Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
velmi plíživé zpomalování NTB Lenovo
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
velmi plíživé zpomalování NTB Lenovo
Dobrý den.
Nikdy nešlo o atleta mezi NTB. Slouží zejména při cestách k vyhledávání spojení pro turistiku. Nicméně pravidelně jej aktualizuji. V posledeních týdnech je ale velmi pomalý: samotná aktualizace ESETu trvá klidně i desítky minut, totéž platí o Firefoxu,nemluvě o aktualizacích Windows - to je práce na celé odpoledne. Nevězí za tím nějaký virový problém? Děkuji za omoc
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-05-2023
Ran by Jana a Ivo (administrator) on DESKTOP-VQOS8Q4 (LENOVO 80RJ) (22-05-2023 09:46:30)
Running from C:\Users\Jana a Ivo\Desktop\FRST64.exe
Loaded Profiles: Jana a Ivo
Platform: Microsoft Windows 10 Home Version 22H2 19045.2965 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(explorer.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(explorer.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(explorer.exe ->) (Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(explorer.exe ->) (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <14>
(services.exe ->) () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\efwd.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_f222132bfa8270de\RstMwService.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [194704 2023-05-07] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6613896 2016-06-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3947704 2015-08-13] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [916184 2014-07-02] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-06-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Policies\Explorer: [NoRecentDocsNetHood] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [DisableAcrylicBackgroundOnLogon] 1
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31300376 2023-03-08] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\...\Policies\Explorer: [NoPreviewPane] 0
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\...\Policies\Explorer: [HideSCANetwork] 0
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\...\Policies\Explorer: [HideSCAVolume] 0
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\...\MountPoints2: {51acffe7-cc46-11eb-91b4-00dbdf39b6f0} - "D:\laucher.exe"
HKLM\...\Windows x64\Print Processors\hpzpplhn: C:\Windows\System32\spool\prtprocs\x64\hpzpplhn.dll [109288 2018-10-12] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {126D8334-776A-4408-99A6-BF481F8721CC} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [29464 2023-03-08] (Garmin International, Inc. -> )
Task: {19C07BC8-0CB7-4A83-AF71-FF947EE97AF6} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [123872 2023-05-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {9061F7D2-1BA7-40C3-BD8B-F82F2F4D09BD} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [732064 2023-05-14] (Mozilla Corporation -> Mozilla Foundation)
Task: {A2FF40FA-D436-4149-A90A-141009CC3C66} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26513416 2023-05-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {C392DF2F-0F08-4371-BAD3-1B92015F1A20} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [123872 2023-05-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {D56FF0BE-67BC-4063-AD7E-EC4954BCD264} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26513416 2023-05-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {F147B8D1-0B25-4B60-B79F-13C879757776} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{293a57ee-7345-49db-b3f7-7146b3553dba}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{ba4fc65e-7848-425b-8a31-eff962438070}: [DhcpNameServer] 10.0.0.3 10.0.0.1
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Jana a Ivo\AppData\Local\Microsoft\Edge\User Data\Default [2022-07-10]
Edge StartupUrls: Default -> "hxxps://google.cz/"
FireFox:
========
FF DefaultProfile: gxqrpohw.default
FF ProfilePath: C:\Users\Jana a Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\pewpxvg2.App [2020-12-03]
FF ProfilePath: C:\Users\Jana a Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\gxqrpohw.default [2023-05-22]
FF Homepage: Mozilla\Firefox\Profiles\gxqrpohw.default -> hxxps://www.seznam.cz/
FF NetworkProxy: Mozilla\Firefox\Profiles\gxqrpohw.default -> type", 0
FF Session Restore: Mozilla\Firefox\Profiles\gxqrpohw.default -> is enabled.
FF Extension: (Podepisovací komponenta Signer) - C:\Users\Jana a Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\gxqrpohw.default\Extensions\ace.nmsigner@asseco.cz.xpi [2020-12-10]
FF Extension: (AdBlocker Ultimate) - C:\Users\Jana a Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\gxqrpohw.default\Extensions\adblockultimate@adblockultimate.net.xpi [2023-05-16]
FF Extension: (Komponenta I.CA PKI Service) - C:\Users\Jana a Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\gxqrpohw.default\Extensions\icapkiservice@ica.cz.xpi [2023-05-16]
FF Extension: (Google Translator for Firefox) - C:\Users\Jana a Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\gxqrpohw.default\Extensions\translator@zoli.bod.xpi [2018-12-13]
FF Extension: (Gesturefy) - C:\Users\Jana a Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\gxqrpohw.default\Extensions\{506e023c-7f2b-40a3-8066-bc5deb40aebe}.xpi [2022-10-28]
FF Extension: (Video DownloadHelper) - C:\Users\Jana a Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\gxqrpohw.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2022-12-11]
FF Extension: (No Name) - C:\Users\Jana a Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\gxqrpohw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2023-05-07]
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-04-04] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.301.2 -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\dtplugin\npDeployJava1.dll [2021-08-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.301.2 -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\plugin2\npjp2.dll [2021-08-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-11-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2023-05-22]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2016-06-28] () [File not signed]
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11749376 2023-05-14] (Microsoft Corporation -> Microsoft Corporation)
R2 efwd; C:\Program Files\ESET\ESET Security\efwd.exe [2509944 2023-05-07] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3650416 2023-05-07] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3650416 2023-05-07] (ESET, spol. s r.o. -> ESET)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\NisSrv.exe [2467088 2020-11-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MsMpEng.exe [128376 2020-11-08] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [198448 2023-05-07] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [118872 2023-05-07] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [16336 2022-08-25] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [244920 2023-05-07] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [55440 2023-05-07] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [81728 2023-05-07] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [123008 2023-05-07] (ESET, spol. s r.o. -> ESET)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-11-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429288 2020-11-08] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2020-11-08] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-05-22 09:41 - 2023-05-22 09:45 - 000033149 _____ C:\Users\Jana a Ivo\Desktop\Addition.txt
2023-05-22 09:33 - 2023-05-22 09:49 - 000016646 _____ C:\Users\Jana a Ivo\Desktop\FRST.txt
2023-05-22 09:29 - 2023-05-22 09:48 - 000000000 ____D C:\FRST
2023-05-22 09:28 - 2023-05-22 09:28 - 002382336 _____ (Farbar) C:\Users\Jana a Ivo\Desktop\FRST64.exe
2023-05-14 14:05 - 2023-05-14 14:05 - 000000000 ___HD C:\$WinREAgent
2023-05-07 14:04 - 2023-05-07 14:04 - 000001963 _____ C:\Users\Public\Desktop\Garmin Express.lnk
2023-05-07 13:13 - 2023-05-16 10:30 - 000000000 ____D C:\Program Files\Mozilla Firefox
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-05-22 09:52 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-05-22 09:46 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-05-22 09:45 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-05-22 09:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-05-22 09:33 - 2020-06-08 16:00 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-05-22 09:33 - 2020-06-08 16:00 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-05-22 09:16 - 2022-02-13 14:01 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-05-22 09:10 - 2018-01-16 12:17 - 000000000 __SHD C:\Users\Jana a Ivo\IntelGraphicsProfiles
2023-05-22 09:10 - 2018-01-16 12:16 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2023-05-16 10:42 - 2018-01-16 12:12 - 000000000 ____D C:\Users\Jana a Ivo\AppData\Local\ClassicShell
2023-05-16 10:37 - 2021-05-02 17:31 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-05-16 10:37 - 2019-12-07 16:41 - 000717850 _____ C:\WINDOWS\system32\perfh005.dat
2023-05-16 10:37 - 2019-12-07 16:41 - 000144992 _____ C:\WINDOWS\system32\perfc005.dat
2023-05-16 10:30 - 2021-05-02 17:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-05-16 10:30 - 2021-05-02 17:13 - 000439696 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-05-16 10:30 - 2021-05-02 17:13 - 000008192 ___SH C:\DumpStack.log.tmp
2023-05-16 10:30 - 2018-01-16 12:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-05-16 10:29 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-05-16 10:27 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2023-05-16 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-05-16 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-05-16 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-05-16 10:26 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\system32\cs
2023-05-16 10:26 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-05-16 10:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-05-16 10:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-05-16 10:23 - 2018-01-16 12:08 - 000000000 ____D C:\Users\Jana a Ivo\AppData\LocalLow\Mozilla
2023-05-16 10:21 - 2021-05-02 17:13 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-05-16 10:08 - 2023-02-09 11:55 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2023-05-16 10:06 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-05-16 09:33 - 2021-05-02 17:16 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-05-14 13:55 - 2018-01-16 12:08 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-05-14 13:18 - 2018-01-16 14:10 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-05-14 13:08 - 2018-01-16 14:09 - 159583304 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-05-14 13:03 - 2018-01-16 12:32 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-05-14 12:54 - 2021-05-02 17:35 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-05-14 12:54 - 2021-05-02 17:35 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-05-07 14:13 - 2021-05-02 17:21 - 000000000 ____D C:\Users\Jana a Ivo
2023-05-07 14:07 - 2018-01-16 12:06 - 000000000 ____D C:\ProgramData\Package Cache
2023-05-07 14:06 - 2018-01-18 15:04 - 000000000 ____D C:\Program Files (x86)\Garmin
2023-05-07 14:04 - 2018-01-18 15:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2023-05-07 14:03 - 2022-02-17 16:47 - 000003624 _____ C:\WINDOWS\system32\Tasks\GarminUpdaterTask
2023-05-07 14:03 - 2018-01-18 15:05 - 000000000 ____D C:\ProgramData\Garmin
2023-05-07 13:56 - 2020-10-11 11:44 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-05-07 13:48 - 2023-02-20 12:13 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-05-07 13:48 - 2023-02-20 12:13 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-05-07 13:36 - 2018-09-04 12:23 - 000244920 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2023-05-07 13:36 - 2018-09-04 12:23 - 000198448 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2023-05-07 13:36 - 2018-09-04 12:23 - 000123008 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2023-05-07 13:36 - 2018-09-04 12:23 - 000118872 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2023-05-07 13:36 - 2018-09-04 12:23 - 000081728 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2023-05-07 13:36 - 2018-09-04 12:23 - 000055440 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2023-05-07 13:10 - 2018-01-16 13:52 - 000000000 ____D C:\IDOS
2023-05-07 13:08 - 2018-01-18 14:07 - 000000000 ____D C:\Users\Jana a Ivo\AppData\Roaming\Microsoft\Excel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-05-2023
Ran by Jana a Ivo (22-05-2023 09:41:32)
Running from C:\Users\Jana a Ivo\Desktop
Microsoft Windows 10 Home Version 22H2 19045.2965 (X64) (2021-05-02 15:36:18)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2103199511-3566600217-2712341953-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2103199511-3566600217-2712341953-503 - Limited - Disabled)
Guest (S-1-5-21-2103199511-3566600217-2712341953-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2103199511-3566600217-2712341953-1003 - Limited - Enabled)
Jana a Ivo (S-1-5-21-2103199511-3566600217-2712341953-1001 - Administrator - Enabled) => C:\Users\Jana a Ivo
WDAGUtilityAccount (S-1-5-21-2103199511-3566600217-2712341953-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Security (Enabled - Up to date) {DF8BEACB-94C9-218A-73AD-A78362A8C516}
AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}
FW: ESET Firewall (Enabled) {E7B06BEE-DEA6-20D2-58F2-0EB69C7B826D}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.003.20322 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD Settings (HKLM\...\WUCCCApp) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.)
ANT Drivers Installer x64 (HKLM\...\{20AB389B-8602-403C-B19B-F0A1D6C510A5}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
ANT Drivers Installer x64 (HKLM\...\{A6B6FBCE-2A3E-47E4-BB07-DE6EF17DAEF5}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.29.53 - Conexant)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Elevated Installer (HKLM-x32\...\{68AB1C40-97AB-4CBD-B20B-BF60BFA6B73E}) (Version: 7.16.3.0 - Garmin Ltd or its subsidiaries) Hidden
ESET Security (HKLM\...\{0813F772-F554-4DA9-9CEA-ABCE6321BDFD}) (Version: 16.1.14.0 - ESET, spol. s r.o.)
Garmin BaseCamp (HKLM-x32\...\{52212c77-b309-478b-9073-27ea7ca4373b}) (Version: 4.7.1.0 - Garmin Ltd or its subsidiaries)
Garmin BaseCamp (HKLM-x32\...\{BF450036-EE1E-4B8A-B514-787A0D6D4EAE}) (Version: 4.7.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin City_Navigator_Europe_NTU_2021_10 (HKLM-x32\...\{B4CDF952-865A-4042-8BA6-0B8B288A30F5}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{504335d2-bcff-4687-a901-c1cfde7acd23}) (Version: 7.16.3.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{E0E153D2-5A9B-4B1A-B918-9A9ED0C8863B}) (Version: 7.16.3.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin POI Loader (HKLM-x32\...\{3213ED5E-7BBE-4613-BE69-8B1E4FE520DD}) (Version: 2.7.3 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
HP Dropbox Plugin (HKLM-x32\...\{0078F518-B5B5-4857-8939-199E752A4190}) (Version: 36.0.41.58587 - HP)
HP Google Drive Plugin (HKLM-x32\...\{F260117F-45E4-483E-B10F-C80224558C4D}) (Version: 36.0.41.58587 - HP)
IDOS Komplet 2023 (HKLM-x32\...\{7F071BBB-DED3-4C43-A2B2-C4817AD1BF3C}_is1) (Version: - CHAPS spol. s r.o.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4474 - Intel Corporation)
Java 8 Update 301 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180301F0}) (Version: 8.0.3010.9 - Oracle Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 113.0.1774.50 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 113.0.1774.42 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.16327.20248 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (HKLM\...\{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (HKLM\...\{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (HKLM-x32\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (HKLM-x32\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.23.27820 (HKLM-x32\...\{86BE78D9-65A1-4E69-86F8-C1F5281F8553}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.23.27820 (HKLM-x32\...\{00AC3934-26B4-406E-807C-1692AC7329EC}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 113.0.1 (x64 cs)) (Version: 113.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 113.0.1.8531 - Mozilla)
Mozilla Thunderbird (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 102.6.1 (x86 cs)) (Version: 102.6.1 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.16327.20248 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Rajče průvodce verze 1.59.54.269 (HKLM-x32\...\rajce.net_is1) (Version: - rajce.net)
Rajče verze 2.6.2 sestavení 292 (HKLM-x32\...\Rajče.net_is1) (Version: - rajče.net)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31222 - Realtek Semiconduct Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.7 - Synaptics Incorporated)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C22F49B1-0F67-47DC-A490-E8B4B6558EA9}) (Version: 8.91.0.0 - Microsoft Corporation)
VdhCoApp 1.2.4 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
YTD (pepak) (HKLM-x32\...\YTD_Pepak) (Version: - )
Packages:
=========
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_143.1.1136.0_x64__v10z8vjag6ke6 [2023-03-12] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-05-02] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-05-02] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2103199511-3566600217-2712341953-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Jana a Ivo\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2103199511-3566600217-2712341953-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Jana a Ivo\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2103199511-3566600217-2712341953-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Jana a Ivo\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-05-07] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-05-07] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-07-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-05-07] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\System32\StartMenuHelper64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2015-06-25 16:53 - 2015-06-25 16:53 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 16:51 - 2015-06-25 16:51 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2015-06-25 17:34 - 2015-06-25 17:34 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 17:37 - 2015-06-25 17:37 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 17:38 - 2015-06-25 17:38 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 17:35 - 2015-06-25 17:35 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2017-08-13 09:49 - 2017-08-13 09:49 - 003664184 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2017-08-13 09:49 - 2017-08-13 09:49 - 000291128 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\WINDOWS\System32\StartMenuHelper64.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2015-06-25 17:15 - 2015-06-25 17:15 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2015-06-25 17:15 - 2015-06-25 17:15 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2015-06-25 17:15 - 2015-06-25 17:15 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2015-06-25 17:17 - 2015-06-25 17:17 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2015-06-25 17:21 - 2015-06-25 17:21 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2015-06-25 17:14 - 2015-06-25 17:14 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2015-07-02 12:58 - 2015-07-02 12:58 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2015-06-25 17:03 - 2015-06-25 17:03 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2015-06-25 05:13 - 2015-06-25 05:13 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2015-06-25 17:00 - 2015-06-25 17:00 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2015-06-25 17:23 - 2015-06-25 17:23 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2015-06-25 17:28 - 2015-06-25 17:28 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2015-06-25 17:16 - 2015-06-25 17:16 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2015-06-25 17:08 - 2015-06-25 17:08 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2015-06-25 17:58 - 2015-06-25 17:58 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2015-06-25 16:59 - 2015-06-25 16:59 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2023-01-28] (Microsoft Corporation -> Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2023-03-12] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\ssv.dll [2021-08-29] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\jp2ssv.dll [2021-08-29] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-05-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-05-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-05-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-05-07] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 15:46 - 2017-09-29 15:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jana a Ivo\AppData\Local\Microsoft\Windows\Themes\motiv pře (2)\DesktopBackground\img0.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\...\StartupApproved\Run: => "GarminExpress"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{F88E55ED-ED05-4ED1-B359-9FF63A273368}] => (Allow) C:\Users\Jana a Ivo\AppData\Local\Temp\7zS163E\HP.EasyStart.exe => No File
FirewallRules: [{9139507C-B783-49C9-BB55-04054FB787E8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{34395AAA-2ABA-4696-8086-5692E5DD01F2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{6D4610DC-0269-44A6-BE14-38BDC03A73E9}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe => No File
FirewallRules: [TCP Query User{2EBE2BC9-CF6C-4380-8491-859E276DFC2C}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe => No File
FirewallRules: [UDP Query User{2948568B-B046-40AA-BE35-572C590A42DD}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe => No File
FirewallRules: [TCP Query User{C3B9572B-5C52-4C87-8738-FD5EB7667047}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe => No File
FirewallRules: [{47CDE9D6-F0F8-4A42-860E-F8C93AAD865D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A3B59AF7-626D-492D-BB26-1A641D758E78}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F499E1F4-EE2B-441C-A393-5A3ABB9D1322}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1BEAB4D0-B014-4D05-BE6D-7E822DE1031E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C26CA521-5259-4D4F-94B4-FA63992F3DCE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A4EB0BB5-2B82-4BEE-B808-42E1442F47E9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CD200896-253B-4216-A263-383AF76DE8C0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F191B5EA-0A5A-4CA9-B3BC-15F980124B59}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6631844B-970C-4D6A-B6D4-6A4289BEF974}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A61602A6-52BE-40AD-83D9-0C1ECE6090E5}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\113.0.1774.50\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
16-04-2023 13:19:07 Instalační služba modulů systému Windows
16-04-2023 13:36:43 Instalační služba modulů systému Windows
07-05-2023 13:58:15 Instalační služba modulů systému Windows
14-05-2023 13:59:56 Instalační služba modulů systému Windows
14-05-2023 14:23:55 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (05/22/2023 09:13:48 AM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (05/16/2023 10:42:42 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error
Error: (05/16/2023 10:24:02 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error
Error: (05/16/2023 09:29:08 AM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (05/16/2023 09:29:05 AM) (Source: Firefox Default Browser Agent) (EventID: 12029) (User: )
Description: Event-ID 12029
Error: (05/16/2023 09:29:03 AM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0
Error: (05/16/2023 09:22:07 AM) (Source: Adaptive Sleep Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (05/14/2023 03:01:09 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error
System errors:
=============
Error: (05/22/2023 09:10:26 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x800703fa): 9WZDNCRFJ3P2-MICROSOFT.ZUNEVIDEO.
Error: (05/16/2023 10:23:59 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-VQOS8Q4)
Description: Server Microsoft.Windows.ContentDeliveryManager_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy!App.AppXw3qcpc7p849541dp39vvqd01bn7z9ybh.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (05/16/2023 10:23:59 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-VQOS8Q4)
Description: Server Microsoft.MicrosoftOfficeHub_18.2303.1201.0_x64__8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub.AppXvhez9tbpytkh6zv5q0bx5fj12yay14wg.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (05/16/2023 10:10:26 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9WZDNCRFJBH4-Microsoft.Windows.Photos.
Error: (05/14/2023 03:00:50 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-VQOS8Q4)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (05/14/2023 03:00:50 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-VQOS8Q4)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (05/14/2023 03:00:50 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-VQOS8Q4)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (05/14/2023 03:00:50 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-VQOS8Q4)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
CodeIntegrity:
===============
Date: 2023-05-22 09:22:16
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO 0RCN34WW 09/21/2015
Motherboard: LENOVO Lenovo B71-80
Processor: Intel(R) Pentium(R) CPU 4405U @ 2.10GHz
Percentage of memory in use: 79%
Total physical RAM: 3955.91 MB
Available physical RAM: 800.73 MB
Total Virtual: 5683.91 MB
Available Virtual: 672.99 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:464.62 GB) (Free:338.57 GB) (Model: TOSHIBA MQ02ABF050H-SSHD-8GB) NTFS
\\?\Volume{9f912f83-ef0a-4c4c-960c-1f56a956d628}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{2c8608cb-c065-4106-a4c1-fa5abe636d07}\ () (Fixed) (Total:0.54 GB) (Free:0.07 GB) NTFS
\\?\Volume{5b99a217-6334-4f34-a54d-44d0bc9ddc49}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 722D38A9)
Partition: GPT.
==================== End of Addition.txt =======================
Nikdy nešlo o atleta mezi NTB. Slouží zejména při cestách k vyhledávání spojení pro turistiku. Nicméně pravidelně jej aktualizuji. V posledeních týdnech je ale velmi pomalý: samotná aktualizace ESETu trvá klidně i desítky minut, totéž platí o Firefoxu,nemluvě o aktualizacích Windows - to je práce na celé odpoledne. Nevězí za tím nějaký virový problém? Děkuji za omoc
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-05-2023
Ran by Jana a Ivo (administrator) on DESKTOP-VQOS8Q4 (LENOVO 80RJ) (22-05-2023 09:46:30)
Running from C:\Users\Jana a Ivo\Desktop\FRST64.exe
Loaded Profiles: Jana a Ivo
Platform: Microsoft Windows 10 Home Version 22H2 19045.2965 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(explorer.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(explorer.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(explorer.exe ->) (Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(explorer.exe ->) (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <14>
(services.exe ->) () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\efwd.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_f222132bfa8270de\RstMwService.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [194704 2023-05-07] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6613896 2016-06-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3947704 2015-08-13] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [916184 2014-07-02] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-06-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Policies\Explorer: [NoRecentDocsNetHood] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [DisableAcrylicBackgroundOnLogon] 1
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31300376 2023-03-08] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\...\Policies\Explorer: [NoPreviewPane] 0
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\...\Policies\Explorer: [HideSCANetwork] 0
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\...\Policies\Explorer: [HideSCAVolume] 0
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\...\MountPoints2: {51acffe7-cc46-11eb-91b4-00dbdf39b6f0} - "D:\laucher.exe"
HKLM\...\Windows x64\Print Processors\hpzpplhn: C:\Windows\System32\spool\prtprocs\x64\hpzpplhn.dll [109288 2018-10-12] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {126D8334-776A-4408-99A6-BF481F8721CC} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [29464 2023-03-08] (Garmin International, Inc. -> )
Task: {19C07BC8-0CB7-4A83-AF71-FF947EE97AF6} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [123872 2023-05-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {9061F7D2-1BA7-40C3-BD8B-F82F2F4D09BD} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [732064 2023-05-14] (Mozilla Corporation -> Mozilla Foundation)
Task: {A2FF40FA-D436-4149-A90A-141009CC3C66} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26513416 2023-05-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {C392DF2F-0F08-4371-BAD3-1B92015F1A20} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [123872 2023-05-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {D56FF0BE-67BC-4063-AD7E-EC4954BCD264} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26513416 2023-05-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {F147B8D1-0B25-4B60-B79F-13C879757776} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{293a57ee-7345-49db-b3f7-7146b3553dba}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{ba4fc65e-7848-425b-8a31-eff962438070}: [DhcpNameServer] 10.0.0.3 10.0.0.1
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Jana a Ivo\AppData\Local\Microsoft\Edge\User Data\Default [2022-07-10]
Edge StartupUrls: Default -> "hxxps://google.cz/"
FireFox:
========
FF DefaultProfile: gxqrpohw.default
FF ProfilePath: C:\Users\Jana a Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\pewpxvg2.App [2020-12-03]
FF ProfilePath: C:\Users\Jana a Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\gxqrpohw.default [2023-05-22]
FF Homepage: Mozilla\Firefox\Profiles\gxqrpohw.default -> hxxps://www.seznam.cz/
FF NetworkProxy: Mozilla\Firefox\Profiles\gxqrpohw.default -> type", 0
FF Session Restore: Mozilla\Firefox\Profiles\gxqrpohw.default -> is enabled.
FF Extension: (Podepisovací komponenta Signer) - C:\Users\Jana a Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\gxqrpohw.default\Extensions\ace.nmsigner@asseco.cz.xpi [2020-12-10]
FF Extension: (AdBlocker Ultimate) - C:\Users\Jana a Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\gxqrpohw.default\Extensions\adblockultimate@adblockultimate.net.xpi [2023-05-16]
FF Extension: (Komponenta I.CA PKI Service) - C:\Users\Jana a Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\gxqrpohw.default\Extensions\icapkiservice@ica.cz.xpi [2023-05-16]
FF Extension: (Google Translator for Firefox) - C:\Users\Jana a Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\gxqrpohw.default\Extensions\translator@zoli.bod.xpi [2018-12-13]
FF Extension: (Gesturefy) - C:\Users\Jana a Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\gxqrpohw.default\Extensions\{506e023c-7f2b-40a3-8066-bc5deb40aebe}.xpi [2022-10-28]
FF Extension: (Video DownloadHelper) - C:\Users\Jana a Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\gxqrpohw.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2022-12-11]
FF Extension: (No Name) - C:\Users\Jana a Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\gxqrpohw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2023-05-07]
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-04-04] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.301.2 -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\dtplugin\npDeployJava1.dll [2021-08-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.301.2 -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\plugin2\npjp2.dll [2021-08-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-11-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2023-05-22]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2016-06-28] () [File not signed]
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11749376 2023-05-14] (Microsoft Corporation -> Microsoft Corporation)
R2 efwd; C:\Program Files\ESET\ESET Security\efwd.exe [2509944 2023-05-07] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3650416 2023-05-07] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3650416 2023-05-07] (ESET, spol. s r.o. -> ESET)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\NisSrv.exe [2467088 2020-11-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MsMpEng.exe [128376 2020-11-08] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [198448 2023-05-07] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [118872 2023-05-07] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [16336 2022-08-25] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [244920 2023-05-07] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [55440 2023-05-07] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [81728 2023-05-07] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [123008 2023-05-07] (ESET, spol. s r.o. -> ESET)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-11-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429288 2020-11-08] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2020-11-08] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-05-22 09:41 - 2023-05-22 09:45 - 000033149 _____ C:\Users\Jana a Ivo\Desktop\Addition.txt
2023-05-22 09:33 - 2023-05-22 09:49 - 000016646 _____ C:\Users\Jana a Ivo\Desktop\FRST.txt
2023-05-22 09:29 - 2023-05-22 09:48 - 000000000 ____D C:\FRST
2023-05-22 09:28 - 2023-05-22 09:28 - 002382336 _____ (Farbar) C:\Users\Jana a Ivo\Desktop\FRST64.exe
2023-05-14 14:05 - 2023-05-14 14:05 - 000000000 ___HD C:\$WinREAgent
2023-05-07 14:04 - 2023-05-07 14:04 - 000001963 _____ C:\Users\Public\Desktop\Garmin Express.lnk
2023-05-07 13:13 - 2023-05-16 10:30 - 000000000 ____D C:\Program Files\Mozilla Firefox
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-05-22 09:52 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-05-22 09:46 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-05-22 09:45 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-05-22 09:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-05-22 09:33 - 2020-06-08 16:00 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-05-22 09:33 - 2020-06-08 16:00 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-05-22 09:16 - 2022-02-13 14:01 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-05-22 09:10 - 2018-01-16 12:17 - 000000000 __SHD C:\Users\Jana a Ivo\IntelGraphicsProfiles
2023-05-22 09:10 - 2018-01-16 12:16 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2023-05-16 10:42 - 2018-01-16 12:12 - 000000000 ____D C:\Users\Jana a Ivo\AppData\Local\ClassicShell
2023-05-16 10:37 - 2021-05-02 17:31 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-05-16 10:37 - 2019-12-07 16:41 - 000717850 _____ C:\WINDOWS\system32\perfh005.dat
2023-05-16 10:37 - 2019-12-07 16:41 - 000144992 _____ C:\WINDOWS\system32\perfc005.dat
2023-05-16 10:30 - 2021-05-02 17:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-05-16 10:30 - 2021-05-02 17:13 - 000439696 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-05-16 10:30 - 2021-05-02 17:13 - 000008192 ___SH C:\DumpStack.log.tmp
2023-05-16 10:30 - 2018-01-16 12:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-05-16 10:29 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-05-16 10:27 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2023-05-16 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-05-16 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-05-16 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-05-16 10:26 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\system32\cs
2023-05-16 10:26 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-05-16 10:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-05-16 10:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-05-16 10:23 - 2018-01-16 12:08 - 000000000 ____D C:\Users\Jana a Ivo\AppData\LocalLow\Mozilla
2023-05-16 10:21 - 2021-05-02 17:13 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-05-16 10:08 - 2023-02-09 11:55 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2023-05-16 10:06 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-05-16 09:33 - 2021-05-02 17:16 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-05-14 13:55 - 2018-01-16 12:08 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-05-14 13:18 - 2018-01-16 14:10 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-05-14 13:08 - 2018-01-16 14:09 - 159583304 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-05-14 13:03 - 2018-01-16 12:32 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-05-14 12:54 - 2021-05-02 17:35 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-05-14 12:54 - 2021-05-02 17:35 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-05-07 14:13 - 2021-05-02 17:21 - 000000000 ____D C:\Users\Jana a Ivo
2023-05-07 14:07 - 2018-01-16 12:06 - 000000000 ____D C:\ProgramData\Package Cache
2023-05-07 14:06 - 2018-01-18 15:04 - 000000000 ____D C:\Program Files (x86)\Garmin
2023-05-07 14:04 - 2018-01-18 15:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2023-05-07 14:03 - 2022-02-17 16:47 - 000003624 _____ C:\WINDOWS\system32\Tasks\GarminUpdaterTask
2023-05-07 14:03 - 2018-01-18 15:05 - 000000000 ____D C:\ProgramData\Garmin
2023-05-07 13:56 - 2020-10-11 11:44 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-05-07 13:48 - 2023-02-20 12:13 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-05-07 13:48 - 2023-02-20 12:13 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-05-07 13:36 - 2018-09-04 12:23 - 000244920 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2023-05-07 13:36 - 2018-09-04 12:23 - 000198448 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2023-05-07 13:36 - 2018-09-04 12:23 - 000123008 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2023-05-07 13:36 - 2018-09-04 12:23 - 000118872 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2023-05-07 13:36 - 2018-09-04 12:23 - 000081728 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2023-05-07 13:36 - 2018-09-04 12:23 - 000055440 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2023-05-07 13:10 - 2018-01-16 13:52 - 000000000 ____D C:\IDOS
2023-05-07 13:08 - 2018-01-18 14:07 - 000000000 ____D C:\Users\Jana a Ivo\AppData\Roaming\Microsoft\Excel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-05-2023
Ran by Jana a Ivo (22-05-2023 09:41:32)
Running from C:\Users\Jana a Ivo\Desktop
Microsoft Windows 10 Home Version 22H2 19045.2965 (X64) (2021-05-02 15:36:18)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2103199511-3566600217-2712341953-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2103199511-3566600217-2712341953-503 - Limited - Disabled)
Guest (S-1-5-21-2103199511-3566600217-2712341953-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2103199511-3566600217-2712341953-1003 - Limited - Enabled)
Jana a Ivo (S-1-5-21-2103199511-3566600217-2712341953-1001 - Administrator - Enabled) => C:\Users\Jana a Ivo
WDAGUtilityAccount (S-1-5-21-2103199511-3566600217-2712341953-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Security (Enabled - Up to date) {DF8BEACB-94C9-218A-73AD-A78362A8C516}
AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}
FW: ESET Firewall (Enabled) {E7B06BEE-DEA6-20D2-58F2-0EB69C7B826D}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.003.20322 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD Settings (HKLM\...\WUCCCApp) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.)
ANT Drivers Installer x64 (HKLM\...\{20AB389B-8602-403C-B19B-F0A1D6C510A5}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
ANT Drivers Installer x64 (HKLM\...\{A6B6FBCE-2A3E-47E4-BB07-DE6EF17DAEF5}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.29.53 - Conexant)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Elevated Installer (HKLM-x32\...\{68AB1C40-97AB-4CBD-B20B-BF60BFA6B73E}) (Version: 7.16.3.0 - Garmin Ltd or its subsidiaries) Hidden
ESET Security (HKLM\...\{0813F772-F554-4DA9-9CEA-ABCE6321BDFD}) (Version: 16.1.14.0 - ESET, spol. s r.o.)
Garmin BaseCamp (HKLM-x32\...\{52212c77-b309-478b-9073-27ea7ca4373b}) (Version: 4.7.1.0 - Garmin Ltd or its subsidiaries)
Garmin BaseCamp (HKLM-x32\...\{BF450036-EE1E-4B8A-B514-787A0D6D4EAE}) (Version: 4.7.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin City_Navigator_Europe_NTU_2021_10 (HKLM-x32\...\{B4CDF952-865A-4042-8BA6-0B8B288A30F5}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{504335d2-bcff-4687-a901-c1cfde7acd23}) (Version: 7.16.3.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{E0E153D2-5A9B-4B1A-B918-9A9ED0C8863B}) (Version: 7.16.3.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin POI Loader (HKLM-x32\...\{3213ED5E-7BBE-4613-BE69-8B1E4FE520DD}) (Version: 2.7.3 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
HP Dropbox Plugin (HKLM-x32\...\{0078F518-B5B5-4857-8939-199E752A4190}) (Version: 36.0.41.58587 - HP)
HP Google Drive Plugin (HKLM-x32\...\{F260117F-45E4-483E-B10F-C80224558C4D}) (Version: 36.0.41.58587 - HP)
IDOS Komplet 2023 (HKLM-x32\...\{7F071BBB-DED3-4C43-A2B2-C4817AD1BF3C}_is1) (Version: - CHAPS spol. s r.o.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4474 - Intel Corporation)
Java 8 Update 301 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180301F0}) (Version: 8.0.3010.9 - Oracle Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 113.0.1774.50 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 113.0.1774.42 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.16327.20248 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (HKLM\...\{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (HKLM\...\{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (HKLM-x32\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (HKLM-x32\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.23.27820 (HKLM-x32\...\{86BE78D9-65A1-4E69-86F8-C1F5281F8553}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.23.27820 (HKLM-x32\...\{00AC3934-26B4-406E-807C-1692AC7329EC}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 113.0.1 (x64 cs)) (Version: 113.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 113.0.1.8531 - Mozilla)
Mozilla Thunderbird (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 102.6.1 (x86 cs)) (Version: 102.6.1 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.16327.20248 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Rajče průvodce verze 1.59.54.269 (HKLM-x32\...\rajce.net_is1) (Version: - rajce.net)
Rajče verze 2.6.2 sestavení 292 (HKLM-x32\...\Rajče.net_is1) (Version: - rajče.net)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31222 - Realtek Semiconduct Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.7 - Synaptics Incorporated)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C22F49B1-0F67-47DC-A490-E8B4B6558EA9}) (Version: 8.91.0.0 - Microsoft Corporation)
VdhCoApp 1.2.4 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
YTD (pepak) (HKLM-x32\...\YTD_Pepak) (Version: - )
Packages:
=========
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_143.1.1136.0_x64__v10z8vjag6ke6 [2023-03-12] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-05-02] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-05-02] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2103199511-3566600217-2712341953-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Jana a Ivo\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2103199511-3566600217-2712341953-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Jana a Ivo\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2103199511-3566600217-2712341953-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Jana a Ivo\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-05-07] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-05-07] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-07-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-05-07] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\System32\StartMenuHelper64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2015-06-25 16:53 - 2015-06-25 16:53 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 16:51 - 2015-06-25 16:51 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2015-06-25 17:34 - 2015-06-25 17:34 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 17:37 - 2015-06-25 17:37 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 17:38 - 2015-06-25 17:38 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 17:35 - 2015-06-25 17:35 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2017-08-13 09:49 - 2017-08-13 09:49 - 003664184 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2017-08-13 09:49 - 2017-08-13 09:49 - 000291128 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\WINDOWS\System32\StartMenuHelper64.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2015-06-25 17:15 - 2015-06-25 17:15 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2015-06-25 17:15 - 2015-06-25 17:15 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2015-06-25 17:15 - 2015-06-25 17:15 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2015-06-25 17:17 - 2015-06-25 17:17 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2015-06-25 17:21 - 2015-06-25 17:21 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2015-06-25 17:14 - 2015-06-25 17:14 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2015-07-02 12:58 - 2015-07-02 12:58 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2015-06-25 17:03 - 2015-06-25 17:03 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2015-06-25 05:13 - 2015-06-25 05:13 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2015-06-25 17:00 - 2015-06-25 17:00 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2015-06-25 17:23 - 2015-06-25 17:23 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2015-06-25 17:28 - 2015-06-25 17:28 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2015-06-25 17:16 - 2015-06-25 17:16 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2015-06-25 17:08 - 2015-06-25 17:08 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2015-06-25 17:58 - 2015-06-25 17:58 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2015-06-25 16:59 - 2015-06-25 16:59 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2023-01-28] (Microsoft Corporation -> Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2023-03-12] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\ssv.dll [2021-08-29] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\jp2ssv.dll [2021-08-29] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-05-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-05-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-05-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-05-07] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 15:46 - 2017-09-29 15:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jana a Ivo\AppData\Local\Microsoft\Windows\Themes\motiv pře (2)\DesktopBackground\img0.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\...\StartupApproved\Run: => "GarminExpress"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{F88E55ED-ED05-4ED1-B359-9FF63A273368}] => (Allow) C:\Users\Jana a Ivo\AppData\Local\Temp\7zS163E\HP.EasyStart.exe => No File
FirewallRules: [{9139507C-B783-49C9-BB55-04054FB787E8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{34395AAA-2ABA-4696-8086-5692E5DD01F2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{6D4610DC-0269-44A6-BE14-38BDC03A73E9}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe => No File
FirewallRules: [TCP Query User{2EBE2BC9-CF6C-4380-8491-859E276DFC2C}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe => No File
FirewallRules: [UDP Query User{2948568B-B046-40AA-BE35-572C590A42DD}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe => No File
FirewallRules: [TCP Query User{C3B9572B-5C52-4C87-8738-FD5EB7667047}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe => No File
FirewallRules: [{47CDE9D6-F0F8-4A42-860E-F8C93AAD865D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A3B59AF7-626D-492D-BB26-1A641D758E78}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F499E1F4-EE2B-441C-A393-5A3ABB9D1322}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1BEAB4D0-B014-4D05-BE6D-7E822DE1031E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C26CA521-5259-4D4F-94B4-FA63992F3DCE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A4EB0BB5-2B82-4BEE-B808-42E1442F47E9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CD200896-253B-4216-A263-383AF76DE8C0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F191B5EA-0A5A-4CA9-B3BC-15F980124B59}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6631844B-970C-4D6A-B6D4-6A4289BEF974}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A61602A6-52BE-40AD-83D9-0C1ECE6090E5}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\113.0.1774.50\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
16-04-2023 13:19:07 Instalační služba modulů systému Windows
16-04-2023 13:36:43 Instalační služba modulů systému Windows
07-05-2023 13:58:15 Instalační služba modulů systému Windows
14-05-2023 13:59:56 Instalační služba modulů systému Windows
14-05-2023 14:23:55 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (05/22/2023 09:13:48 AM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (05/16/2023 10:42:42 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error
Error: (05/16/2023 10:24:02 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error
Error: (05/16/2023 09:29:08 AM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (05/16/2023 09:29:05 AM) (Source: Firefox Default Browser Agent) (EventID: 12029) (User: )
Description: Event-ID 12029
Error: (05/16/2023 09:29:03 AM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0
Error: (05/16/2023 09:22:07 AM) (Source: Adaptive Sleep Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (05/14/2023 03:01:09 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error
System errors:
=============
Error: (05/22/2023 09:10:26 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x800703fa): 9WZDNCRFJ3P2-MICROSOFT.ZUNEVIDEO.
Error: (05/16/2023 10:23:59 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-VQOS8Q4)
Description: Server Microsoft.Windows.ContentDeliveryManager_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy!App.AppXw3qcpc7p849541dp39vvqd01bn7z9ybh.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (05/16/2023 10:23:59 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-VQOS8Q4)
Description: Server Microsoft.MicrosoftOfficeHub_18.2303.1201.0_x64__8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub.AppXvhez9tbpytkh6zv5q0bx5fj12yay14wg.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (05/16/2023 10:10:26 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9WZDNCRFJBH4-Microsoft.Windows.Photos.
Error: (05/14/2023 03:00:50 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-VQOS8Q4)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (05/14/2023 03:00:50 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-VQOS8Q4)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (05/14/2023 03:00:50 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-VQOS8Q4)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (05/14/2023 03:00:50 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-VQOS8Q4)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
CodeIntegrity:
===============
Date: 2023-05-22 09:22:16
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO 0RCN34WW 09/21/2015
Motherboard: LENOVO Lenovo B71-80
Processor: Intel(R) Pentium(R) CPU 4405U @ 2.10GHz
Percentage of memory in use: 79%
Total physical RAM: 3955.91 MB
Available physical RAM: 800.73 MB
Total Virtual: 5683.91 MB
Available Virtual: 672.99 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:464.62 GB) (Free:338.57 GB) (Model: TOSHIBA MQ02ABF050H-SSHD-8GB) NTFS
\\?\Volume{9f912f83-ef0a-4c4c-960c-1f56a956d628}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{2c8608cb-c065-4106-a4c1-fa5abe636d07}\ () (Fixed) (Total:0.54 GB) (Free:0.07 GB) NTFS
\\?\Volume{5b99a217-6334-4f34-a54d-44d0bc9ddc49}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 722D38A9)
Partition: GPT.
==================== End of Addition.txt =======================
Re: velmi plíživé zpomalování NTB Lenovo
ahoj,
na zaciatok vycisti PC s CCleanerom - vcetne registrov
+
vycisti s ADWCleanerom - log sem
na zaciatok vycisti PC s CCleanerom - vcetne registrov
+
vycisti s ADWCleanerom - log sem
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: velmi plíživé zpomalování NTB Lenovo
Dobrý den,
zde je log:
# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 05-22-2023
# Duration: 00:00:32
# OS: Windows 10 (Build 19045.2965)
# Scanned: 32098
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
zde je log:
# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 05-22-2023
# Duration: 00:00:32
# OS: Windows 10 (Build 19045.2965)
# Scanned: 32098
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
Re: velmi plíživé zpomalování NTB Lenovo
je to lepsie ?
vloz aktualne logy FRST
vloz aktualne logy FRST
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: velmi plíživé zpomalování NTB Lenovo
Dobrý de,
rád bych byl optimističtější, ale situaci vnímám jako stejnou.
Nové logy:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-05-2023
Ran by Jana a Ivo (administrator) on DESKTOP-VQOS8Q4 (LENOVO 80RJ) (22-05-2023 15:52:05)
Running from C:\Users\Jana a Ivo\Desktop\FRST64.exe
Loaded Profiles: Jana a Ivo
Platform: Microsoft Windows 10 Home Version 22H2 19045.2965 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(explorer.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(explorer.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(explorer.exe ->) (Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(explorer.exe ->) (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <10>
(services.exe ->) () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\efwd.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_f222132bfa8270de\RstMwService.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [194704 2023-05-07] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6613896 2016-06-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3947704 2015-08-13] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [916184 2014-07-02] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-06-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Policies\Explorer: [NoRecentDocsNetHood] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [DisableAcrylicBackgroundOnLogon] 1
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31300376 2023-03-08] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\...\Policies\Explorer: [NoPreviewPane] 0
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\...\Policies\Explorer: [HideSCANetwork] 0
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\...\Policies\Explorer: [HideSCAVolume] 0
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\...\MountPoints2: {51acffe7-cc46-11eb-91b4-00dbdf39b6f0} - "D:\laucher.exe"
HKLM\...\Windows x64\Print Processors\hpzpplhn: C:\Windows\System32\spool\prtprocs\x64\hpzpplhn.dll [109288 2018-10-12] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {126D8334-776A-4408-99A6-BF481F8721CC} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [29464 2023-03-08] (Garmin International, Inc. -> )
Task: {19C07BC8-0CB7-4A83-AF71-FF947EE97AF6} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [123872 2023-05-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {8EC4C527-AF2E-4B4A-9F68-269D1BA5153F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {9061F7D2-1BA7-40C3-BD8B-F82F2F4D09BD} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [732064 2023-05-14] (Mozilla Corporation -> Mozilla Foundation)
Task: {A2FF40FA-D436-4149-A90A-141009CC3C66} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26513416 2023-05-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {C392DF2F-0F08-4371-BAD3-1B92015F1A20} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [123872 2023-05-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {D56FF0BE-67BC-4063-AD7E-EC4954BCD264} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26513416 2023-05-14] (Microsoft Corporation -> Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{293a57ee-7345-49db-b3f7-7146b3553dba}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{ba4fc65e-7848-425b-8a31-eff962438070}: [DhcpNameServer] 10.0.0.3 10.0.0.1
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Jana a Ivo\AppData\Local\Microsoft\Edge\User Data\Default [2022-07-10]
Edge StartupUrls: Default -> "hxxps://google.cz/"
FireFox:
========
FF DefaultProfile: gxqrpohw.default
FF ProfilePath: C:\Users\Jana a Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\pewpxvg2.App [2020-12-03]
FF ProfilePath: C:\Users\Jana a Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\gxqrpohw.default [2023-05-22]
FF Homepage: Mozilla\Firefox\Profiles\gxqrpohw.default -> hxxps://www.seznam.cz/
FF NetworkProxy: Mozilla\Firefox\Profiles\gxqrpohw.default -> type", 0
FF Session Restore: Mozilla\Firefox\Profiles\gxqrpohw.default -> is enabled.
FF Extension: (Podepisovací komponenta Signer) - C:\Users\Jana a Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\gxqrpohw.default\Extensions\ace.nmsigner@asseco.cz.xpi [2020-12-10]
FF Extension: (AdBlocker Ultimate) - C:\Users\Jana a Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\gxqrpohw.default\Extensions\adblockultimate@adblockultimate.net.xpi [2023-05-16]
FF Extension: (Komponenta I.CA PKI Service) - C:\Users\Jana a Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\gxqrpohw.default\Extensions\icapkiservice@ica.cz.xpi [2023-05-16]
FF Extension: (Google Translator for Firefox) - C:\Users\Jana a Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\gxqrpohw.default\Extensions\translator@zoli.bod.xpi [2018-12-13]
FF Extension: (Gesturefy) - C:\Users\Jana a Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\gxqrpohw.default\Extensions\{506e023c-7f2b-40a3-8066-bc5deb40aebe}.xpi [2022-10-28]
FF Extension: (Video DownloadHelper) - C:\Users\Jana a Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\gxqrpohw.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2022-12-11]
FF Extension: (No Name) - C:\Users\Jana a Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\gxqrpohw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2023-05-07]
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-05-04] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.301.2 -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\dtplugin\npDeployJava1.dll [2021-08-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.301.2 -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\plugin2\npjp2.dll [2021-08-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-11-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2023-05-22]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2016-06-28] () [File not signed]
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11749376 2023-05-14] (Microsoft Corporation -> Microsoft Corporation)
R2 efwd; C:\Program Files\ESET\ESET Security\efwd.exe [2509944 2023-05-07] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3650416 2023-05-07] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3650416 2023-05-07] (ESET, spol. s r.o. -> ESET)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\NisSrv.exe [2467088 2020-11-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MsMpEng.exe [128376 2020-11-08] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [198448 2023-05-07] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [118872 2023-05-07] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [16336 2022-08-25] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [244920 2023-05-07] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [55440 2023-05-07] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [81728 2023-05-07] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [123008 2023-05-07] (ESET, spol. s r.o. -> ESET)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-11-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429288 2020-11-08] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2020-11-08] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-05-22 15:52 - 2023-05-22 15:52 - 000016632 _____ C:\Users\Jana a Ivo\Desktop\FRST.txt
2023-05-22 11:12 - 2023-05-22 11:12 - 000000134 _____ C:\Users\Jana a Ivo\Desktop\forum viry.url
2023-05-22 09:29 - 2023-05-22 15:51 - 000000000 ____D C:\FRST
2023-05-22 09:28 - 2023-05-22 09:28 - 002382336 _____ (Farbar) C:\Users\Jana a Ivo\Desktop\FRST64.exe
2023-05-16 10:08 - 2023-05-22 10:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2023-05-14 14:05 - 2023-05-14 14:05 - 000000000 ___HD C:\$WinREAgent
2023-05-07 14:04 - 2023-05-07 14:04 - 000001963 _____ C:\Users\Public\Desktop\Garmin Express.lnk
2023-05-07 13:13 - 2023-05-16 10:30 - 000000000 ____D C:\Program Files\Mozilla Firefox
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-05-22 15:49 - 2022-02-13 14:01 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-05-22 15:46 - 2018-01-16 12:17 - 000000000 __SHD C:\Users\Jana a Ivo\IntelGraphicsProfiles
2023-05-22 15:46 - 2018-01-16 12:16 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2023-05-22 11:19 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-05-22 11:18 - 2018-01-16 12:12 - 000000000 ____D C:\Users\Jana a Ivo\AppData\Local\ClassicShell
2023-05-22 10:32 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-05-22 10:24 - 2018-01-16 12:08 - 000000000 ____D C:\Users\Jana a Ivo\AppData\LocalLow\Mozilla
2023-05-22 10:09 - 2018-01-16 12:11 - 000001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2023-05-22 10:09 - 2018-01-16 12:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-05-22 10:02 - 2021-05-02 17:35 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-05-22 10:01 - 2023-02-20 12:13 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-05-22 10:01 - 2023-02-20 12:13 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-05-22 09:56 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-05-22 09:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-05-22 09:33 - 2020-06-08 16:00 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-05-22 09:33 - 2020-06-08 16:00 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-05-16 10:37 - 2021-05-02 17:31 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-05-16 10:37 - 2019-12-07 16:41 - 000717850 _____ C:\WINDOWS\system32\perfh005.dat
2023-05-16 10:37 - 2019-12-07 16:41 - 000144992 _____ C:\WINDOWS\system32\perfc005.dat
2023-05-16 10:30 - 2021-05-02 17:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-05-16 10:30 - 2021-05-02 17:13 - 000439696 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-05-16 10:30 - 2021-05-02 17:13 - 000008192 ___SH C:\DumpStack.log.tmp
2023-05-16 10:29 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-05-16 10:27 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2023-05-16 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-05-16 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-05-16 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-05-16 10:26 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\system32\cs
2023-05-16 10:26 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-05-16 10:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-05-16 10:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-05-16 10:21 - 2021-05-02 17:13 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-05-16 10:06 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-05-16 09:33 - 2021-05-02 17:16 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-05-14 13:55 - 2018-01-16 12:08 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-05-14 13:18 - 2018-01-16 14:10 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-05-14 13:08 - 2018-01-16 14:09 - 159583304 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-05-14 13:03 - 2018-01-16 12:32 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-05-14 12:54 - 2021-05-02 17:35 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-05-14 12:54 - 2021-05-02 17:35 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-05-07 14:13 - 2021-05-02 17:21 - 000000000 ____D C:\Users\Jana a Ivo
2023-05-07 14:07 - 2018-01-16 12:06 - 000000000 ____D C:\ProgramData\Package Cache
2023-05-07 14:06 - 2018-01-18 15:04 - 000000000 ____D C:\Program Files (x86)\Garmin
2023-05-07 14:04 - 2018-01-18 15:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2023-05-07 14:03 - 2022-02-17 16:47 - 000003624 _____ C:\WINDOWS\system32\Tasks\GarminUpdaterTask
2023-05-07 14:03 - 2018-01-18 15:05 - 000000000 ____D C:\ProgramData\Garmin
2023-05-07 13:56 - 2020-10-11 11:44 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-05-07 13:36 - 2018-09-04 12:23 - 000244920 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2023-05-07 13:36 - 2018-09-04 12:23 - 000198448 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2023-05-07 13:36 - 2018-09-04 12:23 - 000123008 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2023-05-07 13:36 - 2018-09-04 12:23 - 000118872 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2023-05-07 13:36 - 2018-09-04 12:23 - 000081728 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2023-05-07 13:36 - 2018-09-04 12:23 - 000055440 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2023-05-07 13:10 - 2018-01-16 13:52 - 000000000 ____D C:\IDOS
2023-05-07 13:08 - 2018-01-18 14:07 - 000000000 ____D C:\Users\Jana a Ivo\AppData\Roaming\Microsoft\Excel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-05-2023
Ran by Jana a Ivo (22-05-2023 15:55:43)
Running from C:\Users\Jana a Ivo\Desktop
Microsoft Windows 10 Home Version 22H2 19045.2965 (X64) (2021-05-02 15:36:18)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2103199511-3566600217-2712341953-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2103199511-3566600217-2712341953-503 - Limited - Disabled)
Guest (S-1-5-21-2103199511-3566600217-2712341953-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2103199511-3566600217-2712341953-1003 - Limited - Enabled)
Jana a Ivo (S-1-5-21-2103199511-3566600217-2712341953-1001 - Administrator - Enabled) => C:\Users\Jana a Ivo
WDAGUtilityAccount (S-1-5-21-2103199511-3566600217-2712341953-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Security (Enabled - Up to date) {DF8BEACB-94C9-218A-73AD-A78362A8C516}
AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}
FW: ESET Firewall (Enabled) {E7B06BEE-DEA6-20D2-58F2-0EB69C7B826D}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 23.001.20174 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD Settings (HKLM\...\WUCCCApp) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.)
ANT Drivers Installer x64 (HKLM\...\{20AB389B-8602-403C-B19B-F0A1D6C510A5}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
ANT Drivers Installer x64 (HKLM\...\{A6B6FBCE-2A3E-47E4-BB07-DE6EF17DAEF5}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.29.53 - Conexant)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Elevated Installer (HKLM-x32\...\{68AB1C40-97AB-4CBD-B20B-BF60BFA6B73E}) (Version: 7.16.3.0 - Garmin Ltd or its subsidiaries) Hidden
ESET Security (HKLM\...\{0813F772-F554-4DA9-9CEA-ABCE6321BDFD}) (Version: 16.1.14.0 - ESET, spol. s r.o.)
Garmin BaseCamp (HKLM-x32\...\{52212c77-b309-478b-9073-27ea7ca4373b}) (Version: 4.7.1.0 - Garmin Ltd or its subsidiaries)
Garmin BaseCamp (HKLM-x32\...\{BF450036-EE1E-4B8A-B514-787A0D6D4EAE}) (Version: 4.7.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin City_Navigator_Europe_NTU_2021_10 (HKLM-x32\...\{B4CDF952-865A-4042-8BA6-0B8B288A30F5}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{504335d2-bcff-4687-a901-c1cfde7acd23}) (Version: 7.16.3.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{E0E153D2-5A9B-4B1A-B918-9A9ED0C8863B}) (Version: 7.16.3.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin POI Loader (HKLM-x32\...\{3213ED5E-7BBE-4613-BE69-8B1E4FE520DD}) (Version: 2.7.3 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
HP Dropbox Plugin (HKLM-x32\...\{0078F518-B5B5-4857-8939-199E752A4190}) (Version: 36.0.41.58587 - HP)
HP Google Drive Plugin (HKLM-x32\...\{F260117F-45E4-483E-B10F-C80224558C4D}) (Version: 36.0.41.58587 - HP)
IDOS Komplet 2023 (HKLM-x32\...\{7F071BBB-DED3-4C43-A2B2-C4817AD1BF3C}_is1) (Version: - CHAPS spol. s r.o.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4474 - Intel Corporation)
Java 8 Update 301 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180301F0}) (Version: 8.0.3010.9 - Oracle Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 113.0.1774.50 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 113.0.1774.50 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.16327.20248 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (HKLM\...\{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (HKLM\...\{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (HKLM-x32\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (HKLM-x32\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.23.27820 (HKLM-x32\...\{86BE78D9-65A1-4E69-86F8-C1F5281F8553}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.23.27820 (HKLM-x32\...\{00AC3934-26B4-406E-807C-1692AC7329EC}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 113.0.1 (x64 cs)) (Version: 113.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 113.0.1.8531 - Mozilla)
Mozilla Thunderbird (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 102.11.0 (x86 cs)) (Version: 102.11.0 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.16327.20248 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Rajče průvodce verze 1.59.54.269 (HKLM-x32\...\rajce.net_is1) (Version: - rajce.net)
Rajče verze 2.6.2 sestavení 292 (HKLM-x32\...\Rajče.net_is1) (Version: - rajče.net)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31222 - Realtek Semiconduct Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.7 - Synaptics Incorporated)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C22F49B1-0F67-47DC-A490-E8B4B6558EA9}) (Version: 8.91.0.0 - Microsoft Corporation)
VdhCoApp 1.2.4 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
YTD (pepak) (HKLM-x32\...\YTD_Pepak) (Version: - )
Packages:
=========
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_145.3.1086.0_x64__v10z8vjag6ke6 [2023-05-22] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-05-02] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-05-02] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2103199511-3566600217-2712341953-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Jana a Ivo\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2103199511-3566600217-2712341953-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Jana a Ivo\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2103199511-3566600217-2712341953-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Jana a Ivo\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-05-07] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-05-07] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-07-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-05-07] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\System32\StartMenuHelper64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2015-06-25 16:53 - 2015-06-25 16:53 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 16:51 - 2015-06-25 16:51 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2015-06-25 17:34 - 2015-06-25 17:34 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 17:37 - 2015-06-25 17:37 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 17:38 - 2015-06-25 17:38 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 17:35 - 2015-06-25 17:35 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2017-08-13 09:49 - 2017-08-13 09:49 - 003664184 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2017-08-13 09:49 - 2017-08-13 09:49 - 000291128 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\WINDOWS\System32\StartMenuHelper64.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2015-06-25 17:15 - 2015-06-25 17:15 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2015-06-25 17:15 - 2015-06-25 17:15 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2015-06-25 17:15 - 2015-06-25 17:15 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2015-06-25 17:17 - 2015-06-25 17:17 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2015-06-25 17:21 - 2015-06-25 17:21 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2015-06-25 17:14 - 2015-06-25 17:14 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2015-07-02 12:58 - 2015-07-02 12:58 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2015-06-25 17:03 - 2015-06-25 17:03 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2015-06-25 05:13 - 2015-06-25 05:13 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2015-06-25 17:00 - 2015-06-25 17:00 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2015-06-25 17:23 - 2015-06-25 17:23 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2015-06-25 17:28 - 2015-06-25 17:28 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2015-06-25 17:16 - 2015-06-25 17:16 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2015-06-25 17:08 - 2015-06-25 17:08 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2015-06-25 17:58 - 2015-06-25 17:58 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2015-06-25 16:59 - 2015-06-25 16:59 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2023-01-28] (Microsoft Corporation -> Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2023-03-12] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\ssv.dll [2021-08-29] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\jp2ssv.dll [2021-08-29] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-05-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-05-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-05-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-05-07] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 15:46 - 2017-09-29 15:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jana a Ivo\AppData\Local\Microsoft\Windows\Themes\motiv pře (2)\DesktopBackground\img0.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\...\StartupApproved\Run: => "GarminExpress"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{F88E55ED-ED05-4ED1-B359-9FF63A273368}] => (Allow) C:\Users\Jana a Ivo\AppData\Local\Temp\7zS163E\HP.EasyStart.exe => No File
FirewallRules: [{9139507C-B783-49C9-BB55-04054FB787E8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{34395AAA-2ABA-4696-8086-5692E5DD01F2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{6D4610DC-0269-44A6-BE14-38BDC03A73E9}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe => No File
FirewallRules: [TCP Query User{2EBE2BC9-CF6C-4380-8491-859E276DFC2C}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe => No File
FirewallRules: [UDP Query User{2948568B-B046-40AA-BE35-572C590A42DD}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe => No File
FirewallRules: [TCP Query User{C3B9572B-5C52-4C87-8738-FD5EB7667047}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe => No File
FirewallRules: [{47CDE9D6-F0F8-4A42-860E-F8C93AAD865D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A3B59AF7-626D-492D-BB26-1A641D758E78}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F499E1F4-EE2B-441C-A393-5A3ABB9D1322}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1BEAB4D0-B014-4D05-BE6D-7E822DE1031E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C26CA521-5259-4D4F-94B4-FA63992F3DCE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A4EB0BB5-2B82-4BEE-B808-42E1442F47E9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CD200896-253B-4216-A263-383AF76DE8C0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F191B5EA-0A5A-4CA9-B3BC-15F980124B59}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6631844B-970C-4D6A-B6D4-6A4289BEF974}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A61602A6-52BE-40AD-83D9-0C1ECE6090E5}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\113.0.1774.50\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
16-04-2023 13:19:07 Instalační služba modulů systému Windows
16-04-2023 13:36:43 Instalační služba modulů systému Windows
07-05-2023 13:58:15 Instalační služba modulů systému Windows
14-05-2023 13:59:56 Instalační služba modulů systému Windows
14-05-2023 14:23:55 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (05/22/2023 11:19:07 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error
Error: (05/22/2023 09:13:48 AM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (05/16/2023 10:42:42 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error
Error: (05/16/2023 10:24:02 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error
Error: (05/16/2023 09:29:08 AM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (05/16/2023 09:29:05 AM) (Source: Firefox Default Browser Agent) (EventID: 12029) (User: )
Description: Event-ID 12029
Error: (05/16/2023 09:29:03 AM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0
Error: (05/16/2023 09:22:07 AM) (Source: Adaptive Sleep Service) (EventID: 0) (User: )
Description: Event-ID 0
System errors:
=============
Error: (05/22/2023 09:10:26 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x800703fa): 9WZDNCRFJ3P2-MICROSOFT.ZUNEVIDEO.
Error: (05/16/2023 10:23:59 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-VQOS8Q4)
Description: Server Microsoft.Windows.ContentDeliveryManager_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy!App.AppXw3qcpc7p849541dp39vvqd01bn7z9ybh.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (05/16/2023 10:23:59 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-VQOS8Q4)
Description: Server Microsoft.MicrosoftOfficeHub_18.2303.1201.0_x64__8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub.AppXvhez9tbpytkh6zv5q0bx5fj12yay14wg.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (05/16/2023 10:10:26 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9WZDNCRFJBH4-Microsoft.Windows.Photos.
Error: (05/14/2023 03:00:50 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-VQOS8Q4)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (05/14/2023 03:00:50 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-VQOS8Q4)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (05/14/2023 03:00:50 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-VQOS8Q4)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (05/14/2023 03:00:50 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-VQOS8Q4)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
CodeIntegrity:
===============
Date: 2023-05-22 15:47:58
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO 0RCN34WW 09/21/2015
Motherboard: LENOVO Lenovo B71-80
Processor: Intel(R) Pentium(R) CPU 4405U @ 2.10GHz
Percentage of memory in use: 85%
Total physical RAM: 3955.91 MB
Available physical RAM: 571.18 MB
Total Virtual: 6254.51 MB
Available Virtual: 2421.53 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:464.62 GB) (Free:337.38 GB) (Model: TOSHIBA MQ02ABF050H-SSHD-8GB) NTFS
\\?\Volume{9f912f83-ef0a-4c4c-960c-1f56a956d628}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{2c8608cb-c065-4106-a4c1-fa5abe636d07}\ () (Fixed) (Total:0.54 GB) (Free:0.07 GB) NTFS
\\?\Volume{5b99a217-6334-4f34-a54d-44d0bc9ddc49}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 722D38A9)
Partition: GPT.
==================== End of Addition.txt =======================
rád bych byl optimističtější, ale situaci vnímám jako stejnou.
Nové logy:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-05-2023
Ran by Jana a Ivo (administrator) on DESKTOP-VQOS8Q4 (LENOVO 80RJ) (22-05-2023 15:52:05)
Running from C:\Users\Jana a Ivo\Desktop\FRST64.exe
Loaded Profiles: Jana a Ivo
Platform: Microsoft Windows 10 Home Version 22H2 19045.2965 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(explorer.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(explorer.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(explorer.exe ->) (Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(explorer.exe ->) (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <10>
(services.exe ->) () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\efwd.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_f222132bfa8270de\RstMwService.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [194704 2023-05-07] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6613896 2016-06-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3947704 2015-08-13] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [916184 2014-07-02] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-06-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Policies\Explorer: [NoRecentDocsNetHood] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [DisableAcrylicBackgroundOnLogon] 1
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31300376 2023-03-08] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\...\Policies\Explorer: [NoPreviewPane] 0
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\...\Policies\Explorer: [HideSCANetwork] 0
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\...\Policies\Explorer: [HideSCAVolume] 0
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\...\MountPoints2: {51acffe7-cc46-11eb-91b4-00dbdf39b6f0} - "D:\laucher.exe"
HKLM\...\Windows x64\Print Processors\hpzpplhn: C:\Windows\System32\spool\prtprocs\x64\hpzpplhn.dll [109288 2018-10-12] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {126D8334-776A-4408-99A6-BF481F8721CC} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [29464 2023-03-08] (Garmin International, Inc. -> )
Task: {19C07BC8-0CB7-4A83-AF71-FF947EE97AF6} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [123872 2023-05-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {8EC4C527-AF2E-4B4A-9F68-269D1BA5153F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {9061F7D2-1BA7-40C3-BD8B-F82F2F4D09BD} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [732064 2023-05-14] (Mozilla Corporation -> Mozilla Foundation)
Task: {A2FF40FA-D436-4149-A90A-141009CC3C66} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26513416 2023-05-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {C392DF2F-0F08-4371-BAD3-1B92015F1A20} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [123872 2023-05-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {D56FF0BE-67BC-4063-AD7E-EC4954BCD264} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26513416 2023-05-14] (Microsoft Corporation -> Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{293a57ee-7345-49db-b3f7-7146b3553dba}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{ba4fc65e-7848-425b-8a31-eff962438070}: [DhcpNameServer] 10.0.0.3 10.0.0.1
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Jana a Ivo\AppData\Local\Microsoft\Edge\User Data\Default [2022-07-10]
Edge StartupUrls: Default -> "hxxps://google.cz/"
FireFox:
========
FF DefaultProfile: gxqrpohw.default
FF ProfilePath: C:\Users\Jana a Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\pewpxvg2.App [2020-12-03]
FF ProfilePath: C:\Users\Jana a Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\gxqrpohw.default [2023-05-22]
FF Homepage: Mozilla\Firefox\Profiles\gxqrpohw.default -> hxxps://www.seznam.cz/
FF NetworkProxy: Mozilla\Firefox\Profiles\gxqrpohw.default -> type", 0
FF Session Restore: Mozilla\Firefox\Profiles\gxqrpohw.default -> is enabled.
FF Extension: (Podepisovací komponenta Signer) - C:\Users\Jana a Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\gxqrpohw.default\Extensions\ace.nmsigner@asseco.cz.xpi [2020-12-10]
FF Extension: (AdBlocker Ultimate) - C:\Users\Jana a Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\gxqrpohw.default\Extensions\adblockultimate@adblockultimate.net.xpi [2023-05-16]
FF Extension: (Komponenta I.CA PKI Service) - C:\Users\Jana a Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\gxqrpohw.default\Extensions\icapkiservice@ica.cz.xpi [2023-05-16]
FF Extension: (Google Translator for Firefox) - C:\Users\Jana a Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\gxqrpohw.default\Extensions\translator@zoli.bod.xpi [2018-12-13]
FF Extension: (Gesturefy) - C:\Users\Jana a Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\gxqrpohw.default\Extensions\{506e023c-7f2b-40a3-8066-bc5deb40aebe}.xpi [2022-10-28]
FF Extension: (Video DownloadHelper) - C:\Users\Jana a Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\gxqrpohw.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2022-12-11]
FF Extension: (No Name) - C:\Users\Jana a Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\gxqrpohw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2023-05-07]
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-05-04] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.301.2 -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\dtplugin\npDeployJava1.dll [2021-08-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.301.2 -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\plugin2\npjp2.dll [2021-08-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-11-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2023-05-22]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2016-06-28] () [File not signed]
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11749376 2023-05-14] (Microsoft Corporation -> Microsoft Corporation)
R2 efwd; C:\Program Files\ESET\ESET Security\efwd.exe [2509944 2023-05-07] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3650416 2023-05-07] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3650416 2023-05-07] (ESET, spol. s r.o. -> ESET)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\NisSrv.exe [2467088 2020-11-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MsMpEng.exe [128376 2020-11-08] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [198448 2023-05-07] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [118872 2023-05-07] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [16336 2022-08-25] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [244920 2023-05-07] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [55440 2023-05-07] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [81728 2023-05-07] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [123008 2023-05-07] (ESET, spol. s r.o. -> ESET)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-11-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429288 2020-11-08] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2020-11-08] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-05-22 15:52 - 2023-05-22 15:52 - 000016632 _____ C:\Users\Jana a Ivo\Desktop\FRST.txt
2023-05-22 11:12 - 2023-05-22 11:12 - 000000134 _____ C:\Users\Jana a Ivo\Desktop\forum viry.url
2023-05-22 09:29 - 2023-05-22 15:51 - 000000000 ____D C:\FRST
2023-05-22 09:28 - 2023-05-22 09:28 - 002382336 _____ (Farbar) C:\Users\Jana a Ivo\Desktop\FRST64.exe
2023-05-16 10:08 - 2023-05-22 10:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2023-05-14 14:05 - 2023-05-14 14:05 - 000000000 ___HD C:\$WinREAgent
2023-05-07 14:04 - 2023-05-07 14:04 - 000001963 _____ C:\Users\Public\Desktop\Garmin Express.lnk
2023-05-07 13:13 - 2023-05-16 10:30 - 000000000 ____D C:\Program Files\Mozilla Firefox
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-05-22 15:49 - 2022-02-13 14:01 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-05-22 15:46 - 2018-01-16 12:17 - 000000000 __SHD C:\Users\Jana a Ivo\IntelGraphicsProfiles
2023-05-22 15:46 - 2018-01-16 12:16 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2023-05-22 11:19 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-05-22 11:18 - 2018-01-16 12:12 - 000000000 ____D C:\Users\Jana a Ivo\AppData\Local\ClassicShell
2023-05-22 10:32 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-05-22 10:24 - 2018-01-16 12:08 - 000000000 ____D C:\Users\Jana a Ivo\AppData\LocalLow\Mozilla
2023-05-22 10:09 - 2018-01-16 12:11 - 000001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2023-05-22 10:09 - 2018-01-16 12:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-05-22 10:02 - 2021-05-02 17:35 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-05-22 10:01 - 2023-02-20 12:13 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-05-22 10:01 - 2023-02-20 12:13 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-05-22 09:56 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-05-22 09:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-05-22 09:33 - 2020-06-08 16:00 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-05-22 09:33 - 2020-06-08 16:00 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-05-16 10:37 - 2021-05-02 17:31 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-05-16 10:37 - 2019-12-07 16:41 - 000717850 _____ C:\WINDOWS\system32\perfh005.dat
2023-05-16 10:37 - 2019-12-07 16:41 - 000144992 _____ C:\WINDOWS\system32\perfc005.dat
2023-05-16 10:30 - 2021-05-02 17:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-05-16 10:30 - 2021-05-02 17:13 - 000439696 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-05-16 10:30 - 2021-05-02 17:13 - 000008192 ___SH C:\DumpStack.log.tmp
2023-05-16 10:29 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-05-16 10:27 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2023-05-16 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-05-16 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-05-16 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-05-16 10:26 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\system32\cs
2023-05-16 10:26 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-05-16 10:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-05-16 10:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-05-16 10:21 - 2021-05-02 17:13 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-05-16 10:06 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-05-16 09:33 - 2021-05-02 17:16 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-05-14 13:55 - 2018-01-16 12:08 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-05-14 13:18 - 2018-01-16 14:10 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-05-14 13:08 - 2018-01-16 14:09 - 159583304 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-05-14 13:03 - 2018-01-16 12:32 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-05-14 12:54 - 2021-05-02 17:35 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-05-14 12:54 - 2021-05-02 17:35 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-05-07 14:13 - 2021-05-02 17:21 - 000000000 ____D C:\Users\Jana a Ivo
2023-05-07 14:07 - 2018-01-16 12:06 - 000000000 ____D C:\ProgramData\Package Cache
2023-05-07 14:06 - 2018-01-18 15:04 - 000000000 ____D C:\Program Files (x86)\Garmin
2023-05-07 14:04 - 2018-01-18 15:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2023-05-07 14:03 - 2022-02-17 16:47 - 000003624 _____ C:\WINDOWS\system32\Tasks\GarminUpdaterTask
2023-05-07 14:03 - 2018-01-18 15:05 - 000000000 ____D C:\ProgramData\Garmin
2023-05-07 13:56 - 2020-10-11 11:44 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-05-07 13:36 - 2018-09-04 12:23 - 000244920 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2023-05-07 13:36 - 2018-09-04 12:23 - 000198448 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2023-05-07 13:36 - 2018-09-04 12:23 - 000123008 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2023-05-07 13:36 - 2018-09-04 12:23 - 000118872 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2023-05-07 13:36 - 2018-09-04 12:23 - 000081728 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2023-05-07 13:36 - 2018-09-04 12:23 - 000055440 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2023-05-07 13:10 - 2018-01-16 13:52 - 000000000 ____D C:\IDOS
2023-05-07 13:08 - 2018-01-18 14:07 - 000000000 ____D C:\Users\Jana a Ivo\AppData\Roaming\Microsoft\Excel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-05-2023
Ran by Jana a Ivo (22-05-2023 15:55:43)
Running from C:\Users\Jana a Ivo\Desktop
Microsoft Windows 10 Home Version 22H2 19045.2965 (X64) (2021-05-02 15:36:18)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2103199511-3566600217-2712341953-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2103199511-3566600217-2712341953-503 - Limited - Disabled)
Guest (S-1-5-21-2103199511-3566600217-2712341953-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2103199511-3566600217-2712341953-1003 - Limited - Enabled)
Jana a Ivo (S-1-5-21-2103199511-3566600217-2712341953-1001 - Administrator - Enabled) => C:\Users\Jana a Ivo
WDAGUtilityAccount (S-1-5-21-2103199511-3566600217-2712341953-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Security (Enabled - Up to date) {DF8BEACB-94C9-218A-73AD-A78362A8C516}
AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}
FW: ESET Firewall (Enabled) {E7B06BEE-DEA6-20D2-58F2-0EB69C7B826D}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 23.001.20174 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD Settings (HKLM\...\WUCCCApp) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.)
ANT Drivers Installer x64 (HKLM\...\{20AB389B-8602-403C-B19B-F0A1D6C510A5}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
ANT Drivers Installer x64 (HKLM\...\{A6B6FBCE-2A3E-47E4-BB07-DE6EF17DAEF5}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.29.53 - Conexant)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Elevated Installer (HKLM-x32\...\{68AB1C40-97AB-4CBD-B20B-BF60BFA6B73E}) (Version: 7.16.3.0 - Garmin Ltd or its subsidiaries) Hidden
ESET Security (HKLM\...\{0813F772-F554-4DA9-9CEA-ABCE6321BDFD}) (Version: 16.1.14.0 - ESET, spol. s r.o.)
Garmin BaseCamp (HKLM-x32\...\{52212c77-b309-478b-9073-27ea7ca4373b}) (Version: 4.7.1.0 - Garmin Ltd or its subsidiaries)
Garmin BaseCamp (HKLM-x32\...\{BF450036-EE1E-4B8A-B514-787A0D6D4EAE}) (Version: 4.7.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin City_Navigator_Europe_NTU_2021_10 (HKLM-x32\...\{B4CDF952-865A-4042-8BA6-0B8B288A30F5}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{504335d2-bcff-4687-a901-c1cfde7acd23}) (Version: 7.16.3.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{E0E153D2-5A9B-4B1A-B918-9A9ED0C8863B}) (Version: 7.16.3.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin POI Loader (HKLM-x32\...\{3213ED5E-7BBE-4613-BE69-8B1E4FE520DD}) (Version: 2.7.3 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
HP Dropbox Plugin (HKLM-x32\...\{0078F518-B5B5-4857-8939-199E752A4190}) (Version: 36.0.41.58587 - HP)
HP Google Drive Plugin (HKLM-x32\...\{F260117F-45E4-483E-B10F-C80224558C4D}) (Version: 36.0.41.58587 - HP)
IDOS Komplet 2023 (HKLM-x32\...\{7F071BBB-DED3-4C43-A2B2-C4817AD1BF3C}_is1) (Version: - CHAPS spol. s r.o.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4474 - Intel Corporation)
Java 8 Update 301 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180301F0}) (Version: 8.0.3010.9 - Oracle Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 113.0.1774.50 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 113.0.1774.50 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.16327.20248 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (HKLM\...\{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (HKLM\...\{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (HKLM-x32\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (HKLM-x32\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.23.27820 (HKLM-x32\...\{86BE78D9-65A1-4E69-86F8-C1F5281F8553}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.23.27820 (HKLM-x32\...\{00AC3934-26B4-406E-807C-1692AC7329EC}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 113.0.1 (x64 cs)) (Version: 113.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 113.0.1.8531 - Mozilla)
Mozilla Thunderbird (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 102.11.0 (x86 cs)) (Version: 102.11.0 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.16327.20248 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Rajče průvodce verze 1.59.54.269 (HKLM-x32\...\rajce.net_is1) (Version: - rajce.net)
Rajče verze 2.6.2 sestavení 292 (HKLM-x32\...\Rajče.net_is1) (Version: - rajče.net)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31222 - Realtek Semiconduct Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.7 - Synaptics Incorporated)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C22F49B1-0F67-47DC-A490-E8B4B6558EA9}) (Version: 8.91.0.0 - Microsoft Corporation)
VdhCoApp 1.2.4 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
YTD (pepak) (HKLM-x32\...\YTD_Pepak) (Version: - )
Packages:
=========
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_145.3.1086.0_x64__v10z8vjag6ke6 [2023-05-22] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-05-02] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-05-02] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2103199511-3566600217-2712341953-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Jana a Ivo\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2103199511-3566600217-2712341953-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Jana a Ivo\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2103199511-3566600217-2712341953-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Jana a Ivo\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-05-07] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-05-07] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-07-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-05-07] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\System32\StartMenuHelper64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2015-06-25 16:53 - 2015-06-25 16:53 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 16:51 - 2015-06-25 16:51 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2015-06-25 17:34 - 2015-06-25 17:34 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 17:37 - 2015-06-25 17:37 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 17:38 - 2015-06-25 17:38 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 17:35 - 2015-06-25 17:35 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2017-08-13 09:49 - 2017-08-13 09:49 - 003664184 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2017-08-13 09:49 - 2017-08-13 09:49 - 000291128 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\WINDOWS\System32\StartMenuHelper64.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2015-06-25 17:15 - 2015-06-25 17:15 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2015-06-25 17:15 - 2015-06-25 17:15 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2015-06-25 17:15 - 2015-06-25 17:15 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2015-06-25 17:17 - 2015-06-25 17:17 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2015-06-25 17:21 - 2015-06-25 17:21 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2015-06-25 17:14 - 2015-06-25 17:14 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2015-07-02 12:58 - 2015-07-02 12:58 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2015-06-25 17:03 - 2015-06-25 17:03 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2015-06-25 05:13 - 2015-06-25 05:13 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2015-06-25 17:00 - 2015-06-25 17:00 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2015-06-25 17:23 - 2015-06-25 17:23 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2015-06-25 17:28 - 2015-06-25 17:28 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2015-06-25 17:16 - 2015-06-25 17:16 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2015-06-25 17:08 - 2015-06-25 17:08 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2015-06-25 17:58 - 2015-06-25 17:58 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2015-06-25 16:59 - 2015-06-25 16:59 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2023-01-28] (Microsoft Corporation -> Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2023-03-12] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\ssv.dll [2021-08-29] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\jp2ssv.dll [2021-08-29] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-05-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-05-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-05-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-05-07] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 15:46 - 2017-09-29 15:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jana a Ivo\AppData\Local\Microsoft\Windows\Themes\motiv pře (2)\DesktopBackground\img0.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-2103199511-3566600217-2712341953-1001\...\StartupApproved\Run: => "GarminExpress"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{F88E55ED-ED05-4ED1-B359-9FF63A273368}] => (Allow) C:\Users\Jana a Ivo\AppData\Local\Temp\7zS163E\HP.EasyStart.exe => No File
FirewallRules: [{9139507C-B783-49C9-BB55-04054FB787E8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{34395AAA-2ABA-4696-8086-5692E5DD01F2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{6D4610DC-0269-44A6-BE14-38BDC03A73E9}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe => No File
FirewallRules: [TCP Query User{2EBE2BC9-CF6C-4380-8491-859E276DFC2C}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe => No File
FirewallRules: [UDP Query User{2948568B-B046-40AA-BE35-572C590A42DD}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe => No File
FirewallRules: [TCP Query User{C3B9572B-5C52-4C87-8738-FD5EB7667047}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe => No File
FirewallRules: [{47CDE9D6-F0F8-4A42-860E-F8C93AAD865D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A3B59AF7-626D-492D-BB26-1A641D758E78}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F499E1F4-EE2B-441C-A393-5A3ABB9D1322}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1BEAB4D0-B014-4D05-BE6D-7E822DE1031E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C26CA521-5259-4D4F-94B4-FA63992F3DCE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A4EB0BB5-2B82-4BEE-B808-42E1442F47E9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CD200896-253B-4216-A263-383AF76DE8C0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F191B5EA-0A5A-4CA9-B3BC-15F980124B59}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6631844B-970C-4D6A-B6D4-6A4289BEF974}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A61602A6-52BE-40AD-83D9-0C1ECE6090E5}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\113.0.1774.50\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
16-04-2023 13:19:07 Instalační služba modulů systému Windows
16-04-2023 13:36:43 Instalační služba modulů systému Windows
07-05-2023 13:58:15 Instalační služba modulů systému Windows
14-05-2023 13:59:56 Instalační služba modulů systému Windows
14-05-2023 14:23:55 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (05/22/2023 11:19:07 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error
Error: (05/22/2023 09:13:48 AM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (05/16/2023 10:42:42 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error
Error: (05/16/2023 10:24:02 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error
Error: (05/16/2023 09:29:08 AM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (05/16/2023 09:29:05 AM) (Source: Firefox Default Browser Agent) (EventID: 12029) (User: )
Description: Event-ID 12029
Error: (05/16/2023 09:29:03 AM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0
Error: (05/16/2023 09:22:07 AM) (Source: Adaptive Sleep Service) (EventID: 0) (User: )
Description: Event-ID 0
System errors:
=============
Error: (05/22/2023 09:10:26 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x800703fa): 9WZDNCRFJ3P2-MICROSOFT.ZUNEVIDEO.
Error: (05/16/2023 10:23:59 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-VQOS8Q4)
Description: Server Microsoft.Windows.ContentDeliveryManager_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy!App.AppXw3qcpc7p849541dp39vvqd01bn7z9ybh.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (05/16/2023 10:23:59 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-VQOS8Q4)
Description: Server Microsoft.MicrosoftOfficeHub_18.2303.1201.0_x64__8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub.AppXvhez9tbpytkh6zv5q0bx5fj12yay14wg.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (05/16/2023 10:10:26 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9WZDNCRFJBH4-Microsoft.Windows.Photos.
Error: (05/14/2023 03:00:50 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-VQOS8Q4)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (05/14/2023 03:00:50 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-VQOS8Q4)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (05/14/2023 03:00:50 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-VQOS8Q4)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (05/14/2023 03:00:50 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-VQOS8Q4)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
CodeIntegrity:
===============
Date: 2023-05-22 15:47:58
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO 0RCN34WW 09/21/2015
Motherboard: LENOVO Lenovo B71-80
Processor: Intel(R) Pentium(R) CPU 4405U @ 2.10GHz
Percentage of memory in use: 85%
Total physical RAM: 3955.91 MB
Available physical RAM: 571.18 MB
Total Virtual: 6254.51 MB
Available Virtual: 2421.53 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:464.62 GB) (Free:337.38 GB) (Model: TOSHIBA MQ02ABF050H-SSHD-8GB) NTFS
\\?\Volume{9f912f83-ef0a-4c4c-960c-1f56a956d628}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{2c8608cb-c065-4106-a4c1-fa5abe636d07}\ () (Fixed) (Total:0.54 GB) (Free:0.07 GB) NTFS
\\?\Volume{5b99a217-6334-4f34-a54d-44d0bc9ddc49}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 722D38A9)
Partition: GPT.
==================== End of Addition.txt =======================
Re: velmi plíživé zpomalování NTB Lenovo
1. nainstaluj novu javu z www.java.com
2. pozri, ktore SW najviac zatazuju RAM prip. CPU
2. pozri, ktore SW najviac zatazuju RAM prip. CPU
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: velmi plíživé zpomalování NTB Lenovo
Dobrý den,
provedl jsem navrženou aktualizaci Javy, zatěžování CPU jsem nezjistil- nyní musím chvíli čekat, než bude nějaká aktualizace a poté podám zprávu.
provedl jsem navrženou aktualizaci Javy, zatěžování CPU jsem nezjistil- nyní musím chvíli čekat, než bude nějaká aktualizace a poté podám zprávu.
Re: velmi plíživé zpomalování NTB Lenovo
Dobrý den,
dnešní aktualizace Win 10 proběhla nečekaně rychle, totéž platí i o Firefoxu a Esetu. Myslím, že jsem dosáhl maxima možného, děkuji za pomoc a téma můžete uzavřít.
dnešní aktualizace Win 10 proběhla nečekaně rychle, totéž platí i o Firefoxu a Esetu. Myslím, že jsem dosáhl maxima možného, děkuji za pomoc a téma můžete uzavřít.
Re: velmi plíživé zpomalování NTB Lenovo
Rado sa stalo
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/