Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-02-2021 01
Ran by CAM (administrator) on CAM-PC (ATComputers AUTOCONT INTEGRA) (11-02-2021 10:05:44)
Running from C:\Users\CAM\Desktop
Loaded Profiles: CAM & MSSQL$MOJEDB & MSSQLFDLauncher$MOJEDB & ReportServer$MOJEDB
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: Opera
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Flexera Software LLC -> Flexera Software LLC) C:\SolidSQUAD_License_Servers\Bin\lmgrd.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSRS12.MOJEDB\Reporting Services\ReportServer\bin\ReportingServicesService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.MOJEDB\MSSQL\Binn\fdhost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.MOJEDB\MSSQL\Binn\fdlauncher.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.MOJEDB\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvwmi64.exe <2>
(Opera Software AS -> Opera Software) C:\Users\CAM\AppData\Local\Programs\Opera\74.0.3911.107\opera.exe <27>
(Opera Software AS -> Opera Software) C:\Users\CAM\AppData\Local\Programs\Opera\74.0.3911.107\opera_crashreporter.exe
(SafeNet Canada, Inc. -> SafeNet, Inc) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
(SafeNet Canada, Inc. -> SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
(SafeNet, Inc. -> SafeNet Inc.) C:\Windows\System32\hasplms.exe
(SafeNet, Inc. -> SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe
(Siemens PLM Software Inc.) [File not signed] C:\SolidSQUAD_License_Servers\Bin\ugslmd.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(VMware, Inc. -> ) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(ZONER software, a.s. -> ZONER software) C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2743658272-2498043693-175609155-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32440376 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2743658272-2498043693-175609155-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-2743658272-2498043693-175609155-1000\...\Run: [Opera Browser Assistant] => C:\Users\CAM\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3368600 2021-02-09] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-2743658272-2498043693-175609155-1000\...\MountPoints2: {8c45eb9a-90e9-11ea-901b-005056c00008} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2743658272-2498043693-175609155-1000\...\MountPoints2: {8c45eb9e-90e9-11ea-901b-005056c00008} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2743658272-2498043693-175609155-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [55432 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\Software\...\AppCompatFlags\InstalledSDB\{ad846bae-d44b-4722-abad-f7420e08bcd9}: [DatabasePath] -> C:\Windows\AppPatch\Custom\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb [2015-04-17]
InternetURL: C:\Users\CAM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\audiodg.url -> URL: file:///C:/Users/CAM/AppData/Roaming/audiodg.exe
Startup: C:\Users\CAM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mapped_drives.bat [2018-08-27] () [File not signed]
InternetURL: C:\Users\CAM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tpmvsucgr.url -> URL: file:///C:/Users/CAM/AppData/Roaming/tpmvscugr.exe

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0361572E-391A-4F7F-BA0F-E17D96B07CD2} - System32\Tasks\Opera scheduled Autoupdate 1613033779 => C:\Users\CAM\AppData\Local\Programs\Opera\launcher.exe [1793688 2021-02-09] (Opera Software AS -> Opera Software)
Task: {20A6A1E7-C7A7-4ECC-ADAD-9AC5A8AC0295} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158568 2021-01-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {2ACFD6F4-8ABA-45CC-A6B9-AAFAEDF5554B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-04-15] (Adobe Inc. -> Adobe)
Task: {44CFC227-9B4B-462E-AE68-1B2A0F41A711} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_363_pepper.exe [1454136 2020-04-15] (Adobe Inc. -> Adobe)
Task: {54247151-CA79-4820-B847-205E7DF2E648} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158568 2021-01-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {55BAEF59-91A4-4719-BAC9-CAA76BA5622E} - System32\Tasks\Opera scheduled Autoupdate 1535095649 => C:\Users\CAM\AppData\Local\Programs\Opera\launcher.exe [1793688 2021-02-09] (Opera Software AS -> Opera Software)
Task: {5ACA3544-EAB4-4A93-B286-0128BC1741AE} - System32\Tasks\KMSAutoNet => C:\ProgramData\KMSAutoS\KMSAuto Net.exe [6977272 2015-08-10] (Ratiborus MSFree Inc. -> MSFree Inc.) [File not signed]
Task: {5C18E7D7-5993-4C27-B5C2-3E9A78F444A5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6158768 2021-01-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {7C37A660-CDD2-4A13-A3CD-FCEB3A65B180} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_363_Plugin.exe [1458232 2020-04-15] (Adobe Inc. -> Adobe)
Task: {83D687F5-E69B-4527-9078-AE07CFC27532} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-12-21] (Intel(R) Update Manager -> Intel Corporation)
Task: {86926394-86DB-4DFF-B427-96953A6E1C72} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {8B47086A-F1C1-41C0-85A4-597D83A62F17} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6158768 2021-01-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {8F1EBF3D-F14A-45BB-B211-08FC900FF8A9} - System32\Tasks\nWizard_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2096064 2018-01-13] (NVIDIA Corporation -> )
Task: {93776702-EA37-495D-83C0-B40A6B88D142} - System32\Tasks\{74642BCD-E40B-4950-BD2C-422AA19592C2} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\MecSoft Corporation\VisualMill 5.0\RainbowInstaller.exe" -d "C:\Program Files (x86)\MecSoft Corporation\VisualMill 5.0"
Task: {9F4CD40D-530A-4D6A-89D5-8509F159CBDF} - System32\Tasks\Opera scheduled assistant Autoupdate 1613033781 => C:\Users\CAM\AppData\Local\Programs\Opera\launcher.exe [1793688 2021-02-09] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\CAM\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {A193F5AC-035A-4908-87D4-6145AAD975D5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26913848 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A1EB8473-8E62-4D2D-B2F0-9F33174A693B} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-12-21] (Intel(R) Update Manager -> Intel Corporation)
Task: {A7C198BA-18A6-44BE-9E9C-DFAAA0330509} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [410784 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {B0F9247A-175C-4241-957B-C4E16DE62A8C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B8BC69E6-4B80-4217-9915-5A5F1C47C51F} - System32\Tasks\AdobeGCInvoker-1.0-CAM-PC-CAM => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {D15112DD-4F2D-4DF5-8966-81497954F9DE} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24612232 2021-01-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {E79BC30E-096D-4996-97D9-5DDE49A8A221} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24612232 2021-01-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {F3D984B0-1E86-4621-818D-C9F7896C91A5} - System32\Tasks\{7D9D1358-2701-4BB1-91ED-F1C64CAA0B8E} => C:\Windows\system32\pcalua.exe -a C:\Kovoprog_install\SETUP.EXE -d C:\Kovoprog_install

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog9 11 C:\Windows\SysWOW64\vsocklib.dll [42296 2019-08-14] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog9 12 C:\Windows\SysWOW64\vsocklib.dll [42296 2019-08-14] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog9-x64 11 C:\Windows\system32\vsocklib.dll [46392 2019-08-14] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog9-x64 12 C:\Windows\system32\vsocklib.dll [46392 2019-08-14] (VMware, Inc. -> VMware, Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.130.1 160.218.161.54 194.228.41.65
Tcpip\..\Interfaces\{BDBC6976-498B-453D-906E-8DE2F13BA716}: [DhcpNameServer] 192.168.130.1 160.218.161.54 194.228.41.65

Edge: 
=======
Edge Profile: C:\Users\CAM\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-11]
Edge HomePage: Default -> hxxp://go.microsoft.com/fwlink/?LinkId=69157

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2019-02-04] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_363.dll [2020-04-15] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-03-25] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_363.dll [2020-04-15] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-03-25] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-03-25] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-01-13] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-01-13] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-02-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems Incorporated -> Adobe Systems)

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-03-28]

Opera: 
=======
OPR Profile: C:\Users\CAM\AppData\Roaming\Opera Software\Opera Stable [2021-02-11]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\CAM\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-02-11]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-04-15] (Adobe Inc. -> Adobe)
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11137416 2021-01-07] (Microsoft Corporation -> Microsoft Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3729512 2018-08-22] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 hasplms; C:\Windows\system32\hasplms.exe [4609928 2013-08-01] (SafeNet, Inc. -> SafeNet Inc.)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-12-21] (Intel(R) Update Manager -> Intel Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R2 MSSQL$MOJEDB; C:\Program Files\Microsoft SQL Server\MSSQL12.MOJEDB\MSSQL\Binn\sqlservr.exe [365464 2020-11-01] (Microsoft Corporation -> Microsoft Corporation)
R3 MSSQLFDLauncher$MOJEDB; C:\Program Files\Microsoft SQL Server\MSSQL12.MOJEDB\MSSQL\Binn\fdlauncher.exe [43928 2020-11-01] (Microsoft Corporation -> Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R2 NVWMI; C:\Windows\system32\nvwmi64.exe [4166640 2018-01-13] (NVIDIA Corporation -> NVIDIA Corporation)
R2 RapiMgr; C:\Windows\WindowsMobile\rapimgr.dll [225672 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
R2 ReportServer$MOJEDB; C:\Program Files\Microsoft SQL Server\MSRS12.MOJEDB\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2525592 2020-11-01] (Microsoft Corporation -> Microsoft Corporation)
R2 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [405136 2016-12-16] (SafeNet Canada, Inc. -> SafeNet, Inc.)
R2 SentinelProtectionServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [1261200 2016-12-14] (SafeNet Canada, Inc. -> SafeNet, Inc)
R2 SentinelSecurityRuntime; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [293216 2013-01-09] (SafeNet, Inc. -> SafeNet, Inc.)
S4 SQLAgent$MOJEDB; C:\Program Files\Microsoft SQL Server\MSSQL12.MOJEDB\MSSQL\Binn\SQLAGENT.EXE [606104 2020-11-01] (Microsoft Corporation -> Microsoft Corporation)
R2 SSQ FLEXLM Service; C:\SolidSQUAD_License_Servers\Bin\lmgrd.exe [1787912 2016-05-05] (Flexera Software LLC -> Flexera Software LLC)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12097024 2019-11-06] (TeamViewer GmbH -> TeamViewer Germany GmbH)
R3 TermService; C:\Program Files\RDP Wrapper\rdpwrap.dll [116736 2019-06-03] (Stas'M Corp.) [File not signed] <==== ATTENTION (no ServiceDLL)
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [15476144 2019-11-04] (VMware, Inc. -> )
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [56040 2015-11-19] (Microsoft Corporation -> Microsoft Corporation)
R2 WcesComm; C:\Windows\WindowsMobile\wcescomm.dll [443784 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [60488 2013-08-01] (SafeNet, Inc. -> SafeNet Inc.)
S3 akshhl; C:\Windows\System32\DRIVERS\akshhl.sys [63944 2013-08-01] (SafeNet, Inc. -> SafeNet Inc.)
S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [303624 2013-08-01] (SafeNet, Inc. -> SafeNet Inc.)
S3 aksusb; C:\Windows\SysWOW64\DRIVERS\aksusb.sys [23040 2020-01-30] (Aladdin Knowledge Systems) [File not signed]
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2018-08-25] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2018-08-25] (Disc Soft Ltd -> Disc Soft Ltd)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331328 2013-08-01] (SafeNet, Inc. -> SafeNet Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R3 MpKslaa4d00f0; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6F7EBD48-222F-47C2-A4C6-1FC68EC72512}\MpKslDrv.sys [47344 2021-02-11] (Microsoft Windows -> Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
S3 ptun0901; C:\Windows\System32\DRIVERS\ptun0901.sys [27136 2014-08-08] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S4 RsFx0321; C:\Windows\System32\DRIVERS\RsFx0321.sys [258720 2018-07-25] (Microsoft Corporation -> Microsoft Corporation)
R3 SNTUSB64; C:\Windows\System32\DRIVERS\SNTUSB64.SYS [70624 2017-08-16] (SafeNet Canada, Inc. -> SafeNet, Inc.)
R2 VMnetBridge; C:\Windows\System32\DRIVERS\vmnetbridge.sys [66368 2019-11-04] (VMware, Inc. -> VMware, Inc.)
R0 vsock; C:\Windows\System32\DRIVERS\vsock.sys [103736 2019-08-14] (VMware, Inc. -> VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-x64.sys [52576 2018-02-28] (VMware, Inc. -> VMware, Inc.)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64_prewin8.sys [31920 2018-02-26] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
S2 XRNBO; c:\windows\SysWOW64\drivers\XRNBO.sys [177152 2020-01-31] () [File not signed]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-11 10:05 - 2021-02-11 10:06 - 000023568 _____ C:\Users\CAM\Desktop\FRST.txt
2021-02-11 10:05 - 2021-02-11 10:06 - 000000000 ____D C:\FRST
2021-02-11 10:01 - 2021-02-11 10:01 - 002297344 _____ (Farbar) C:\Users\CAM\Desktop\FRST64.exe
2021-02-11 09:56 - 2021-02-11 09:56 - 000004260 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1613033781
2021-02-11 09:56 - 2021-02-11 09:56 - 000004030 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1613033779
2021-02-11 09:56 - 2021-02-11 09:56 - 000001278 _____ C:\Users\CAM\Desktop\Prohlížeč Opera.lnk
2021-02-11 09:55 - 2021-02-11 09:55 - 000000000 ____D C:\Users\CAM\AppData\Roaming\Opera Software
2021-02-04 20:32 - 2021-02-04 20:32 - 000000000 ____D C:\Users\CAM\AppData\Local\Ubisoft
2021-01-29 12:03 - 2021-01-29 12:03 - 000000000 ____D C:\Users\CAM\Documents\NX_test
2021-01-29 08:21 - 2021-01-29 08:32 - 000001932 _____ C:\Users\CAM\Desktop\NX.lnk
2021-01-29 08:15 - 2021-01-29 08:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Siemens Solid Edge CAM Pro 12.0.2
2021-01-29 08:11 - 2021-01-29 08:11 - 000000000 ____D C:\Program Files\Siemens
2021-01-29 06:57 - 2021-01-29 06:57 - 000000000 ____D C:\ProgramData\FNP
2021-01-29 06:52 - 2021-01-29 08:05 - 000000000 ____D C:\SolidSQUAD_License_Servers
2021-01-29 06:45 - 2021-01-29 08:26 - 000000000 ____D C:\Users\CAM\AppData\Local\Siemens
2021-01-28 12:18 - 2001-08-06 17:28 - 000007952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ODBCCP32.CPL
2021-01-28 12:18 - 2000-11-07 17:36 - 001044480 _____ (eHelp Corporation.) C:\Windows\SysWOW64\ROBOEX32.DLL
2021-01-28 12:18 - 2000-08-02 15:44 - 000151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdocurs.dll
2021-01-28 12:18 - 2000-05-22 00:00 - 000608448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COMCTL32.OCX
2021-01-28 12:18 - 2000-05-22 00:00 - 000203976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RICHTX32.OCX
2021-01-28 12:18 - 2000-05-11 13:06 - 000397312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSRDO20.DLL
2021-01-28 12:18 - 1999-09-30 19:21 - 000166672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstext35.dll
2021-01-28 12:18 - 1999-09-28 21:42 - 001050896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet35.dll
2021-01-28 12:18 - 1999-09-09 22:06 - 000252688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl35.dll
2021-01-28 12:18 - 1999-09-09 22:06 - 000168720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus35.dll
2021-01-28 12:18 - 1999-08-25 14:57 - 000415504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrepl35.dll
2021-01-28 12:18 - 1999-06-10 09:34 - 000123664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjint35.dll
2021-01-28 12:18 - 1999-06-10 09:34 - 000024848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjter35.dll
2021-01-28 12:18 - 1999-06-07 18:59 - 000250128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspdox35.dll
2021-01-28 12:18 - 1999-04-26 20:08 - 000044304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrpfs35.dll
2021-01-28 12:18 - 1999-01-11 20:21 - 000026224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ODBC16GT.DLL
2021-01-28 12:18 - 1999-01-11 20:18 - 000004656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DS16GT.DLL
2021-01-28 12:18 - 1998-10-19 12:34 - 000037062 _____ C:\Windows\SysWOW64\odbcinst.hlp
2021-01-28 12:18 - 1998-10-19 12:34 - 000000324 _____ C:\Windows\SysWOW64\odbcinst.cnt
2021-01-28 12:18 - 1998-06-24 00:00 - 000525352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DBGRID32.OCX
2021-01-28 12:18 - 1998-06-24 00:00 - 000200496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DBLIST32.OCX
2021-01-28 12:18 - 1998-06-01 14:37 - 000344064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexch35.dll
2021-01-28 12:18 - 1998-06-01 14:37 - 000294912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxbse35.dll
2021-01-28 12:18 - 1998-06-01 14:37 - 000262144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x35.dll
2021-01-28 12:18 - 1998-05-05 11:36 - 000039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JETCOMP.exe
2021-01-28 12:18 - 1998-04-03 16:19 - 000170865 _____ C:\Windows\SysWOW64\Odbcjet.hlp
2021-01-28 12:18 - 1998-04-03 16:19 - 000006902 _____ C:\Windows\SysWOW64\Odbcjet.cnt
2021-01-28 12:13 - 2021-01-28 12:13 - 000000000 ____D C:\Program Files (x86)\SafeNet Sentinel
2021-01-28 09:20 - 2021-01-28 09:20 - 000000000 ____D C:\Users\CAM\Documents\Vero Software
2021-01-27 06:45 - 2021-01-27 06:45 - 000000000 ____D C:\Users\CAM\AppData\Local\CEF
2021-01-27 06:42 - 2021-01-27 06:42 - 000000000 ____D C:\Users\CAM\AppData\Local\Vero Software
2021-01-27 06:37 - 2021-01-27 07:47 - 000000000 ____D C:\Users\CAM\Documents\Hexagon
2021-01-27 06:36 - 2021-01-27 06:36 - 000000000 ____D C:\Program Files\Common Files\SolidWorks Shared
2021-01-27 06:35 - 2021-01-27 07:47 - 000000000 ____D C:\Users\CAM\AppData\Local\Hexagon
2021-01-27 06:35 - 2021-01-27 06:35 - 000000000 ____D C:\ProgramData\Vero Software
2021-01-21 06:15 - 2021-01-21 06:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HEIDENHAIN
2021-01-21 06:15 - 2021-01-21 06:15 - 000000000 ____D C:\Program Files (x86)\HEIDENHAIN

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-11 09:56 - 2018-08-24 08:27 - 000001278 _____ C:\Users\CAM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2021-02-11 09:46 - 2009-07-14 05:45 - 000039696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-02-11 09:46 - 2009-07-14 05:45 - 000039696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-02-11 09:43 - 2011-03-04 10:18 - 000788356 _____ C:\Windows\system32\perfh005.dat
2021-02-11 09:43 - 2011-03-04 10:18 - 000189516 _____ C:\Windows\system32\perfc005.dat
2021-02-11 09:43 - 2009-07-14 06:13 - 001921358 _____ C:\Windows\system32\PerfStringBackup.INI
2021-02-11 09:43 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2021-02-11 09:40 - 2018-09-25 00:16 - 000000000 ____D C:\Program Files\CCleaner
2021-02-11 09:38 - 2020-01-31 09:24 - 000000000 ____D C:\ProgramData\VMware
2021-02-11 09:38 - 2019-12-05 11:43 - 000000000 ____D C:\Users\MSSQLFDLauncher$MOJEDB
2021-02-11 09:38 - 2018-08-25 05:16 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-02-11 09:38 - 2018-08-24 08:04 - 000000000 ____D C:\ProgramData\NVIDIA
2021-02-11 09:38 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-02-11 09:34 - 2018-08-24 08:01 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-02-11 09:33 - 2018-08-24 08:05 - 000000000 ____D C:\Program Files (x86)\Google
2021-02-11 09:32 - 2018-08-24 08:05 - 000000000 ____D C:\Users\CAM\AppData\Local\Google
2021-02-11 09:32 - 2018-08-24 07:59 - 000001393 _____ C:\Users\CAM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2021-02-11 09:28 - 2018-10-17 20:33 - 000000000 ____D C:\Users\CAM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2021-02-11 09:04 - 2020-01-31 09:34 - 000000000 ____D C:\Users\CAM\AppData\Roaming\VMware
2021-02-11 09:04 - 2020-01-31 09:34 - 000000000 ____D C:\Users\CAM\AppData\Local\VMware
2021-02-11 08:32 - 2018-09-07 08:19 - 000000000 ____D C:\Users\CAM\AppData\Local\CrashDumps
2021-02-11 07:26 - 2018-08-24 10:09 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2021-02-11 07:25 - 2018-08-24 10:09 - 000002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-02-10 10:02 - 2018-08-25 04:54 - 000000000 ____D C:\ProgramData\KMSAutoS
2021-02-10 03:03 - 2018-08-24 09:11 - 000000000 ____D C:\Windows\system32\MRT
2021-02-10 03:00 - 2018-08-24 09:10 - 130141752 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-02-08 14:58 - 2018-08-25 04:56 - 000003166 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2743658272-2498043693-175609155-1000
2021-02-08 14:58 - 2018-08-24 09:09 - 000002110 _____ C:\Users\CAM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2021-02-08 14:58 - 2018-08-24 09:09 - 000000000 ___RD C:\Users\CAM\OneDrive
2021-02-08 06:05 - 2020-06-24 07:17 - 000002221 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-08 05:58 - 2020-06-24 07:17 - 000003484 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-08 05:58 - 2020-06-24 07:17 - 000003356 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-05 08:22 - 2020-07-08 05:55 - 000000000 ____D C:\Users\CAM\.cr3
2021-02-01 13:58 - 2020-01-31 09:39 - 000000000 ____D C:\Users\CAM\Documents\Virtual Machines
2021-01-29 08:19 - 2018-08-24 08:00 - 000127816 _____ C:\Users\CAM\AppData\Local\GDIPFONTCACHEV1.DAT
2021-01-29 08:19 - 2009-07-14 05:45 - 000484360 _____ C:\Windows\system32\FNTCACHE.DAT
2021-01-28 12:16 - 2018-08-25 09:57 - 000000000 ____D C:\Users\CAM\AppData\Local\Downloaded Installations
2021-01-28 12:16 - 2018-08-24 08:16 - 000000000 ____D C:\Windows\Downloaded Installations
2021-01-28 12:13 - 2018-08-24 08:18 - 000000000 ____D C:\Users\CAM\Documents\Downloaded Installations
2021-01-28 12:12 - 2020-03-25 17:35 - 000000000 ____D C:\Program Files\Microsoft Office
2021-01-28 12:12 - 2018-08-24 11:31 - 000000000 ____D C:\ProgramData\Package Cache
2021-01-28 12:12 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2021-01-21 22:37 - 2010-11-21 04:27 - 000799104 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2021-01-21 15:53 - 2018-09-03 11:50 - 000000000 ____D C:\Users\CAM\Desktop\Nová složka
2021-01-20 19:21 - 2018-08-25 05:16 - 000000000 ____D C:\Users\CAM\AppData\Roaming\TeamViewer
2021-01-20 19:17 - 2018-09-25 00:16 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-01-20 19:17 - 2018-09-25 00:16 - 000002782 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2021-01-18 06:12 - 2018-08-24 09:07 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-13 03:09 - 2019-12-05 11:44 - 000000000 ____D C:\Users\ReportServer$MOJEDB
2021-01-13 03:07 - 2019-09-02 11:17 - 000000000 ____D C:\Windows\SysWOW64\1033
2021-01-13 03:07 - 2019-09-02 11:16 - 000000000 ____D C:\Windows\system32\1033
2021-01-13 03:06 - 2019-12-05 11:43 - 000000000 ____D C:\Users\MSSQL$MOJEDB
2021-01-13 03:06 - 2019-09-02 11:17 - 000000000 ____D C:\Program Files\Microsoft SQL Server
2021-01-13 03:06 - 2019-09-02 11:17 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server

==================== Files in the root of some directories ========

2018-10-11 06:08 - 2018-10-11 06:08 - 000000171 _____ () C:\Users\CAM\AppData\Roaming\1eb766f2-fed1-4d33-9c39-2c8a972fd11f
2018-10-11 06:08 - 2018-10-11 06:08 - 000000453 _____ () C:\Users\CAM\AppData\Roaming\4e93aa11-2d46-4980-a421-0a4ac759e5bf
2019-08-19 06:19 - 2019-08-19 06:19 - 000000171 _____ () C:\Users\CAM\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0
2019-08-19 06:19 - 2019-08-19 06:19 - 000001057 _____ () C:\Users\CAM\AppData\Roaming\88e9dc3a-641c-4dc2-9204-9ba65cc42265
2018-10-11 06:08 - 2018-10-11 06:08 - 000000175 _____ () C:\Users\CAM\AppData\Roaming\fc19ece2-6b3f-4f22-8758-9651ab9ca388
2018-10-01 07:23 - 2018-10-03 12:19 - 000012958 _____ () C:\Users\CAM\AppData\Roaming\Hodnoty oddělené čárkami.CAL
2018-09-19 07:14 - 2018-09-20 05:43 - 335897600 __RSH () C:\Users\CAM\AppData\Roaming\suybj.exe
2018-09-20 05:44 - 2018-09-25 00:15 - 000001386 ___SH () C:\Users\CAM\AppData\Roaming\systemFP.$dk
2019-02-06 10:05 - 2019-02-06 10:05 - 000000000 _____ () C:\Users\CAM\AppData\Local\oobelibMkey.log
2019-08-17 12:27 - 2019-08-17 12:27 - 000000218 _____ () C:\Users\CAM\AppData\Local\recently-used.xbel
2018-11-01 12:29 - 2020-09-25 11:41 - 000007641 _____ () C:\Users\CAM\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2021-02-11 00:48
==================== End of FRST.txt ========================