESET\ESET Security\efwd.exe [5563760 2024-10-30] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [4240120 2024-10-30] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [4240120 2024-10-30] (ESET, spol. s r.o. -> ESET)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [284808 2021-02-05] (HP Inc. -> HP Inc.)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmd.inf_amd64_aa54f7a758543a0a\Display.NvContainer\NVDisplay.Container.exe [1275024 2024-11-19] (NVIDIA Corporation -> NVIDIA Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe [473312 2017-03-20] (Wondershare Technology Co.,Ltd -> Wondershare)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R0 DLMFENC; C:\WINDOWS\System32\DRIVERS\DLMFENC.sys [242168 2023-06-27] (ESET, spol. s r.o. -> ESET, spol. s r.o.)
R0 DLPCRYPT; C:\WINDOWS\System32\DRIVERS\dlpcrypt.sys [121728 2023-06-27] (DESlock Limited -> DESlock Ltd.)
R0 dlpvdisk; C:\WINDOWS\System32\DRIVERS\dlpvdisk.sys [98296 2023-06-27] (DESlock Limited -> DESlock Ltd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [220520 2024-10-22] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [121864 2024-10-22] (Microsoft Windows Hardware Compatibility Publisher -> ESET)
R1 edevmonm; C:\WINDOWS\System32\DRIVERS\edevmonm.sys [124456 2024-10-22] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [16336 2022-08-23] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [268568 2024-10-22] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\System32\drivers\ekbdflt.sys [57872 2024-10-22] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [87784 2024-10-22] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [128552 2024-10-22] (ESET, spol. s r.o. -> ESET)
S3 leusbser; C:\WINDOWS\System32\drivers\leusbser.sys [238080 2015-04-14] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 qcusbwwan; C:\WINDOWS\System32\drivers\qcusbwwan.sys [557112 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
R3 RevoProcessDetector; C:\WINDOWS\System32\DRIVERS\RevoProcessDetector.sys [19504 2024-03-28] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
R2 shimano64; C:\WINDOWS\System32\shimano64.sys [14848 2022-12-04] (Microsoft Windows Hardware Compatibility Publisher -> )
R0 VDLPToken2; C:\WINDOWS\System32\DRIVERS\vdlptkn2.sys [135672 2023-06-27] (DESlock Limited -> DESlock Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
Error Reading file: "C:\ProgramData\Desktop\VLC media player.lnk"
Error Reading file: "C:\ProgramData\Desktop\UploaderForCiG.lnk"
Error Reading file: "C:\ProgramData\Desktop\Revo Uninstaller.lnk"
Error Reading file: "C:\ProgramData\Desktop\Pracujeme s pocitacem.pdf"
Error Reading file: "C:\ProgramData\Desktop\Picture Style Editor.lnk"
Error Reading file: "C:\ProgramData\Desktop\paint.net.lnk"
Error Reading file: "C:\ProgramData\Desktop\OpenOffice 4.1.5.lnk"
Error Reading file: "C:\ProgramData\Desktop\Microsoft Edge.lnk"
Error Reading file: "C:\ProgramData\Desktop\ImageBrowser EX.lnk"
Error Reading file: "C:\ProgramData\Desktop\HP Print and Scan Doctor.lnk"
Error Reading file: "C:\ProgramData\Desktop\HP Photo Creations.lnk"
Error Reading file: "C:\ProgramData\Desktop\HP DeskJet 5820 series.lnk"
Error Reading file: "C:\ProgramData\Desktop\Google Chrome.lnk"
Error Reading file: "C:\ProgramData\Desktop\Firefox.lnk"
Error Reading file: "C:\ProgramData\Desktop\ESET Zabezpečené bankovnictví a prohlížení webu.lnk"
Error Reading file: "C:\ProgramData\Desktop\EOS Utility.lnk"
Error Reading file: "C:\ProgramData\Desktop\Double Commander.lnk"
Error Reading file: "C:\ProgramData\Desktop\Digital Photo Professional.lnk"
Error Reading file: "C:\ProgramData\Desktop\desktop.ini"
Error Reading file: "C:\ProgramData\Desktop\CCleaner.lnk"
Error Reading file: "C:\ProgramData\Desktop\Adobe Acrobat.lnk"
2025-03-23 12:48 - 2025-03-23 12:48 - 000023169 _____ C:\Users\o\Downloads\FRST.txt
2025-03-23 12:46 - 2025-03-23 12:46 - 002404352 _____ (Farbar) C:\Users\o\Downloads\FRST64.exe
2025-03-19 07:30 - 2025-03-20 07:08 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-03-12 07:19 - 2025-03-12 07:19 - 000000000 ___HD C:\$WinREAgent
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-03-23 12:48 - 2019-01-15 16:30 - 000000000 ____D C:\FRST
2025-03-23 12:27 - 2022-02-08 16:23 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-03-23 12:26 - 2024-10-02 05:22 - 000000000 ____D C:\Users\o\AppData\Roaming\eM Client
2025-03-23 12:24 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-03-23 12:23 - 2018-08-05 09:15 - 000000000 _____ C:\WINDOWS\system32\Drivers\lvuvc.hs
2025-03-23 10:15 - 2020-07-29 17:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-03-23 08:12 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-03-23 08:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-03-23 07:49 - 2020-06-08 06:27 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-03-23 07:49 - 2020-06-08 06:27 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2025-03-23 07:48 - 2022-09-30 20:19 - 000003326 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2025-03-23 07:48 - 2022-09-30 20:19 - 000000670 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2025-03-23 07:46 - 2022-05-11 11:30 - 000713246 _____ C:\WINDOWS\system32\perfh005.dat
2025-03-23 07:46 - 2022-05-11 11:30 - 000143964 _____ C:\WINDOWS\system32\perfc005.dat
2025-03-23 07:46 - 2020-07-29 17:29 - 001683940 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-03-23 07:46 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2025-03-23 07:42 - 2023-03-08 13:34 - 000000000 ____D C:\WINDOWS\system32\Tasks\PowerToys
2025-03-23 07:42 - 2020-07-29 17:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-03-23 07:42 - 2020-07-29 17:25 - 000008192 ___SH C:\DumpStack.log.tmp
2025-03-23 07:42 - 2018-08-05 09:15 - 000000000 ____D C:\ProgramData\NVIDIA
2025-03-22 17:30 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2025-03-21 07:32 - 2024-02-29 08:01 - 000000000 ____D C:\Users\o\AppData\Local\CrashDumps
2025-03-21 07:31 - 2018-08-05 09:58 - 000000000 ____D C:\Users\o\AppData\Local\D3DSCache
2025-03-20 21:51 - 2021-12-17 07:38 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-03-20 21:51 - 2018-08-05 15:13 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-03-20 21:51 - 2018-08-05 15:13 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2025-03-20 15:41 - 2022-10-11 14:21 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2025-03-20 15:41 - 2022-10-11 14:21 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2025-03-20 15:41 - 2020-07-29 17:30 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2025-03-20 07:08 - 2018-08-05 14:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-03-19 07:34 - 2021-10-09 11:32 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2025-03-19 07:34 - 2018-08-05 14:06 - 000001073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-03-18 07:30 - 2021-12-14 07:41 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2671679121-1364000227-736312402-1003
2025-03-18 07:30 - 2020-07-29 17:30 - 000003370 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2671679121-1364000227-736312402-1003
2025-03-18 07:30 - 2020-07-29 12:54 - 000002365 _____ C:\Users\o\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-03-12 08:13 - 2022-05-05 05:59 - 000305408 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-03-12 08:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2025-03-12 08:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-03-12 07:55 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-03-10 13:00 - 2018-08-05 09:25 - 000000000 ____D C:\ProgramData\Packages
2025-03-10 13:00 - 2018-08-05 09:18 - 000000000 ____D C:\Users\o\AppData\Local\Packages
2025-03-10 12:55 - 2018-08-05 09:19 - 000000000 ____D C:\Users\o\AppData\Local\PlaceholderTileLogoFolder
2025-03-08 07:03 - 2020-07-29 17:30 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-03-08 07:03 - 2020-07-29 17:30 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-03-04 07:14 - 2025-02-18 13:37 - 000003562 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-2671679121-1364000227-736312402-1003
2025-03-03 07:40 - 2018-08-05 15:13 - 000000000 ____D C:\Program Files\CCleaner
2025-03-02 07:03 - 2020-07-29 17:30 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2025-02-26 08:35 - 2019-12-07 15:42 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2025-02-26 08:35 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-02-26 08:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-02-26 08:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-02-26 08:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-02-26 08:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-02-26 08:35 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2025-02-26 08:16 - 2020-07-29 17:28 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
==================== Files in the root of some directories ========
2022-10-04 06:54 - 2022-10-04 06:54 - 000003584 _____ () C:\Users\o\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2024-12-15 09:57 - 2024-12-15 09:57 - 000000877 _____ () C:\Users\o\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
=================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2671679121-1364000227-736312402-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2671679121-1364000227-736312402-503 - Limited - Disabled)
Guest (S-1-5-21-2671679121-1364000227-736312402-501 - Limited - Disabled)
o (S-1-5-21-2671679121-1364000227-736312402-1003 - Administrator - Enabled) => C:\Users\o
OEM (S-1-5-21-2671679121-1364000227-736312402-1001 - Administrator - Enabled) => C:\Users\OEM
WDAGUtilityAccount (S-1-5-21-2671679121-1364000227-736312402-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Security (Enabled - Up to date) {DF8BEACB-94C9-218A-73AD-A78362A8C516}
AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AV: ESET Security (Enabled - Up to date) {26E0861C-6FB9-CEF9-E4F0-531986211ACE}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}
FW: ESET Firewall (Enabled) {E7B06BEE-DEA6-20D2-58F2-0EB69C7B826D}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}
FW: ESET Firewall (Enabled) {1EDB0739-25D6-CFA1-CFAF-FA2C78F25DB5}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 25.001.20435 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601108}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Balíček ovladače systému Windows - SIGMA Elektro GmbH (usbser) Ports (02/20/2017 1.7.0000.0000) (HKLM\...\F11095F081576CA0F709F279E5FC84AC50628B78) (Version: 02/20/2017 1.7.0000.0000 - SIGMA Elektro GmbH)
Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.13.10.0 - Canon Inc.)
Canon Utilities EOS Sample Music (HKLM-x32\...\EOS Sample Music) (Version: 1.0.1.1 - Canon Inc.)
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.13.10.0 - Canon Inc.)
Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.5.2.8 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.13.10.0 - Canon Inc.)
Canon Utilities Uploader for CANON iMAGE GATEWAY (HKLM-x32\...\Uploader for CANON iMAGE GATEWAY Plugin) (Version: 10.0.1.2 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.33 - Piriform)
Double Commander (HKLM\...\Double Commander_is1) (Version: 1.1.22 - Alexander Koblov)
eM Client (HKLM-x32\...\{57DB06E1-8F88-4835-8DA4-3F07ED4C2BD9}) (Version: 10.1.4588.0 - eM Client s.r.o.)
ESET Premium Line Encryption (HKLM\...\{43C2B3A3-AAF7-401A-9049-5139EABE10F9}) (Version: 2.0.36.0 - ESET) Hidden
ESET Security (HKLM\...\{C26AA376-9D1B-4B7B-A1F0-DC41E8530176}) (Version: 18.0.12.0 - ESET, spol. s r.o.)
E-tube Project Normal V4 (HKLM-x32\...\{2F7F3743-DD5B-4C39-9686-2E82359D021A}) (Version: 4.0.4.11 - SHIMANO INC.) Hidden
E-tube Project Normal V4 (HKLM-x32\...\InstallShield_{2F7F3743-DD5B-4C39-9686-2E82359D021A}) (Version: 4.0.4.11 - SHIMANO INC.)
E-TUBE PROJECT Professional V5 (HKLM-x32\...\{A2566088-E4D7-4212-9030-838DED11FEEE}) (Version: 5.1.2.12 - SHIMANO INC.) Hidden
E-TUBE PROJECT Professional V5 (HKLM-x32\...\InstallShield_{A2566088-E4D7-4212-9030-838DED11FEEE}) (Version: 5.1.2.12 - SHIMANO INC.)
GIMP 2.10.18 (HKLM\...\GIMP-2_is1) (Version: 2.10.18 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 134.0.6998.118 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
HP DeskJet 5820 series Nápověda (HKLM-x32\...\{89D0B45E-D5AC-4B97-9C7D-6F0D2308A0CA}) (Version: 36.0.0 - HP)
HP Dropbox Plugin (HKLM-x32\...\{9FF252C8-B146-47A2-9336-3A1A83056F51}) (Version: 36.0.39.57346 - HP)
HP Google Drive Plugin (HKLM-x32\...\{BBF796CE-5068-47C7-8A6D-4120C0CE47E5}) (Version: 36.0.39.57346 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
Kontrola stavu osobního počítače s Windows (HKLM\...\{95548B78-8547-4E91-B0DA-1CBB82150917}) (Version: 3.7.2204.15001 - Microsoft Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{E496AFB7-CB04-46CF-8FBB-5D665BC8811B}) (Version: 3.3.2110.22002 - Microsoft Corporation)
LenovoUsbDriver 1.0.16 (HKLM-x32\...\LenovoUsbDriver) (Version: 1.0.16 - Lenovo)
Microsoft .NET Core Host - 3.1.32 (x64) (HKLM\...\{8A8E3A04-83BC-4CDE-9259-893B666C1AB1}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.32 (x64) (HKLM\...\{ABC6B3C2-1A8D-4C5E-AC16-C2AE44F02743}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.32 (x64) (HKLM\...\{A741B803-3F0E-4684-81EF-FC128D15A92C}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Host - 5.0.17 (x64) (HKLM\...\{E663ED1E-899C-40E8-91D0-8D37B95E3C69}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.36 (x64) (HKLM\...\{D6932D97-36F1-40B8-9CDC-CA8365B21000}) (Version: 48.144.23141 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.17 (x64) (HKLM\...\{8BA25391-0BE6-443A-8EBF-86A29BAFC479}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.36 (x64) (HKLM\...\{A9E32B25-994B-4856-A12B-0EBED3050410}) (Version: 48.144.23141 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM\...\{5A66E598-37BD-4C8A-A7CB-A71C32ABCD78}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.36 (x64) (HKLM\...\{C912E33F-956A-4921-9F55-CC11AE8F09AF}) (Version: 48.144.23141 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 134.0.3124.83 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 134.0.3124.72 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-2671679121-1364000227-736312402-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2671679121-1364000227-736312402-1003\...\OneDriveSetup.exe) (Version: 25.031.0217.0003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24212 (HKLM-x32\...\{844ECB74-9B63-3D5C-958C-30BD23F19EE4}) (Version: 14.0.24212 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24212 (HKLM-x32\...\{37B55901-995A-3650-80B1-BBFD047E2911}) (Version: 14.0.24212 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31326 (HKLM-x32\...\{2d507699-404c-4c8b-a54a-38e352f32cdd}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31326 (HKLM\...\{38624EB5-356D-4B08-8357-C33D89A5C0C5}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31326 (HKLM\...\{C96241EA-9900-4FE8-85B3-1E238D509DF6}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.32 (x64) (HKLM\...\{5BEE5F3E-4D78-4DE8-A8F3-36D3E9D8868C}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.32 (x64) (HKLM-x32\...\{0eddeab6-01c1-4cf7-83ba-164ea8974c90}) (Version: 3.1.32.31915 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.17 (x64) (HKLM\...\{3C31CBA1-A0D9-4B95-A807-AD2313D12F47}) (Version: 40.68.31219 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.17 (x64) (HKLM-x32\...\{20d5df4e-006c-4d6d-a0dc-490d009b9786}) (Version: 5.0.17.31219 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.36 (x64) (HKLM\...\{61D4736B-3325-4D4A-BD41-8BD206C6A86E}) (Version: 48.144.23186 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.36 (x64) (HKLM-x32\...\{0532b8f2-12d7-43de-95fc-7b87006758a8}) (Version: 6.0.36.34217 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 136.0.2 (x64 cs)) (Version: 136.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 128.1.1 - Mozilla)
NVIDIA Ovladače grafiky 560.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 560.94 - NVIDIA Corporation)
OpenOffice 4.1.5 (HKLM-x32\...\{2FEA9841-64DE-4FA5-A36F-1CD23E2790EB}) (Version: 4.15.9789 - Apache Software Foundation)
paint.net (HKLM\...\{019781E7-35CF-47A0-BD56-B1099A3E92EF}) (Version: 5.0.11 - dotPDN LLC)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.23214 - Microsoft Corporation)
Pomocník s instalací Windows 11 (HKLM-x32\...\{115DF11E-4B4C-4EA9-9A79-00DB0C7EF02D}) (Version: 1.4.19041.5003 - Microsoft Corporation)
PowerToys (Preview) (HKLM\...\{7F0C3584-ED21-4282-9931-50D173C2CCE5}) (Version: 0.68.1 - Microsoft Corporation) Hidden
PowerToys (Preview) x64 (HKLM-x32\...\{51efee50-0959-4cb6-8958-e1c1ba33fbdf}) (Version: 0.68.1 - Microsoft Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7811 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.5.7 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.5.7 - VS Revo Group, Ltd.)
Sigma Data Center 5.6 (HKLM-x32\...\Sigma Data Center5.6) (Version: 5.6 - Sigma Elektro GmbH)
Sigma Data Center 5.7 (HKLM-x32\...\Sigma Data Center5.7) (Version: 5.7 - Sigma Elektro GmbH)
Sigma Data Center 5.8 (HKLM-x32\...\Sigma Data Center5.8) (Version: 5.8 - Sigma Elektro GmbH)
Spotify (HKU\S-1-5-21-2671679121-1364000227-736312402-1003\...\Spotify) (Version: 1.2.9.743.g85d9593d - Spotify AB)
Studie vylepšování produktu HP DeskJet 5820 series (HKLM\...\{CAE450AC-801B-44FC-A200-0244F6AD5479}) (Version: 36.1.108.65692 - Hewlett-Packard Co.)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Základní software zařízení HP DeskJet 5820 series (HKLM\...\{322E6CCD-0436-478E-A61B-EB11869234C3}) (Version: 36.1.108.65692 - Hewlett-Packard Co.)
Chrome apps:
============
Google Drive (HKU\S-1-5-21-2671679121-1364000227-736312402-1003\...\749a381c7a98f1bb8bca8312078d93d6) (Version: 1.0 - Google\Chrome)
Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-12-12] ()
Adobe Photoshop Express -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobePhotoshopExpress_3.16.0.0_x64__ynb6jyjzte8ga [2025-03-21] (Adobe Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_9.9.1.0_x64__kgqvnymyfvs32 [2025-03-06] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2982.2.0_x64__kgqvnymyfvs32 [2025-03-23] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.288.300.0_x64__kgqvnymyfvs32 [2025-03-07] (king.com)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-06-12] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2023-06-12] (Microsoft Corporation)
Dragon Mania Legends -> C:\Program Files\WindowsApps\A278AB0D.DragonManiaLegends_8.4.202.0_x64__h6adky7gbf63m [2025-02-23] (Gameloft SE)
Hidden City: Hidden Object Adventure -> C:\Program Files\WindowsApps\828B5831.HiddenCityMysteryofShadows_1.81.8100.0_x64__ytsefhwckbdv6 [2025-03-19] (G5 Entertainment AB)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2023-06-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2023-06-12] (Microsoft Corporation) [MS Ad]
MyWhoosh HD -> C:\Program Files\WindowsApps\MyWhooshTechnologyService.MyWhoosh_4.0.1.0_x64__eps1123pz0kt0 [2025-03-22] (My Whoosh Technology Services L.L.C)
Neat Office -> C:\Program Files\WindowsApps\15191PeakPlayer.NeatOffice_3.4.11.0_x64__y5c4dfz5b21fm [2025-03-01] (Any DVD & Office App) [Startup Task]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.967.0_x64__56jybvy8sckqj [2024-12-25] (NVIDIA Corp.)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2509.4.0_x64__cv1g1gvanyjgm [2025-03-06] (WhatsApp Inc.) [Startup Task]
Windows App Runtime DDLM 3.469.1654.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.3.469.1654.0-x6_3.469.1654.0_x64__8wekyb3d8bbwe [2023-06-12] (Microsoft Corporation)
Windows App Runtime DDLM 3.469.1654.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.3.469.1654.0-x8_3.469.1654.0_x86__8wekyb3d8bbwe [2023-06-12] (Microsoft Corporation)
WindowsAppRuntime.Main.1.0 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WindowsAppRuntime.Main.1.0_4.528.1755.0_x64__8wekyb3d8bbwe [2023-06-12] (Microsoft Corp.)
WindowsAppRuntime.Singleton -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.Singleton_3.469.1654.0_x64__8wekyb3d8bbwe [2023-06-12] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2671679121-1364000227-736312402-1003_Classes\CLSID\{10144713-1526-46C9-88DA-1FB52807A9FF}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.SvgThumbnailProviderCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2671679121-1364000227-736312402-1003_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-2671679121-1364000227-736312402-1003_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-2671679121-1364000227-736312402-1003_Classes\CLSID\{3f5d0051-61b8-0f45-6166-996cfb4f914f}\localserver32 -> C:\Program Files\PowerToys\modules\launcher\PowerToys.PowerLauncher.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2671679121-1364000227-736312402-1003_Classes\CLSID\{60789D87-9C3C-44AF-B18C-3DE2C2820ED3}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.MarkdownPreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2671679121-1364000227-736312402-1003_Classes\CLSID\{77257004-6F25-4521-B602-50ECC6EC62A6}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.StlThumbnailProviderCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2671679121-1364000227-736312402-1003_Classes\CLSID\{9486aaf1-0930-362a-962d-8e6908739c817}\InprocServer32 -> 0xDBF08D9C069DD901DBF08D9C069DD901010000000300000000000000 => No File
CustomCLSID: HKU\S-1-5-21-2671679121-1364000227-736312402-1003_Classes\CLSID\{A0257634-8812-4CE8-AF11-FA69ACAEAFAE}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.GcodePreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2671679121-1364000227-736312402-1003_Classes\CLSID\{D8034CFA-F34B-41FE-AD45-62FCBB52A6DA}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.MonacoPreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2671679121-1364000227-736312402-1003_Classes\CLSID\{dd5cacda-7c2e-4997-a62a-04a597b58f76}\localserver32 -> C:\Program Files\PowerToys\modules\launcher\PowerToys.PowerLauncher.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2671679121-1364000227-736312402-1003_Classes\CLSID\{F2847CBE-CD03-4C83-A359-1A8052C1B9D5}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.GcodeThumbnailProviderCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2671679121-1364000227-736312402-1003_Classes\CLSID\{FCDD4EED-41AA-492F-8A84-31A1546226E0}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.SvgPreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ESD Shell Icon Overlay Identifier] -> {AF106685-9C86-48AF-8524-8F485C459E17} => C:\Program Files\ESET\ESET Secure Data\esdovrly.dll [2023-06-27] (DESlock Limited -> DESlock Limited)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-10-30] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-10-30] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [FileLocksmithExt] -> {84D68575-E186-46AD-B0CB-BAEB45EE29C0} => C:\Program Files\PowerToys\modules\FileLocksmith\PowerToys.FileLocksmithExt.dll [2023-03-06] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [FileLocksmithExt] -> {84D68575-E186-46AD-B0CB-BAEB45EE29C0} => C:\Program Files\PowerToys\modules\FileLocksmith\PowerToys.FileLocksmithExt.dll [2023-03-06] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [PowerRenameExt] -> {0440049F-D1DC-4E46-B27B-98393D79486B} => C:\Program Files\PowerToys\modules\PowerRename\PowerToys.PowerRenameExt.dll [2023-03-06] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmd.inf_amd64_aa54f7a758543a0a\nvshext.dll [2024-11-19] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-10-30] (ESET, spol. s r.o. -> ESET)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.i420] => C:\WINDOWS\system32\lvcod64.dll [475672 2008-07-26] (Logitech Inc -> Logitech Inc.)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [416280 2008-07-26] (Logitech Inc -> Logitech Inc.)
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-03-03 15:22 - 2015-02-27 10:35 - 000489984 _____ (Newtonsoft) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\Newtonsoft.Json.dll
2020-03-03 15:22 - 2017-03-20 16:13 - 000087552 _____ (Wondershare) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppCollect.dll
2020-03-03 15:22 - 2017-03-20 16:13 - 000197632 _____ (Wondershare) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppCommon.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-2671679121-1364000227-736312402-1003\Software\Classes\regfile: <==== ATTENTION
HKU\S-1-5-21-2671679121-1364000227-736312402-1003\Software\Classes\.reg: => <==== ATTENTION
HKU\S-1-5-21-2671679121-1364000227-736312402-1003\Software\Classes\.bat: => <==== ATTENTION
HKU\S-1-5-21-2671679121-1364000227-736312402-1003\Software\Classes\.cmd: => <==== ATTENTION
==================== Internet Explorer (Whitelisted) =============
SearchScopes: HKU\S-1-5-21-2671679121-1364000227-736312402-1003 -> {96F7DBBC-8149-4334-AC47-E15E9020321E} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-08-05 10:09 - 2018-08-05 10:08 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2671679121-1364000227-736312402-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\OEM\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\Tatra podzim 2017 192 (4).JPG
HKU\S-1-5-21-2671679121-1364000227-736312402-1003\Control Panel\Desktop\\Wallpaper -> c:\users\o\appdata\local\packages\microsoft.windows.photos_8wekyb3d8bbwe\localstate\photosappbackground\img_20241017_092312.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: Realtek PCIe GBE Family Controller -> rt640x64.sys
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "ImageBrowser EX Agent.lnk"
HKU\S-1-5-21-2671679121-1364000227-736312402-1003\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2671679121-1364000227-736312402-1003\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2671679121-1364000227-736312402-1003\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{D6FE37A1-1D14-4D1D-984E-5E79C2C55BD1}] => (Block) C:\users\o\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{66DBF78D-7F33-413B-A784-8BB554FFBD06}] => (Block) C:\users\o\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{E3972142-1428-4B40-93A7-479B4EA9CF3D}C:\users\o\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\o\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{60B11243-D286-4A87-A86D-2B083836908E}C:\users\o\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\o\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{39E9C860-4CC5-48E0-BA99-079BCDC6F42A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4E58E12F-0CA7-442C-9A8F-04BBCA046A13}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{74EF2E72-8999-4C9D-B3C9-45C71A20E2AB}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Gen Digital Inc. -> Gen Digital Inc.)
FirewallRules: [{8AD5C1B0-4316-4CFE-A003-4C9099F9D275}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Gen Digital Inc. -> Gen Digital Inc.)
FirewallRules: [{27D8CC21-59B4-4206-8E71-4D7D04B68A9A}] => (Allow) C:\Program Files\HP\HP DeskJet 5820 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{85CDAB00-8A8C-4601-92E8-737E46FD87CE}] => (Allow) LPort=5357
FirewallRules: [{E284F53D-7B83-4FC4-96C3-B1D53163CE89}] => (Allow) C:\Program Files\HP\HP DeskJet 5820 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{A2492D2F-CAD6-42FB-B6BE-F1E0F5213805}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{973784AC-3C10-4CC2-A6EC-14618B4E8884}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{20659D71-2ED4-4A69-B291-AE289623B913}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{042D4FB7-32E2-4C3B-BC9B-3FDE7EF07EED}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{8E423AD2-509D-402C-B180-1F6EAF3BF7DE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{ED181480-39C5-40DD-BEEC-21E3B135F706}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{AC70D577-A9F8-4065-9208-78C8531EA168}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{428D4519-758F-430B-BFDB-76D3DA169E42}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{94D30273-EE3D-4474-B927-A6C6CBF3F9C0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{03F11D38-2F5A-4286-B8C3-500386FD3219}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{E88FC328-2386-4CA7-953D-1465185B4327}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{642A033F-7F45-4902-AFA2-C135FFABE257}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{6503B5CD-0E9F-4321-BA30-FAB82F11F850}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\134.0.3124.72\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8AB44E49-9FA3-4B73-91E2-523B164A5BC1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{A5408503-D489-4A18-B959-E864252B5BCB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3209.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A89B24FD-32EC-44CA-9ADE-9124A42CEB06}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3209.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1C26CE84-B060-424F-BA00-CE593B605066}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3209.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6E5FDF43-89C2-4930-9D3A-4C7B55AD189E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3209.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
26-02-2025 08:10:55 Instalační služba modulů systému Windows
11-03-2025 13:14:41 Naplánovaný kontrolní bod
12-03-2025 07:48:13 Instalační služba modulů systému Windows
21-03-2025 08:01:30 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
Name: Standardní klávesnice PS/2
Description: Standardní klávesnice PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní klávesnice)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Myš Microsoft PS/2
Description: Myš Microsoft PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: ========================
Application errors:
==================
Error: (03/22/2025 05:24:11 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002
Error: (03/22/2025 05:24:11 PM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002
Error: (03/22/2025 05:24:11 PM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003
Error: (03/21/2025 05:07:56 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002
Error: (03/21/2025 05:07:56 PM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002
Error: (03/21/2025 05:07:56 PM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003
Error: (03/21/2025 08:01:11 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (03/21/2025 07:31:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GameBar.exe, verze: 7.225.2131.0, časové razítko: 0x67ae29f1
Název chybujícího modulu: GameBar.exe, verze: 7.225.2131.0, časové razítko: 0x67ae29f1
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000408b6
ID chybujícího procesu: 0x24f8
Čas spuštění chybující aplikace: 0x01db9a2af187ee01
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_7.225.2131.0_x64__8wekyb3d8bbwe\GameBar.exe
Cesta k chybujícímu modulu: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_7.225.2131.0_x64__8wekyb3d8bbwe\GameBar.exe
ID zprávy: d4737338-4916-40e8-90e2-1c6aa517c138
Úplný název chybujícího balíčku: Microsoft.XboxGamingOverlay_7.225.2131.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App
System errors:
=============
Error: (03/23/2025 07:47:43 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931
Error: (03/23/2025 07:44:49 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Zprostředkovatel monitorování Ochrany System Guard v režimu runtime byla ukončena s následující chybou:
%%3489660935
Error: (03/23/2025 07:44:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Google Update (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (03/23/2025 07:44:48 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Google Update (gupdate) bylo dosaženo časového limitu (30000 ms).
Error: (03/23/2025 07:42:48 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_6bdd6 byla ukončena s následující chybou:
Zařízení není připraveno.
Error: (03/22/2025 07:27:05 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931
Error: (03/22/2025 07:24:11 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Zprostředkovatel monitorování Ochrany System Guard v režimu runtime byla ukončena s následující chybou:
%%3489660935
Error: (03/22/2025 07:24:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Google Update (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Windows Defender:
================
Date: 2020-12-06 10:14:56
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {388A04F6-1781-437E-BCC1-6D9A722BF871}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-12-06 07:18:31
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5D7C26DB-716E-4592-94E5-50101B0BED4E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-12-04 15:14:05
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {BAA004E1-8477-4695-9CB6-DF8FDCA4F1B7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-12-04 12:35:34
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {76996594-6B4E-4B25-8E9B-C101E076753D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-12-04 10:14:07
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {C01D6D25-4571-4111-BFD6-03BAA402C7CE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
CodeIntegrity:
===============
Date: 2025-03-23 12:24:26
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. C.70 05/23/2016
Motherboard: MSI B150 PC MATE (MS-7971)
Processor: Intel(R) Core(TM) i5-6500 CPU @ 3.20GHz
Percentage of memory in use: 55%
Total physical RAM: 8155.09 MB
Available physical RAM: 3599.63 MB
Total Virtual: 9435.09 MB
Available Virtual: 2668.18 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:222.52 GB) (Free:79.43 GB) (Model: KINGSTON SUV400S37240G) NTFS
Drive d: () (Fixed) (Total:931.39 GB) (Free:337.4 GB) (Model: WDC WD10EZEX-00WN4A0) NTFS
\\?\Volume{dda794df-29ce-4260-955c-5d488ec41ee3}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.13 GB) NTFS
\\?\Volume{b390ac81-48ab-40dc-b785-5bc87a2d3889}\ () (Fixed) (Total:0.5 GB) (Free:0.07 GB) NTFS
\\?\Volume{0e88439b-e7a7-474c-b178-fade1ac6c8f1}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =========================================== End of FRST.txt ========================
