Disk stále na 100% a "virus" v oznamovací oblasti
Napsal: 18 úno 2024 19:03
Hezký den,
prosím o kontrolu. V oznamovací oblasti vyskočilo oznámení, že je počítač zavirovaný a že mám klepnout na odkaz v oznámení...
K tomu disk stále hrabe na 100%
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16.02.2024
Ran by Jana (administrator) on LATITUDE-E5450 (Dell Inc. Latitude E5450) (18-02-2024 18:37:56)
Running from C:\Users\Jana\Desktop\FRST64.exe
Loaded Profiles: Jana
Platform: Microsoft Windows 10 Pro Version 22H2 19045.3930 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(C:\Program Files (x86)\CheckPoint\Endpoint Connect\Watchdog\EPWD.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGUI.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(C:\Program Files\DellTPad\Apoint.exe ->) (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(C:\Program Files\DellTPad\Apoint.exe ->) (ALPS ELECTRIC CO., LTD. -> ALPSALPINE CO., LTD.) C:\Program Files\DellTPad\hidfind.exe
(C:\Program Files\DellTPad\HidMonitorSvc.exe ->) (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <4>
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel\DPTF\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\121.0.2277.128\Installer\setup.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <8>
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Jana\AppData\Local\Microsoft\OneDrive\24.023.0131.0003\Microsoft.SharePoint.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(services.exe ->) (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(services.exe ->) (Broadcom Corporation -> Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
(services.exe ->) (Broadcom Corporation -> Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Connect\Watchdog\EPWD.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_ecb9604542bb4ba6\RstMwService.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(spoolsv.exe ->) (CANON INC. -> CANON INC.) C:\Windows\System32\CNAB4RPD.EXE
(svchost.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\GoogleUpdater\123.0.6288.0\updater.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21830.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Jana\AppData\Local\Microsoft\OneDrive\24.023.0131.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.3989_none_7ddb45627cb30e03\TiWorker.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [779152 2019-12-12] (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8861944 2016-07-29] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1427704 2016-07-29] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [718256 2015-12-22] (Waves Inc -> Waves Audio Ltd.)
HKLM-x32\...\Run: [Check Point VPN] => C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGui.exe [18113784 2018-12-23] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
HKU\S-1-5-21-2613768656-1866664547-1641146514-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [49805376 2018-10-26] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2613768656-1866664547-1641146514-1001\...\Run: [MicrosoftEdgeAutoLaunch_1DCFC33FDD0C888F6A149A13AC8253CE] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3788240 2024-02-15] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\CNAB4 Monitor: C:\WINDOWS\system32\CNAB4LMD.DLL [58880 2012-10-09] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\121.0.6167.185\Installer\chrmstp.exe [2024-02-18] (Google LLC -> Google LLC)
Startup: C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2019-06-19]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Canon LBP2900 Status Window.lnk [2018-10-26]
ShortcutTarget: Canon LBP2900 Status Window.lnk -> C:\Windows\System32\spool\drivers\x64\3\CNAB4LAD.EXE (CANON INC. -> CANON INC.)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {EEDE4E71-099F-4215-90AA-9E43F7A3D416} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem123.0.6288.0{2F0319B9-FA70-41EC-98E3-AE5AA75538BF} => C:\Program Files (x86)\Google\GoogleUpdater\123.0.6288.0\updater.exe [4682528 2024-02-08] (Google LLC -> Google LLC) <==== ATTENTION
Task: {6834B61A-BE29-457E-9370-C82ED2115A0C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28372672 2024-02-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {34BF55C1-716A-495A-AC6F-50B9D099FC92} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28372672 2024-02-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {E62CE800-0537-4D7B-952B-438020E6EB17} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [218776 2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {89915A14-9F85-4D06-AA99-B7F52068C9CA} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [218776 2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {6C84E694-002E-4F89-BC5F-0FF741310DE1} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4436272 2024-02-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {07F757BA-B2D1-4B8C-8BA3-7ABA0344C968} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [362192 2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {2A42A923-9485-438E-BC7D-CAB754285E8A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5F9CCDE4-3FEF-4F46-9759-D9760FA1E3A7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {81B6E472-2EE9-48DC-B4BB-A042A71C6560} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A1A26D0C-D1FB-4141-9C98-C9D467732D9E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EE937F8A-E118-4503-8091-B44A03E2CD5C} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [674720 2024-01-19] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {FF46C4F8-584A-47FC-9C87-7D5A57793750} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [35232 2024-01-19] (Mozilla Corporation -> Mozilla Foundation)
Task: {989759DF-769B-48BD-AF6D-C06EBAB9A96F} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1427704 2016-07-29] (Realtek Semiconductor Corp -> Realtek Semiconductor)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{749910b1-ef26-45e6-9cf6-b4d6f467a8a5}: [DhcpNameServer] 10.191.111.110 10.191.111.120 10.191.203.50
Tcpip\..\Interfaces\{749910b1-ef26-45e6-9cf6-b4d6f467a8a5}: [DhcpDomain] ovhut.cz
Tcpip\..\Interfaces\{a5dc0024-1839-4d26-9865-02e50d39c53c}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{f330863b-2fb8-4ac6-9e83-0e60af9cbac2}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{f330863b-2fb8-4ac6-9e83-0e60af9cbac2}\146796F6E6F575966496: [DhcpNameServer] 172.16.0.1 195.46.39.40
Tcpip\..\Interfaces\{f330863b-2fb8-4ac6-9e83-0e60af9cbac2}\146796F6E6F575966496: [DhcpDomain] intern
Tcpip\..\Interfaces\{f330863b-2fb8-4ac6-9e83-0e60af9cbac2}\94E4455425E45445025374: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{f330863b-2fb8-4ac6-9e83-0e60af9cbac2}\94E4455425E45445025374: [DhcpDomain] Home
Tcpip\..\Interfaces\{f330863b-2fb8-4ac6-9e83-0e60af9cbac2}\94E4455425E454450255E4946494: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{f330863b-2fb8-4ac6-9e83-0e60af9cbac2}\94E4455425E454450255E4946494: [DhcpDomain] Home
Tcpip\..\Interfaces\{f330863b-2fb8-4ac6-9e83-0e60af9cbac2}\F423D294E6475627E65647D234231323: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{f330863b-2fb8-4ac6-9e83-0e60af9cbac2}\F423D294E6475627E65647D25374D2834303: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{f330863b-2fb8-4ac6-9e83-0e60af9cbac2}\F423D294E6475627E65647D25374D2834303: [DhcpDomain] Home
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Jana\AppData\Local\Microsoft\Edge\User Data\Default [2024-02-18]
Edge Extension: (Dokumenty Google offline) - C:\Users\Jana\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-24]
Edge Extension: (Abcd PDF) - C:\Users\Jana\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\iicjlohkojjngbbienlgmlikgdhloegi [2021-12-30]
Edge Extension: (Edge relevant text changes) - C:\Users\Jana\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
FireFox:
========
FF DefaultProfile: rzdcgzkm.default
FF ProfilePath: C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\rzdcgzkm.default [2022-11-06]
FF ProfilePath: C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\2ujjz371.default-release [2024-02-18]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default [2024-02-18]
CHR Notifications: Default -> hxxps://meet.google.com; hxxps://quickdatingpoint.top; hxxps://www.nev-dama.cz
CHR Extension: (Dokumenty Google offline) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-19]
CHR Extension: (Abcd PDF) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\iicjlohkojjngbbienlgmlikgdhloegi [2021-11-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-05]
CHR Profile: C:\Users\Jana\AppData\Local\Google\Chrome\User Data\System Profile [2020-09-20]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [114960 2019-12-12] (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14048768 2024-02-10] (Microsoft Corporation -> Microsoft Corporation)
R2 EPWD; C:\Program Files (x86)\CheckPoint\Endpoint Connect\Watchdog\EPWD.exe [293112 2018-08-19] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S2 GoogleUpdaterInternalService123.0.6288.0; C:\Program Files (x86)\Google\GoogleUpdater\123.0.6288.0\updater.exe [4682528 2024-02-08] (Google LLC -> Google LLC) <==== ATTENTION
S2 GoogleUpdaterService123.0.6288.0; C:\Program Files (x86)\Google\GoogleUpdater\123.0.6288.0\updater.exe [4682528 2024-02-08] (Google LLC -> Google LLC) <==== ATTENTION
S3 OfficeSvcManagerAddons; C:\WINDOWS\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [22384 2023-11-15] (Microsoft Windows -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534472 2023-12-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TracSrvWrapper; C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe [5879544 2018-12-23] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [29160 2018-07-27] (Dell Inc -> OSR Open Systems Resources, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 stdcfltn; C:\WINDOWS\System32\DRIVERS\stdcfltn.sys [23216 2015-01-09] (STMicroelectronics -> ST Microelectronics)
R3 vna_ap; C:\WINDOWS\system32\DRIVERS\vnaap.sys [165392 2017-08-01] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [594304 2023-12-09] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-09] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-02-18 18:37 - 2024-02-18 18:43 - 000019853 _____ C:\Users\Jana\Desktop\FRST.txt
2024-02-18 18:28 - 2024-02-18 18:29 - 008797968 _____ (Malwarebytes) C:\Users\Jana\Downloads\adwcleaner.exe
2024-02-18 17:57 - 2024-02-18 18:02 - 000028659 _____ C:\Users\Jana\Desktop\Additionprvni.txt
2024-02-18 17:52 - 2024-02-18 17:52 - 000000000 ___HD C:\$WinREAgent
2024-02-18 17:48 - 2024-02-18 18:02 - 000026637 _____ C:\Users\Jana\Desktop\FRSTprvni.txt
2024-02-18 17:46 - 2024-02-18 18:40 - 000000000 ____D C:\FRST
2024-02-18 17:35 - 2024-02-18 17:35 - 000000000 ___HD C:\OneDriveTemp
2024-02-18 17:27 - 2024-02-18 17:29 - 002390016 _____ (Farbar) C:\Users\Jana\Desktop\FRST64.exe
2024-02-18 17:07 - 2024-02-18 17:07 - 000001275 _____ C:\Users\Jana\Desktop\ESET Online Scanner.lnk
2024-02-18 16:58 - 2024-02-18 17:06 - 000001381 _____ C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2024-02-18 16:57 - 2024-02-18 16:57 - 015274968 _____ (ESET) C:\Users\Jana\Downloads\esetonlinescanner.exe
2024-02-18 16:57 - 2024-02-18 16:57 - 000000000 ____D C:\Users\Jana\AppData\Local\ESET
2024-02-10 17:37 - 2024-02-10 17:39 - 001248588 _____ C:\WINDOWS\Minidump\021024-34625-01.dmp
2024-02-08 19:37 - 2024-02-08 19:37 - 000028233 _____ C:\Users\Jana\Downloads\objednávka-831311.pdf
2024-02-07 11:01 - 2024-02-07 11:01 - 000078537 _____ C:\Users\Jana\Downloads\2024-02-01-2001485523-sluzby_v_pevne_siti-fs.pdf
2024-02-07 10:58 - 2024-02-07 10:58 - 000001279 _____ C:\Users\Jana\Downloads\2024-02-01-2001485523-sluzby_v_pevne_siti-s.csv.zip
2024-01-29 17:34 - 2024-01-29 17:34 - 000152501 _____ C:\Users\Jana\Desktop\Výběrové řízení - ZŠ a MŠ Staříč.pdf
2024-01-25 15:40 - 2024-01-25 15:40 - 000434796 _____ C:\Users\Jana\Downloads\Výpis z účtu Úvěru od Buřinky (1).pdf
2024-01-25 15:40 - 2024-01-25 15:40 - 000050526 _____ C:\Users\Jana\Downloads\Potvrzení o úrocích (2).pdf
2024-01-19 17:29 - 2024-01-19 17:29 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleSystem
2024-01-19 17:28 - 2024-02-18 16:51 - 000000000 ____D C:\Program Files\Mozilla Firefox
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-02-18 18:43 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-02-18 18:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-02-18 18:40 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-02-18 18:26 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2024-02-18 17:53 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-02-18 17:39 - 2018-08-13 09:33 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2024-02-18 17:35 - 2022-12-16 16:14 - 000000000 ___RD C:\Users\Jana\OneDrive - Univerzita Tomáše Bati ve Zlíně
2024-02-18 17:12 - 2020-06-12 12:36 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-02-18 17:12 - 2020-06-12 12:36 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-02-18 16:58 - 2018-08-10 11:58 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-02-18 16:55 - 2021-12-19 20:09 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-02-18 16:55 - 2018-10-21 08:48 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-02-18 16:55 - 2018-10-21 08:48 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-02-18 16:51 - 2022-11-06 14:42 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-02-18 16:49 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2024-02-18 16:46 - 2018-08-10 11:58 - 191155960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-02-18 16:43 - 2018-08-10 10:18 - 000000000 __SHD C:\Users\Jana\IntelGraphicsProfiles
2024-02-18 16:43 - 2018-08-10 10:17 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2024-02-14 18:35 - 2021-12-13 16:26 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2613768656-1866664547-1641146514-1001
2024-02-14 18:35 - 2021-04-14 19:55 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2613768656-1866664547-1641146514-1001
2024-02-14 18:35 - 2021-04-14 19:41 - 000002378 _____ C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-02-10 18:11 - 2021-04-14 19:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-02-10 18:11 - 2021-04-14 19:36 - 000008192 ___SH C:\DumpStack.log.tmp
2024-02-10 18:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2024-02-10 18:11 - 2019-12-07 10:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2024-02-10 17:40 - 2021-05-30 09:29 - 000000000 ____D C:\WINDOWS\Minidump
2024-02-10 17:37 - 2021-06-14 15:09 - 1098141693 _____ C:\WINDOWS\MEMORY.DMP
2024-02-08 20:14 - 2021-04-14 19:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-02-07 10:50 - 2021-04-14 19:50 - 001605602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-02-07 10:50 - 2019-12-07 15:43 - 000684862 _____ C:\WINDOWS\system32\perfh005.dat
2024-02-07 10:50 - 2019-12-07 15:43 - 000137626 _____ C:\WINDOWS\system32\perfc005.dat
2024-02-07 10:44 - 2022-11-06 14:42 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-02-06 15:10 - 2021-04-14 19:55 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-02-06 15:10 - 2021-04-14 19:55 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-02-01 12:41 - 2018-11-01 16:53 - 000018938 _____ C:\Users\Jana\Desktop\plyn.xlsx
2024-01-24 17:25 - 2022-11-06 14:42 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-01-19 19:54 - 2021-04-14 19:36 - 000437136 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-01-19 19:52 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-01-19 19:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-01-19 19:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-01-19 19:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-01-19 19:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-01-19 19:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-01-19 17:29 - 2018-10-21 08:48 - 000000000 ____D C:\Program Files (x86)\Google
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16.02.2024
Ran by Jana (18-02-2024 18:47:29)
Running from C:\Users\Jana\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.3930 (X64) (2021-04-14 18:55:46)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2613768656-1866664547-1641146514-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2613768656-1866664547-1641146514-503 - Limited - Disabled)
Guest (S-1-5-21-2613768656-1866664547-1641146514-501 - Limited - Disabled)
Jana (S-1-5-21-2613768656-1866664547-1641146514-1001 - Administrator - Enabled) => C:\Users\Jana
WDAGUtilityAccount (S-1-5-21-2613768656-1866664547-1641146514-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Canon LBP2900 (HKLM\...\Canon LBP2900) (Version: - )
Dell ControlVault Host Components Installer 64 bit (HKLM\...\{74117219-F4F7-4CB7-98A2-AAF9D6D9928C}) (Version: 3.4.8.14 - Broadcom Corporation)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.3201.101.215 - ALPSALPINE CO., LTD.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 121.0.6167.185 - Google LLC)
Check Point VPN (HKLM-x32\...\{FF3FC376-CBEA-4CF3-A931-E5FD95D640E0}) (Version: 98.61.112 - Check Point Software Technologies Ltd.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.8006.3 - Waves Audio Ltd.) Hidden
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.17231.20236 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 121.0.2277.128 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 121.0.2277.128 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2613768656-1866664547-1641146514-1001\...\OneDriveSetup.exe) (Version: 24.023.0131.0003 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2613768656-1866664547-1641146514-1001\...\Teams) (Version: 1.3.00.362 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 121.0.1 (x64 cs)) (Version: 121.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 106.0.5 - Mozilla)
Navigation Updater (HKU\S-1-5-21-2613768656-1866664547-1641146514-1001\...\{e31c67e1-784d-4ced-9ff9-bfdfacdeb5a7}) (Version: 2.2.2.0 - HYUNDAI MOTOR GROUP)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.17231.20236 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.17231.20236 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.17231.20236 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.13801.20638 - Microsoft Corporation) Hidden
Realtek Audio COM Components (HKLM-x32\...\{2355B503-9B11-4449-861D-1C1748B26320}) (Version: 1.0.2 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6105 - Realtek Semiconductor Corp.)
Skype verze 8.33 (HKLM-x32\...\Skype_is1) (Version: 8.33 - Skype Technologies S.A.)
Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.2.0.34161 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-2613768656-1866664547-1641146514-1001\...\ZoomUMX) (Version: 5.2.0 (42619.0804) - Zoom Video Communications, Inc.)
Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-08-24] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-04-14] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-04-14] (Microsoft Corporation) [MS Ad]
Microsoft Teams (work or school) -> C:\Program Files\WindowsApps\MSTeams_23306.3315.2560.6525_x64__8wekyb3d8bbwe [2023-12-09] (Microsoft) [Startup Task]
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.19.1262.0_x64__8wekyb3d8bbwe [2024-02-08] (Microsoft Studios) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2613768656-1866664547-1641146514-1001_Classes\CLSID\{04271989-4A69-3C15-1592-D267C23B6D70} -> [OneDrive - Univerzita Tomáše Bati ve Zlíně] => C:\Users\Jana\OneDrive - Univerzita Tomáše Bati ve Zlíně [2022-12-16 16:14]
CustomCLSID: HKU\S-1-5-21-2613768656-1866664547-1641146514-1001_Classes\CLSID\{04271989-C4D2-968D-8DFA-38C13479EBAD} -> [OneDrive - GFG Alliance] => C:\Users\Jana\OneDrive - GFG Alliance [2019-11-24 15:58]
CustomCLSID: HKU\S-1-5-21-2613768656-1866664547-1641146514-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Jana\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19317.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2613768656-1866664547-1641146514-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Jana\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19317.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2018-02-26] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Jana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) =============
2018-08-13 09:33 - 2018-08-13 09:33 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems32.dll] C:\Program Files (x86)\Microsoft Office\root\Office16\AppVIsvSubsystems32.dll
2018-08-13 09:33 - 2018-08-13 09:33 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R32.dll] C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-2613768656-1866664547-1641146514-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2613768656-1866664547-1641146514-1001\...\sharepoint.com -> hxxps://dataeur-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-12 00:38 - 2018-04-12 00:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
2019-11-04 20:10 - 2019-11-04 20:15 - 000000444 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2613768656-1866664547-1641146514-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{A7689A8E-30DE-46F7-9D4F-BA798A61DD15}C:\users\jana\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\jana\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{AF9D4A54-D1D1-413F-AD16-D163256717D4}C:\users\jana\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\jana\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{1452E23F-4746-4529-8508-3F1A00AD9B28}C:\users\jana\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\jana\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{D7BEFC12-96EA-4963-8C0B-8FA5A9788E2B}C:\users\jana\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\jana\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{FC9FBD7D-545F-4A67-B782-1745AD0360D0}] => (Allow) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
FirewallRules: [{7FE476E9-6B5B-4D11-B51B-923468E443A0}] => (Allow) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGUI.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
FirewallRules: [{CF82CE51-8A18-4DCF-BC43-4FEDA9334470}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D27B06EB-8142-4A0C-A1B7-572B9AAACFD4}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{32863E4D-11C6-4FC8-AD2A-762195F02850}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{443CF2AF-3BE2-4D4C-9525-3622BF9F604A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A29FA3B9-0089-4D4A-9252-53BF62E015EC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{AE40BB5B-A574-4AAC-A525-58A618C2BE3B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CD32A4AE-7F0F-4856-B5CA-1CFE91899892}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FBE6A6B6-4640-4DA6-AD62-1D7BEB30D1D3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E4C09F78-8F78-4AA0-831D-9A9572271609}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0E58E82B-A116-4C0F-A2EC-24EA47BAA711}] => (Allow) C:\Program Files\WindowsApps\MSTeams_23306.3315.2560.6525_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{97F48A0C-7D34-4922-A70B-E8E1D0F54D6F}] => (Allow) C:\Program Files\WindowsApps\MSTeams_23306.3315.2560.6525_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{70985BE3-5003-4C22-BFFB-978CC0C516B7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{814E6F20-12E1-4BF5-ADA3-4D035C863674}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\121.0.2277.128\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
03-02-2024 20:07:08 Naplánovaný kontrolní bod
18-02-2024 17:09:32 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (02/18/2024 06:36:28 PM) (Source: ESENT) (EventID: 448) (User: )
Description: taskhostw (8996,D,19) WebCacheLocal: V tabulce BlobEntry_129 databáze C:\Users\Jana\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat (524, 0x8000000080000c48) se zjistila nekonzistence dat.
Error: (02/18/2024 06:36:28 PM) (Source: ESENT) (EventID: 448) (User: )
Description: taskhostw (8996,D,19) WebCacheLocal: V tabulce BlobEntry_129 databáze C:\Users\Jana\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat (524, 0x8000000080000c48) se zjistila nekonzistence dat.
Error: (02/18/2024 06:36:25 PM) (Source: ESENT) (EventID: 448) (User: )
Description: taskhostw (8996,D,18) WebCacheLocal: V tabulce BlobEntry_129 databáze C:\Users\Jana\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat (524, 0x8000000080000c48) se zjistila nekonzistence dat.
Error: (02/18/2024 06:33:35 PM) (Source: ESENT) (EventID: 448) (User: )
Description: taskhostw (8996,D,19) WebCacheLocal: V tabulce BlobEntry_129 databáze C:\Users\Jana\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat (524, 0x8000000080000c4a) se zjistila nekonzistence dat.
Error: (02/18/2024 06:33:35 PM) (Source: ESENT) (EventID: 448) (User: )
Description: taskhostw (8996,D,19) WebCacheLocal: V tabulce BlobEntry_129 databáze C:\Users\Jana\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat (524, 0x8000000080000c4a) se zjistila nekonzistence dat.
Error: (02/18/2024 06:33:35 PM) (Source: ESENT) (EventID: 448) (User: )
Description: taskhostw (8996,D,18) WebCacheLocal: V tabulce BlobEntry_129 databáze C:\Users\Jana\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat (524, 0x8000000080000c4a) se zjistila nekonzistence dat.
Error: (02/18/2024 06:02:39 PM) (Source: ESENT) (EventID: 448) (User: )
Description: taskhostw (8996,D,19) WebCacheLocal: V tabulce BlobEntry_129 databáze C:\Users\Jana\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat (524, 0x8000000080000c48) se zjistila nekonzistence dat.
Error: (02/18/2024 06:02:39 PM) (Source: ESENT) (EventID: 448) (User: )
Description: taskhostw (8996,D,19) WebCacheLocal: V tabulce BlobEntry_129 databáze C:\Users\Jana\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat (524, 0x8000000080000c48) se zjistila nekonzistence dat.
System errors:
=============
Error: (02/18/2024 05:44:53 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x8024200b): Aktualizace bezpečnostních informací pro Microsoft Defender Antivirus – KB2267602 (verze 1.405.207.0) – Aktuální kanál (široká distribuce).
Error: (02/18/2024 05:41:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Search neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (02/18/2024 05:41:38 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Search bylo dosaženo časového limitu (30000 ms).
Error: (02/18/2024 05:12:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Error: (02/18/2024 05:12:38 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Jana\AppData\Local\Temp\ehdrv.sys
Error: (02/18/2024 05:12:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Error: (02/18/2024 05:12:37 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Jana\AppData\Local\Temp\ehdrv.sys
Error: (02/18/2024 05:12:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Windows Defender:
================
Date: 2024-02-04 17:19:18
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {FAD1EBE4-0D12-436F-B0EF-11F4E8957A2E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-11-19 21:32:45
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {EB9D2B55-AA61-4AED-814C-8F63B77419C9}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-11-19 20:56:13
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {05FBA226-74B8-4311-B8E5-593C22380F1C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-11-13 18:58:19
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {14FD1388-1A79-4560-AE8B-1B5DC96FD82D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-11-09 19:07:50
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {015537DA-B150-4AF6-9751-4FD2F6BC2F61}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:
Date: 2024-02-18 17:10:11
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.403.3739.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23110.2
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.
Date: 2024-02-03 16:04:12
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.403.2949.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23110.2
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2024-02-03 16:04:12
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.403.2949.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23110.2
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2024-02-03 16:04:12
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.403.2949.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23110.2
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2024-02-03 16:04:12
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.403.2949.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23110.2
Kód chyby: 0x80072efe
Popis chyby: Spojení se serverem bylo nenormálně ukončeno.
CodeIntegrity:
===============
Date: 2023-11-19 20:55:50
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-11-09 17:52:49
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-10-23 18:04:34
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2023-09-24 10:25:19
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-09-01 19:44:47
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-08-05 21:44:24
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-06-20 07:15:27
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-06-09 17:45:26
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. A19 01/23/2018
Motherboard: Dell Inc. 0C7K68
Processor: Intel(R) Core(TM) i5-5300U CPU @ 2.30GHz
Percentage of memory in use: 64%
Total physical RAM: 8067.4 MB
Available physical RAM: 2881.03 MB
Total Virtual: 9347.4 MB
Available Virtual: 3770.05 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.16 GB) (Free:354.03 GB) (Model: TOSHIBA MQ02ABF050H) NTFS
\\?\Volume{aa90e4c7-762f-4af2-9f15-57f7c2ad72dc}\ () (Fixed) (Total:0.49 GB) (Free:0.03 GB) NTFS
\\?\Volume{a1af9e67-351b-4441-918e-1731b63195e3}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 5A1CDFD0)
Partition: GPT.
==================== End of Addition.txt =======================
prosím o kontrolu. V oznamovací oblasti vyskočilo oznámení, že je počítač zavirovaný a že mám klepnout na odkaz v oznámení...
K tomu disk stále hrabe na 100%
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16.02.2024
Ran by Jana (administrator) on LATITUDE-E5450 (Dell Inc. Latitude E5450) (18-02-2024 18:37:56)
Running from C:\Users\Jana\Desktop\FRST64.exe
Loaded Profiles: Jana
Platform: Microsoft Windows 10 Pro Version 22H2 19045.3930 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(C:\Program Files (x86)\CheckPoint\Endpoint Connect\Watchdog\EPWD.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGUI.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(C:\Program Files\DellTPad\Apoint.exe ->) (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(C:\Program Files\DellTPad\Apoint.exe ->) (ALPS ELECTRIC CO., LTD. -> ALPSALPINE CO., LTD.) C:\Program Files\DellTPad\hidfind.exe
(C:\Program Files\DellTPad\HidMonitorSvc.exe ->) (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <4>
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel\DPTF\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\121.0.2277.128\Installer\setup.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <8>
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Jana\AppData\Local\Microsoft\OneDrive\24.023.0131.0003\Microsoft.SharePoint.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(services.exe ->) (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(services.exe ->) (Broadcom Corporation -> Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
(services.exe ->) (Broadcom Corporation -> Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Connect\Watchdog\EPWD.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_ecb9604542bb4ba6\RstMwService.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(spoolsv.exe ->) (CANON INC. -> CANON INC.) C:\Windows\System32\CNAB4RPD.EXE
(svchost.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\GoogleUpdater\123.0.6288.0\updater.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21830.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Jana\AppData\Local\Microsoft\OneDrive\24.023.0131.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.3989_none_7ddb45627cb30e03\TiWorker.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [779152 2019-12-12] (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8861944 2016-07-29] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1427704 2016-07-29] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [718256 2015-12-22] (Waves Inc -> Waves Audio Ltd.)
HKLM-x32\...\Run: [Check Point VPN] => C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGui.exe [18113784 2018-12-23] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
HKU\S-1-5-21-2613768656-1866664547-1641146514-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [49805376 2018-10-26] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2613768656-1866664547-1641146514-1001\...\Run: [MicrosoftEdgeAutoLaunch_1DCFC33FDD0C888F6A149A13AC8253CE] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3788240 2024-02-15] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\CNAB4 Monitor: C:\WINDOWS\system32\CNAB4LMD.DLL [58880 2012-10-09] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\121.0.6167.185\Installer\chrmstp.exe [2024-02-18] (Google LLC -> Google LLC)
Startup: C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2019-06-19]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Canon LBP2900 Status Window.lnk [2018-10-26]
ShortcutTarget: Canon LBP2900 Status Window.lnk -> C:\Windows\System32\spool\drivers\x64\3\CNAB4LAD.EXE (CANON INC. -> CANON INC.)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {EEDE4E71-099F-4215-90AA-9E43F7A3D416} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem123.0.6288.0{2F0319B9-FA70-41EC-98E3-AE5AA75538BF} => C:\Program Files (x86)\Google\GoogleUpdater\123.0.6288.0\updater.exe [4682528 2024-02-08] (Google LLC -> Google LLC) <==== ATTENTION
Task: {6834B61A-BE29-457E-9370-C82ED2115A0C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28372672 2024-02-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {34BF55C1-716A-495A-AC6F-50B9D099FC92} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28372672 2024-02-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {E62CE800-0537-4D7B-952B-438020E6EB17} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [218776 2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {89915A14-9F85-4D06-AA99-B7F52068C9CA} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [218776 2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {6C84E694-002E-4F89-BC5F-0FF741310DE1} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4436272 2024-02-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {07F757BA-B2D1-4B8C-8BA3-7ABA0344C968} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [362192 2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {2A42A923-9485-438E-BC7D-CAB754285E8A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5F9CCDE4-3FEF-4F46-9759-D9760FA1E3A7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {81B6E472-2EE9-48DC-B4BB-A042A71C6560} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A1A26D0C-D1FB-4141-9C98-C9D467732D9E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EE937F8A-E118-4503-8091-B44A03E2CD5C} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [674720 2024-01-19] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {FF46C4F8-584A-47FC-9C87-7D5A57793750} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [35232 2024-01-19] (Mozilla Corporation -> Mozilla Foundation)
Task: {989759DF-769B-48BD-AF6D-C06EBAB9A96F} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1427704 2016-07-29] (Realtek Semiconductor Corp -> Realtek Semiconductor)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{749910b1-ef26-45e6-9cf6-b4d6f467a8a5}: [DhcpNameServer] 10.191.111.110 10.191.111.120 10.191.203.50
Tcpip\..\Interfaces\{749910b1-ef26-45e6-9cf6-b4d6f467a8a5}: [DhcpDomain] ovhut.cz
Tcpip\..\Interfaces\{a5dc0024-1839-4d26-9865-02e50d39c53c}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{f330863b-2fb8-4ac6-9e83-0e60af9cbac2}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{f330863b-2fb8-4ac6-9e83-0e60af9cbac2}\146796F6E6F575966496: [DhcpNameServer] 172.16.0.1 195.46.39.40
Tcpip\..\Interfaces\{f330863b-2fb8-4ac6-9e83-0e60af9cbac2}\146796F6E6F575966496: [DhcpDomain] intern
Tcpip\..\Interfaces\{f330863b-2fb8-4ac6-9e83-0e60af9cbac2}\94E4455425E45445025374: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{f330863b-2fb8-4ac6-9e83-0e60af9cbac2}\94E4455425E45445025374: [DhcpDomain] Home
Tcpip\..\Interfaces\{f330863b-2fb8-4ac6-9e83-0e60af9cbac2}\94E4455425E454450255E4946494: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{f330863b-2fb8-4ac6-9e83-0e60af9cbac2}\94E4455425E454450255E4946494: [DhcpDomain] Home
Tcpip\..\Interfaces\{f330863b-2fb8-4ac6-9e83-0e60af9cbac2}\F423D294E6475627E65647D234231323: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{f330863b-2fb8-4ac6-9e83-0e60af9cbac2}\F423D294E6475627E65647D25374D2834303: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{f330863b-2fb8-4ac6-9e83-0e60af9cbac2}\F423D294E6475627E65647D25374D2834303: [DhcpDomain] Home
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Jana\AppData\Local\Microsoft\Edge\User Data\Default [2024-02-18]
Edge Extension: (Dokumenty Google offline) - C:\Users\Jana\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-24]
Edge Extension: (Abcd PDF) - C:\Users\Jana\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\iicjlohkojjngbbienlgmlikgdhloegi [2021-12-30]
Edge Extension: (Edge relevant text changes) - C:\Users\Jana\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
FireFox:
========
FF DefaultProfile: rzdcgzkm.default
FF ProfilePath: C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\rzdcgzkm.default [2022-11-06]
FF ProfilePath: C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\2ujjz371.default-release [2024-02-18]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default [2024-02-18]
CHR Notifications: Default -> hxxps://meet.google.com; hxxps://quickdatingpoint.top; hxxps://www.nev-dama.cz
CHR Extension: (Dokumenty Google offline) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-19]
CHR Extension: (Abcd PDF) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\iicjlohkojjngbbienlgmlikgdhloegi [2021-11-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-05]
CHR Profile: C:\Users\Jana\AppData\Local\Google\Chrome\User Data\System Profile [2020-09-20]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [114960 2019-12-12] (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14048768 2024-02-10] (Microsoft Corporation -> Microsoft Corporation)
R2 EPWD; C:\Program Files (x86)\CheckPoint\Endpoint Connect\Watchdog\EPWD.exe [293112 2018-08-19] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S2 GoogleUpdaterInternalService123.0.6288.0; C:\Program Files (x86)\Google\GoogleUpdater\123.0.6288.0\updater.exe [4682528 2024-02-08] (Google LLC -> Google LLC) <==== ATTENTION
S2 GoogleUpdaterService123.0.6288.0; C:\Program Files (x86)\Google\GoogleUpdater\123.0.6288.0\updater.exe [4682528 2024-02-08] (Google LLC -> Google LLC) <==== ATTENTION
S3 OfficeSvcManagerAddons; C:\WINDOWS\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [22384 2023-11-15] (Microsoft Windows -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534472 2023-12-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TracSrvWrapper; C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe [5879544 2018-12-23] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [29160 2018-07-27] (Dell Inc -> OSR Open Systems Resources, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 stdcfltn; C:\WINDOWS\System32\DRIVERS\stdcfltn.sys [23216 2015-01-09] (STMicroelectronics -> ST Microelectronics)
R3 vna_ap; C:\WINDOWS\system32\DRIVERS\vnaap.sys [165392 2017-08-01] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [594304 2023-12-09] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-09] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-02-18 18:37 - 2024-02-18 18:43 - 000019853 _____ C:\Users\Jana\Desktop\FRST.txt
2024-02-18 18:28 - 2024-02-18 18:29 - 008797968 _____ (Malwarebytes) C:\Users\Jana\Downloads\adwcleaner.exe
2024-02-18 17:57 - 2024-02-18 18:02 - 000028659 _____ C:\Users\Jana\Desktop\Additionprvni.txt
2024-02-18 17:52 - 2024-02-18 17:52 - 000000000 ___HD C:\$WinREAgent
2024-02-18 17:48 - 2024-02-18 18:02 - 000026637 _____ C:\Users\Jana\Desktop\FRSTprvni.txt
2024-02-18 17:46 - 2024-02-18 18:40 - 000000000 ____D C:\FRST
2024-02-18 17:35 - 2024-02-18 17:35 - 000000000 ___HD C:\OneDriveTemp
2024-02-18 17:27 - 2024-02-18 17:29 - 002390016 _____ (Farbar) C:\Users\Jana\Desktop\FRST64.exe
2024-02-18 17:07 - 2024-02-18 17:07 - 000001275 _____ C:\Users\Jana\Desktop\ESET Online Scanner.lnk
2024-02-18 16:58 - 2024-02-18 17:06 - 000001381 _____ C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2024-02-18 16:57 - 2024-02-18 16:57 - 015274968 _____ (ESET) C:\Users\Jana\Downloads\esetonlinescanner.exe
2024-02-18 16:57 - 2024-02-18 16:57 - 000000000 ____D C:\Users\Jana\AppData\Local\ESET
2024-02-10 17:37 - 2024-02-10 17:39 - 001248588 _____ C:\WINDOWS\Minidump\021024-34625-01.dmp
2024-02-08 19:37 - 2024-02-08 19:37 - 000028233 _____ C:\Users\Jana\Downloads\objednávka-831311.pdf
2024-02-07 11:01 - 2024-02-07 11:01 - 000078537 _____ C:\Users\Jana\Downloads\2024-02-01-2001485523-sluzby_v_pevne_siti-fs.pdf
2024-02-07 10:58 - 2024-02-07 10:58 - 000001279 _____ C:\Users\Jana\Downloads\2024-02-01-2001485523-sluzby_v_pevne_siti-s.csv.zip
2024-01-29 17:34 - 2024-01-29 17:34 - 000152501 _____ C:\Users\Jana\Desktop\Výběrové řízení - ZŠ a MŠ Staříč.pdf
2024-01-25 15:40 - 2024-01-25 15:40 - 000434796 _____ C:\Users\Jana\Downloads\Výpis z účtu Úvěru od Buřinky (1).pdf
2024-01-25 15:40 - 2024-01-25 15:40 - 000050526 _____ C:\Users\Jana\Downloads\Potvrzení o úrocích (2).pdf
2024-01-19 17:29 - 2024-01-19 17:29 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleSystem
2024-01-19 17:28 - 2024-02-18 16:51 - 000000000 ____D C:\Program Files\Mozilla Firefox
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-02-18 18:43 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-02-18 18:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-02-18 18:40 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-02-18 18:26 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2024-02-18 17:53 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-02-18 17:39 - 2018-08-13 09:33 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2024-02-18 17:35 - 2022-12-16 16:14 - 000000000 ___RD C:\Users\Jana\OneDrive - Univerzita Tomáše Bati ve Zlíně
2024-02-18 17:12 - 2020-06-12 12:36 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-02-18 17:12 - 2020-06-12 12:36 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-02-18 16:58 - 2018-08-10 11:58 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-02-18 16:55 - 2021-12-19 20:09 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-02-18 16:55 - 2018-10-21 08:48 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-02-18 16:55 - 2018-10-21 08:48 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-02-18 16:51 - 2022-11-06 14:42 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-02-18 16:49 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2024-02-18 16:46 - 2018-08-10 11:58 - 191155960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-02-18 16:43 - 2018-08-10 10:18 - 000000000 __SHD C:\Users\Jana\IntelGraphicsProfiles
2024-02-18 16:43 - 2018-08-10 10:17 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2024-02-14 18:35 - 2021-12-13 16:26 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2613768656-1866664547-1641146514-1001
2024-02-14 18:35 - 2021-04-14 19:55 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2613768656-1866664547-1641146514-1001
2024-02-14 18:35 - 2021-04-14 19:41 - 000002378 _____ C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-02-10 18:11 - 2021-04-14 19:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-02-10 18:11 - 2021-04-14 19:36 - 000008192 ___SH C:\DumpStack.log.tmp
2024-02-10 18:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2024-02-10 18:11 - 2019-12-07 10:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2024-02-10 17:40 - 2021-05-30 09:29 - 000000000 ____D C:\WINDOWS\Minidump
2024-02-10 17:37 - 2021-06-14 15:09 - 1098141693 _____ C:\WINDOWS\MEMORY.DMP
2024-02-08 20:14 - 2021-04-14 19:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-02-07 10:50 - 2021-04-14 19:50 - 001605602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-02-07 10:50 - 2019-12-07 15:43 - 000684862 _____ C:\WINDOWS\system32\perfh005.dat
2024-02-07 10:50 - 2019-12-07 15:43 - 000137626 _____ C:\WINDOWS\system32\perfc005.dat
2024-02-07 10:44 - 2022-11-06 14:42 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-02-06 15:10 - 2021-04-14 19:55 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-02-06 15:10 - 2021-04-14 19:55 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-02-01 12:41 - 2018-11-01 16:53 - 000018938 _____ C:\Users\Jana\Desktop\plyn.xlsx
2024-01-24 17:25 - 2022-11-06 14:42 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-01-19 19:54 - 2021-04-14 19:36 - 000437136 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-01-19 19:52 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-01-19 19:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-01-19 19:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-01-19 19:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-01-19 19:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-01-19 19:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-01-19 17:29 - 2018-10-21 08:48 - 000000000 ____D C:\Program Files (x86)\Google
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16.02.2024
Ran by Jana (18-02-2024 18:47:29)
Running from C:\Users\Jana\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.3930 (X64) (2021-04-14 18:55:46)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2613768656-1866664547-1641146514-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2613768656-1866664547-1641146514-503 - Limited - Disabled)
Guest (S-1-5-21-2613768656-1866664547-1641146514-501 - Limited - Disabled)
Jana (S-1-5-21-2613768656-1866664547-1641146514-1001 - Administrator - Enabled) => C:\Users\Jana
WDAGUtilityAccount (S-1-5-21-2613768656-1866664547-1641146514-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Canon LBP2900 (HKLM\...\Canon LBP2900) (Version: - )
Dell ControlVault Host Components Installer 64 bit (HKLM\...\{74117219-F4F7-4CB7-98A2-AAF9D6D9928C}) (Version: 3.4.8.14 - Broadcom Corporation)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.3201.101.215 - ALPSALPINE CO., LTD.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 121.0.6167.185 - Google LLC)
Check Point VPN (HKLM-x32\...\{FF3FC376-CBEA-4CF3-A931-E5FD95D640E0}) (Version: 98.61.112 - Check Point Software Technologies Ltd.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.8006.3 - Waves Audio Ltd.) Hidden
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.17231.20236 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 121.0.2277.128 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 121.0.2277.128 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2613768656-1866664547-1641146514-1001\...\OneDriveSetup.exe) (Version: 24.023.0131.0003 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2613768656-1866664547-1641146514-1001\...\Teams) (Version: 1.3.00.362 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 121.0.1 (x64 cs)) (Version: 121.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 106.0.5 - Mozilla)
Navigation Updater (HKU\S-1-5-21-2613768656-1866664547-1641146514-1001\...\{e31c67e1-784d-4ced-9ff9-bfdfacdeb5a7}) (Version: 2.2.2.0 - HYUNDAI MOTOR GROUP)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.17231.20236 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.17231.20236 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.17231.20236 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.13801.20638 - Microsoft Corporation) Hidden
Realtek Audio COM Components (HKLM-x32\...\{2355B503-9B11-4449-861D-1C1748B26320}) (Version: 1.0.2 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6105 - Realtek Semiconductor Corp.)
Skype verze 8.33 (HKLM-x32\...\Skype_is1) (Version: 8.33 - Skype Technologies S.A.)
Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.2.0.34161 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-2613768656-1866664547-1641146514-1001\...\ZoomUMX) (Version: 5.2.0 (42619.0804) - Zoom Video Communications, Inc.)
Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-08-24] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-04-14] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-04-14] (Microsoft Corporation) [MS Ad]
Microsoft Teams (work or school) -> C:\Program Files\WindowsApps\MSTeams_23306.3315.2560.6525_x64__8wekyb3d8bbwe [2023-12-09] (Microsoft) [Startup Task]
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.19.1262.0_x64__8wekyb3d8bbwe [2024-02-08] (Microsoft Studios) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2613768656-1866664547-1641146514-1001_Classes\CLSID\{04271989-4A69-3C15-1592-D267C23B6D70} -> [OneDrive - Univerzita Tomáše Bati ve Zlíně] => C:\Users\Jana\OneDrive - Univerzita Tomáše Bati ve Zlíně [2022-12-16 16:14]
CustomCLSID: HKU\S-1-5-21-2613768656-1866664547-1641146514-1001_Classes\CLSID\{04271989-C4D2-968D-8DFA-38C13479EBAD} -> [OneDrive - GFG Alliance] => C:\Users\Jana\OneDrive - GFG Alliance [2019-11-24 15:58]
CustomCLSID: HKU\S-1-5-21-2613768656-1866664547-1641146514-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Jana\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19317.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2613768656-1866664547-1641146514-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Jana\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19317.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2018-02-26] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Jana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) =============
2018-08-13 09:33 - 2018-08-13 09:33 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems32.dll] C:\Program Files (x86)\Microsoft Office\root\Office16\AppVIsvSubsystems32.dll
2018-08-13 09:33 - 2018-08-13 09:33 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R32.dll] C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-2613768656-1866664547-1641146514-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2613768656-1866664547-1641146514-1001\...\sharepoint.com -> hxxps://dataeur-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-12 00:38 - 2018-04-12 00:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
2019-11-04 20:10 - 2019-11-04 20:15 - 000000444 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2613768656-1866664547-1641146514-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{A7689A8E-30DE-46F7-9D4F-BA798A61DD15}C:\users\jana\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\jana\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{AF9D4A54-D1D1-413F-AD16-D163256717D4}C:\users\jana\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\jana\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{1452E23F-4746-4529-8508-3F1A00AD9B28}C:\users\jana\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\jana\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{D7BEFC12-96EA-4963-8C0B-8FA5A9788E2B}C:\users\jana\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\jana\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{FC9FBD7D-545F-4A67-B782-1745AD0360D0}] => (Allow) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
FirewallRules: [{7FE476E9-6B5B-4D11-B51B-923468E443A0}] => (Allow) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGUI.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
FirewallRules: [{CF82CE51-8A18-4DCF-BC43-4FEDA9334470}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D27B06EB-8142-4A0C-A1B7-572B9AAACFD4}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{32863E4D-11C6-4FC8-AD2A-762195F02850}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{443CF2AF-3BE2-4D4C-9525-3622BF9F604A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A29FA3B9-0089-4D4A-9252-53BF62E015EC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{AE40BB5B-A574-4AAC-A525-58A618C2BE3B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CD32A4AE-7F0F-4856-B5CA-1CFE91899892}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FBE6A6B6-4640-4DA6-AD62-1D7BEB30D1D3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E4C09F78-8F78-4AA0-831D-9A9572271609}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0E58E82B-A116-4C0F-A2EC-24EA47BAA711}] => (Allow) C:\Program Files\WindowsApps\MSTeams_23306.3315.2560.6525_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{97F48A0C-7D34-4922-A70B-E8E1D0F54D6F}] => (Allow) C:\Program Files\WindowsApps\MSTeams_23306.3315.2560.6525_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{70985BE3-5003-4C22-BFFB-978CC0C516B7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{814E6F20-12E1-4BF5-ADA3-4D035C863674}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\121.0.2277.128\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
03-02-2024 20:07:08 Naplánovaný kontrolní bod
18-02-2024 17:09:32 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (02/18/2024 06:36:28 PM) (Source: ESENT) (EventID: 448) (User: )
Description: taskhostw (8996,D,19) WebCacheLocal: V tabulce BlobEntry_129 databáze C:\Users\Jana\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat (524, 0x8000000080000c48) se zjistila nekonzistence dat.
Error: (02/18/2024 06:36:28 PM) (Source: ESENT) (EventID: 448) (User: )
Description: taskhostw (8996,D,19) WebCacheLocal: V tabulce BlobEntry_129 databáze C:\Users\Jana\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat (524, 0x8000000080000c48) se zjistila nekonzistence dat.
Error: (02/18/2024 06:36:25 PM) (Source: ESENT) (EventID: 448) (User: )
Description: taskhostw (8996,D,18) WebCacheLocal: V tabulce BlobEntry_129 databáze C:\Users\Jana\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat (524, 0x8000000080000c48) se zjistila nekonzistence dat.
Error: (02/18/2024 06:33:35 PM) (Source: ESENT) (EventID: 448) (User: )
Description: taskhostw (8996,D,19) WebCacheLocal: V tabulce BlobEntry_129 databáze C:\Users\Jana\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat (524, 0x8000000080000c4a) se zjistila nekonzistence dat.
Error: (02/18/2024 06:33:35 PM) (Source: ESENT) (EventID: 448) (User: )
Description: taskhostw (8996,D,19) WebCacheLocal: V tabulce BlobEntry_129 databáze C:\Users\Jana\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat (524, 0x8000000080000c4a) se zjistila nekonzistence dat.
Error: (02/18/2024 06:33:35 PM) (Source: ESENT) (EventID: 448) (User: )
Description: taskhostw (8996,D,18) WebCacheLocal: V tabulce BlobEntry_129 databáze C:\Users\Jana\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat (524, 0x8000000080000c4a) se zjistila nekonzistence dat.
Error: (02/18/2024 06:02:39 PM) (Source: ESENT) (EventID: 448) (User: )
Description: taskhostw (8996,D,19) WebCacheLocal: V tabulce BlobEntry_129 databáze C:\Users\Jana\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat (524, 0x8000000080000c48) se zjistila nekonzistence dat.
Error: (02/18/2024 06:02:39 PM) (Source: ESENT) (EventID: 448) (User: )
Description: taskhostw (8996,D,19) WebCacheLocal: V tabulce BlobEntry_129 databáze C:\Users\Jana\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat (524, 0x8000000080000c48) se zjistila nekonzistence dat.
System errors:
=============
Error: (02/18/2024 05:44:53 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x8024200b): Aktualizace bezpečnostních informací pro Microsoft Defender Antivirus – KB2267602 (verze 1.405.207.0) – Aktuální kanál (široká distribuce).
Error: (02/18/2024 05:41:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Search neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (02/18/2024 05:41:38 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Search bylo dosaženo časového limitu (30000 ms).
Error: (02/18/2024 05:12:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Error: (02/18/2024 05:12:38 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Jana\AppData\Local\Temp\ehdrv.sys
Error: (02/18/2024 05:12:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Error: (02/18/2024 05:12:37 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Jana\AppData\Local\Temp\ehdrv.sys
Error: (02/18/2024 05:12:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Windows Defender:
================
Date: 2024-02-04 17:19:18
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {FAD1EBE4-0D12-436F-B0EF-11F4E8957A2E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-11-19 21:32:45
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {EB9D2B55-AA61-4AED-814C-8F63B77419C9}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-11-19 20:56:13
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {05FBA226-74B8-4311-B8E5-593C22380F1C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-11-13 18:58:19
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {14FD1388-1A79-4560-AE8B-1B5DC96FD82D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-11-09 19:07:50
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {015537DA-B150-4AF6-9751-4FD2F6BC2F61}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:
Date: 2024-02-18 17:10:11
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.403.3739.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23110.2
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.
Date: 2024-02-03 16:04:12
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.403.2949.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23110.2
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2024-02-03 16:04:12
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.403.2949.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23110.2
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2024-02-03 16:04:12
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.403.2949.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23110.2
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2024-02-03 16:04:12
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.403.2949.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23110.2
Kód chyby: 0x80072efe
Popis chyby: Spojení se serverem bylo nenormálně ukončeno.
CodeIntegrity:
===============
Date: 2023-11-19 20:55:50
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-11-09 17:52:49
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-10-23 18:04:34
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2023-09-24 10:25:19
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-09-01 19:44:47
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-08-05 21:44:24
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-06-20 07:15:27
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-06-09 17:45:26
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. A19 01/23/2018
Motherboard: Dell Inc. 0C7K68
Processor: Intel(R) Core(TM) i5-5300U CPU @ 2.30GHz
Percentage of memory in use: 64%
Total physical RAM: 8067.4 MB
Available physical RAM: 2881.03 MB
Total Virtual: 9347.4 MB
Available Virtual: 3770.05 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.16 GB) (Free:354.03 GB) (Model: TOSHIBA MQ02ABF050H) NTFS
\\?\Volume{aa90e4c7-762f-4af2-9f15-57f7c2ad72dc}\ () (Fixed) (Total:0.49 GB) (Free:0.03 GB) NTFS
\\?\Volume{a1af9e67-351b-4441-918e-1731b63195e3}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 5A1CDFD0)
Partition: GPT.
==================== End of Addition.txt =======================
