Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-01-2022 Ran by Petr (23-01-2022 17:49:05) Running from F:\a\download\FRST_na_log_pro_viry.cz Microsoft Windows 10 Pro Version 21H1 19043.1466 (X64) (2020-08-28 13:46:01) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= (If an entry is included in the fixlist, it will be removed.) Administrator (S-1-5-21-3201348344-1589498996-2309135360-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3201348344-1589498996-2309135360-503 - Limited - Disabled) Guest (S-1-5-21-3201348344-1589498996-2309135360-501 - Limited - Disabled) Petr (S-1-5-21-3201348344-1589498996-2309135360-1000 - Administrator - Enabled) => H:\Users\Petr WDAGUtilityAccount (S-1-5-21-3201348344-1589498996-2309135360-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440} AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70} AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B} FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B} FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) ABRA FlexiBee (HKLM-x32\...\WinStrom 10) (Version: - FlexiBee Systems s.r.o.) Acronis True Image (HKLM-x32\...\{8FD2E7B8-F7F2-4121-ACAC-74BD07F4B41D}) (Version: 22.5.12510 - Acronis) Hidden Acronis True Image (HKLM-x32\...\{8FD2E7B8-F7F2-4121-ACAC-74BD07F4B41D}Visible) (Version: 22.5.12510 - Acronis) Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.011.20039 - Adobe Systems Incorporated) Adobe Acrobat X Pro - Eastern European (Group 1) (HKLM-x32\...\{AC76BA86-1029-4770-7760-000000000005}) (Version: 10.1.16 - Adobe Systems) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 25.0.0.134 - Adobe Systems Incorporated) Adobe Creative Suite 5.5 Design Standard (HKLM-x32\...\{53CF3920-648B-4F99-8D05-6A6C5298F57B}) (Version: 5.5 - Adobe Systems Incorporated) Apple Mobile Device Support (HKLM\...\{C788AE25-3D4E-4D18-811B-3219F778487E}) (Version: 13.5.1.2 - Apple Inc.) Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.) Balsamiq Mockups 3 (HKLM-x32\...\{2F58A7B1-4DFD-BDAC-079E-6650DBABE41C}) (Version: 3.3.12 - Balsamiq SRL) Hidden Balsamiq Mockups 3 (HKLM-x32\...\BalsamiqMockups3.EDE15CF69E11F7F7D45B5430C7D37CC6C3545E3C.1) (Version: 3.3.12 - Balsamiq SRL) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Dell 1130 Laser Printer (HKLM-x32\...\Dell 1130 Laser Printer) (Version: - DELL Inc.) Dropbox (HKLM-x32\...\Dropbox) (Version: 140.4.1951 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.541.1 - Dropbox, Inc.) Hidden ESET Security (HKLM\...\{BEFBE0CD-6723-4D98-8263-9A2C376BC6CD}) (Version: 15.0.23.0 - ESET, spol. s r.o.) Fanurio (HKLM-x32\...\Fanurio) (Version: 2.5.2 - Fanurio Time Tracking SRL) FileZilla Client 3.20.1 (HKLM-x32\...\FileZilla Client) (Version: 3.20.1 - Tim Kosse) FreeFileSync 7.9 (HKLM-x32\...\FreeFileSync_is1) (Version: 7.9 - www.FreeFileSync.org) Google Ads Editor (HKLM-x32\...\{BD8B9D40-4659-11EC-9DAF-DC4A3E998CF6}) (Version: 13.8.2.0 - Google) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 97.0.4692.71 - Google LLC) GoTo Opener (HKLM-x32\...\{27288E10-7B6A-4EAD-BF7D-C40F86C3C751}) (Version: 1.0.527 - LogMeIn, Inc.) GoToMeeting 10.18.0.19932 (HKU\S-1-5-21-3201348344-1589498996-2309135360-1000\...\GoToMeeting) (Version: 10.18.0.19932 - LogMeIn, Inc.) GWX Control Panel (HKLM-x32\...\UltimateOutsider_GwxControlPanel) (Version: - UltimateOutsider) HandBrake 1.2.2 (HKLM-x32\...\HandBrake) (Version: 1.2.2 - ) Host OpenAL (ADI) (HKLM-x32\...\Host OpenAL (ADI)) (Version: - ) iCloud (HKLM\...\{01B1B2F2-22F4-4D1F-9303-8515A7ADD966}) (Version: 7.20.0.17 - Apple Inc.) iTunes (HKLM\...\{6DC9143E-35ED-4DF2-85E3-439C3E46E178}) (Version: 12.10.8.5 - Apple Inc.) Java 8 Update 231 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180231F0}) (Version: 8.0.2310.11 - Oracle Corporation) Jing (HKLM-x32\...\{8C784F8B-89D0-4A59-A000-7EEF129E1574}) (Version: 2.9.15255.1 - TechSmith Corporation) JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0000 - JMICRON Technology Corp.) Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation) Manager (HKLM-x32\...\{3802F563-BAD7-47F3-AF91-ED1C9467B224}) (Version: 3.0.7.25771 - ANDREA VACONDIO) Hidden Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.10.5.3 - Marvell) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 97.0.1072.69 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3201348344-1589498996-2309135360-1000\...\OneDriveSetup.exe) (Version: 22.002.0103.0004 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29016 (HKLM-x32\...\{40d3fee2-b257-46c2-bdc0-cb1088d97327}) (Version: 14.27.29016.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29016 (HKLM-x32\...\{1aaa01ad-3069-4288-9c6f-37a140a8f6c7}) (Version: 14.27.29016.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 96.0.2 (x64 cs)) (Version: 96.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 96.0.2.8054 - Mozilla) Mozilla Thunderbird (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 91.5.0 (x86 cs)) (Version: 91.5.0 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 26.1.1 - OBS Project) Paymo Widget 6.7.3 (HKU\S-1-5-21-3201348344-1589498996-2309135360-1000\...\{ac06af27-7387-5788-9bdb-e7320ebf27a8}) (Version: 6.7.3 - Paymo SRL) PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden PDFsam Basic (HKLM-x32\...\{67DFA6CA-3FCA-46A3-8C78-8C668BCDE9AD}) (Version: 3.20.5.0 - Andrea Vacondio) Podpora aplikací Apple (32bitová) (HKLM-x32\...\{9738288C-21BC-4F54-AB4F-72F059339376}) (Version: 8.6 - Apple Inc.) Podpora aplikací Apple (64bitová) (HKLM\...\{DEB339C1-2687-43AB-816A-8714F3E26846}) (Version: 8.6 - Apple Inc.) Pomocník při upgradu na Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17332 - Microsoft Corporation) PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.0.2700 - Jan Fiala) RICOH THETA (HKLM-x32\...\{DF52BCC0-DD57-3038-18C4-45ACF7112EC4}) (Version: 2.3.3 - RICOH COMPANY,LTD.) Hidden RICOH THETA (HKLM-x32\...\com.theta360.SphericalViewer) (Version: 2.3.3 - RICOH COMPANY,LTD.) Send Anywhere 21.4.20852 (HKLM\...\20db1975-fda0-5740-b262-81be26ba22ab) (Version: 21.4.20852 - Estmob Inc.) SEO PowerSuite (HKLM-x32\...\seopowersuite) (Version: - Link-Assistant) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft) SoundMAX (HKLM-x32\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 6.10.2.6585 - Analog Devices) Sublime Text 3 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd) TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.2.2756 - TeamViewer) TechSmith Capture (HKU\S-1-5-21-3201348344-1589498996-2309135360-1000\...\RelayRecorder) (Version: 1.1.22 - TechSmith Corporation) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.52 - Ghisler Software GmbH) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation) VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN) XMind 7.5 Update 1 (v3.6.51) (HKLM-x32\...\XMind_is1) (Version: 3.6.51.201607142338 - XMind Ltd.) Zoner Photo Studio 15 (HKLM\...\ZonerPhotoStudio15_CZ_is1) (Version: 15.0.1.8 - ZONER software) Zoom (HKU\S-1-5-21-3201348344-1589498996-2309135360-1000\...\ZoomUMX) (Version: 5.8.4 (1736) - Zoom Video Communications, Inc.) Packages: ========= Autodesk SketchBook -> H:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.) Candy Crush Soda Saga -> H:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.209.700.0_x86__kgqvnymyfvs32 [2022-01-13] (king.com) Doplněk multimediálního modulu pro aplikaci Fotografie -> H:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-03-03] (Microsoft Corporation) Microsoft Advertising SDK for XAML -> H:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-10] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> H:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-10] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> H:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.1050.0_x64__8wekyb3d8bbwe [2022-01-12] (Microsoft Studios) [MS Ad] Spotify Music -> H:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0 [2022-01-22] (Spotify AB) [Startup Task] Twitter -> H:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-14] (Twitter Inc.) WindowsDVDPlayer -> H:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2017-07-12] (Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3201348344-1589498996-2309135360-1000_Classes\CLSID\{041F9391-C79D-44EE-AA4E-AF4E029C4B47}\InprocServer32 -> H:\Users\Petr\AppData\Local\Google\Update\1.3.36.112\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3201348344-1589498996-2309135360-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> H:\Users\Petr\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3201348344-1589498996-2309135360-1000_Classes\CLSID\{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE}\InprocServer32 -> H:\Users\Petr\AppData\Local\Google\Update\1.3.35.442\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3201348344-1589498996-2309135360-1000_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54}\InprocServer32 -> H:\Users\Petr\AppData\Local\Google\Update\1.3.35.422\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3201348344-1589498996-2309135360-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> H:\Users\Petr\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3201348344-1589498996-2309135360-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> H:\Users\Petr\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3201348344-1589498996-2309135360-1000_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> H:\Users\Petr\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3201348344-1589498996-2309135360-1000_Classes\CLSID\{6D264B70-DA18-401D-910C-B202D89670C6}\InprocServer32 -> H:\Users\Petr\AppData\Local\Google\Update\1.3.36.32\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3201348344-1589498996-2309135360-1000_Classes\CLSID\{75399D28-E622-4973-8752-BC0F7DC47AF3}\InprocServer32 -> H:\Users\Petr\AppData\Local\Google\Update\1.3.36.122\psuser_64.dll (Google LLC -> Google LLC) CustomCLSID: HKU\S-1-5-21-3201348344-1589498996-2309135360-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> H:\Users\Petr\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3201348344-1589498996-2309135360-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> H:\Users\Petr\AppData\Local\GoToMeeting\13609\G2MOutlookAddin64.dll => No File CustomCLSID: HKU\S-1-5-21-3201348344-1589498996-2309135360-1000_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401}\InprocServer32 -> H:\Users\Petr\AppData\Local\Google\Update\1.3.35.342\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3201348344-1589498996-2309135360-1000_Classes\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32 -> H:\Users\Petr\AppData\Local\Google\Update\1.3.36.122\psuser_64.dll (Google LLC -> Google LLC) CustomCLSID: HKU\S-1-5-21-3201348344-1589498996-2309135360-1000_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> H:\Users\Petr\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3201348344-1589498996-2309135360-1000_Classes\CLSID\{8B480070-D37D-4090-A063-7A429F849652}\InprocServer32 -> H:\Users\Petr\AppData\Local\Google\Update\1.3.36.92\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3201348344-1589498996-2309135360-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> H:\Users\Petr\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3201348344-1589498996-2309135360-1000_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> H:\Users\Petr\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3201348344-1589498996-2309135360-1000_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> H:\Users\Petr\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3201348344-1589498996-2309135360-1000_Classes\CLSID\{BE5C2E39-090F-46A2-AFAA-47540743B4FE}\InprocServer32 -> H:\Users\Petr\AppData\Local\Google\Update\1.3.36.102\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3201348344-1589498996-2309135360-1000_Classes\CLSID\{CA8FA699-91CD-412F-9D13-9B1222F4370E}\InprocServer32 -> H:\Users\Petr\AppData\Local\Google\Update\1.3.36.82\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3201348344-1589498996-2309135360-1000_Classes\CLSID\{CA919489-0396-4164-A6E7-94CDED45A707}\InprocServer32 -> H:\Users\Petr\AppData\Local\Google\Update\1.3.36.52\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3201348344-1589498996-2309135360-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> H:\Users\Petr\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3201348344-1589498996-2309135360-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> H:\Users\Petr\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3201348344-1589498996-2309135360-1000_Classes\CLSID\{DEDF773D-E27B-485E-8E7D-85C5B0EB5A67}\InprocServer32 -> H:\Users\Petr\AppData\Local\Google\Update\1.3.36.72\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3201348344-1589498996-2309135360-1000_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => H:\Users\Petr\Dropbox [2016-08-17 14:50] CustomCLSID: HKU\S-1-5-21-3201348344-1589498996-2309135360-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> H:\Users\Petr\AppData\Local\Google\Update\1.3.36.122\psuser_64.dll (Google LLC -> Google LLC) CustomCLSID: HKU\S-1-5-21-3201348344-1589498996-2309135360-1000_Classes\CLSID\{E9E7529D-7F09-410B-AF2A-CC154473B19C}\InprocServer32 -> H:\Users\Petr\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3201348344-1589498996-2309135360-1000_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> H:\Users\Petr\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3201348344-1589498996-2309135360-1000_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> H:\Program Files (x86)\PSPad editor\pspshellx64.dll () [File not signed] CustomCLSID: HKU\S-1-5-21-3201348344-1589498996-2309135360-1000_Classes\CLSID\{EF076C91-DC9E-43E3-84ED-3D219E065A4F}\InprocServer32 -> H:\Users\Petr\AppData\Local\Google\Update\1.3.35.302\psuser_64.dll => No File ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - H:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-18] (Microsoft Corporation -> Microsoft Corporation) ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - H:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-18] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ AcronisDrive] -> {5D74FD4B-4EFB-4586-8022-8637BBE40970} => H:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2018-04-03] (Acronis International GmbH -> ) ShellIconOverlayIdentifiers: [ AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => H:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2018-04-03] (Acronis International GmbH -> ) ShellIconOverlayIdentifiers: [ AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => H:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2018-04-03] (Acronis International GmbH -> ) ShellIconOverlayIdentifiers: [ AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => H:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2018-04-03] (Acronis International GmbH -> ) ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => H:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => H:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => H:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => H:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => H:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => H:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => H:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => H:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => H:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => H:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => H:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => H:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => H:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => H:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => H:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => H:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => H:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => H:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => H:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => H:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => H:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat Elements\ContextMenu64.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => H:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => H:\Program Files\ESET\ESET Smart Security\shellExt.dll [2022-01-20] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => H:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-07-24] (Apple Inc. -> Apple Inc.) ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => H:\Program Files\ESET\ESET Smart Security\shellExt.dll [2022-01-20] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => H:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => H:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => H:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat Elements\ContextMenu64.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.) ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => H:\Program Files\ESET\ESET Smart Security\shellExt.dll [2022-01-20] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers1_S-1-5-21-3201348344-1589498996-2309135360-1000: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => H:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] () [File not signed] ==================== Codecs (Whitelisted) ==================== ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ShortcutWithArgument: H:\Users\Petr\Desktop\IACG profil Chrome - Chrome.lnk -> H:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1" ShortcutWithArgument: H:\Users\Petr\Desktop\Petr - Chrome.lnk -> H:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default" ==================== Loaded Modules (Whitelisted) ============= 2021-04-02 01:05 - 2021-04-02 01:05 - 001345536 _____ () [File not signed] \\?\H:\Program Files\Send Anywhere\resources\app.asar.unpacked\node_modules\sqlite3\lib\binding\electron-v8.5-win32-x64\node_sqlite3.node 2015-09-24 16:41 - 2015-09-24 16:41 - 000019968 _____ () [File not signed] H:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\locale\cs_cz\acrotray.cze 2018-04-03 07:51 - 2018-04-03 07:51 - 000277538 _____ () [File not signed] H:\Program Files (x86)\Common Files\Acronis\ActiveProtection\LIBMAGIC.dll 2021-04-02 01:06 - 2021-04-02 01:06 - 002338304 _____ () [File not signed] H:\Program Files\Send Anywhere\ffmpeg.dll 2021-04-02 01:06 - 2021-04-02 01:06 - 006129664 _____ () [File not signed] H:\Program Files\Send Anywhere\paprika.node 2021-04-02 01:06 - 2021-04-02 01:06 - 000401408 _____ () [File not signed] H:\Program Files\Send Anywhere\swiftshader\libegl.dll 2021-04-02 01:06 - 2021-04-02 01:06 - 003770880 _____ () [File not signed] H:\Program Files\Send Anywhere\swiftshader\libglesv2.dll 2018-04-03 07:51 - 2018-04-03 07:51 - 025338368 _____ (The ICU Project) [File not signed] H:\Program Files (x86)\Acronis\TrueImageHome\icudt54.dll 2018-04-03 07:51 - 2018-04-03 07:51 - 002056704 _____ (The ICU Project) [File not signed] H:\Program Files (x86)\Acronis\TrueImageHome\icuin54.dll 2018-04-03 07:51 - 2018-04-03 07:51 - 001425408 _____ (The ICU Project) [File not signed] H:\Program Files (x86)\Acronis\TrueImageHome\icuuc54.dll ==================== Alternate Data Streams (Whitelisted) ======== ==================== Safe Mode (Whitelisted) ================== ==================== Association (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== URLSearchHook: [S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415] ATTENTION => Default URLSearchHook is missing BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> H:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> H:\Program Files\Java\jre1.8.0_231\bin\ssv.dll [2019-11-05] (Oracle America, Inc. -> Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> H:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> H:\Program Files\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-11-05] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> H:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> H:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> H:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> H:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - H:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2021-11-25 19:26 - 2021-11-26 10:49 - 000000824 _____ H:\WINDOWS\system32\drivers\etc\hosts ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> H:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;H:\Program Files (x86)\Common Files\Acronis\VirtualFile\;H:\Program Files (x86)\Common Files\Acronis\VirtualFile64\;H:\Program Files (x86)\Common Files\Acronis\FileProtector\;H:\Program Files (x86)\Common Files\Acronis\FileProtector64\;H:\Program Files (x86)\Common Files\Acronis\SnapAPI\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-3201348344-1589498996-2309135360-1000\Control Panel\Desktop\\Wallpaper -> h:\windows\web\wallpaper\theme1\img13.jpg DNS Servers: 86.49.5.221 - 86.49.5.222 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) HKLM\...\StartupApproved\Run: => "Logitech Download Assistant" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{9C80477F-E0FC-4087-B821-88478941A1B6}] => (Allow) H:\Users\Petr\AppData\Roaming\Zoom\bin\airhost.exe => No File FirewallRules: [{BBA0200F-695C-441C-BE16-BDB02FFF4FDA}] => (Allow) H:\Users\Petr\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{3FA4674E-5274-41CF-B3A2-75BED18525E5}] => (Allow) H:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{B1DEBBE4-8B81-482E-ADB7-327C2C78B590}] => (Allow) H:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{BACDE3DC-C349-45F7-B330-B5D16AE1AF97}] => (Allow) H:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{B1BAF50D-AF7C-4F48-9C73-C7225BAD852E}] => (Allow) H:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{012F9DCB-8A08-40D3-B260-C16FBD9F65BB}] => (Allow) H:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [UDP Query User{142AA5D6-E819-4B84-9B87-837A3D17E71B}H:\windows\kmsemulator.exe] => (Block) H:\windows\kmsemulator.exe => No File FirewallRules: [TCP Query User{8069185D-0B40-4F0E-826B-CDA1BE714AE2}H:\windows\kmsemulator.exe] => (Block) H:\windows\kmsemulator.exe => No File FirewallRules: [{B8E96757-BD5D-4E3E-9058-81933AFF9432}] => (Allow) H:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{C22B9CC9-6101-4DA3-94AA-F7816874D0AF}] => (Allow) H:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [TCP Query User{8E5A4CAD-0DFE-415C-BA3D-7D7B8A96C3FF}H:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe] => (Allow) H:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe => No File FirewallRules: [UDP Query User{89FEAD9E-75C5-40DE-9B43-7C78F20508EC}H:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe] => (Allow) H:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe => No File FirewallRules: [TCP Query User{9C97B646-5614-4BC0-AFD0-8488441A3D91}H:\program files (x86)\java\jre1.8.0_101\bin\java.exe] => (Allow) H:\program files (x86)\java\jre1.8.0_101\bin\java.exe => No File FirewallRules: [UDP Query User{F25C3AEC-C754-474D-B955-82D949C85001}H:\program files (x86)\java\jre1.8.0_101\bin\java.exe] => (Allow) H:\program files (x86)\java\jre1.8.0_101\bin\java.exe => No File FirewallRules: [{B4497FF5-C1D7-4EAB-BF3A-5D0A998AD40A}] => (Allow) H:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> ) FirewallRules: [{E9A2D37E-D8F6-477C-AF36-791A226676A1}] => (Allow) H:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe (Acronis International GmbH -> Acronis International GmbH) FirewallRules: [{A2F8AFB7-FE95-4545-B3E7-05725B97EA18}] => (Allow) H:\Program Files (x86)\Acronis\TrueImageHome\TrueImage.exe (Acronis International GmbH -> ) FirewallRules: [{546F9C99-EAC7-4ADE-852D-FB11B78E8DE2}] => (Allow) H:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis International GmbH -> ) FirewallRules: [{5DF722CA-DF19-4574-A3F4-CDBFACD19625}] => (Allow) H:\Program Files (x86)\Acronis\TrueImageHome\TrueImageTools.exe (Acronis International GmbH -> ) FirewallRules: [{8342506F-0CB4-403D-AB47-70F6FE8D2131}] => (Allow) H:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeService.exe (Acronis International GmbH -> ) FirewallRules: [{8C1EF8CA-2987-436C-9058-DF263A30457C}] => (Allow) H:\Program Files (x86)\Acronis\TrueImageHome\MediaBuilder.exe (Acronis International GmbH -> ) FirewallRules: [{2394826F-B2C0-447E-B65C-A05C06973E53}] => (Allow) H:\Program Files (x86)\Acronis\TrueImageHome\SystemReport.exe (Acronis International GmbH -> ) FirewallRules: [{5F50A83E-75E9-471A-9C7A-3BCB5AB86299}] => (Allow) H:\Program Files (x86)\Acronis\TrueImageHome\acronis_drive.exe (Acronis International GmbH -> ) FirewallRules: [{3F5DD344-F339-48C1-9C2B-308C2C9172DD}] => (Allow) H:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe (Acronis International GmbH -> Acronis International GmbH) FirewallRules: [{E8C9D218-0F24-4B76-ADFA-3FD9B7C9B2B5}] => (Allow) H:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe (Acronis International GmbH -> ) FirewallRules: [{FB17DA07-C65E-459D-963C-37B71B6DBA19}] => (Allow) H:\Program Files (x86)\Acronis\TrueImageHome\ga_service.exe (Acronis International GmbH -> ) FirewallRules: [{2BE23A50-04F4-4C73-A5FD-0CBFD6A17938}] => (Allow) H:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe (Acronis International GmbH -> Acronis International GmbH) FirewallRules: [{69576060-269D-4CFF-A5F2-56453CA3C2A7}] => (Allow) H:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{565FAB24-AC74-4DB9-B8B5-C5075E3C4541}] => (Allow) H:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{E9C67D73-492E-46A5-BB11-89AB58336C8A}] => (Allow) H:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{56C6120C-8C35-4351-A0D7-B816220B5EE6}] => (Allow) H:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{372DCB4D-E91C-4F75-9D62-B90E8677D59B}] => (Allow) H:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{0D7A2B6A-C71E-459E-90DE-93FE71D864B9}] => (Allow) H:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{C4FF622A-13A4-490F-8532-E09F790079B3}] => (Allow) H:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{0564D0E9-83BA-4558-A684-E0BEC8A56A77}] => (Allow) H:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{CF28B564-594E-4184-BFD8-DAD719CF53B0}] => (Allow) H:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{E6FA46B8-7ECE-4132-856B-5FBD33763836}] => (Allow) H:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{5FBA91F4-B0E7-473A-A1D7-87270ECC929E}] => (Allow) H:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) FirewallRules: [{2B60129E-6CAC-46D9-BA0C-506C92CDF4E0}] => (Allow) H:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{2BC0AEA4-6D73-477A-B5A3-9AB4522F2966}] => (Allow) H:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{776906D2-6C63-417C-B86E-E0ABB1F7EEB0}] => (Allow) H:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{FC446C20-DBDA-41AE-9D0C-EAC72F6B237D}] => (Allow) H:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{5E2389CA-D29C-47CE-AE11-51AB378ADAED}] => (Allow) H:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{C725C9FF-D063-4D38-803B-55E0BDF6E27C}] => (Allow) H:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{9E2A9A88-C541-42A2-875B-041A586DCFD6}] => (Allow) H:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{F0B0DFDB-41F4-440D-A312-9BE9950EFAA3}] => (Allow) H:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) ==================== Restore Points ========================= 04-01-2022 10:34:19 Instalační služba modulů systému Windows 09-01-2022 19:01:29 Windows Zálohování 12-01-2022 14:51:19 Instalační služba modulů systému Windows 16-01-2022 19:02:06 Windows Zálohování ==================== Faulty Device Manager Devices ============ Name: Multimediální adaptér Description: Multimediální adaptér Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ======================== Application errors: ================== Error: (01/23/2022 03:19:21 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Client application registered 2 identical instances of service rHXrd3C90/sZ71AD//ThRA==._http._tcp.local. port 58082. Error: (01/22/2022 08:30:03 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Data na Syst disku (J:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A) Error: (01/22/2022 08:29:35 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na win7 (H:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A) Error: (01/22/2022 07:56:46 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A) Error: (01/22/2022 07:56:38 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na My Passport (L:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A) Error: (01/22/2022 07:55:50 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Nový svazek (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A) Error: (01/22/2022 07:55:32 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na 200 GB DATA (F:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A) Error: (01/22/2022 07:54:49 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Nový svazek (I:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A) System errors: ============= Error: (01/23/2022 03:26:48 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Služba Zprostředkovatel monitorování Ochrany System Guard v režimu runtime přestala během spouštění reagovat. Error: (01/23/2022 03:24:37 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Služba Správce stažených map přestala během spouštění reagovat. Error: (01/23/2022 03:18:41 PM) (Source: Ntfs) (EventID: 137) (User: ) Description: Výchozí správce prostředků transakcí na svazku E: zaznamenal neopakovatelnou chybu a nemohl být spuštěn. Data obsahují kód chyby. Error: (01/22/2022 07:47:42 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Služba Správce stažených map přestala během spouštění reagovat. Error: (01/22/2022 07:47:22 PM) (Source: DCOM) (EventID: 10010) (User: Petr-PC) Description: Server Microsoft.549981C3F5F10_3.2111.12605.0_x64__8wekyb3d8bbwe!App.AppXsaksz8g893wmfxp53kxywv7nedj5wtfh.mca se v daném časovém limitu neregistroval u služby DCOM. Error: (01/22/2022 07:42:27 PM) (Source: Ntfs) (EventID: 137) (User: ) Description: Výchozí správce prostředků transakcí na svazku E: zaznamenal neopakovatelnou chybu a nemohl být spuštěn. Data obsahují kód chyby. Error: (01/22/2022 10:31:38 AM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Služba Správce stažených map přestala během spouštění reagovat. Error: (01/22/2022 10:26:16 AM) (Source: Ntfs) (EventID: 137) (User: ) Description: Výchozí správce prostředků transakcí na svazku E: zaznamenal neopakovatelnou chybu a nemohl být spuštěn. Data obsahují kód chyby. Windows Defender: ================ Date: 2020-12-16 13:57:00 Description: Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením. ID prohledávání: {13535F86-DCC7-49AB-9DC3-08383CDBE1AD} Typ prohledávání: Antimalwarový program Parametry prohledávání: Rychlé prohledávání Uživatel: NT AUTHORITY\SYSTEM Date: 2020-12-16 13:32:51 Description: Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením. ID prohledávání: {0BF21CF2-0771-4C63-AF45-02C1E2662A32} Typ prohledávání: Antimalwarový program Parametry prohledávání: Rychlé prohledávání Uživatel: NT AUTHORITY\SYSTEM Date: 2020-11-03 13:22:41 Description: Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením. ID prohledávání: {AAC70ACE-DE12-4BB7-BF6B-28C695D774BE} Typ prohledávání: Antimalwarový program Parametry prohledávání: Rychlé prohledávání Uživatel: NT AUTHORITY\SYSTEM Date: 2020-10-08 21:22:48 Description: Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software. Další informace: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794&enterprise=0 Název: HackTool:Win32/Keygen Závažnost: Vysoké Kategorie: Nástroj Cesta: containerfile:_H:\Windows\AutoKMS.exe; file:_H:\Windows\AutoKMS.exe; file:_H:\Windows\AutoKMS.exe->[MSILRES:AutoKMS.Properties.Resources.resources] Původ detekce: Místní počítač Typ detekce: FastPath Zdroj detekce: Systém Uživatel: NT AUTHORITY\SYSTEM Název procesu: H:\Program Files\ESET\ESET Smart Security\ekrn.exe Verze bezpečnostních informací: AV: 1.325.389.0, AS: 1.325.389.0, NIS: 1.325.389.0 Verze modulu: AM: 1.1.17500.4, NIS: 1.1.17500.4 Date: 2020-10-08 21:21:14 Description: Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software. Další informace: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794&enterprise=0 Název: HackTool:Win32/Keygen Závažnost: Vysoké Kategorie: Nástroj Cesta: containerfile:_H:\Windows\AutoKMS.exe; file:_H:\Windows\AutoKMS.exe; file:_H:\Windows\AutoKMS.exe->[MSILRES:AutoKMS.Properties.Resources.resources] Původ detekce: Místní počítač Typ detekce: FastPath Zdroj detekce: Systém Uživatel: NT AUTHORITY\SYSTEM Název procesu: Unknown Verze bezpečnostních informací: AV: 1.325.389.0, AS: 1.325.389.0, NIS: 1.325.389.0 Verze modulu: AM: 1.1.17500.4, NIS: 1.1.17500.4  CodeIntegrity: =============== Date: 2022-01-23 15:42:20 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Smart Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== BIOS: American Megatrends Inc. 1238 09/30/2008 Motherboard: ASUSTeK Computer INC. P5B-Deluxe Processor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz Percentage of memory in use: 47% Total physical RAM: 8191.18 MB Available physical RAM: 4300.38 MB Total Virtual: 16383.18 MB Available Virtual: 10810.61 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:97.65 GB) (Free:22.9 GB) NTFS ==>[drive with boot components (obtained from BCD)] Drive d: () (Fixed) (Total:204.8 GB) (Free:7.7 GB) NTFS Drive e: (Nový svazek) (Fixed) (Total:698.64 GB) (Free:0 GB) NTFS Drive f: (200 GB DATA) (Fixed) (Total:189.92 GB) (Free:2.65 GB) NTFS Drive h: (win7) (Fixed) (Total:409.6 GB) (Free:94.33 GB) NTFS Drive i: (Nový svazek) (Fixed) (Total:931.51 GB) (Free:6.85 GB) NTFS Drive j: (Data na Syst disku) (Fixed) (Total:1150.96 GB) (Free:0.05 GB) NTFS Drive l: (My Passport) (Fixed) (Total:1862.98 GB) (Free:3.36 GB) NTFS ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 1D6C1724) Partition 1: (Active) - (Size=97.7 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=204.8 GB) - (Type=05) Partition 3: (Not Active) - (Size=409.6 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=1151 GB) - (Type=07 NTFS) ========================================================== Disk: 1 (Size: 931.5 GB) (Disk ID: 6DBB66A8) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ========================================================== Disk: 2 (MBR Code: Windows XP) (Size: 189.9 GB) (Disk ID: 07BC23DE) Partition 1: (Not Active) - (Size=189.9 GB) - (Type=07 NTFS) ========================================================== Disk: 3 (Size: 698.6 GB) (Disk ID: 745E745E) Partition 1: (Not Active) - (Size=698.6 GB) - (Type=07 NTFS) ========================================================== Disk: 4 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 0005F107) Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS) ==================== End of Addition.txt =======================