Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

hacknuty mail asi aj pocitac, Windows 10 SK

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
solide
Návštěvník
Návštěvník
Příspěvky: 58
Registrován: 07 lis 2006 09:41

hacknuty mail asi aj pocitac, Windows 10 SK

#1 Příspěvek od solide »

ahoj, v pondelok sa mi ozval spravca domeny, kde mam aj mail, ze mi zablokovali smtp pristup, lebo z mojho mailu chodi vela spamov. Mne samotnemu prislo v ten den mailom vela hlaseni z e-mail adries, ktore nepoznam, o neuspesnom doruceni e-mailu / mailer daemon/ dnes v noci mi z mojej adresy prisiel mail, kde mi oznamili ze mam hacnkuty pocitac trojskym konom, ze ma dlhsie sleduju a poslali mi spravny pristup k mojej, pracovnej e-mail adrese aj so spravnym heslom. Ziadaju odo mna 400 US dolarov. Neviem ako sa to mohlo stat, lebo absolutne nechodim na ziadne hackerske, ani ine, zavadne , porno stranky, nezname maily, hned cez webove rozhranie mailu mazem.

Nechal som teraz scanovat cely pocitac programom Eset Security, . Prosim ako dalej postupovat?

FRST log:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-05-2022
Ran by janos (administrator) on DESKTOP-LQJATP4 (LENOVO 7745) (24-05-2022 12:52:05)
Running from C:\Users\janos\Downloads
Loaded Profiles: janos
Platform: Microsoft Windows 10 Home Version 21H2 19044.1706 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe <2>
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <2>
(C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\egui.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1510.7.114.0_x64__8xx8rvfyw5nnt\app\Messenger.exe ->) (Meta) C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1510.7.114.0_x64__8xx8rvfyw5nnt\app\CrashpadHandlerWindows.exe
(C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22032.179.0_x64__8wekyb3d8bbwe\YourPhoneServer\YourPhoneServer.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22032.179.0_x64__8wekyb3d8bbwe\YourPhoneAppProxy\YourPhoneAppProxy.exe
(Disig a.s. -> Disig a.s.) C:\Program Files (x86)\Disig\Web Signer\WebSignerTray.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <68>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office16\OUTLOOK.EXE
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mspaint.exe <8>
(Meta) C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1510.7.114.0_x64__8xx8rvfyw5nnt\app\Messenger.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office16\WINWORD.EXE <2>
(Ministerstvo vnútra Slovenskej republiky -> Ministerstvo vnútra Slovenskej republiky) C:\Program Files (x86)\EAC MW klient\EAC_MW_klient.exe
(Open Source Developer, Noriyuki Miyazaki -> Crystal Dew World) F:\instalacky programov\utility na disk safrankova\CrystalDiskInfo8_13_2\DiskInfo64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (DITEC, a.s. -> ) C:\Program Files (x86)\Ditec\DLauncher\dLauncherLoopback.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (philandro Software GmbH -> AnyDesk Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <2>
(services.exe ->) (Siber Systems -> ) C:\Program Files\Siber Systems\GoodSync\gs-server.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe
(Siber Systems -> Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\janos\AppData\Local\Microsoft\OneDrive\22.089.0426.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\HelpPane.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1704_none_7de951067ca990f6\TiWorker.exe
(WhatsApp, Inc -> WhatsApp) C:\Users\janos\AppData\Local\WhatsApp\app-2.2216.8\WhatsApp.exe <7>
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\MobileGo\MobileGoService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3427104 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [168064 2022-03-15] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [37232 2008-06-12] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5819672 2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [EAC_MW_klient] => C:\Program Files (x86)\EAC MW klient\EAC_MW_klient.exe [11819664 2021-07-20] (Ministerstvo vnútra Slovenskej republiky -> Ministerstvo vnútra Slovenskej republiky)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [850208 2022-05-13] (Adobe Inc. -> Adobe Inc.)
HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\Run: [Viber] => C:\Users\janos\AppData\Local\Viber\Viber.exe [45429776 2020-12-03] (Viber Media S.à r.l. -> Viber Media S.à r.l.)
HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [107000 2020-04-01] (Siber Systems -> Siber Systems)
HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\Run: [com.squirrel.WhatsApp.WhatsApp] => C:\Users\janos\AppData\Local\WhatsApp\Update.exe [2253568 2022-05-18] (WhatsApp, Inc -> )
HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\Run: [Disig Web Signer] => C:\Program Files (x86)\Disig\Web Signer\WebSignerTray.exe [254080 2021-02-04] (Disig a.s. -> Disig a.s.)
HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5412632 2022-04-07] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5412632 2022-04-07] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\janos\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\janos\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\RunOnce: [Uninstall 22.077.0410.0007] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\janos\AppData\Local\Microsoft\OneDrive\22.077.0410.0007" (No File)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [203936 2022-04-07] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP DeskJet 5820 series): C:\WINDOWS\system32\HPDiscoPMEE11.dll [807056 2016-08-04] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\101.0.4951.67\Installer\chrmstp.exe [2022-05-18] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2022-02-07]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MobileGo Service.lnk [2020-10-12]
ShortcutTarget: MobileGo Service.lnk -> C:\Program Files (x86)\Wondershare\MobileGo\MobileGoService.exe (Wondershare Technology Co.,Ltd -> Wondershare)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0040B8D6-C748-42EC-A4F3-2F3DF7522727} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2069952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {117348C6-FC83-4767-8FC1-D6CA7D026B21} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [107000 2020-04-01] (Siber Systems -> Siber Systems)
Task: {1E1596A4-6184-46F7-B540-66D7FD9E1052} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {20248C13-0266-4AA5-89EC-D170C7628DEA} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [757184 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {38B13106-1942-427A-A676-1E5B9E7158B2} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {3BD7A1A2-1DFF-4A20-8205-EE24E966A707} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [510912 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {40B21E26-6C46-48AE-B71E-D7C5068E099D} - System32\Tasks\Open URL by RoboForm => C:\WINDOWS\system32\rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/test-pass.html?aaa=KIC ... JNDJCMMIEJ"
Task: {40F7DC8B-D514-41BB-9DE8-92602C30F7DB} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {56527AA4-AFBB-43B3-9120-59EE55A845AF} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3427104 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {6D9FCD78-8BA0-4E28-AEC6-B805FA3CA723} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {6EE8ED60-DFD0-450A-A731-39EB7AA21D27} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [42144 2022-04-29] (HP Inc. -> HP Inc.)
Task: {78B260B3-CFB9-481E-BABF-D678675E7A08} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-01] (Google LLC -> Google LLC)
Task: {9203648D-8F2B-4D8C-9DBD-65D173BE4504} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files (x86)\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {98B7BBDE-5101-4F2B-9EA5-8EEA33DECE40} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [976832 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A2893D3A-6D55-4F47-9462-6471765AC59D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {AEA581CD-913C-4E68-BD20-2D4C6F9C0D9E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {B4B3D474-E811-449A-8BC4-9E6F0601C24E} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {B6B8F442-A1BB-461C-8C18-A0AB0AD6C58A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {C3B6052A-3898-4F36-BA36-C9229EF124F1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DF77FFF6-3C55-431B-A287-5285AACC7689} - System32\Tasks\CrystalDiskInfo => F:\instalacky programov\utility na disk safrankova\CrystalDiskInfo8_13_2\DiskInfo64.exe [2802720 2022-03-18] (Open Source Developer, Noriyuki Miyazaki -> Crystal Dew World)
Task: {E3032937-05E4-42A8-B058-867E01766723} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-01] (Google LLC -> Google LLC)
Task: {F63D921D-8BB1-4030-A36F-5E6E5749D6D1} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [42144 2022-04-29] (HP Inc. -> HP Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.2 10.0.0.1
Tcpip\..\Interfaces\{190ec8a3-ed5f-46a3-8da8-5b04379db2dc}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1f03db79-0c49-4692-a547-51243528b303}: [DhcpNameServer] 10.0.0.2 10.0.0.1
Tcpip\..\Interfaces\{51c19704-2799-4c6e-8ab8-d05a1bbcf5df}: [DhcpNameServer] 10.0.0.2 10.0.0.1

Edge:
=======
DownloadDir: C:\Users\janos\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\janos\AppData\Local\Microsoft\Edge\User Data\Default [2022-05-24]
Edge HomePage: Default -> hxxp://www.google.sk/
Edge Extension: (Notifier for Gmail™) - C:\Users\janos\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dcjichoefijpinlfnjghokpkojhlhkgl [2021-10-04]
Edge Extension: (iCloud Záložky) - C:\Users\janos\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2022-05-19]
Edge Extension: (Adblock Plus - free ad blocker) - C:\Users\janos\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2022-05-23]
Edge Extension: (IE Tab) - C:\Users\janos\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2022-05-18]
Edge Extension: (RoboForm Password Manager) - C:\Users\janos\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ljfpcifpgbbchoddpjefaipoiigpdmag [2022-04-20]
Edge Extension: (uBlock Origin) - C:\Users\janos\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2022-05-06]
Edge Extension: (Send Link by Email or Gmail) - C:\Users\janos\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\plcgkgghkdfgfhiidfjkhmainebgmklf [2020-07-12]

FireFox:
========
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2022-04-07]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2022-05-13] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2022-05-13] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: ditec.sk/DAsicFac -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~1.DLL [2021-02-09] (DITEC, a.s. -> Ditec,a.s.)
FF Plugin-x32: ditec.sk/DitecZepDViewerFb -> C:\PROGRA~2\Ditec\DViewer\NPDITE~1.DLL [2021-02-09] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigMessageContainer -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~2.DLL [2021-02-09] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigXadesExtender -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~3.DLL [2021-02-09] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigXadesFb -> C:\PROGRA~2\Ditec\DSIGNE~1.NET\NPDITE~1.DLL [2021-09-06] (DITEC, a.s. -> Ditec,a.s.)
FF Plugin-x32: ditec.sk/XmlDataContainerFb -> C:\PROGRA~2\Ditec\DSIGNE~1.NET\NPDITE~2.DLL [2021-09-06] (DITEC, a.s. -> Ditec,a.s.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default [2022-05-24]
CHR Notifications: Default -> hxxps://alimebot.aliexpress.com; hxxps://calendar.google.com; hxxps://email.forpsi.com; hxxps://findmedia.biz; hxxps://mail.google.com; hxxps://watch-video.net; hxxps://www.alibaba.com; hxxps://www.comco.sk; hxxps://www.messenger.com; hxxps://www.pocasie.sk
CHR HomePage: Default -> hxxp://www.google.sk/
CHR StartupUrls: Default -> "hxxps://www.google.sk/"
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-05-13]
CHR Extension: (uBlock Origin) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-04-08]
CHR Extension: (Notifier for Gmail™) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcjichoefijpinlfnjghokpkojhlhkgl [2021-09-27]
CHR Extension: (Adobe Acrobat: nástroje na upravovanie, prevádzanie a podpisovanie súborov PDF) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-04-29]
CHR Extension: (iCloud Záložky) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2022-05-19]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-14]
CHR Extension: (IE Tab) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2022-05-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (DigitalPersona) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkdnjfgdoolnmiacpdamadcneoblphbj [2021-10-06]
CHR Extension: (Send Link by Email or Gmail) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\plcgkgghkdfgfhiidfjkhmainebgmklf [2020-04-01]
CHR Extension: (RoboForm Password Manager) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2022-05-24]
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-05-23]
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-05-05]
CHR Extension: (YouTube) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-08-03]
CHR Extension: (Adobe Acrobat: nástroje na upravovanie, prevádzanie a podpisovanie súborov PDF) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-05-05]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-05-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-10]
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 2 [2022-04-27]
CHR Extension: (YouTube) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-08-04]
CHR Extension: (Adobe Acrobat: nástroje na upravovanie, prevádzanie a podpisovanie súborov PDF) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-04-27]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-27]
CHR Extension: (AdBlock - najlepší blokovač reklám) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-04-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-04-27]
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 3 [2022-05-10]
CHR Extension: (Adobe Acrobat: nástroje na upravovanie, prevádzanie a podpisovanie súborov PDF) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-05-09]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-05-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-03]
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4 [2022-03-23]
CHR Extension: (Prezentácie) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-11-09]
CHR Extension: (Dokumenty) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2020-11-09]
CHR Extension: (Disk Google) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-09]
CHR Extension: (YouTube) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-11-09]
CHR Extension: (Tabuľky) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-11-09]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-03-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-18]
CHR Extension: (Gmail) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-09]
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 5 [2022-04-19]
CHR Extension: (YouTube) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-11-21]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-09]
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6 [2022-04-08]
CHR Extension: (Prezentácie) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-08-23]
CHR Extension: (Dokumenty) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aohghmighlieiainnegkcijnfilokake [2021-08-23]
CHR Extension: (Disk Google) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-08-23]
CHR Extension: (YouTube) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-08-23]
CHR Extension: (Tabuľky) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-08-23]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-23]
CHR Extension: (Gmail) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-08-23]
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\System Profile [2022-05-23]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [919328 2022-04-27] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3815712 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3580200 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3803376 2022-02-07] (philandro Software GmbH -> AnyDesk Software GmbH)
R2 dLauncherLoopback; C:\Program Files (x86)\Ditec\DLauncher\dLauncherLoopback.exe [154960 2019-08-02] (DITEC, a.s. -> )
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3210720 2022-03-15] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3210720 2022-03-15] (ESET, spol. s r.o. -> ESET)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2020-04-01] (Macrovision Corporation -> Macrovision Europe Ltd.) [File not signed]
R2 GsServer; C:\Program Files\Siber Systems\GoodSync\gs-server.exe [12976384 2022-05-13] (Siber Systems -> )
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [223904 2022-04-29] (HP Inc. -> HP Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182392 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13269992 2022-04-15] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe [473312 2017-03-20] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\MobileGo\DriverInstall.exe [101152 2017-06-01] (Wondershare Technology Co.,Ltd -> Wondershare)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AVerPola; C:\WINDOWS\system32\DRIVERS\AVerPola.sys [871056 2015-05-21] (Microsoft Windows Hardware Compatibility Publisher -> AVerMedia TECHNOLOGIES, Inc.)
R3 AVPolDIR; C:\WINDOWS\System32\drivers\AVPolDIR.sys [15896 2015-05-21] (Microsoft Windows Hardware Compatibility Publisher -> AVerMedia TECHNOLOGIES, Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [183888 2022-03-15] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [107944 2022-03-15] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15824 2022-03-11] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [226264 2022-03-15] (ESET, spol. s r.o. -> ESET)
S2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [44968 2022-03-15] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [70776 2022-03-15] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [111624 2022-03-15] (ESET, spol. s r.o. -> ESET)
S3 GemCCID; C:\WINDOWS\System32\drivers\GemCCID.sys [137712 2016-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Gemalto)
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2019-12-07] (Microsoft Windows -> Realtek Semiconductor Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43640 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49600 2022-04-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [443664 2022-04-08] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-08] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-05-24 12:52 - 2022-05-24 12:54 - 000038225 _____ C:\Users\janos\Downloads\FRST.txt
2022-05-24 12:49 - 2022-05-24 12:49 - 002367488 _____ (Farbar) C:\Users\janos\Downloads\FRST64.exe
2022-05-24 10:10 - 2022-05-24 10:10 - 000000000 ____D C:\Users\janos\AppData\Local\ESET
2022-05-24 10:09 - 2022-05-24 10:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2022-05-24 10:09 - 2022-05-24 10:09 - 000000000 ____D C:\ProgramData\ESET
2022-05-24 10:09 - 2022-05-24 10:09 - 000000000 ____D C:\Program Files\ESET
2022-05-24 10:04 - 2022-05-24 10:05 - 000000000 ____D C:\Users\janos\OneDrive\Dokumenty\dobraci docasne
2022-05-24 10:01 - 2022-05-24 10:01 - 008500384 _____ (ESET) C:\Users\janos\Downloads\eset_internet_security_live_installer.exe
2022-05-19 14:55 - 2022-05-19 14:55 - 000150946 _____ C:\Users\janos\Downloads\1652964818719.JPEG
2022-05-19 13:51 - 2022-05-19 14:08 - 000257685 _____ C:\Users\janos\Downloads\zmluva Kovanice Mercedes 811 D.pdf
2022-05-19 10:17 - 2022-05-19 10:17 - 000151780 _____ C:\Users\janos\Downloads\SK6409000000000010309466_8675093912.pdf
2022-05-18 17:55 - 2022-05-18 17:55 - 000042605 _____ C:\Users\janos\Downloads\agrotec uhrada Dobraci.pdf
2022-05-13 22:13 - 2022-05-13 22:13 - 001380537 _____ C:\Users\janos\Downloads\Kópia - EIK3_zoznam_v3.xlsx
2022-05-13 21:52 - 2022-05-13 21:52 - 000000000 ____D C:\Users\janos\Tracing
2022-05-13 08:50 - 2022-05-13 08:50 - 000011799 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-05-13 08:49 - 2022-05-13 08:49 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-05-13 08:49 - 2022-05-13 08:49 - 000093696 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2022-05-13 08:18 - 2022-05-13 08:18 - 000001382 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2022-05-13 08:17 - 2022-05-13 08:17 - 000218337 _____ C:\Users\janos\Downloads\Dobráci s.r.o. zmluva na podpis.pdf
2022-05-13 08:12 - 2022-05-13 08:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GoodSync
2022-05-11 15:07 - 2022-05-11 15:07 - 000000000 ___HD C:\$WinREAgent
2022-05-10 16:37 - 2022-05-10 16:37 - 000850760 _____ C:\Users\janos\Downloads\EPH279923883_adresne_stitky_a4.pdf
2022-05-09 17:42 - 2022-05-09 17:42 - 000034675 _____ C:\Users\janos\Downloads\uznanie-dlhu.pdf
2022-05-09 14:45 - 2022-05-09 14:45 - 000850795 _____ C:\Users\janos\Downloads\EPH279728195_adresne_stitky_a4.pdf
2022-05-09 11:09 - 2022-05-09 11:09 - 000134775 _____ C:\Users\janos\Downloads\dobraci objednavka prepravnych cisiel.pdf
2022-05-06 10:17 - 2022-05-06 10:17 - 000038944 _____ C:\Users\janos\Downloads\dok (2).pdf
2022-05-05 15:44 - 2022-05-05 15:44 - 003621262 _____ C:\Users\janos\Downloads\WhatsApp Video 2022-05-05 at 15.05.19.mp4
2022-05-05 15:25 - 2022-05-05 15:25 - 000249044 _____ C:\Users\janos\Downloads\Doplňujúce údaje k žiadosti vratenie DPH CZ prenajom.pdf
2022-05-04 11:02 - 2022-05-04 11:02 - 000045565 _____ C:\Users\janos\Downloads\Safetech platba 052022.pdf
2022-05-04 11:02 - 2022-05-04 11:02 - 000040950 _____ C:\Users\janos\Downloads\dok (1).pdf
2022-05-04 10:49 - 2022-05-04 10:49 - 000355046 _____ C:\Users\janos\Downloads\V_1257777004_4_20220429_C1_P0.pdf
2022-05-04 09:43 - 2022-05-04 09:43 - 000501440 _____ C:\Users\janos\Downloads\ZSE_poistka.pdf
2022-05-04 09:43 - 2022-05-04 09:43 - 000499631 _____ C:\Users\janos\Downloads\1EKZB_Suhrn_ZE_AS-_VZOR.pdf
2022-05-04 09:17 - 2022-05-04 09:17 - 000258256 _____ C:\Users\janos\Downloads\doklad.pdf
2022-05-04 09:12 - 2022-05-04 09:12 - 000138221 _____ C:\Users\janos\Downloads\Dobraci_Object20220502104452398_1.pdf
2022-05-04 09:10 - 2022-05-04 09:10 - 000136868 _____ C:\Users\janos\Downloads\Object20220502104452398_1.pdf
2022-05-04 09:08 - 2022-05-04 09:08 - 000137688 _____ C:\Users\janos\Downloads\Dobraci_Object20220414120458543_1.pdf
2022-05-04 09:05 - 2022-05-04 09:05 - 000136295 _____ C:\Users\janos\Downloads\Object20220414120458543_1.pdf
2022-05-04 08:48 - 2022-05-04 08:48 - 000511626 _____ C:\Users\janos\Downloads\5301051603.pdf
2022-05-01 18:24 - 2022-05-01 18:24 - 000029476 _____ C:\Users\janos\Downloads\Faktúra Dobráci s.r.o. 2204130473853593.pdf
2022-05-01 18:20 - 2022-05-01 18:20 - 002092382 _____ C:\Users\janos\Downloads\janosova_injury.pdf
2022-04-29 10:19 - 2022-04-29 10:19 - 000808344 _____ C:\Users\janos\Downloads\eustream upomienka 1.pdf
2022-04-29 10:16 - 2022-04-29 10:16 - 000042573 _____ C:\Users\janos\Downloads\eustream_upomienka.pdf
2022-04-29 09:16 - 2022-04-29 09:16 - 000041376 _____ C:\Users\janos\Downloads\calvados_dobraci.pdf
2022-04-27 17:34 - 2022-04-27 17:34 - 000038542 _____ C:\Users\janos\Downloads\Facture-1316414.pdf
2022-04-27 16:13 - 2022-04-27 16:13 - 000000000 ____D C:\Users\janos\AppData\Local\SolidDocuments
2022-04-27 13:38 - 2022-05-09 08:26 - 000000000 ___HD C:\adobeTemp
2022-04-27 13:31 - 2022-04-27 13:31 - 000000040 ____H C:\04EC72786C80
2022-04-27 13:31 - 2022-04-27 13:31 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2022-04-27 13:27 - 2022-04-27 13:27 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2022-04-27 13:27 - 2022-04-27 13:27 - 000002103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-04-27 13:12 - 2022-05-18 10:56 - 000000000 ___RD C:\Users\janos\Creative Cloud Files
2022-04-27 13:09 - 2022-05-19 14:15 - 000003522 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2022-04-27 09:35 - 2022-04-27 09:35 - 000000298 _____ C:\Users\janos\Downloads\Agorastore.txt
2022-04-26 19:39 - 2022-04-26 19:39 - 000000000 ____D C:\Program Files\PCHealthCheck
2022-04-26 14:54 - 2022-04-26 14:54 - 000038348 _____ C:\Users\janos\Downloads\Facture-1316414 (2).pdf
2022-04-26 14:54 - 2022-04-26 14:54 - 000038348 _____ C:\Users\janos\Downloads\Facture-1316414 (1).pdf
2022-04-25 15:15 - 2022-04-25 15:15 - 000069632 _____ C:\Users\janos\Downloads\ca66912b-3605-4187-857f-b2db72a2a7c5.xls
2022-04-25 14:57 - 2022-04-25 14:57 - 000043480 _____ C:\Users\janos\Downloads\holomy_dobraci.pdf
2022-04-25 12:03 - 2022-04-25 12:06 - 230475667 _____ C:\Users\janos\Downloads\2 Blondinki Hot _ PornWex_ Original.mp4

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-05-24 12:53 - 2020-04-01 18:09 - 000000000 ____D C:\Program Files (x86)\Google
2022-05-24 12:53 - 2014-04-23 12:13 - 000000000 ____D C:\FRST
2022-05-24 12:51 - 2020-04-03 13:01 - 000000000 ____D C:\Users\janos\AppData\Roaming\WhatsApp
2022-05-24 12:43 - 2022-02-18 18:57 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-05-24 12:25 - 2020-03-31 09:59 - 000000000 ____D C:\ProgramData\NVIDIA
2022-05-24 10:10 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-05-24 10:10 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-05-24 10:05 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-05-24 10:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-05-24 10:00 - 2022-02-07 12:00 - 000000000 ____D C:\ProgramData\AnyDesk
2022-05-24 10:00 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-05-24 09:58 - 2020-04-01 17:49 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-05-23 18:18 - 2020-07-12 12:17 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-05-23 17:58 - 2020-06-25 10:43 - 000000000 ____D C:\ProgramData\GoodSync
2022-05-19 14:36 - 2020-04-02 12:29 - 000000000 ____D C:\Users\janos\OneDrive\Dokumenty\Adobe
2022-05-18 11:06 - 2020-04-01 18:11 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-05-18 11:03 - 2021-11-03 15:29 - 000000000 ____D C:\Users\janos\AppData\Local\WhatsApp
2022-05-18 11:00 - 2022-02-18 19:26 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3755753306-3900577581-898390862-1004
2022-05-18 11:00 - 2022-02-18 19:26 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3755753306-3900577581-898390862-1004
2022-05-18 11:00 - 2022-02-18 19:03 - 000002367 _____ C:\Users\janos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-05-18 11:00 - 2020-03-31 10:15 - 000000000 ___RD C:\Users\janos\OneDrive
2022-05-18 10:55 - 2020-04-01 17:26 - 000000000 ____D C:\Users\janos\AppData\Roaming\ViberPC
2022-05-18 10:52 - 2022-02-07 11:59 - 000000000 ____D C:\Users\janos\AppData\Roaming\AnyDesk
2022-05-13 22:26 - 2022-02-18 19:03 - 000000000 ____D C:\Users\janos
2022-05-13 21:54 - 2020-03-31 10:12 - 000000000 ____D C:\Users\janos\AppData\Local\Packages
2022-05-13 21:46 - 2022-02-18 19:15 - 000902246 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-05-13 21:46 - 2020-04-01 23:56 - 000062354 _____ C:\WINDOWS\system32\perfh01B.dat
2022-05-13 21:46 - 2020-04-01 23:56 - 000016154 _____ C:\WINDOWS\system32\perfc01B.dat
2022-05-13 21:41 - 2022-02-18 19:26 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-05-13 21:41 - 2022-02-18 18:56 - 000008192 ___SH C:\DumpStack.log.tmp
2022-05-13 21:38 - 2022-02-18 18:57 - 000470712 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-05-13 21:36 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-05-13 21:35 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-05-13 21:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-05-13 21:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-05-13 21:34 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-05-13 21:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-05-13 21:34 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-05-13 09:34 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-05-13 08:18 - 2021-11-18 13:09 - 000000000 ____D C:\Program Files\Common Files\Adobe
2022-05-13 08:18 - 2021-11-18 12:18 - 000000000 ____D C:\Program Files\Adobe
2022-05-13 08:18 - 2020-04-01 19:01 - 000000000 ____D C:\Program Files (x86)\Adobe
2022-05-13 08:12 - 2020-06-25 10:43 - 000000000 ____D C:\Program Files\Siber Systems
2022-05-11 15:01 - 2020-04-01 23:57 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-05-11 14:55 - 2020-04-01 23:56 - 145501456 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-05-10 12:11 - 2020-11-02 09:20 - 000000000 ____D C:\Users\janos\AppData\Roaming\vlc
2022-05-10 09:38 - 2022-03-10 09:57 - 000003538 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d824ea5caa01c6
2022-05-10 09:38 - 2022-02-18 19:26 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-05-06 15:16 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-05-06 11:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-05-06 10:18 - 2022-03-21 09:30 - 000043035 _____ C:\Users\janos\Downloads\jinan_dobraci.pdf
2022-04-29 09:02 - 2022-02-18 19:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2022-04-29 09:02 - 2021-05-13 08:47 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2022-04-28 12:00 - 2020-04-01 18:20 - 000000000 ____D C:\Users\janos\AppData\Local\D3DSCache
2022-04-27 15:55 - 2020-03-31 10:15 - 000000000 ____D C:\ProgramData\Packages
2022-04-27 15:06 - 2020-03-31 10:12 - 000000000 ____D C:\Users\janos\AppData\Roaming\Adobe
2022-04-27 13:37 - 2020-04-01 19:02 - 000000000 ____D C:\Users\janos\AppData\Local\Adobe
2022-04-27 13:31 - 2022-02-18 19:26 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-04-27 13:07 - 2020-04-01 19:01 - 000000000 ____D C:\ProgramData\Adobe
2022-04-26 19:39 - 2022-02-18 21:35 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk

==================== Files in the root of some directories ========

2020-07-13 13:03 - 2020-08-26 11:43 - 000005120 _____ () C:\Users\janos\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2022-04-27 16:18 - 2022-04-27 16:18 - 000000000 _____ () C:\Users\janos\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

solide
Návštěvník
Návštěvník
Příspěvky: 58
Registrován: 07 lis 2006 09:41

Re: hacknuty mail asi aj pocitac, Windows 10 SK

#2 Příspěvek od solide »

este log AdwCleaner:

# -------------------------------
# Malwarebytes AdwCleaner 8.3.2.0
# -------------------------------
# Build: 03-23-2022
# Database: 2022-03-15.3 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-24-2022
# Duration: 00:00:20
# OS: Windows 10 Home
# Cleaned: 2
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\drp.su
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\drp.su

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [85344 octets] - [31/07/2018 12:45:28]
AdwCleaner[C00].txt - [74561 octets] - [31/07/2018 12:46:10]
AdwCleaner[S01].txt - [2065 octets] - [31/07/2018 12:52:02]
AdwCleaner[C01].txt - [2031 octets] - [31/07/2018 12:52:16]
AdwCleaner[S02].txt - [2057 octets] - [24/05/2022 13:46:39]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118152
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: hacknuty mail asi aj pocitac, Windows 10 SK

#3 Příspěvek od Rudy »

Zdravím!
Pokud jste dělal sken FRST před skenem ADW, dejte logy FRST+Addition znovu, pokud ne, přidejte ještě log Addition. Je v souboru addition.txt v C:\Users\janos\Downloads.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

solide
Návštěvník
Návštěvník
Příspěvky: 58
Registrován: 07 lis 2006 09:41

Re: hacknuty mail asi aj pocitac, Windows 10 SK

#4 Příspěvek od solide »

Zdravím!
Pokud jste dělal sken FRST před skenem ADW, dejte logy FRST[/b]

ano, posielam teda novy log FRST


FRST log:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-05-2022
Ran by janos (administrator) on DESKTOP-LQJATP4 (LENOVO 7745) (24-05-2022 18:32:46)
Running from C:\Users\janos\Downloads
Loaded Profiles: janos
Platform: Microsoft Windows 10 Home Version 21H2 19044.1706 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\egui.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22042.161.0_x64__8wekyb3d8bbwe\YourPhoneServer\YourPhoneServer.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22042.161.0_x64__8wekyb3d8bbwe\YourPhoneAppProxy\YourPhoneAppProxy.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <24>
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (philandro Software GmbH -> AnyDesk Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <2>
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3427104 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [168064 2022-03-15] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [37232 2008-06-12] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5819672 2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [EAC_MW_klient] => C:\Program Files (x86)\EAC MW klient\EAC_MW_klient.exe [11819664 2021-07-20] (Ministerstvo vnútra Slovenskej republiky -> Ministerstvo vnútra Slovenskej republiky)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [850208 2022-05-13] (Adobe Inc. -> Adobe Inc.)
HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\Run: [Viber] => C:\Users\janos\AppData\Local\Viber\Viber.exe [45429776 2020-12-03] (Viber Media S.à r.l. -> Viber Media S.à r.l.)
HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [107000 2020-04-01] (Siber Systems -> Siber Systems)
HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\Run: [com.squirrel.WhatsApp.WhatsApp] => C:\Users\janos\AppData\Local\WhatsApp\Update.exe [2253568 2022-05-18] (WhatsApp, Inc -> )
HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\Run: [Disig Web Signer] => C:\Program Files (x86)\Disig\Web Signer\WebSignerTray.exe [254080 2021-02-04] (Disig a.s. -> Disig a.s.)
HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5412632 2022-04-07] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5412632 2022-04-07] (Adobe Inc. -> Adobe Systems Incorporated)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [203936 2022-04-07] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP DeskJet 5820 series): C:\WINDOWS\system32\HPDiscoPMEE11.dll [807056 2016-08-04] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\101.0.4951.67\Installer\chrmstp.exe [2022-05-18] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2022-02-07]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MobileGo Service.lnk [2020-10-12]
ShortcutTarget: MobileGo Service.lnk -> C:\Program Files (x86)\Wondershare\MobileGo\MobileGoService.exe (Wondershare Technology Co.,Ltd -> Wondershare)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0040B8D6-C748-42EC-A4F3-2F3DF7522727} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2069952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {117348C6-FC83-4767-8FC1-D6CA7D026B21} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [107000 2020-04-01] (Siber Systems -> Siber Systems)
Task: {1E1596A4-6184-46F7-B540-66D7FD9E1052} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {20248C13-0266-4AA5-89EC-D170C7628DEA} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [757184 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {38B13106-1942-427A-A676-1E5B9E7158B2} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {3BD7A1A2-1DFF-4A20-8205-EE24E966A707} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [510912 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {40B21E26-6C46-48AE-B71E-D7C5068E099D} - System32\Tasks\Open URL by RoboForm => C:\WINDOWS\system32\rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/test-pass.html?aaa=KIC ... JNDJCMMIEJ"
Task: {40F7DC8B-D514-41BB-9DE8-92602C30F7DB} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {56527AA4-AFBB-43B3-9120-59EE55A845AF} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3427104 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {6D9FCD78-8BA0-4E28-AEC6-B805FA3CA723} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {6EE8ED60-DFD0-450A-A731-39EB7AA21D27} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [42144 2022-04-29] (HP Inc. -> HP Inc.)
Task: {78B260B3-CFB9-481E-BABF-D678675E7A08} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-01] (Google LLC -> Google LLC)
Task: {9203648D-8F2B-4D8C-9DBD-65D173BE4504} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files (x86)\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {98B7BBDE-5101-4F2B-9EA5-8EEA33DECE40} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [976832 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A2893D3A-6D55-4F47-9462-6471765AC59D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {AEA581CD-913C-4E68-BD20-2D4C6F9C0D9E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {B4B3D474-E811-449A-8BC4-9E6F0601C24E} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {B6B8F442-A1BB-461C-8C18-A0AB0AD6C58A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {C3B6052A-3898-4F36-BA36-C9229EF124F1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DF77FFF6-3C55-431B-A287-5285AACC7689} - System32\Tasks\CrystalDiskInfo => F:\instalacky programov\utility na disk safrankova\CrystalDiskInfo8_13_2\DiskInfo64.exe [2802720 2022-03-18] (Open Source Developer, Noriyuki Miyazaki -> Crystal Dew World)
Task: {E3032937-05E4-42A8-B058-867E01766723} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-01] (Google LLC -> Google LLC)
Task: {F63D921D-8BB1-4030-A36F-5E6E5749D6D1} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [42144 2022-04-29] (HP Inc. -> HP Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.2 10.0.0.1
Tcpip\..\Interfaces\{190ec8a3-ed5f-46a3-8da8-5b04379db2dc}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1f03db79-0c49-4692-a547-51243528b303}: [DhcpNameServer] 10.0.0.2 10.0.0.1
Tcpip\..\Interfaces\{51c19704-2799-4c6e-8ab8-d05a1bbcf5df}: [DhcpNameServer] 10.0.0.2 10.0.0.1

Edge:
=======
DownloadDir: C:\Users\janos\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\janos\AppData\Local\Microsoft\Edge\User Data\Default [2022-05-24]
Edge HomePage: Default -> hxxp://www.google.sk/
Edge Extension: (Notifier for Gmail™) - C:\Users\janos\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dcjichoefijpinlfnjghokpkojhlhkgl [2021-10-04]
Edge Extension: (iCloud Záložky) - C:\Users\janos\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2022-05-19]
Edge Extension: (Adblock Plus - free ad blocker) - C:\Users\janos\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2022-05-23]
Edge Extension: (IE Tab) - C:\Users\janos\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2022-05-18]
Edge Extension: (RoboForm Password Manager) - C:\Users\janos\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ljfpcifpgbbchoddpjefaipoiigpdmag [2022-04-20]
Edge Extension: (uBlock Origin) - C:\Users\janos\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2022-05-06]
Edge Extension: (Send Link by Email or Gmail) - C:\Users\janos\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\plcgkgghkdfgfhiidfjkhmainebgmklf [2020-07-12]

FireFox:
========
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2022-04-07]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2022-05-13] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2022-05-13] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: ditec.sk/DAsicFac -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~1.DLL [2021-02-09] (DITEC, a.s. -> Ditec,a.s.)
FF Plugin-x32: ditec.sk/DitecZepDViewerFb -> C:\PROGRA~2\Ditec\DViewer\NPDITE~1.DLL [2021-02-09] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigMessageContainer -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~2.DLL [2021-02-09] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigXadesExtender -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~3.DLL [2021-02-09] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigXadesFb -> C:\PROGRA~2\Ditec\DSIGNE~1.NET\NPDITE~1.DLL [2021-09-06] (DITEC, a.s. -> Ditec,a.s.)
FF Plugin-x32: ditec.sk/XmlDataContainerFb -> C:\PROGRA~2\Ditec\DSIGNE~1.NET\NPDITE~2.DLL [2021-09-06] (DITEC, a.s. -> Ditec,a.s.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default [2022-05-24]
CHR Notifications: Default -> hxxps://alimebot.aliexpress.com; hxxps://calendar.google.com; hxxps://email.forpsi.com; hxxps://findmedia.biz; hxxps://mail.google.com; hxxps://watch-video.net; hxxps://www.alibaba.com; hxxps://www.comco.sk; hxxps://www.messenger.com; hxxps://www.pocasie.sk
CHR HomePage: Default -> hxxp://www.google.sk/
CHR StartupUrls: Default -> "hxxps://www.google.sk/"
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-05-13]
CHR Extension: (uBlock Origin) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-04-08]
CHR Extension: (Notifier for Gmail™) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcjichoefijpinlfnjghokpkojhlhkgl [2021-09-27]
CHR Extension: (Adobe Acrobat: nástroje na upravovanie, prevádzanie a podpisovanie súborov PDF) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-04-29]
CHR Extension: (iCloud Záložky) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2022-05-24]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-14]
CHR Extension: (IE Tab) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2022-05-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (DigitalPersona) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkdnjfgdoolnmiacpdamadcneoblphbj [2021-10-06]
CHR Extension: (Send Link by Email or Gmail) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\plcgkgghkdfgfhiidfjkhmainebgmklf [2020-04-01]
CHR Extension: (RoboForm Password Manager) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2022-05-24]
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-05-24]
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-05-05]
CHR Extension: (YouTube) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-08-03]
CHR Extension: (Adobe Acrobat: nástroje na upravovanie, prevádzanie a podpisovanie súborov PDF) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-05-05]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-05-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-10]
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 2 [2022-04-27]
CHR Extension: (YouTube) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-08-04]
CHR Extension: (Adobe Acrobat: nástroje na upravovanie, prevádzanie a podpisovanie súborov PDF) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-04-27]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-27]
CHR Extension: (AdBlock - najlepší blokovač reklám) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-04-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-04-27]
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 3 [2022-05-10]
CHR Extension: (Adobe Acrobat: nástroje na upravovanie, prevádzanie a podpisovanie súborov PDF) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-05-09]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-05-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-03]
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4 [2022-03-23]
CHR Extension: (Prezentácie) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-11-09]
CHR Extension: (Dokumenty) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2020-11-09]
CHR Extension: (Disk Google) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-09]
CHR Extension: (YouTube) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-11-09]
CHR Extension: (Tabuľky) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-11-09]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-03-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-18]
CHR Extension: (Gmail) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-09]
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 5 [2022-04-19]
CHR Extension: (YouTube) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-11-21]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-09]
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6 [2022-04-08]
CHR Extension: (Prezentácie) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-08-23]
CHR Extension: (Dokumenty) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aohghmighlieiainnegkcijnfilokake [2021-08-23]
CHR Extension: (Disk Google) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-08-23]
CHR Extension: (YouTube) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-08-23]
CHR Extension: (Tabuľky) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-08-23]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-23]
CHR Extension: (Gmail) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-08-23]
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\System Profile [2022-05-24]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
S2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [919328 2022-04-27] (Adobe Inc. -> Adobe Inc.)
S2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3815712 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3580200 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3803376 2022-02-07] (philandro Software GmbH -> AnyDesk Software GmbH)
S2 dLauncherLoopback; C:\Program Files (x86)\Ditec\DLauncher\dLauncherLoopback.exe [154960 2019-08-02] (DITEC, a.s. -> )
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3210720 2022-03-15] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3210720 2022-03-15] (ESET, spol. s r.o. -> ESET)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2020-04-01] (Macrovision Corporation -> Macrovision Europe Ltd.) [File not signed]
S2 GsServer; C:\Program Files\Siber Systems\GoodSync\gs-server.exe [12976384 2022-05-13] (Siber Systems -> )
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [223904 2022-04-29] (HP Inc. -> HP Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182392 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13269992 2022-04-15] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe [473312 2017-03-20] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\MobileGo\DriverInstall.exe [101152 2017-06-01] (Wondershare Technology Co.,Ltd -> Wondershare)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AVerPola; C:\WINDOWS\system32\DRIVERS\AVerPola.sys [871056 2015-05-21] (Microsoft Windows Hardware Compatibility Publisher -> AVerMedia TECHNOLOGIES, Inc.)
R3 AVPolDIR; C:\WINDOWS\System32\drivers\AVPolDIR.sys [15896 2015-05-21] (Microsoft Windows Hardware Compatibility Publisher -> AVerMedia TECHNOLOGIES, Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [183888 2022-03-15] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [107944 2022-03-15] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15824 2022-03-11] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [226264 2022-03-15] (ESET, spol. s r.o. -> ESET)
S2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [44968 2022-03-15] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [70776 2022-03-15] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [111624 2022-03-15] (ESET, spol. s r.o. -> ESET)
S3 GemCCID; C:\WINDOWS\System32\drivers\GemCCID.sys [137712 2016-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Gemalto)
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2019-12-07] (Microsoft Windows -> Realtek Semiconductor Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43640 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49600 2022-04-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [443664 2022-04-08] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-08] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Three months (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-05-24 13:45 - 2022-05-24 13:45 - 008551608 _____ (Malwarebytes) C:\Users\janos\Downloads\adwcleaner.exe
2022-05-24 13:26 - 2022-05-24 13:26 - 001796324 _____ C:\Users\janos\Downloads\4658_Technical Product Manual modulcockpit II 10 2012 (2).pdf
2022-05-24 13:26 - 2022-05-24 13:26 - 001796324 _____ C:\Users\janos\Downloads\4658_Technical Product Manual modulcockpit II 10 2012 (1).pdf
2022-05-24 13:25 - 2022-05-24 13:26 - 001796324 _____ C:\Users\janos\Downloads\4658_Technical Product Manual modulcockpit II 10 2012.pdf
2022-05-24 12:56 - 2022-05-24 18:31 - 000043985 _____ C:\Users\janos\Downloads\Addition.txt
2022-05-24 12:52 - 2022-05-24 18:34 - 000032253 _____ C:\Users\janos\Downloads\FRST.txt
2022-05-24 12:49 - 2022-05-24 12:49 - 002367488 _____ (Farbar) C:\Users\janos\Downloads\FRST64.exe
2022-05-24 10:10 - 2022-05-24 10:10 - 000000000 ____D C:\Users\janos\AppData\Local\ESET
2022-05-24 10:09 - 2022-05-24 10:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2022-05-24 10:09 - 2022-05-24 10:09 - 000000000 ____D C:\ProgramData\ESET
2022-05-24 10:09 - 2022-05-24 10:09 - 000000000 ____D C:\Program Files\ESET
2022-05-24 10:04 - 2022-05-24 10:05 - 000000000 ____D C:\Users\janos\OneDrive\Dokumenty\dobraci docasne
2022-05-24 10:01 - 2022-05-24 10:01 - 008500384 _____ (ESET) C:\Users\janos\Downloads\eset_internet_security_live_installer.exe
2022-05-19 14:55 - 2022-05-19 14:55 - 000150946 _____ C:\Users\janos\Downloads\1652964818719.JPEG
2022-05-19 13:51 - 2022-05-19 14:08 - 000257685 _____ C:\Users\janos\Downloads\zmluva Kovanice Mercedes 811 D.pdf
2022-05-19 10:17 - 2022-05-19 10:17 - 000151780 _____ C:\Users\janos\Downloads\SK6409000000000010309466_8675093912.pdf
2022-05-18 17:55 - 2022-05-18 17:55 - 000042605 _____ C:\Users\janos\Downloads\agrotec uhrada Dobraci.pdf
2022-05-13 22:13 - 2022-05-13 22:13 - 001380537 _____ C:\Users\janos\Downloads\Kópia - EIK3_zoznam_v3.xlsx
2022-05-13 21:52 - 2022-05-13 21:52 - 000000000 ____D C:\Users\janos\Tracing
2022-05-13 08:50 - 2022-05-13 08:50 - 000011799 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-05-13 08:49 - 2022-05-13 08:49 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-05-13 08:49 - 2022-05-13 08:49 - 000093696 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2022-05-13 08:18 - 2022-05-13 08:18 - 000001382 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2022-05-13 08:17 - 2022-05-13 08:17 - 000218337 _____ C:\Users\janos\Downloads\Dobráci s.r.o. zmluva na podpis.pdf
2022-05-13 08:12 - 2022-05-13 08:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GoodSync
2022-05-11 15:07 - 2022-05-11 15:07 - 000000000 ___HD C:\$WinREAgent
2022-05-10 16:37 - 2022-05-10 16:37 - 000850760 _____ C:\Users\janos\Downloads\EPH279923883_adresne_stitky_a4.pdf
2022-05-09 17:42 - 2022-05-09 17:42 - 000034675 _____ C:\Users\janos\Downloads\uznanie-dlhu.pdf
2022-05-09 14:45 - 2022-05-09 14:45 - 000850795 _____ C:\Users\janos\Downloads\EPH279728195_adresne_stitky_a4.pdf
2022-05-09 11:09 - 2022-05-09 11:09 - 000134775 _____ C:\Users\janos\Downloads\dobraci objednavka prepravnych cisiel.pdf
2022-05-06 10:17 - 2022-05-06 10:17 - 000038944 _____ C:\Users\janos\Downloads\dok (2).pdf
2022-05-05 15:44 - 2022-05-05 15:44 - 003621262 _____ C:\Users\janos\Downloads\WhatsApp Video 2022-05-05 at 15.05.19.mp4
2022-05-05 15:25 - 2022-05-05 15:25 - 000249044 _____ C:\Users\janos\Downloads\Doplňujúce údaje k žiadosti vratenie DPH CZ prenajom.pdf
2022-05-04 11:02 - 2022-05-04 11:02 - 000045565 _____ C:\Users\janos\Downloads\Safetech platba 052022.pdf
2022-05-04 11:02 - 2022-05-04 11:02 - 000040950 _____ C:\Users\janos\Downloads\dok (1).pdf
2022-05-04 10:49 - 2022-05-04 10:49 - 000355046 _____ C:\Users\janos\Downloads\V_1257777004_4_20220429_C1_P0.pdf
2022-05-04 09:43 - 2022-05-04 09:43 - 000501440 _____ C:\Users\janos\Downloads\ZSE_poistka.pdf
2022-05-04 09:43 - 2022-05-04 09:43 - 000499631 _____ C:\Users\janos\Downloads\1EKZB_Suhrn_ZE_AS-_VZOR.pdf
2022-05-04 09:17 - 2022-05-04 09:17 - 000258256 _____ C:\Users\janos\Downloads\doklad.pdf
2022-05-04 09:12 - 2022-05-04 09:12 - 000138221 _____ C:\Users\janos\Downloads\Dobraci_Object20220502104452398_1.pdf
2022-05-04 09:10 - 2022-05-04 09:10 - 000136868 _____ C:\Users\janos\Downloads\Object20220502104452398_1.pdf
2022-05-04 09:08 - 2022-05-04 09:08 - 000137688 _____ C:\Users\janos\Downloads\Dobraci_Object20220414120458543_1.pdf
2022-05-04 09:05 - 2022-05-04 09:05 - 000136295 _____ C:\Users\janos\Downloads\Object20220414120458543_1.pdf
2022-05-04 08:48 - 2022-05-04 08:48 - 000511626 _____ C:\Users\janos\Downloads\5301051603.pdf
2022-05-01 18:24 - 2022-05-01 18:24 - 000029476 _____ C:\Users\janos\Downloads\Faktúra Dobráci s.r.o. 2204130473853593.pdf
2022-05-01 18:20 - 2022-05-01 18:20 - 002092382 _____ C:\Users\janos\Downloads\janosova_injury.pdf
2022-04-29 10:19 - 2022-04-29 10:19 - 000808344 _____ C:\Users\janos\Downloads\eustream upomienka 1.pdf
2022-04-29 10:16 - 2022-04-29 10:16 - 000042573 _____ C:\Users\janos\Downloads\eustream_upomienka.pdf
2022-04-29 09:16 - 2022-04-29 09:16 - 000041376 _____ C:\Users\janos\Downloads\calvados_dobraci.pdf
2022-04-27 17:34 - 2022-04-27 17:34 - 000038542 _____ C:\Users\janos\Downloads\Facture-1316414.pdf
2022-04-27 16:13 - 2022-04-27 16:13 - 000000000 ____D C:\Users\janos\AppData\Local\SolidDocuments
2022-04-27 13:38 - 2022-05-09 08:26 - 000000000 ___HD C:\adobeTemp
2022-04-27 13:31 - 2022-04-27 13:31 - 000000040 ____H C:\04EC72786C80
2022-04-27 13:31 - 2022-04-27 13:31 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2022-04-27 13:27 - 2022-04-27 13:27 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2022-04-27 13:27 - 2022-04-27 13:27 - 000002103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-04-27 13:12 - 2022-05-18 10:56 - 000000000 ___RD C:\Users\janos\Creative Cloud Files
2022-04-27 13:09 - 2022-05-19 14:15 - 000003522 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2022-04-27 09:35 - 2022-04-27 09:35 - 000000298 _____ C:\Users\janos\Downloads\Agorastore.txt
2022-04-26 19:39 - 2022-04-26 19:39 - 000000000 ____D C:\Program Files\PCHealthCheck
2022-04-26 14:54 - 2022-04-26 14:54 - 000038348 _____ C:\Users\janos\Downloads\Facture-1316414 (2).pdf
2022-04-26 14:54 - 2022-04-26 14:54 - 000038348 _____ C:\Users\janos\Downloads\Facture-1316414 (1).pdf
2022-04-25 15:15 - 2022-04-25 15:15 - 000069632 _____ C:\Users\janos\Downloads\ca66912b-3605-4187-857f-b2db72a2a7c5.xls
2022-04-25 14:57 - 2022-04-25 14:57 - 000043480 _____ C:\Users\janos\Downloads\holomy_dobraci.pdf
2022-04-25 12:03 - 2022-04-25 12:06 - 230475667 _____ C:\Users\janos\Downloads\2 Blondinki Hot _ PornWex_ Original.mp4
2022-04-20 14:41 - 2022-04-20 14:41 - 000850806 _____ C:\Users\janos\Downloads\EPH276616985_adresne_stitky_a4.pdf
2022-04-20 09:02 - 2022-04-20 09:03 - 000528096 _____ C:\Users\janos\Downloads\Dobraci naplne Dennis Sabre_SK.pdf
2022-04-20 08:48 - 2022-04-20 08:54 - 000529747 _____ C:\Users\janos\Downloads\Dobraci naplne Dennis Sabre SK.pdf
2022-04-19 13:21 - 2022-04-19 13:21 - 000024218 _____ C:\Users\janos\Downloads\Akceptace_objednavky_M36_Redigovano.pdf
2022-04-19 09:29 - 2022-04-19 09:29 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-04-19 09:29 - 2022-04-19 09:29 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-04-19 09:28 - 2022-04-19 09:28 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-04-19 08:51 - 2022-04-19 08:51 - 001062968 _____ C:\Users\janos\Downloads\VDO_Shop.pdf
2022-04-19 08:45 - 2022-04-19 08:45 - 000436893 _____ C:\Users\janos\Downloads\VDO Shop.pdf
2022-04-19 08:42 - 2022-04-19 08:42 - 000193636 _____ C:\Users\janos\Downloads\Zapisnica z otvarania ponuk 438226_cast1z1.pdf
2022-04-19 08:41 - 2022-04-19 08:41 - 000028537 _____ C:\Users\janos\Downloads\Faktúra Dobráci s.r.o. 2193090803567007 (2).pdf
2022-04-19 08:41 - 2022-04-19 08:41 - 000028537 _____ C:\Users\janos\Downloads\Faktúra Dobráci s.r.o. 2193090803567007 (1).pdf
2022-04-19 08:40 - 2022-04-19 08:40 - 000028537 _____ C:\Users\janos\Downloads\Faktúra Dobráci s.r.o. 2193090803567007.pdf
2022-04-19 08:39 - 2022-04-19 08:39 - 000028790 _____ C:\Users\janos\Downloads\Faktúra Dobráci s.r.o. 2192909284386158.pdf
2022-04-19 08:39 - 2022-04-19 08:39 - 000028790 _____ C:\Users\janos\Downloads\Faktúra Dobráci s.r.o. 2192909284386158 (2).pdf
2022-04-19 08:39 - 2022-04-19 08:39 - 000028790 _____ C:\Users\janos\Downloads\Faktúra Dobráci s.r.o. 2192909284386158 (1).pdf
2022-04-14 11:43 - 2022-04-14 11:43 - 000809748 _____ C:\Users\janos\Downloads\PF502022001 Vendryne.pdf
2022-04-14 11:42 - 2022-04-14 11:42 - 000809729 _____ C:\Users\janos\Downloads\502022007 Vendryne.pdf
2022-04-14 11:25 - 2022-04-14 11:25 - 000820858 _____ C:\Users\janos\Downloads\502022001_1 Klamos.pdf
2022-04-14 11:24 - 2022-04-14 11:24 - 000091173 _____ C:\Users\janos\Downloads\502022001_1 Klamos.xlsx
2022-04-14 08:50 - 2022-04-14 08:50 - 000650201 _____ C:\Users\janos\Downloads\sutazne_podklady_-_hasicske_vozidlo_30_03_2022_final.pdf
2022-04-13 12:28 - 2022-04-13 12:28 - 000043299 _____ C:\Users\janos\Downloads\LDR invoice.pdf
2022-04-13 12:17 - 2022-04-13 12:17 - 000028536 _____ C:\Users\janos\Downloads\Faktúra Dobráci s.r.o. 2188431875774292.pdf
2022-04-13 12:17 - 2022-04-13 12:17 - 000028536 _____ C:\Users\janos\Downloads\Faktúra Dobráci s.r.o. 2188431875774292 (1).pdf
2022-04-13 09:11 - 2022-04-13 09:11 - 000028686 _____ C:\Users\janos\Downloads\Faktúra Dobráci s.r.o. 2188338002438713.pdf
2022-04-13 08:42 - 2022-04-13 08:42 - 000043361 _____ C:\Users\janos\Downloads\VDO Webshop.pdf
2022-04-11 14:40 - 2022-04-11 14:40 - 000091167 _____ C:\Users\janos\Downloads\502022001 Klamos.xlsx
2022-04-11 14:38 - 2022-04-11 14:38 - 000866311 _____ C:\Users\janos\Downloads\Celiksan - Aluminum Roller Shutter EN.pdf
2022-04-11 13:51 - 2022-04-11 13:51 - 000813095 _____ C:\Users\janos\Downloads\502022002 Vranova Lhota € oprava.pdf
2022-04-11 11:13 - 2022-04-11 11:13 - 000358834 _____ C:\Users\janos\Downloads\kupni-smlouva_Vendryne_1.pdf
2022-04-11 09:09 - 2022-04-11 09:09 - 000028703 _____ C:\Users\janos\Downloads\Faktúra Dobráci s.r.o. 2185883560984809.pdf
2022-04-09 11:40 - 2022-04-09 11:40 - 000000054 _____ C:\Users\janos\Downloads\obrazovka.txt
2022-04-08 19:48 - 2022-04-08 19:48 - 012508338 _____ C:\Users\janos\Downloads\vytvorenie_uctu_is_uvo (1).avi
2022-04-08 11:33 - 2022-04-08 11:33 - 000183037 _____ C:\Users\janos\Downloads\vyvoj DN a nasledkov od roku 1966 do 2020.pdf
2022-04-07 14:04 - 2022-04-07 14:04 - 000850951 _____ C:\Users\janos\Downloads\EPH275171239_adresne_stitky_a4.pdf
2022-04-07 10:42 - 2022-04-07 10:42 - 000612150 _____ C:\Users\janos\Downloads\521046970.pdf
2022-04-07 09:53 - 2022-04-07 09:53 - 000001461 _____ C:\Users\janos\Downloads\Troostwijk Auctions_ Brandweerwagens en -materiaal.ics
2022-04-07 09:02 - 2022-04-07 09:02 - 000203936 _____ (Adobe Systems Inc) C:\WINDOWS\system32\AdobePDF.dll
2022-04-07 09:02 - 2022-04-07 09:02 - 000146592 _____ (Adobe Systems Inc.) C:\WINDOWS\system32\AdobePDFUI.dll
2022-04-05 11:03 - 2022-04-05 11:03 - 000850843 _____ C:\Users\janos\Downloads\EPH274796777_adresne_stitky_a4.pdf
2022-04-05 09:03 - 2018-06-22 09:58 - 003917441 _____ C:\Users\janos\Downloads\dobraci_vypis zivno.pdf
2022-04-05 08:33 - 2022-04-05 08:33 - 000379712 _____ C:\Users\janos\Downloads\smlouva_nakup Vendryne-oprava.pdf
2022-04-05 08:23 - 2022-04-05 08:23 - 000384289 _____ C:\Users\janos\Downloads\kupni-smlouva_nakup Vedryne.pdf
2022-04-04 17:19 - 2022-04-04 17:19 - 000850754 _____ C:\Users\janos\Downloads\EPH274719925_adresne_stitky_a4.pdf
2022-04-04 15:31 - 2022-04-04 15:31 - 000090989 _____ C:\Users\janos\Downloads\20220331_2110264647_BU.pdf
2022-04-04 15:06 - 2022-04-04 15:06 - 000028461 _____ C:\Users\janos\Downloads\Faktúra Dobráci s.r.o. 2164195573594907.pdf
2022-04-04 14:49 - 2022-04-04 14:49 - 000612148 _____ C:\Users\janos\Downloads\521027418 (1).pdf
2022-04-04 14:48 - 2022-04-04 14:48 - 000612143 _____ C:\Users\janos\Downloads\521032994.pdf
2022-04-04 14:16 - 2022-04-04 14:16 - 000470994 _____ C:\Users\janos\Downloads\V_1257777004_3_20220331_C1_P0 (1).pdf
2022-04-01 11:01 - 2022-04-01 11:01 - 000470994 _____ C:\Users\janos\Downloads\V_1257777004_3_20220331_C1_P0.pdf
2022-04-01 10:29 - 2022-04-01 10:29 - 000850849 _____ C:\Users\janos\Downloads\EPH274406715_adresne_stitky_a4.pdf
2022-03-31 11:50 - 2022-03-31 11:50 - 000000165 ____H C:\Users\janos\Downloads\~$502022006 Vranova Lhota Kč - náplne,PHM oprava.xlsx
2022-03-31 09:09 - 2022-03-31 09:09 - 000611936 _____ C:\Users\janos\Downloads\521039689 (1).pdf
2022-03-31 08:51 - 2022-03-31 08:52 - 000611949 _____ C:\Users\janos\Downloads\521039689.pdf
2022-03-30 22:04 - 2022-03-30 22:05 - 000000000 ____D C:\Users\janos\Downloads\ribezle
2022-03-30 13:25 - 2022-03-30 13:37 - 000421493 _____ C:\Users\janos\Downloads\Opel_Vivaro_naplne_cykly.pdf
2022-03-30 13:00 - 2022-03-30 13:00 - 000438924 _____ C:\Users\janos\Downloads\tabulka-naplne-Atego-1325-vymenne-cykly.pdf
2022-03-30 12:50 - 2022-03-30 12:56 - 000438924 _____ C:\Users\janos\Downloads\tabulka naplne Atego 1325, vymenne cykly.pdf
2022-03-30 11:18 - 2022-03-30 12:23 - 000438115 _____ C:\Users\janos\Downloads\Mercedes Atego 918 Stare Mesto naplne cyklus.pdf
2022-03-30 10:10 - 2022-03-30 10:10 - 000850809 _____ C:\Users\janos\Downloads\vendryne.pdf
2022-03-29 08:51 - 2022-03-29 08:51 - 000091258 _____ C:\Users\janos\Downloads\502022006 Vranova Lhota Kč - náplne,PHM oprava.xlsx
2022-03-29 08:50 - 2022-03-29 08:51 - 000825940 _____ C:\Users\janos\Downloads\502022006 Vranova Lhota Kč - náplne,PHM oprava.pdf
2022-03-29 08:41 - 2022-03-29 08:41 - 000818226 _____ C:\Users\janos\Downloads\502022006 Vranova Lhota Kč - náplne,PHM.pdf
2022-03-27 20:09 - 2022-03-27 20:19 - 002316164 _____ C:\WINDOWS\Minidump\032722-43328-01.dmp
2022-03-24 15:32 - 2022-03-24 15:32 - 001752086 _____ C:\Users\janos\Downloads\domasov_komplet.pdf
2022-03-24 15:21 - 2022-03-24 15:21 - 000749572 _____ C:\Users\janos\Downloads\502022005 obec Domasov nad Bystrici, Servisny protokol.pdf
2022-03-24 15:17 - 2022-03-24 15:17 - 000818037 _____ C:\Users\janos\Downloads\502022005 obec Domasov nad Bystrici naplne a filtry.pdf
2022-03-24 15:09 - 2022-03-24 15:09 - 000819122 _____ C:\Users\janos\Downloads\502022004 obec Domasov nad Bystrici .pdf
2022-03-24 15:04 - 2022-03-24 15:04 - 000042826 _____ C:\Users\janos\Downloads\dobraci_stol.pdf
2022-03-23 18:38 - 2022-03-25 01:35 - 000000000 ____D C:\Users\janos\AppData\Local\Notepad
2022-03-22 10:54 - 2022-03-22 10:54 - 000053322 _____ C:\Users\janos\Downloads\znak VL - další.pdf
2022-03-22 10:26 - 2022-03-22 10:27 - 000813774 _____ C:\Users\janos\Downloads\2022001 Dobraci.pdf
2022-03-22 10:01 - 2022-03-22 10:01 - 000042827 _____ C:\Users\janos\Downloads\3ddesign s.r.o..pdf
2022-03-21 14:40 - 2022-03-21 14:40 - 000041312 _____ C:\Users\janos\Downloads\man trucks_dobraci.pdf
2022-03-21 13:20 - 2022-03-21 13:20 - 000818319 _____ C:\Users\janos\Downloads\502022004 obec Domasov nad Bystrici.pdf
2022-03-21 13:14 - 2022-03-21 13:14 - 000818318 _____ C:\Users\janos\Downloads\502022002 Vranova Lhota cz banka.pdf
2022-03-21 12:55 - 2022-03-21 13:16 - 000262524 _____ C:\Users\janos\Downloads\kupna zmluva Vivaro.pdf
2022-03-21 09:51 - 2022-03-21 09:51 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2022-03-21 09:51 - 2022-03-21 09:51 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-03-21 09:50 - 2022-03-21 09:50 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-03-21 09:50 - 2022-03-21 09:50 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe
2022-03-21 09:30 - 2022-05-06 10:18 - 000043035 _____ C:\Users\janos\Downloads\jinan_dobraci.pdf
2022-03-18 11:52 - 2022-03-18 11:52 - 000156149 _____ C:\Users\janos\Downloads\Object20220127133752476_1 (1).pdf
2022-03-18 11:50 - 2022-03-18 11:50 - 000157433 _____ C:\Users\janos\Downloads\dobraci pokuta.pdf
2022-03-18 11:32 - 2022-03-18 11:32 - 000156149 _____ C:\Users\janos\Downloads\Object20220127133752476_1.pdf
2022-03-18 11:18 - 2022-03-18 11:18 - 000003550 _____ C:\WINDOWS\system32\Tasks\CrystalDiskInfo
2022-03-18 11:17 - 2022-03-18 11:17 - 000008176 _____ C:\Users\janos\Downloads\crystal_disk_1.txt
2022-03-18 10:52 - 2022-03-27 20:20 - 000000000 ____D C:\WINDOWS\Minidump
2022-03-18 10:52 - 2022-03-18 10:55 - 001238396 _____ C:\WINDOWS\Minidump\031822-39937-01.dmp
2022-03-18 10:09 - 2022-03-18 10:09 - 000000112 ___SH C:\bootTel.dat
2022-03-17 11:23 - 2022-03-17 11:23 - 000215434 _____ C:\Users\janos\Downloads\WhatsApp Image 2022-03-16 at 15.36.12.jpeg
2022-03-16 12:29 - 2022-03-16 12:29 - 000640409 _____ C:\Users\janos\Downloads\preberaci protokol Dobraci.pdf
2022-03-16 12:15 - 2022-03-16 12:15 - 000029243 _____ C:\Users\janos\Downloads\Faktúra Dobráci s.r.o. 2164254235046518.pdf
2022-03-16 11:17 - 2022-03-16 11:17 - 000850785 _____ C:\Users\janos\Downloads\3dprint.pdf
2022-03-15 14:36 - 2022-03-15 14:36 - 000226264 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2022-03-15 14:36 - 2022-03-15 14:36 - 000183888 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2022-03-15 14:36 - 2022-03-15 14:36 - 000111624 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2022-03-15 14:36 - 2022-03-15 14:36 - 000107944 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2022-03-15 14:36 - 2022-03-15 14:36 - 000070776 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2022-03-15 14:36 - 2022-03-15 14:36 - 000044968 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2022-03-15 09:59 - 2022-03-15 09:59 - 000819805 _____ C:\Users\janos\Downloads\502022003 obec Stare Mesto.pdf
2022-03-14 18:16 - 2022-03-14 18:16 - 000850758 _____ C:\Users\janos\Downloads\EPH272204600_adresne_stitky_a4.pdf
2022-03-14 18:09 - 2022-03-14 18:09 - 000813097 _____ C:\Users\janos\Downloads\502022002 Vranova Lhota €.pdf
2022-03-14 15:32 - 2022-03-14 15:32 - 000275590 _____ C:\Users\janos\Downloads\VZ - Dobraci_Stránka_10.jpf
2022-03-14 15:32 - 2022-03-14 15:32 - 000258012 _____ C:\Users\janos\Downloads\VZ - Dobraci_Stránka_03.jpf
2022-03-14 15:32 - 2022-03-14 15:32 - 000242374 _____ C:\Users\janos\Downloads\VZ - Dobraci_Stránka_02.jpf
2022-03-14 15:32 - 2022-03-14 15:32 - 000219176 _____ C:\Users\janos\Downloads\VZ - Dobraci_Stránka_04.jpf
2022-03-14 15:32 - 2022-03-14 15:32 - 000187731 _____ C:\Users\janos\Downloads\VZ - Dobraci_Stránka_09.jpf
2022-03-14 15:32 - 2022-03-14 15:32 - 000179401 _____ C:\Users\janos\Downloads\VZ - Dobraci_Stránka_11.jpf
2022-03-14 15:32 - 2022-03-14 15:32 - 000143372 _____ C:\Users\janos\Downloads\VZ - Dobraci_Stránka_01.jpf
2022-03-14 15:32 - 2022-03-14 15:32 - 000137307 _____ C:\Users\janos\Downloads\VZ - Dobraci_Stránka_08.jpf
2022-03-14 15:32 - 2022-03-14 15:32 - 000124960 _____ C:\Users\janos\Downloads\VZ - Dobraci_Stránka_07.jpf
2022-03-14 15:32 - 2022-03-14 15:32 - 000079969 _____ C:\Users\janos\Downloads\VZ - Dobraci_Stránka_05.jpf
2022-03-14 15:32 - 2022-03-14 15:32 - 000037909 _____ C:\Users\janos\Downloads\VZ - Dobraci_Stránka_12.jpf
2022-03-14 15:32 - 2022-03-14 15:32 - 000028582 _____ C:\Users\janos\Downloads\VZ - Dobraci_Stránka_06.jpf
2022-03-14 15:31 - 2022-03-14 15:31 - 004132773 _____ C:\Users\janos\Downloads\VZ - Dobraci.pdf
2022-03-14 14:34 - 2022-03-14 14:34 - 000520144 _____ C:\Users\janos\Downloads\5300033338 (3).pdf
2022-03-14 14:17 - 2022-03-14 14:17 - 000449280 _____ C:\Users\janos\Downloads\521020215 (2).pdf
2022-03-14 13:23 - 2022-03-14 13:23 - 000516433 _____ C:\Users\janos\Downloads\5300362532.pdf
2022-03-14 12:56 - 2022-03-14 12:56 - 000088588 _____ C:\Users\janos\Downloads\novak_packeta (1).pdf
2022-03-14 12:54 - 2022-03-14 12:55 - 000088588 _____ C:\Users\janos\Downloads\novak_packeta.pdf
2022-03-14 12:41 - 2022-03-14 12:41 - 000354847 _____ C:\Users\janos\Downloads\V_1257777004_2_20220228_C1_P0.pdf
2022-03-14 12:35 - 2022-03-14 12:35 - 000087168 _____ C:\Users\janos\Downloads\20220228_2110264647_BU (1).pdf
2022-03-14 12:31 - 2022-03-14 12:31 - 000087168 _____ C:\Users\janos\Downloads\20220228_2110264647_BU.pdf
2022-03-14 12:21 - 2022-03-14 12:21 - 000041238 _____ C:\Users\janos\Downloads\alkma 140320222.pdf
2022-03-11 17:27 - 2022-03-11 17:27 - 000015824 _____ (ESET) C:\WINDOWS\system32\Drivers\eelam.sys
2022-03-11 10:50 - 2022-03-11 10:57 - 000818836 _____ C:\Users\janos\Downloads\dobraci_stare_mesto.pdf
2022-03-10 16:30 - 2022-03-10 16:30 - 001617653 _____ C:\Users\janos\Downloads\stand by ladeautomatik 800122.pdf
2022-03-10 09:57 - 2022-05-10 09:38 - 000003538 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d824ea5caa01c6
2022-03-09 22:10 - 2022-03-09 22:10 - 000042582 _____ C:\Users\janos\Downloads\stolmac zaloha 2.pdf
2022-03-09 22:01 - 2022-03-09 22:01 - 000850945 _____ C:\Users\janos\Downloads\EPH271710437_adresne_stitky_a4.pdf
2022-03-09 13:15 - 2022-03-09 13:15 - 000612133 _____ C:\Users\janos\Downloads\521027418.pdf
2022-03-07 15:32 - 2022-03-07 15:32 - 000055034 _____ C:\Users\janos\Downloads\detail platby Klamos.pdf
2022-03-07 15:31 - 2022-03-07 15:31 - 000051228 _____ C:\Users\janos\Downloads\detail platby.pdf
2022-03-07 13:38 - 2022-03-07 13:38 - 000612148 _____ C:\Users\janos\Downloads\packeta 07032022.pdf
2022-03-04 09:32 - 2022-03-04 09:32 - 000550530 _____ C:\Users\janos\Downloads\stankovicova_zmluva.pdf
2022-03-03 12:20 - 2022-03-03 12:20 - 001624118 _____ C:\Users\janos\Downloads\dobraci _nabidka_Vivaro domasov.pdf
2022-03-02 15:22 - 2022-04-05 08:59 - 005147776 _____ C:\Users\janos\Downloads\dobraci_nabidka_man_Vedryne.pdf
2022-03-02 14:26 - 2022-03-02 14:26 - 000186979 _____ C:\Users\janos\Downloads\Preddavok KLINKSTAV.pdf
2022-03-02 14:04 - 2022-03-02 14:04 - 000029238 _____ C:\Users\janos\Downloads\Faktúra Dobráci s.r.o. 2152195389777688.pdf
2022-03-02 13:34 - 2022-03-02 13:34 - 000818980 _____ C:\Users\janos\Downloads\502022002 Vranova Lhota oprava.pdf
2022-03-02 13:15 - 2022-03-02 13:15 - 000818979 _____ C:\Users\janos\Downloads\502022002 Vranova Lhota.pdf
2022-03-02 10:03 - 2022-03-02 10:03 - 000029221 _____ C:\Users\janos\Downloads\Faktúra Ján 2152072401844565 (1).pdf
2022-03-02 10:03 - 2022-03-02 10:03 - 000025556 _____ C:\Users\janos\Downloads\bolt Faktúra Ján 2152072401844565 (1).pdf
2022-03-02 10:02 - 2022-03-02 10:02 - 000029221 _____ C:\Users\janos\Downloads\Faktúra Ján 2152072401844565.pdf
2022-03-02 10:01 - 2022-03-02 10:01 - 000043271 _____ C:\Users\janos\Downloads\thinksmart_dobraci.pdf
2022-02-28 13:14 - 2022-02-28 13:14 - 000356148 _____ C:\Users\janos\Downloads\NAB-2022-1-00124_VRZ pro HASIČE _ v červenomodrém provedení (SINGLE) s mikrofonní funkcí_ vozidlo MAN.pdf
2022-02-25 10:54 - 2022-02-25 10:54 - 000850734 _____ C:\Users\janos\Downloads\EPH270242684_adresne_stitky_a4.pdf
2022-02-25 10:23 - 2022-02-25 10:23 - 000043247 _____ C:\Users\janos\Downloads\renz 022022.pdf
2022-02-25 10:06 - 2022-02-25 10:06 - 000088768 _____ C:\Users\janos\Downloads\vesely.pdf
2022-02-23 15:35 - 2022-02-23 15:54 - 000746715 _____ C:\Users\janos\Downloads\Dobraci ponuka cobra 2001 Piestany.pdf
2022-02-23 15:34 - 2022-02-23 15:52 - 000698851 _____ C:\Users\janos\Downloads\Dobraci ponuka cobra 2000 Piestany.pdf

==================== Three months (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-05-24 18:36 - 2020-04-01 18:09 - 000000000 ____D C:\Program Files (x86)\Google
2022-05-24 18:34 - 2014-04-23 12:13 - 000000000 ____D C:\FRST
2022-05-24 18:26 - 2022-02-07 12:00 - 000000000 ____D C:\ProgramData\AnyDesk
2022-05-24 18:25 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-05-24 18:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-05-24 18:23 - 2022-02-18 18:57 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-05-24 15:21 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-05-24 15:01 - 2020-04-03 13:01 - 000000000 ____D C:\Users\janos\AppData\Roaming\WhatsApp
2022-05-24 13:47 - 2020-03-31 09:59 - 000000000 ____D C:\ProgramData\NVIDIA
2022-05-24 10:10 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-05-24 10:10 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-05-24 09:58 - 2020-04-01 17:49 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-05-23 18:18 - 2020-07-12 12:17 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-05-23 17:58 - 2020-06-25 10:43 - 000000000 ____D C:\ProgramData\GoodSync
2022-05-19 14:36 - 2020-04-02 12:29 - 000000000 ____D C:\Users\janos\OneDrive\Dokumenty\Adobe
2022-05-18 11:06 - 2020-04-01 18:11 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-05-18 11:03 - 2021-11-03 15:29 - 000000000 ____D C:\Users\janos\AppData\Local\WhatsApp
2022-05-18 11:00 - 2022-02-18 19:26 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3755753306-3900577581-898390862-1004
2022-05-18 11:00 - 2022-02-18 19:26 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3755753306-3900577581-898390862-1004
2022-05-18 11:00 - 2022-02-18 19:03 - 000002367 _____ C:\Users\janos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-05-18 11:00 - 2020-03-31 10:15 - 000000000 ___RD C:\Users\janos\OneDrive
2022-05-18 10:55 - 2020-04-01 17:26 - 000000000 ____D C:\Users\janos\AppData\Roaming\ViberPC
2022-05-18 10:52 - 2022-02-07 11:59 - 000000000 ____D C:\Users\janos\AppData\Roaming\AnyDesk
2022-05-13 22:26 - 2022-02-18 19:03 - 000000000 ____D C:\Users\janos
2022-05-13 21:54 - 2020-03-31 10:12 - 000000000 ____D C:\Users\janos\AppData\Local\Packages
2022-05-13 21:46 - 2022-02-18 19:15 - 000902246 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-05-13 21:46 - 2020-04-01 23:56 - 000062354 _____ C:\WINDOWS\system32\perfh01B.dat
2022-05-13 21:46 - 2020-04-01 23:56 - 000016154 _____ C:\WINDOWS\system32\perfc01B.dat
2022-05-13 21:41 - 2022-02-18 19:26 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-05-13 21:41 - 2022-02-18 18:56 - 000008192 ___SH C:\DumpStack.log.tmp
2022-05-13 21:38 - 2022-02-18 18:57 - 000470712 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-05-13 21:36 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-05-13 21:35 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-05-13 21:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-05-13 21:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-05-13 21:34 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-05-13 21:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-05-13 21:34 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-05-13 09:34 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-05-13 08:18 - 2021-11-18 13:09 - 000000000 ____D C:\Program Files\Common Files\Adobe
2022-05-13 08:18 - 2021-11-18 12:18 - 000000000 ____D C:\Program Files\Adobe
2022-05-13 08:18 - 2020-04-01 19:01 - 000000000 ____D C:\Program Files (x86)\Adobe
2022-05-13 08:12 - 2020-06-25 10:43 - 000000000 ____D C:\Program Files\Siber Systems
2022-05-11 15:01 - 2020-04-01 23:57 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-05-11 14:55 - 2020-04-01 23:56 - 145501456 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-05-10 12:11 - 2020-11-02 09:20 - 000000000 ____D C:\Users\janos\AppData\Roaming\vlc
2022-05-10 09:38 - 2022-02-18 19:26 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-05-06 15:16 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-05-06 11:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-04-29 09:02 - 2022-02-18 19:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2022-04-29 09:02 - 2021-05-13 08:47 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2022-04-28 12:00 - 2020-04-01 18:20 - 000000000 ____D C:\Users\janos\AppData\Local\D3DSCache
2022-04-27 15:55 - 2020-03-31 10:15 - 000000000 ____D C:\ProgramData\Packages
2022-04-27 15:06 - 2020-03-31 10:12 - 000000000 ____D C:\Users\janos\AppData\Roaming\Adobe
2022-04-27 13:37 - 2020-04-01 19:02 - 000000000 ____D C:\Users\janos\AppData\Local\Adobe
2022-04-27 13:31 - 2022-02-18 19:26 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-04-27 13:07 - 2020-04-01 19:01 - 000000000 ____D C:\ProgramData\Adobe
2022-04-26 19:39 - 2022-02-18 21:35 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk

==================== Files in the root of some directories ========

2020-07-13 13:03 - 2020-08-26 11:43 - 000005120 _____ () C:\Users\janos\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2022-04-27 16:18 - 2022-04-27 16:18 - 000000000 _____ () C:\Users\janos\AppData\Local\oobelibMkey.log

==================== SigCheckExt =========================

2021-09-23 11:57 - 2021-06-07 10:24 - 000122368 _____ C:\WINDOWS\system32\eidskksp.dll
2003-10-17 13:44 - 2003-10-17 13:44 - 000089088 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl71.dll
2021-09-23 11:57 - 2021-06-07 10:24 - 000097792 _____ C:\WINDOWS\SysWOW64\eidskksp.dll
2003-10-17 13:44 - 2003-10-17 13:44 - 001060864 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71.dll
2004-02-20 16:15 - 2004-02-20 16:15 - 000040960 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71CHS.DLL
2004-02-20 16:15 - 2004-02-20 16:15 - 000045056 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71CHT.DLL
2004-02-20 16:15 - 2004-02-20 16:15 - 000065536 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71DEU.DLL
2003-10-17 13:44 - 2003-10-17 13:44 - 000057344 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ENU.DLL
2004-02-20 16:15 - 2004-02-20 16:15 - 000061440 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ESP.DLL
2004-02-20 16:15 - 2004-02-20 16:15 - 000061440 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71FRA.DLL
2004-02-20 16:15 - 2004-02-20 16:15 - 000061440 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ITA.DLL
2004-02-20 16:15 - 2004-02-20 16:15 - 000049152 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71JPN.DLL
2004-02-20 16:15 - 2004-02-20 16:15 - 000049152 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71KOR.DLL
2004-02-20 16:47 - 2004-02-20 16:47 - 001047552 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71u.dll
2003-10-17 13:44 - 2003-10-17 13:44 - 000499712 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll
2003-10-17 13:44 - 2003-10-17 13:44 - 000348160 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2001-05-22 01:00 - 2001-05-22 01:00 - 000527360 _____ (Borland Software Corporation) C:\WINDOWS\SysWOW64\stdvcl40.dll
2013-04-23 10:55 - 2013-04-23 10:55 - 000234496 _____ (TechSmith Corporation) C:\WINDOWS\SysWOW64\tsc2_codec32.dll
2013-04-23 10:55 - 2013-04-23 10:55 - 000270848 _____ (TechSmith Corporation) C:\WINDOWS\SysWOW64\tsc2_codec64.dll
2013-11-26 08:41 - 2013-11-26 08:41 - 000602624 _____ (TechSmith Corporation) C:\WINDOWS\SysWOW64\tsccvid.dll
2013-11-26 08:41 - 2013-11-26 08:41 - 000630272 _____ (TechSmith Corporation) C:\WINDOWS\SysWOW64\tsccvid64.dll
2022-05-24 12:49 - 2022-05-24 12:49 - 002367488 _____ (Farbar) C:\Users\janos\Downloads\FRST64.exe
2021-04-14 11:52 - 2021-04-14 11:53 - 000388608 _____ (Trend Micro Inc.) C:\Users\janos\Downloads\hijackthis.exe
2020-04-19 18:35 - 2020-04-19 18:37 - 204983356 _____ (Lenovo Group Limited ) C:\Users\janos\Downloads\j1101281.exe

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


==================== BCD ================================

Windows Boot Manager
--------------------
identifier {bootmgr}
device partition=\Device\HarddiskVolume2
description Windows Boot Manager
locale sk-SK
inherit {globalsettings}
default {current}
resumeobject {aa99d2c1-90db-11ec-9007-c5c56db528e2}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30

Windows Boot Loader
-------------------
identifier {0335e615-7eb6-11e3-ba64-e4d53de0aa9f}
device ramdisk=[C:]\Recovery\0335e615-7eb6-11e3-ba64-e4d53de0aa9f\Winre.wim,{0335e616-7eb6-11e3-ba64-e4d53de0aa9f}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\0335e615-7eb6-11e3-ba64-e4d53de0aa9f\Winre.wim,{0335e616-7eb6-11e3-ba64-e4d53de0aa9f}
systemroot \windows
nx OptIn
winpe Yes

Windows Boot Loader
-------------------
identifier {current}
device partition=C:
path \WINDOWS\system32\winload.exe
description Windows 10
locale sk-SK
inherit {bootloadersettings}
recoverysequence {ef5dcd88-90db-11ec-912b-9d6fe66f953b}
displaymessageoverride Recovery
recoveryenabled Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {aa99d2c1-90db-11ec-9007-c5c56db528e2}
nx OptIn
bootmenupolicy Standard

Windows Boot Loader
-------------------
identifier {ef5dcd88-90db-11ec-912b-9d6fe66f953b}
device ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{ef5dcd89-90db-11ec-912b-9d6fe66f953b}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale sk-SK
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{ef5dcd89-90db-11ec-912b-9d6fe66f953b}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes

Resume from Hibernate
---------------------
identifier {aa99d2c1-90db-11ec-9007-c5c56db528e2}
device partition=C:
path \WINDOWS\system32\winresume.exe
description Windows Resume Application
locale sk-SK
inherit {resumeloadersettings}
recoverysequence {ef5dcd88-90db-11ec-912b-9d6fe66f953b}
recoveryenabled Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No

Windows Memory Tester
---------------------
identifier {memdiag}
device partition=\Device\HarddiskVolume2
path \boot\memtest.exe
description Windows Memory Diagnostic
locale sk-SK
inherit {globalsettings}
badmemoryaccess Yes

EMS Settings
------------
identifier {emssettings}
bootems No

Debugger Settings
-----------------
identifier {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200

RAM Defects
-----------
identifier {badmemory}

Global Settings
---------------
identifier {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

Boot Loader Settings
--------------------
identifier {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

Hypervisor Settings
-------------------
identifier {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Resume Loader Settings
----------------------
identifier {resumeloadersettings}
inherit {globalsettings}

Device options
--------------
identifier {0335e616-7eb6-11e3-ba64-e4d53de0aa9f}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\0335e615-7eb6-11e3-ba64-e4d53de0aa9f\boot.sdi

Device options
--------------
identifier {ef5dcd89-90db-11ec-912b-9d6fe66f953b}
description Windows Recovery
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\WindowsRE\boot.sdi


==================== End of FRST.txt ========================

solide
Návštěvník
Návštěvník
Příspěvky: 58
Registrován: 07 lis 2006 09:41

Re: hacknuty mail asi aj pocitac, Windows 10 SK

#5 Příspěvek od solide »

Addition log:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-05-2022
Ran by janos (24-05-2022 18:41:07)
Running from C:\Users\janos\Downloads
Microsoft Windows 10 Home Version 21H2 19044.1706 (X64) (2022-02-18 17:26:48)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3755753306-3900577581-898390862-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3755753306-3900577581-898390862-503 - Limited - Disabled)
Guest (S-1-5-21-3755753306-3900577581-898390862-501 - Limited - Disabled)
janos (S-1-5-21-3755753306-3900577581-898390862-1004 - Administrator - Enabled) => C:\Users\janos
WDAGUtilityAccount (S-1-5-21-3755753306-3900577581-898390862-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {DF8BEACB-94C9-218A-73AD-A78362A8C516}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {E7B06BEE-DEA6-20D2-58F2-0EB69C7B826D}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM-x32\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Amic Email Backup v3.00 (HKLM-x32\...\AmicEmailBackup_is1) (Version: - Amic Tools)
AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 7.0.4 - AnyDesk Software GmbH)
Avidemux VC++ 64bits (HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\{d7e1a4d8-53cd-4168-a576-e806b0c84037}) (Version: 2.7.6 - Mean)
Balík softvéru eID (HKLM-x32\...\{b0b6d0ff-6512-432a-b667-742f673bbc68}) (Version: 1.0.0.0 - Ministerstvo vnútra Slovenskej republiky) Hidden
Balík softvéru eID (HKLM-x32\...\{d2c66c1e-5862-43e7-abe2-9c895312112c}) (Version: 1.0.0.0 - Ministerstvo vnútra Slovenskej republiky) Hidden
Bit4id - miniLector (HKLM-x32\...\Bit4id - miniLector) (Version: 3.7 - Bit4id)
Bonjour (HKLM-x32\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Camtasia Studio 8 (HKLM-x32\...\{5303CFB5-D635-44F0-A94B-9611E81F07C4}) (Version: 8.3.0.1471 - TechSmith Corporation)
CPUID HWMonitor 1.41 (HKLM-x32\...\CPUID HWMonitor_is1) (Version: 1.41 - CPUID, Inc.)
D.Launcher (x86) (HKLM-x32\...\{0DC85C46-746B-4BC5-B727-D5434DF7E5D0}) (Version: 1.2.0.2 - DITEC, a.s.)
D.Signer/XAdES .NET so zásuvnými modulmi (x86) (HKLM-x32\...\{EDB276CE-A945-4201-A552-2683B13C321F}) (Version: 4.0.24 - DITEC, a.s.)
D.Signer/XAdES .NET Tools (x86) (HKLM-x32\...\{6648F510-5044-4CA9-BC21-494A2A198B3A}) (Version: 4.0.17 - DITEC, a.s.)
D.Suite/eIDAS (x86) (HKLM-x32\...\{8d169eac-87e2-4981-825f-701b32f24d72}) (Version: 1.0.29 - DITEC, a.s.)
D.Viewer .NET (x86) (HKLM-x32\...\{73D635BE-5D6F-43D3-8C1F-63B5CD4D5953}) (Version: 4.0.2033 - DITEC, a.s.)
DCC_E2 (HKLM-x32\...\{B170E541-3668-480A-A2F0-3D7BAD17F877}) (Version: 2.40 - BernyR)
Disig Web Signer (HKLM-x32\...\{41C0F02D-2389-4AB5-975C-C2363E7C554C}) (Version: 2.0.7 - Disig)
EAC MW klient (HKLM-x32\...\{E22CF5CA-5935-451D-9B9D-EAA79DE703BD}) (Version: 3.7.0 - Ministerstvo vnútra Slovenskej republiky)
EaseUS Data Recovery Wizard (HKLM-x32\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS)
ESET Security (HKLM-x32\...\{7640EC0A-921E-44D1-9165-DE31D473EAE3}) (Version: 15.1.12.0 - ESET, spol. s r.o.)
GemPcCCID (HKLM-x32\...\{39417D48-AC92-47A7-9F53-3CA2049231B0}) (Version: 2.0.7 - Gemalto) Hidden
GemPcCCID (HKLM-x32\...\{55610A8B-6A3F-4F94-B072-4962B78638E5}) (Version: 4.1.4.0 - Gemalto)
GoodSync (HKLM-x32\...\{B26B00DA-2E5D-4CF2-83C5-911198C0F009}) (Version: 11.11.1.1 - Siber Systems Inc)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 101.0.4951.67 - Google LLC)
GPU Temp version 1.0 (HKLM-x32\...\{8C8711FD-0FC8-4801-B33E-ED19BB0350B1}_is1) (Version: 1.0 - gputemp.com)
GSM-Socket Config (HKLM-x32\...\GSM-Socket Config_is1) (Version: 1.0 - )
iMazing HEIC Converter 1.0.10.0 (HKLM-x32\...\{FA58AFA9-B210-409C-88F1-2A90D577C170}_is1) (Version: 1.0.10.0 - DigiDNA)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Microsoft OneDrive (HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\OneDriveSetup.exe) (Version: 22.089.0426.0003 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.13 - F.J. Wechselberger)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM-x32\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM-x32\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
PC Translator 2004 Komplet (HKLM-x32\...\PC Translator 2004 Komplet) (Version: - JANOSiK TEAM)
rajče beta53 sestavení 96 (HKLM-x32\...\rajče.net_is1) (Version: - rajče.net)
Readiris Pro 11 (HKLM-x32\...\{7C2B745A-E7F1-41F1-B9BB-3DDB8D52E4CE}) (Version: 11.00.4795 - I.R.I.S.)
RoboForm 7-7-0 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 7-7-0 - Siber Systems)
TAP-Windows 9.24.2 (HKLM-x32\...\TAP-Windows) (Version: 9.24.2 - OpenVPN Technologies, Inc.)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.29.4 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM-x32\...\Totalcmd64) (Version: 8.0 beta 18 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM-x32\...\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation)
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
Viber (HKLM-x32\...\{19594CFE-BCF4-49C0-BC50-727E9CD8CE7D}) (Version: 12.7.0.54 - Viber Media S.a.r.l) Hidden
Viber (HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\{7f38ce06-2ae3-4b5b-86d4-a817cb58edb7}) (Version: 12.7.0.54 - 2010-2020 Viber Media S.a.r.l)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM-x32\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM-x32\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Webshare klient (HKLM-x32\...\Webshare klient) (Version: - )
WhatsApp (HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\WhatsApp) (Version: 2.2216.8 - WhatsApp)
Wondershare MobileGo for Android ( Version 2.0.0 ) (HKLM-x32\...\{1E04C795-7359-4E05-8A0E-5644F777AA08}_is1) (Version: 2.0.0 - Wondershare)
Wondershare MobileGo(Version 8.5.0) (HKLM-x32\...\{1E04C795-7359-4E05-8A0E-5644F777AA09}_is1) (Version: 8.5.0 - Wondershare)

Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2022-04-27] (Adobe Systems Incorporated)
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc [2022-04-27] (Adobe Systems Incorporated)
Doplnok mediálneho nástroja pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-03-18] (Microsoft Corporation)
Doplnok pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2022-03-18] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_136.1.269.0_x64__v10z8vjag6ke6 [2022-04-29] (HP Inc.)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1510.7.114.0_x64__8xx8rvfyw5nnt [2022-05-06] (Meta) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-03-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-03-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.5120.0_x64__8wekyb3d8bbwe [2022-05-24] (Microsoft Studios) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3755753306-3900577581-898390862-1004_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-109CC7FE837A} -> [Creative Cloud Files] => C:\Users\janos\Creative Cloud Files [2022-04-27 13:12]
CustomCLSID: HKU\S-1-5-21-3755753306-3900577581-898390862-1004_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-3755753306-3900577581-898390862-1004_Classes\CLSID\{B4A0E54A-1B25-0F61-F6B4-B1010555D232}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3755753306-3900577581-898390862-1004_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-04-27] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-04-27] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-04-27] (Adobe Inc. -> )
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-04-27] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-03-15] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger) [File not signed]
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-03-15] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-04-27] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-03-15] (ESET, spol. s r.o. -> ESET)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\janos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\Troostwijk Auctions.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=igchalnaibhfhcfeclgagdhbcakmoodj

==================== Loaded Modules (Whitelisted) =============

2022-02-18 19:02 - 2018-03-24 01:05 - 000764640 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI.dll
2022-02-18 19:02 - 2018-03-24 01:05 - 000880024 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll
2022-02-18 19:02 - 2018-03-24 01:05 - 000343728 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NvStereo\_nvstapisvr64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-3755753306-3900577581-898390862-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.sk/
SearchScopes: HKU\S-1-5-21-3755753306-3900577581-898390862-1004 -> {c2b8e594-d284-ef0b-2c66-48a9c98914bc} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=sk&p_tsrc=fjnhltxzm&p_w=y3w14&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2009-03-13] (Siber Systems Inc.) [File not signed]
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2022-04-07] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2022-04-07] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2009-03-13] (Siber Systems Inc.) [File not signed]
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2022-04-07] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2022-04-07] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2009-03-13] (Siber Systems Inc.) [File not signed]
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2022-04-07] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2009-03-13] (Siber Systems Inc.) [File not signed]
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2022-04-07] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Program Files (x86)\PC Translator\webie.dll [2004-05-13] () [File not signed]
Toolbar: HKU\S-1-5-21-3755753306-3900577581-898390862-1004 -> &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2009-03-13] (Siber Systems Inc.) [File not signed]
Toolbar: HKU\S-1-5-21-3755753306-3900577581-898390862-1004 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2022-04-07] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\sharepoint.com -> hxxps://mylolis-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 06:49 - 2020-12-17 10:07 - 000000935 ____R C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.0 activation.easeus.com
0.0.0.0 track.easeus.com
0.0.0.0 easeus.com
0.0.0.0 update.easeus.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3755753306-3900577581-898390862-1004\Control Panel\Desktop\\Wallpaper -> F:\chlapci foto.jpg
DNS Servers: 10.0.0.2 - 10.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{9EC90BDC-A46F-4A60-AC48-CF36E851D847}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B2BD88A4-C563-4A47-97C0-A4199461BFC0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1F55FECB-3FA3-401D-BA83-5AC4671FCBE8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{8E1DFB7C-0E3F-46D6-9A9F-0585447AD761}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{3D3D07DD-ADDD-4310-9BD7-B35A46CC69B1}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B8A4FF9E-60DF-4802-9F38-2A0AC0331B18}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{50020EC5-94E5-4D5C-ABA9-90F3A302E4B6}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5C0BAC14-60F3-43F4-8543-4DA1252F0819}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9393C565-19C0-493C-9BDB-A2E4C30667FD}] => (Block) C:\Program Files\EaseUS\EaseUS Data Recovery Wizard\DRWUI.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
FirewallRules: [{0D66FB96-E430-4123-93D2-72166A56EE27}] => (Block) C:\Program Files\EaseUS\EaseUS Data Recovery Wizard\DRW.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
FirewallRules: [UDP Query User{9AD52B30-3C77-4586-83E0-27E9E98237FE}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe (Wondershare Technology Co.,Ltd -> Wondershare)
FirewallRules: [TCP Query User{61F69D73-CE25-4CA0-B8E8-A16DDE5A1F87}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe (Wondershare Technology Co.,Ltd -> Wondershare)
FirewallRules: [UDP Query User{7CCA1271-B818-47CA-8F51-354E35E5DBA7}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe (Wondershare Technology Co.,Ltd -> Wondershare)
FirewallRules: [TCP Query User{9194052E-BC16-41CA-B821-AF82EFD63E7D}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe (Wondershare Technology Co.,Ltd -> Wondershare)
FirewallRules: [UDP Query User{6E284143-0420-4420-A646-D4A35A9244F7}C:\program files (x86)\wondershare\mobilego\mobilego.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilego.exe (Wondershare Technology Co.,Ltd -> Wondershare)
FirewallRules: [TCP Query User{2D215C5B-41C2-462E-9793-B6A007CA3AA7}C:\program files (x86)\wondershare\mobilego\mobilego.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilego.exe (Wondershare Technology Co.,Ltd -> Wondershare)
FirewallRules: [{5C6B2391-3E6F-4B9F-9F8C-8BCAFB962508}] => (Allow) LPort=8317
FirewallRules: [{0D67B701-0CA0-4B8D-A0C9-E73A82E584E7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe => No File
FirewallRules: [{955B747A-9F56-4BF4-AE22-FE281A50DE5D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe => No File
FirewallRules: [{7C112D01-6568-4DD7-8D50-3CFAD48FFD7D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{88708B8D-3DBC-4E09-9374-2A54DF1ADE2D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CF5CE838-A1EB-46CA-A116-3F9DF1A2ED3A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6F2CD8BC-250A-4C2B-BA85-68B0FC072115}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4E5F14D2-C659-4DE7-9F38-A422C33FAE8F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A2DE37A5-2B34-4EA7-A874-095C79397FF0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{E1A2B675-81D9-473F-AE4A-02BE193027E7}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [TCP Query User{3B51F701-35E4-4180-A7A8-17920AB3A8C1}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [{75305898-B131-4B7B-91B1-9D9D5EB48902}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{48488D85-87DC-4DC6-81A2-3B379452E55F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9AF7778F-8D8D-4B1B-8067-A0C711360E24}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{621A17D8-027A-4654-A921-644D9CD7B865}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{21534541-0F22-4061-95AC-EA766D6D9BC7}] => (Allow) C:\Program Files\HP\HP DeskJet 5820 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{C0EB321A-BF8F-4C22-BDA0-80221C1428A1}] => (Allow) LPort=5357
FirewallRules: [{C2A874C9-FB0D-450B-A494-5AD39A6D95FB}] => (Allow) C:\Program Files\HP\HP DeskJet 5820 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{B89D9362-AFB3-43E9-8564-F85B85C2DC7C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe => No File
FirewallRules: [{981F46DE-388E-4FF6-B17E-DB5AF29FF259}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe => No File
FirewallRules: [{2BFAEDF1-96C5-4D9D-AE17-3E830A438A99}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{511ABBC7-CDA0-4F15-9927-1C5C402BCF53}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A153DC1B-D554-4D63-A015-1016193C32B3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{663541C5-C8B4-4512-B988-E81E7996D59B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9979E779-66B9-4501-A85D-9B970C2D8AA0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{91301EA7-E9DA-463B-9EDF-FF1042796D64}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{DE3A15F3-85D0-4DEA-B8C6-F51B9B9C17A5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{35F9A056-483C-4C81-9F09-D9C8362AE3E7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{66879F1F-9AF1-4A3C-B11C-C9EA8C8079DD}] => (Allow) C:\Program Files\Siber Systems\GoodSync\gs-server.exe (Siber Systems -> )
FirewallRules: [{0FD2EB2B-75E9-449C-9624-47AA589C699B}] => (Allow) C:\Program Files\Siber Systems\GoodSync\goodsync.exe (Siber Systems -> )
FirewallRules: [{6E4C8939-19E7-4BB8-9046-B25B5DFC58A7}] => (Allow) C:\Program Files\Siber Systems\GoodSync\gsexplorer.exe (Siber Systems -> )
FirewallRules: [{4095045B-6409-4669-BBDE-E6B1904E5A29}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{714C2425-4DF4-44C3-B8FC-806ED4FE2495}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{20A42191-EBD8-4759-A540-E2CB4D5ADC93}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{700393D0-BB37-4BF5-94F9-A481D309C34E}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{C576D8D0-6502-4A5B-9DDD-A07A24F31667}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{7D7A7ACC-2F9D-49E1-997D-EA12F114E5C2}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{17B6DC93-AC50-40BC-89C9-1954DA084FC4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{101B14E5-978B-4AC3-A435-A5FFB90F36C5}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\101.0.1210.53\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{797D27C8-F6E7-459B-A610-729045444D6A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D6384EAB-18ED-4926-88B0-33119508B217}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5737B7FA-0484-4D31-8F1B-AD549EE990A3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E6C7ADC2-6A80-4723-B4BC-0B8DF9E33EB0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

06-05-2022 10:45:21 Scheduled Checkpoint
11-05-2022 15:01:29 Inštalátor modulov systému Windows
24-05-2022 09:33:05 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============

Name: Intel(R) 82579V Gigabit Network Connection
Description: Intel(R) 82579V Gigabit Network Connection
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: e1i65x64
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (05/24/2022 06:30:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SearchApp.exe, verzia: 10.0.19041.1682, časová značka: 0xaf111162
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.1706, časová značka: 0x458acb5b
Kód výnimky: 0xc000027b
Odstup chyby: 0x000000000010fa32
Identifikácia chybujúceho procesu: 0x2a78
Čas spustenia chybujúcej aplikácie: 0x01d86f8b6bdf3ea4
Cesta chybujúcej aplikácie: C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: b7f5c187-02e6-44a6-9f65-a109fdbef69a
Celé meno chybujúceho balíka: Microsoft.Windows.Search_1.14.4.19041_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: CortanaUI

Error: (05/24/2022 06:30:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program explorer.exe version 10.0.19041.1706 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 2404

Start Time: 01d86a954eb53ba1

Termination Time: 0

Application Path: C:\Windows\explorer.exe

Report Id: d6e68517-c8d5-4a44-9966-d0cf7079e329

Faulting package full name:

Faulting package-relative application ID:

Hang type: Cross-process

Error: (05/24/2022 10:26:44 AM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002

Error: (05/24/2022 10:26:44 AM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002

Error: (05/24/2022 10:26:44 AM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003

Error: (05/24/2022 08:37:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname DESKTOP-LQJATP4-2.local already in use; will try DESKTOP-LQJATP4-3.local instead

Error: (05/24/2022 08:37:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 DESKTOP-LQJATP4-2.local. Addr 192.168.1.114

Error: (05/24/2022 08:37:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.107:5353 4 DESKTOP-LQJATP4-2.local. Addr 192.168.1.107


System errors:
=============
Error: (05/24/2022 01:47:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Genuine Monitor Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (05/24/2022 01:47:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Genuine Software Integrity Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (05/24/2022 01:47:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Wondershare Application Framework Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (05/24/2022 01:47:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Bonjour Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (05/24/2022 01:47:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba dLauncherLoopback sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (05/24/2022 01:47:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 1000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (05/24/2022 01:47:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba GoodSync Server sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (05/24/2022 01:47:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AdobeUpdateService sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.


Windows Defender:
================
Date: 2022-05-24 09:54:33
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-05-24 09:02:49
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-05-24 08:57:54
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-05-19 15:12:02
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-05-19 13:13:28
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]:

Date: 2022-03-18 09:54:03
Description:
Microsoft Defender Antivirus has encountered an error trying to load security intelligence and will attempt reverting back to a known-good version.
Security intelligence Attempted: Current
Error Code: 0x80070003
Error description: The system cannot find the path specified.
Security intelligence version: 0.0.0.0;0.0.0.0
Engine version: 0.0.0.0

Date: 2022-03-01 11:54:02
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x80004005
Error description: Unspecified error
Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.

CodeIntegrity:
===============
Date: 2022-05-24 12:12:54
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2022-05-24 11:58:36
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

BIOS: LENOVO DUKT34AUS 08/02/2011
Motherboard: LENOVO 7745
Processor: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz
Percentage of memory in use: 63%
Total physical RAM: 8171.63 MB
Available physical RAM: 2955.73 MB
Total Virtual: 19435.63 MB
Available Virtual: 13107.53 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:440.59 GB) (Free:267.55 GB) (Model: ST2000DM006-2DM164) NTFS
Drive f: (DATA) (Fixed) (Total:1397.15 GB) (Free:728.45 GB) (Model: ST2000DM006-2DM164) NTFS
Drive g: (Vyhradené systémom) (Fixed) (Total:0.1 GB) (Free:0.06 GB) (Model: ST2000DM006-2DM164) NTFS ==>[system with boot components (obtained from drive)]
Drive h: (LENOVO_PART) (Fixed) (Total:25.07 GB) (Free:6.53 GB) (Model: ST2000DM006-2DM164) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{d19f8542-0000-0000-0000-500600000000}\ () (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: D19F8542)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=440.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1863 GB) - (Type=05)

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118152
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: hacknuty mail asi aj pocitac, Windows 10 SK

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
CustomCLSID: HKU\S-1-5-21-3755753306-3900577581-898390862-1004_Classes\CLSID\{B4A0E54A-1B25-0F61-F6B4-B1010555D232}\InprocServer32 -> no filepath
FirewallRules: [{0D67B701-0CA0-4B8D-A0C9-E73A82E584E7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe => No File
FirewallRules: [{955B747A-9F56-4BF4-AE22-FE281A50DE5D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe => No File
FirewallRules: [{B89D9362-AFB3-43E9-8564-F85B85C2DC7C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe => No File
FirewallRules: [{981F46DE-388E-4FF6-B17E-DB5AF29FF259}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe => No File
HKLM-x32\...\Run: [] => [X]
Task: {78B260B3-CFB9-481E-BABF-D678675E7A08} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-01] (Google LLC -> Google LLC)
Task: {E3032937-05E4-42A8-B058-867E01766723} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-01] (Google LLC -> Google LLC)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\Users\janos\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

EmptyTemp:
Hosts:

End

Uložte do C:\Users\janos\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

solide
Návštěvník
Návštěvník
Příspěvky: 58
Registrován: 07 lis 2006 09:41

Re: hacknuty mail asi aj pocitac, Windows 10 SK

#7 Příspěvek od solide »

Uložte do C:\Users\janos\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

vykonane, posielam novy LOG:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-05-2022
Ran by janos (administrator) on DESKTOP-LQJATP4 (LENOVO 7745) (24-05-2022 21:10:50)
Running from C:\Users\janos\Downloads
Loaded Profiles: janos
Platform: Microsoft Windows 10 Home Version 21H2 19044.1706 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe <2>
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe <2>
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HDBox\Setup.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe
(C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <2>
(C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe <2>
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(explorer.exe ->) (Disig a.s. -> Disig a.s.) C:\Program Files (x86)\Disig\Web Signer\WebSignerTray.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <18>
(explorer.exe ->) (Siber Systems -> Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(explorer.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\MobileGo\MobileGoService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
(Ministerstvo vnútra Slovenskej republiky -> Ministerstvo vnútra Slovenskej republiky) C:\Program Files (x86)\EAC MW klient\EAC_MW_klient.exe
(Open Source Developer, Noriyuki Miyazaki -> Crystal Dew World) F:\instalacky programov\utility na disk safrankova\CrystalDiskInfo8_13_2\DiskInfo64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (DITEC, a.s. -> ) C:\Program Files (x86)\Ditec\DLauncher\dLauncherLoopback.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (philandro Software GmbH -> AnyDesk Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <2>
(services.exe ->) (Siber Systems -> ) C:\Program Files\Siber Systems\GoodSync\gs-server.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe
(svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\janos\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(svchost.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(svchost.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe
(svchost.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
(WhatsApp, Inc -> WhatsApp) C:\Users\janos\AppData\Local\WhatsApp\app-2.2216.8\WhatsApp.exe <7>
Failed to access process -> AcrobatNotificationClient.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3427104 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [168064 2022-03-15] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [37232 2008-06-12] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5819672 2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [EAC_MW_klient] => C:\Program Files (x86)\EAC MW klient\EAC_MW_klient.exe [11819664 2021-07-20] (Ministerstvo vnútra Slovenskej republiky -> Ministerstvo vnútra Slovenskej republiky)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [850208 2022-05-13] (Adobe Inc. -> Adobe Inc.)
HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\Run: [Viber] => C:\Users\janos\AppData\Local\Viber\Viber.exe [45429776 2020-12-03] (Viber Media S.à r.l. -> Viber Media S.à r.l.)
HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [107000 2020-04-01] (Siber Systems -> Siber Systems)
HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\Run: [com.squirrel.WhatsApp.WhatsApp] => C:\Users\janos\AppData\Local\WhatsApp\Update.exe [2253568 2022-05-18] (WhatsApp, Inc -> )
HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\Run: [Disig Web Signer] => C:\Program Files (x86)\Disig\Web Signer\WebSignerTray.exe [254080 2021-02-04] (Disig a.s. -> Disig a.s.)
HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5412632 2022-04-07] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5412632 2022-04-07] (Adobe Inc. -> Adobe Systems Incorporated)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [203936 2022-04-07] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP DeskJet 5820 series): C:\WINDOWS\system32\HPDiscoPMEE11.dll [807056 2016-08-04] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\101.0.4951.67\Installer\chrmstp.exe [2022-05-18] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2022-02-07]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MobileGo Service.lnk [2020-10-12]
ShortcutTarget: MobileGo Service.lnk -> C:\Program Files (x86)\Wondershare\MobileGo\MobileGoService.exe (Wondershare Technology Co.,Ltd -> Wondershare)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0040B8D6-C748-42EC-A4F3-2F3DF7522727} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2069952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {117348C6-FC83-4767-8FC1-D6CA7D026B21} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [107000 2020-04-01] (Siber Systems -> Siber Systems)
Task: {1E1596A4-6184-46F7-B540-66D7FD9E1052} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {20248C13-0266-4AA5-89EC-D170C7628DEA} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [757184 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {38B13106-1942-427A-A676-1E5B9E7158B2} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {3BD7A1A2-1DFF-4A20-8205-EE24E966A707} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [510912 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {40B21E26-6C46-48AE-B71E-D7C5068E099D} - System32\Tasks\Open URL by RoboForm => C:\WINDOWS\system32\rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/test-pass.html?aaa=KIC ... JNDJCMMIEJ"
Task: {40F7DC8B-D514-41BB-9DE8-92602C30F7DB} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {56527AA4-AFBB-43B3-9120-59EE55A845AF} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3427104 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {6D9FCD78-8BA0-4E28-AEC6-B805FA3CA723} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {6EE8ED60-DFD0-450A-A731-39EB7AA21D27} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [42144 2022-04-29] (HP Inc. -> HP Inc.)
Task: {9203648D-8F2B-4D8C-9DBD-65D173BE4504} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files (x86)\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {98B7BBDE-5101-4F2B-9EA5-8EEA33DECE40} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [976832 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A2893D3A-6D55-4F47-9462-6471765AC59D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {AEA581CD-913C-4E68-BD20-2D4C6F9C0D9E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {B4B3D474-E811-449A-8BC4-9E6F0601C24E} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {B6B8F442-A1BB-461C-8C18-A0AB0AD6C58A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {C3B6052A-3898-4F36-BA36-C9229EF124F1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DF77FFF6-3C55-431B-A287-5285AACC7689} - System32\Tasks\CrystalDiskInfo => F:\instalacky programov\utility na disk safrankova\CrystalDiskInfo8_13_2\DiskInfo64.exe [2802720 2022-03-18] (Open Source Developer, Noriyuki Miyazaki -> Crystal Dew World)
Task: {F63D921D-8BB1-4030-A36F-5E6E5749D6D1} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [42144 2022-04-29] (HP Inc. -> HP Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{190ec8a3-ed5f-46a3-8da8-5b04379db2dc}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1f03db79-0c49-4692-a547-51243528b303}: [DhcpNameServer] 10.0.0.2 10.0.0.1
Tcpip\..\Interfaces\{51c19704-2799-4c6e-8ab8-d05a1bbcf5df}: [DhcpNameServer] 10.0.0.2 10.0.0.1

Edge:
=======
DownloadDir: C:\Users\janos\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\janos\AppData\Local\Microsoft\Edge\User Data\Default [2022-05-24]
Edge HomePage: Default -> hxxp://www.google.sk/
Edge Extension: (Notifier for Gmail™) - C:\Users\janos\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dcjichoefijpinlfnjghokpkojhlhkgl [2021-10-04]
Edge Extension: (iCloud Záložky) - C:\Users\janos\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2022-05-19]
Edge Extension: (Adblock Plus - free ad blocker) - C:\Users\janos\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2022-05-23]
Edge Extension: (IE Tab) - C:\Users\janos\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2022-05-18]
Edge Extension: (RoboForm Password Manager) - C:\Users\janos\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ljfpcifpgbbchoddpjefaipoiigpdmag [2022-04-20]
Edge Extension: (uBlock Origin) - C:\Users\janos\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2022-05-06]
Edge Extension: (Send Link by Email or Gmail) - C:\Users\janos\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\plcgkgghkdfgfhiidfjkhmainebgmklf [2020-07-12]

FireFox:
========
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2022-04-07]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2022-05-13] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2022-05-13] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: ditec.sk/DAsicFac -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~1.DLL [2021-02-09] (DITEC, a.s. -> Ditec,a.s.)
FF Plugin-x32: ditec.sk/DitecZepDViewerFb -> C:\PROGRA~2\Ditec\DViewer\NPDITE~1.DLL [2021-02-09] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigMessageContainer -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~2.DLL [2021-02-09] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigXadesExtender -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~3.DLL [2021-02-09] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigXadesFb -> C:\PROGRA~2\Ditec\DSIGNE~1.NET\NPDITE~1.DLL [2021-09-06] (DITEC, a.s. -> Ditec,a.s.)
FF Plugin-x32: ditec.sk/XmlDataContainerFb -> C:\PROGRA~2\Ditec\DSIGNE~1.NET\NPDITE~2.DLL [2021-09-06] (DITEC, a.s. -> Ditec,a.s.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default [2022-05-24]
CHR Notifications: Default -> hxxps://alimebot.aliexpress.com; hxxps://calendar.google.com; hxxps://email.forpsi.com; hxxps://findmedia.biz; hxxps://mail.google.com; hxxps://watch-video.net; hxxps://www.alibaba.com; hxxps://www.comco.sk; hxxps://www.messenger.com; hxxps://www.pocasie.sk
CHR HomePage: Default -> hxxp://www.google.sk/
CHR StartupUrls: Default -> "hxxps://www.google.sk/"
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-05-13]
CHR Extension: (uBlock Origin) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-04-08]
CHR Extension: (Notifier for Gmail™) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcjichoefijpinlfnjghokpkojhlhkgl [2021-09-27]
CHR Extension: (Adobe Acrobat: nástroje na upravovanie, prevádzanie a podpisovanie súborov PDF) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-04-29]
CHR Extension: (iCloud Záložky) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2022-05-24]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-14]
CHR Extension: (IE Tab) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2022-05-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (DigitalPersona) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkdnjfgdoolnmiacpdamadcneoblphbj [2021-10-06]
CHR Extension: (Send Link by Email or Gmail) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\plcgkgghkdfgfhiidfjkhmainebgmklf [2020-04-01]
CHR Extension: (RoboForm Password Manager) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2022-05-24]
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-05-24]
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-05-24]
CHR Extension: (YouTube) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-08-03]
CHR Extension: (Adobe Acrobat: nástroje na upravovanie, prevádzanie a podpisovanie súborov PDF) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-05-05]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-05-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-10]
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 2 [2022-05-24]
CHR Extension: (YouTube) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-08-04]
CHR Extension: (Adobe Acrobat: nástroje na upravovanie, prevádzanie a podpisovanie súborov PDF) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-04-27]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-27]
CHR Extension: (AdBlock - najlepší blokovač reklám) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-04-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-04-27]
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 3 [2022-05-24]
CHR Extension: (Adobe Acrobat: nástroje na upravovanie, prevádzanie a podpisovanie súborov PDF) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-05-09]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-05-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-03]
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4 [2022-05-24]
CHR Extension: (Prezentácie) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-11-09]
CHR Extension: (Dokumenty) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2020-11-09]
CHR Extension: (Disk Google) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-09]
CHR Extension: (YouTube) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-11-09]
CHR Extension: (Tabuľky) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-11-09]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-03-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-18]
CHR Extension: (Gmail) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-09]
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 5 [2022-05-24]
CHR Extension: (YouTube) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-11-21]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-09]
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6 [2022-05-24]
CHR Extension: (Prezentácie) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-08-23]
CHR Extension: (Dokumenty) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aohghmighlieiainnegkcijnfilokake [2021-08-23]
CHR Extension: (Disk Google) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-08-23]
CHR Extension: (YouTube) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-08-23]
CHR Extension: (Tabuľky) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-08-23]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-23]
CHR Extension: (Gmail) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-08-23]
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\System Profile [2022-05-24]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [919328 2022-04-27] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3815712 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3580200 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3803376 2022-02-07] (philandro Software GmbH -> AnyDesk Software GmbH)
R2 dLauncherLoopback; C:\Program Files (x86)\Ditec\DLauncher\dLauncherLoopback.exe [154960 2019-08-02] (DITEC, a.s. -> )
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3210720 2022-03-15] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3210720 2022-03-15] (ESET, spol. s r.o. -> ESET)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2020-04-01] (Macrovision Corporation -> Macrovision Europe Ltd.) [File not signed]
R2 GsServer; C:\Program Files\Siber Systems\GoodSync\gs-server.exe [12976384 2022-05-13] (Siber Systems -> )
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [223904 2022-04-29] (HP Inc. -> HP Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182392 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [14585832 2022-05-11] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe [473312 2017-03-20] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\MobileGo\DriverInstall.exe [101152 2017-06-01] (Wondershare Technology Co.,Ltd -> Wondershare)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AVerPola; C:\WINDOWS\system32\DRIVERS\AVerPola.sys [871056 2015-05-21] (Microsoft Windows Hardware Compatibility Publisher -> AVerMedia TECHNOLOGIES, Inc.)
R3 AVPolDIR; C:\WINDOWS\System32\drivers\AVPolDIR.sys [15896 2015-05-21] (Microsoft Windows Hardware Compatibility Publisher -> AVerMedia TECHNOLOGIES, Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [183888 2022-03-15] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [107944 2022-03-15] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15824 2022-03-11] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [226264 2022-03-15] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [44968 2022-03-15] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [70776 2022-03-15] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [111624 2022-03-15] (ESET, spol. s r.o. -> ESET)
S3 GemCCID; C:\WINDOWS\System32\drivers\GemCCID.sys [137712 2016-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Gemalto)
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2019-12-07] (Microsoft Windows -> Realtek Semiconductor Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43640 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49600 2022-04-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [443664 2022-04-08] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-08] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-05-24 20:52 - 2022-05-24 21:01 - 000006034 _____ C:\Users\janos\Downloads\Fixlog.txt
2022-05-24 18:45 - 2022-05-24 18:45 - 000662258 _____ C:\Users\janos\Downloads\Shortcut.txt
2022-05-24 13:45 - 2022-05-24 13:45 - 008551608 _____ (Malwarebytes) C:\Users\janos\Downloads\adwcleaner.exe
2022-05-24 13:26 - 2022-05-24 13:26 - 001796324 _____ C:\Users\janos\Downloads\4658_Technical Product Manual modulcockpit II 10 2012 (2).pdf
2022-05-24 13:26 - 2022-05-24 13:26 - 001796324 _____ C:\Users\janos\Downloads\4658_Technical Product Manual modulcockpit II 10 2012 (1).pdf
2022-05-24 13:25 - 2022-05-24 13:26 - 001796324 _____ C:\Users\janos\Downloads\4658_Technical Product Manual modulcockpit II 10 2012.pdf
2022-05-24 12:56 - 2022-05-24 20:51 - 000012218 _____ C:\Users\janos\Downloads\Addition.txt
2022-05-24 12:52 - 2022-05-24 21:14 - 000036526 _____ C:\Users\janos\Downloads\FRST.txt
2022-05-24 12:49 - 2022-05-24 12:49 - 002367488 _____ (Farbar) C:\Users\janos\Downloads\FRST64.exe
2022-05-24 10:10 - 2022-05-24 10:10 - 000000000 ____D C:\Users\janos\AppData\Local\ESET
2022-05-24 10:09 - 2022-05-24 10:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2022-05-24 10:09 - 2022-05-24 10:09 - 000000000 ____D C:\ProgramData\ESET
2022-05-24 10:09 - 2022-05-24 10:09 - 000000000 ____D C:\Program Files\ESET
2022-05-24 10:04 - 2022-05-24 10:05 - 000000000 ____D C:\Users\janos\OneDrive\Dokumenty\dobraci docasne
2022-05-24 10:01 - 2022-05-24 10:01 - 008500384 _____ (ESET) C:\Users\janos\Downloads\eset_internet_security_live_installer.exe
2022-05-19 14:55 - 2022-05-19 14:55 - 000150946 _____ C:\Users\janos\Downloads\1652964818719.JPEG
2022-05-19 13:51 - 2022-05-19 14:08 - 000257685 _____ C:\Users\janos\Downloads\zmluva Kovanice Mercedes 811 D.pdf
2022-05-19 10:17 - 2022-05-19 10:17 - 000151780 _____ C:\Users\janos\Downloads\SK6409000000000010309466_8675093912.pdf
2022-05-18 17:55 - 2022-05-18 17:55 - 000042605 _____ C:\Users\janos\Downloads\agrotec uhrada Dobraci.pdf
2022-05-13 22:13 - 2022-05-13 22:13 - 001380537 _____ C:\Users\janos\Downloads\Kópia - EIK3_zoznam_v3.xlsx
2022-05-13 21:52 - 2022-05-13 21:52 - 000000000 ____D C:\Users\janos\Tracing
2022-05-13 08:50 - 2022-05-13 08:50 - 000011799 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-05-13 08:49 - 2022-05-13 08:49 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-05-13 08:49 - 2022-05-13 08:49 - 000093696 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2022-05-13 08:18 - 2022-05-13 08:18 - 000001382 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2022-05-13 08:17 - 2022-05-13 08:17 - 000218337 _____ C:\Users\janos\Downloads\Dobráci s.r.o. zmluva na podpis.pdf
2022-05-13 08:12 - 2022-05-13 08:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GoodSync
2022-05-11 15:07 - 2022-05-11 15:07 - 000000000 ___HD C:\$WinREAgent
2022-05-10 16:37 - 2022-05-10 16:37 - 000850760 _____ C:\Users\janos\Downloads\EPH279923883_adresne_stitky_a4.pdf
2022-05-09 17:42 - 2022-05-09 17:42 - 000034675 _____ C:\Users\janos\Downloads\uznanie-dlhu.pdf
2022-05-09 14:45 - 2022-05-09 14:45 - 000850795 _____ C:\Users\janos\Downloads\EPH279728195_adresne_stitky_a4.pdf
2022-05-09 11:09 - 2022-05-09 11:09 - 000134775 _____ C:\Users\janos\Downloads\dobraci objednavka prepravnych cisiel.pdf
2022-05-06 10:17 - 2022-05-06 10:17 - 000038944 _____ C:\Users\janos\Downloads\dok (2).pdf
2022-05-05 15:44 - 2022-05-05 15:44 - 003621262 _____ C:\Users\janos\Downloads\WhatsApp Video 2022-05-05 at 15.05.19.mp4
2022-05-05 15:25 - 2022-05-05 15:25 - 000249044 _____ C:\Users\janos\Downloads\Doplňujúce údaje k žiadosti vratenie DPH CZ prenajom.pdf
2022-05-04 11:02 - 2022-05-04 11:02 - 000045565 _____ C:\Users\janos\Downloads\Safetech platba 052022.pdf
2022-05-04 11:02 - 2022-05-04 11:02 - 000040950 _____ C:\Users\janos\Downloads\dok (1).pdf
2022-05-04 10:49 - 2022-05-04 10:49 - 000355046 _____ C:\Users\janos\Downloads\V_1257777004_4_20220429_C1_P0.pdf
2022-05-04 09:43 - 2022-05-04 09:43 - 000501440 _____ C:\Users\janos\Downloads\ZSE_poistka.pdf
2022-05-04 09:43 - 2022-05-04 09:43 - 000499631 _____ C:\Users\janos\Downloads\1EKZB_Suhrn_ZE_AS-_VZOR.pdf
2022-05-04 09:17 - 2022-05-04 09:17 - 000258256 _____ C:\Users\janos\Downloads\doklad.pdf
2022-05-04 09:12 - 2022-05-04 09:12 - 000138221 _____ C:\Users\janos\Downloads\Dobraci_Object20220502104452398_1.pdf
2022-05-04 09:10 - 2022-05-04 09:10 - 000136868 _____ C:\Users\janos\Downloads\Object20220502104452398_1.pdf
2022-05-04 09:08 - 2022-05-04 09:08 - 000137688 _____ C:\Users\janos\Downloads\Dobraci_Object20220414120458543_1.pdf
2022-05-04 09:05 - 2022-05-04 09:05 - 000136295 _____ C:\Users\janos\Downloads\Object20220414120458543_1.pdf
2022-05-04 08:48 - 2022-05-04 08:48 - 000511626 _____ C:\Users\janos\Downloads\5301051603.pdf
2022-05-01 18:24 - 2022-05-01 18:24 - 000029476 _____ C:\Users\janos\Downloads\Faktúra Dobráci s.r.o. 2204130473853593.pdf
2022-05-01 18:20 - 2022-05-01 18:20 - 002092382 _____ C:\Users\janos\Downloads\janosova_injury.pdf
2022-04-29 10:19 - 2022-04-29 10:19 - 000808344 _____ C:\Users\janos\Downloads\eustream upomienka 1.pdf
2022-04-29 10:16 - 2022-04-29 10:16 - 000042573 _____ C:\Users\janos\Downloads\eustream_upomienka.pdf
2022-04-29 09:16 - 2022-04-29 09:16 - 000041376 _____ C:\Users\janos\Downloads\calvados_dobraci.pdf
2022-04-27 17:34 - 2022-04-27 17:34 - 000038542 _____ C:\Users\janos\Downloads\Facture-1316414.pdf
2022-04-27 16:13 - 2022-04-27 16:13 - 000000000 ____D C:\Users\janos\AppData\Local\SolidDocuments
2022-04-27 13:31 - 2022-04-27 13:31 - 000000040 ____H C:\04EC72786C80
2022-04-27 13:31 - 2022-04-27 13:31 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2022-04-27 13:27 - 2022-04-27 13:27 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2022-04-27 13:27 - 2022-04-27 13:27 - 000002103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-04-27 13:12 - 2022-05-24 21:09 - 000000000 ___RD C:\Users\janos\Creative Cloud Files
2022-04-27 13:09 - 2022-05-19 14:15 - 000003522 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2022-04-27 09:35 - 2022-04-27 09:35 - 000000298 _____ C:\Users\janos\Downloads\Agorastore.txt
2022-04-26 19:39 - 2022-04-26 19:39 - 000000000 ____D C:\Program Files\PCHealthCheck
2022-04-26 14:54 - 2022-04-26 14:54 - 000038348 _____ C:\Users\janos\Downloads\Facture-1316414 (2).pdf
2022-04-26 14:54 - 2022-04-26 14:54 - 000038348 _____ C:\Users\janos\Downloads\Facture-1316414 (1).pdf
2022-04-25 15:15 - 2022-04-25 15:15 - 000069632 _____ C:\Users\janos\Downloads\ca66912b-3605-4187-857f-b2db72a2a7c5.xls
2022-04-25 14:57 - 2022-04-25 14:57 - 000043480 _____ C:\Users\janos\Downloads\holomy_dobraci.pdf
2022-04-25 12:03 - 2022-04-25 12:06 - 230475667 _____ C:\Users\janos\Downloads\2 Blondinki Hot _ PornWex_ Original.mp4

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-05-24 21:14 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-05-24 21:13 - 2014-04-23 12:13 - 000000000 ____D C:\FRST
2022-05-24 21:12 - 2021-11-18 13:09 - 000000000 ____D C:\Program Files\Common Files\Adobe
2022-05-24 21:10 - 2022-02-18 19:15 - 000902246 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-05-24 21:10 - 2020-04-03 13:01 - 000000000 ____D C:\Users\janos\AppData\Roaming\WhatsApp
2022-05-24 21:10 - 2020-04-01 23:56 - 000062354 _____ C:\WINDOWS\system32\perfh01B.dat
2022-05-24 21:10 - 2020-04-01 23:56 - 000016154 _____ C:\WINDOWS\system32\perfc01B.dat
2022-05-24 21:10 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-05-24 21:09 - 2020-04-01 18:09 - 000000000 ____D C:\Program Files (x86)\Google
2022-05-24 21:08 - 2020-04-01 17:26 - 000000000 ____D C:\Users\janos\AppData\Roaming\ViberPC
2022-05-24 21:07 - 2020-03-31 10:15 - 000000000 ___RD C:\Users\janos\OneDrive
2022-05-24 21:06 - 2022-02-07 11:59 - 000000000 ____D C:\Users\janos\AppData\Roaming\AnyDesk
2022-05-24 21:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-05-24 21:05 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-05-24 21:04 - 2020-03-31 09:59 - 000000000 ____D C:\ProgramData\NVIDIA
2022-05-24 21:03 - 2022-02-18 19:26 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-05-24 21:03 - 2022-02-07 12:00 - 000000000 ____D C:\ProgramData\AnyDesk
2022-05-24 21:03 - 2020-04-01 17:49 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-05-24 21:02 - 2022-02-18 18:56 - 000008192 ___SH C:\DumpStack.log.tmp
2022-05-24 21:02 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-05-24 20:56 - 2020-04-17 15:13 - 000000000 ____D C:\Users\janos\AppData\LocalLow\Temp
2022-05-24 20:46 - 2022-02-18 18:57 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-05-24 20:46 - 2020-04-04 09:33 - 000000000 ____D C:\ProgramData\dzfzx
2022-05-24 10:10 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-05-23 18:18 - 2020-07-12 12:17 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-05-23 17:58 - 2020-06-25 10:43 - 000000000 ____D C:\ProgramData\GoodSync
2022-05-19 14:36 - 2020-04-02 12:29 - 000000000 ____D C:\Users\janos\OneDrive\Dokumenty\Adobe
2022-05-18 11:06 - 2020-04-01 18:11 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-05-18 11:03 - 2021-11-03 15:29 - 000000000 ____D C:\Users\janos\AppData\Local\WhatsApp
2022-05-18 11:00 - 2022-02-18 19:26 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3755753306-3900577581-898390862-1004
2022-05-18 11:00 - 2022-02-18 19:26 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3755753306-3900577581-898390862-1004
2022-05-18 11:00 - 2022-02-18 19:03 - 000002367 _____ C:\Users\janos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-05-13 22:26 - 2022-02-18 19:03 - 000000000 ____D C:\Users\janos
2022-05-13 21:54 - 2020-03-31 10:12 - 000000000 ____D C:\Users\janos\AppData\Local\Packages
2022-05-13 21:38 - 2022-02-18 18:57 - 000470712 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-05-13 21:35 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-05-13 21:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-05-13 21:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-05-13 21:34 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-05-13 21:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-05-13 21:34 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-05-13 09:34 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-05-13 08:18 - 2021-11-18 12:18 - 000000000 ____D C:\Program Files\Adobe
2022-05-13 08:18 - 2020-04-01 19:01 - 000000000 ____D C:\Program Files (x86)\Adobe
2022-05-13 08:12 - 2020-06-25 10:43 - 000000000 ____D C:\Program Files\Siber Systems
2022-05-11 15:01 - 2020-04-01 23:57 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-05-11 14:55 - 2020-04-01 23:56 - 145501456 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-05-10 12:11 - 2020-11-02 09:20 - 000000000 ____D C:\Users\janos\AppData\Roaming\vlc
2022-05-10 09:38 - 2022-03-10 09:57 - 000003538 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d824ea5caa01c6
2022-05-10 09:38 - 2022-02-18 19:26 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-05-06 15:16 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-05-06 11:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-05-06 10:18 - 2022-03-21 09:30 - 000043035 _____ C:\Users\janos\Downloads\jinan_dobraci.pdf
2022-04-29 09:02 - 2022-02-18 19:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2022-04-29 09:02 - 2021-05-13 08:47 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2022-04-28 12:00 - 2020-04-01 18:20 - 000000000 ____D C:\Users\janos\AppData\Local\D3DSCache
2022-04-27 15:55 - 2020-03-31 10:15 - 000000000 ____D C:\ProgramData\Packages
2022-04-27 15:06 - 2020-03-31 10:12 - 000000000 ____D C:\Users\janos\AppData\Roaming\Adobe
2022-04-27 13:37 - 2020-04-01 19:02 - 000000000 ____D C:\Users\janos\AppData\Local\Adobe
2022-04-27 13:31 - 2022-02-18 19:26 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-04-27 13:07 - 2020-04-01 19:01 - 000000000 ____D C:\ProgramData\Adobe
2022-04-26 19:39 - 2022-02-18 21:35 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk

==================== Files in the root of some directories ========

2022-04-27 16:18 - 2022-04-27 16:18 - 000000000 _____ () C:\Users\janos\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118152
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: hacknuty mail asi aj pocitac, Windows 10 SK

#8 Příspěvek od Rudy »

Tenhle log se vám určitě neobjevil. Potřebuji vidět log ze souboru fixlog.txt. Je v C:\Users\janos\Downloads.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

solide
Návštěvník
Návštěvník
Příspěvky: 58
Registrován: 07 lis 2006 09:41

Re: hacknuty mail asi aj pocitac, Windows 10 SK

#9 Příspěvek od solide »

prikladam nove logy:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-05-2022
Ran by janos (administrator) on DESKTOP-LQJATP4 (LENOVO 7745) (25-05-2022 08:15:35)
Running from C:\Users\janos\Downloads
Loaded Profiles: janos
Platform: Microsoft Windows 10 Home Version 21H2 19044.1706 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe <2>
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <2>
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\egui.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22042.167.0_x64__8wekyb3d8bbwe\YourPhoneServer\YourPhoneServer.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22042.167.0_x64__8wekyb3d8bbwe\YourPhoneAppProxy\YourPhoneAppProxy.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(explorer.exe ->) (Disig a.s. -> Disig a.s.) C:\Program Files (x86)\Disig\Web Signer\WebSignerTray.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <24>
(explorer.exe ->) (Siber Systems -> Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(explorer.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\MobileGo\MobileGoService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Ministerstvo vnútra Slovenskej republiky -> Ministerstvo vnútra Slovenskej republiky) C:\Program Files (x86)\EAC MW klient\EAC_MW_klient.exe
(Open Source Developer, Noriyuki Miyazaki -> Crystal Dew World) F:\instalacky programov\utility na disk safrankova\CrystalDiskInfo8_13_2\DiskInfo64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (DITEC, a.s. -> ) C:\Program Files (x86)\Ditec\DLauncher\dLauncherLoopback.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (philandro Software GmbH -> AnyDesk Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <2>
(services.exe ->) (Siber Systems -> ) C:\Program Files\Siber Systems\GoodSync\gs-server.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe
(svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe <2>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\janos\AppData\Local\Microsoft\OneDrive\22.089.0426.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DeviceCensus.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1704_none_7de951067ca990f6\TiWorker.exe
(svchost.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe
(WhatsApp, Inc -> WhatsApp) C:\Users\janos\AppData\Local\WhatsApp\app-2.2216.8\WhatsApp.exe <7>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3427104 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [168064 2022-03-15] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [37232 2008-06-12] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5819672 2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [EAC_MW_klient] => C:\Program Files (x86)\EAC MW klient\EAC_MW_klient.exe [11819664 2021-07-20] (Ministerstvo vnútra Slovenskej republiky -> Ministerstvo vnútra Slovenskej republiky)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [850208 2022-05-13] (Adobe Inc. -> Adobe Inc.)
HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\Run: [Viber] => C:\Users\janos\AppData\Local\Viber\Viber.exe [45429776 2020-12-03] (Viber Media S.à r.l. -> Viber Media S.à r.l.)
HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [107000 2020-04-01] (Siber Systems -> Siber Systems)
HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\Run: [com.squirrel.WhatsApp.WhatsApp] => C:\Users\janos\AppData\Local\WhatsApp\Update.exe [2253568 2022-05-18] (WhatsApp, Inc -> )
HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\Run: [Disig Web Signer] => C:\Program Files (x86)\Disig\Web Signer\WebSignerTray.exe [254080 2021-02-04] (Disig a.s. -> Disig a.s.)
HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5412632 2022-04-07] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5412632 2022-04-07] (Adobe Inc. -> Adobe Systems Incorporated)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [203936 2022-04-07] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP DeskJet 5820 series): C:\WINDOWS\system32\HPDiscoPMEE11.dll [807056 2016-08-04] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\101.0.4951.67\Installer\chrmstp.exe [2022-05-18] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2022-02-07]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MobileGo Service.lnk [2020-10-12]
ShortcutTarget: MobileGo Service.lnk -> C:\Program Files (x86)\Wondershare\MobileGo\MobileGoService.exe (Wondershare Technology Co.,Ltd -> Wondershare)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0040B8D6-C748-42EC-A4F3-2F3DF7522727} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2069952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {117348C6-FC83-4767-8FC1-D6CA7D026B21} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [107000 2020-04-01] (Siber Systems -> Siber Systems)
Task: {1E1596A4-6184-46F7-B540-66D7FD9E1052} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {20248C13-0266-4AA5-89EC-D170C7628DEA} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [757184 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {38B13106-1942-427A-A676-1E5B9E7158B2} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {3BD7A1A2-1DFF-4A20-8205-EE24E966A707} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [510912 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {40B21E26-6C46-48AE-B71E-D7C5068E099D} - System32\Tasks\Open URL by RoboForm => C:\WINDOWS\system32\rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/test-pass.html?aaa=KIC ... JNDJCMMIEJ"
Task: {40F7DC8B-D514-41BB-9DE8-92602C30F7DB} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {56527AA4-AFBB-43B3-9120-59EE55A845AF} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3427104 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {6D9FCD78-8BA0-4E28-AEC6-B805FA3CA723} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {6EE8ED60-DFD0-450A-A731-39EB7AA21D27} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [42144 2022-04-29] (HP Inc. -> HP Inc.)
Task: {9203648D-8F2B-4D8C-9DBD-65D173BE4504} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files (x86)\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {98B7BBDE-5101-4F2B-9EA5-8EEA33DECE40} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [976832 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A2893D3A-6D55-4F47-9462-6471765AC59D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {AEA581CD-913C-4E68-BD20-2D4C6F9C0D9E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {B4B3D474-E811-449A-8BC4-9E6F0601C24E} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {B6B8F442-A1BB-461C-8C18-A0AB0AD6C58A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {C3B6052A-3898-4F36-BA36-C9229EF124F1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DF77FFF6-3C55-431B-A287-5285AACC7689} - System32\Tasks\CrystalDiskInfo => F:\instalacky programov\utility na disk safrankova\CrystalDiskInfo8_13_2\DiskInfo64.exe [2802720 2022-03-18] (Open Source Developer, Noriyuki Miyazaki -> Crystal Dew World)
Task: {F63D921D-8BB1-4030-A36F-5E6E5749D6D1} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [42144 2022-04-29] (HP Inc. -> HP Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.2 10.0.0.1
Tcpip\..\Interfaces\{190ec8a3-ed5f-46a3-8da8-5b04379db2dc}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1f03db79-0c49-4692-a547-51243528b303}: [DhcpNameServer] 10.0.0.2 10.0.0.1
Tcpip\..\Interfaces\{51c19704-2799-4c6e-8ab8-d05a1bbcf5df}: [DhcpNameServer] 10.0.0.2 10.0.0.1

Edge:
=======
DownloadDir: C:\Users\janos\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\janos\AppData\Local\Microsoft\Edge\User Data\Default [2022-05-24]
Edge HomePage: Default -> hxxp://www.google.sk/
Edge Extension: (Notifier for Gmail™) - C:\Users\janos\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dcjichoefijpinlfnjghokpkojhlhkgl [2021-10-04]
Edge Extension: (iCloud Záložky) - C:\Users\janos\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2022-05-19]
Edge Extension: (Adblock Plus - free ad blocker) - C:\Users\janos\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2022-05-23]
Edge Extension: (IE Tab) - C:\Users\janos\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2022-05-18]
Edge Extension: (RoboForm Password Manager) - C:\Users\janos\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ljfpcifpgbbchoddpjefaipoiigpdmag [2022-04-20]
Edge Extension: (uBlock Origin) - C:\Users\janos\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2022-05-06]
Edge Extension: (Send Link by Email or Gmail) - C:\Users\janos\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\plcgkgghkdfgfhiidfjkhmainebgmklf [2020-07-12]

FireFox:
========
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2022-04-07]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2022-05-13] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2022-05-13] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: ditec.sk/DAsicFac -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~1.DLL [2021-02-09] (DITEC, a.s. -> Ditec,a.s.)
FF Plugin-x32: ditec.sk/DitecZepDViewerFb -> C:\PROGRA~2\Ditec\DViewer\NPDITE~1.DLL [2021-02-09] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigMessageContainer -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~2.DLL [2021-02-09] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigXadesExtender -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~3.DLL [2021-02-09] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigXadesFb -> C:\PROGRA~2\Ditec\DSIGNE~1.NET\NPDITE~1.DLL [2021-09-06] (DITEC, a.s. -> Ditec,a.s.)
FF Plugin-x32: ditec.sk/XmlDataContainerFb -> C:\PROGRA~2\Ditec\DSIGNE~1.NET\NPDITE~2.DLL [2021-09-06] (DITEC, a.s. -> Ditec,a.s.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default [2022-05-25]
CHR Notifications: Default -> hxxps://alimebot.aliexpress.com; hxxps://calendar.google.com; hxxps://email.forpsi.com; hxxps://findmedia.biz; hxxps://mail.google.com; hxxps://watch-video.net; hxxps://www.alibaba.com; hxxps://www.comco.sk; hxxps://www.messenger.com; hxxps://www.pocasie.sk
CHR HomePage: Default -> hxxp://www.google.sk/
CHR StartupUrls: Default -> "hxxps://www.google.sk/"
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-05-13]
CHR Extension: (uBlock Origin) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-04-08]
CHR Extension: (Notifier for Gmail™) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcjichoefijpinlfnjghokpkojhlhkgl [2021-09-27]
CHR Extension: (Adobe Acrobat: nástroje na upravovanie, prevádzanie a podpisovanie súborov PDF) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-04-29]
CHR Extension: (iCloud Záložky) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2022-05-24]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-14]
CHR Extension: (IE Tab) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2022-05-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (DigitalPersona) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkdnjfgdoolnmiacpdamadcneoblphbj [2021-10-06]
CHR Extension: (Send Link by Email or Gmail) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\plcgkgghkdfgfhiidfjkhmainebgmklf [2020-04-01]
CHR Extension: (RoboForm Password Manager) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2022-05-24]
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-05-24]
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-05-24]
CHR Extension: (YouTube) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-08-03]
CHR Extension: (Adobe Acrobat: nástroje na upravovanie, prevádzanie a podpisovanie súborov PDF) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-05-05]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-05-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-10]
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 2 [2022-05-24]
CHR Extension: (YouTube) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-08-04]
CHR Extension: (Adobe Acrobat: nástroje na upravovanie, prevádzanie a podpisovanie súborov PDF) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-04-27]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-27]
CHR Extension: (AdBlock - najlepší blokovač reklám) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-04-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-04-27]
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 3 [2022-05-24]
CHR Extension: (Adobe Acrobat: nástroje na upravovanie, prevádzanie a podpisovanie súborov PDF) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-05-09]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-05-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-03]
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4 [2022-05-24]
CHR Extension: (Prezentácie) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-11-09]
CHR Extension: (Dokumenty) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2020-11-09]
CHR Extension: (Disk Google) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-09]
CHR Extension: (YouTube) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-11-09]
CHR Extension: (Tabuľky) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-11-09]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-03-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-18]
CHR Extension: (Gmail) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-09]
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 5 [2022-05-24]
CHR Extension: (YouTube) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-11-21]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-09]
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6 [2022-05-24]
CHR Extension: (Prezentácie) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-08-23]
CHR Extension: (Dokumenty) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aohghmighlieiainnegkcijnfilokake [2021-08-23]
CHR Extension: (Disk Google) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-08-23]
CHR Extension: (YouTube) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-08-23]
CHR Extension: (Tabuľky) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-08-23]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-23]
CHR Extension: (Gmail) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-08-23]
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\System Profile [2022-05-24]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [919328 2022-04-27] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3815712 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3580200 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3803376 2022-02-07] (philandro Software GmbH -> AnyDesk Software GmbH)
R2 dLauncherLoopback; C:\Program Files (x86)\Ditec\DLauncher\dLauncherLoopback.exe [154960 2019-08-02] (DITEC, a.s. -> )
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3210720 2022-03-15] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3210720 2022-03-15] (ESET, spol. s r.o. -> ESET)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2020-04-01] (Macrovision Corporation -> Macrovision Europe Ltd.) [File not signed]
R2 GsServer; C:\Program Files\Siber Systems\GoodSync\gs-server.exe [12976384 2022-05-13] (Siber Systems -> )
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [223904 2022-04-29] (HP Inc. -> HP Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182392 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [14585832 2022-05-11] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe [473312 2017-03-20] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\MobileGo\DriverInstall.exe [101152 2017-06-01] (Wondershare Technology Co.,Ltd -> Wondershare)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AVerPola; C:\WINDOWS\system32\DRIVERS\AVerPola.sys [871056 2015-05-21] (Microsoft Windows Hardware Compatibility Publisher -> AVerMedia TECHNOLOGIES, Inc.)
R3 AVPolDIR; C:\WINDOWS\System32\drivers\AVPolDIR.sys [15896 2015-05-21] (Microsoft Windows Hardware Compatibility Publisher -> AVerMedia TECHNOLOGIES, Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [183888 2022-03-15] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [107944 2022-03-15] (ESET, spol. s r.o. -> ESET)
R1 edevmonm; C:\WINDOWS\System32\DRIVERS\edevmonm.sys [108512 2022-03-15] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15824 2022-03-11] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [226264 2022-03-15] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [44968 2022-03-15] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [70776 2022-03-15] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [111624 2022-03-15] (ESET, spol. s r.o. -> ESET)
S3 GemCCID; C:\WINDOWS\System32\drivers\GemCCID.sys [137712 2016-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Gemalto)
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2019-12-07] (Microsoft Windows -> Realtek Semiconductor Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43640 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49600 2022-04-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [443664 2022-04-08] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-08] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-05-24 20:52 - 2022-05-24 21:01 - 000006034 _____ C:\Users\janos\Downloads\Fixlog.txt
2022-05-24 18:45 - 2022-05-24 18:45 - 000662258 _____ C:\Users\janos\Downloads\Shortcut.txt
2022-05-24 13:45 - 2022-05-24 13:45 - 008551608 _____ (Malwarebytes) C:\Users\janos\Downloads\adwcleaner.exe
2022-05-24 13:26 - 2022-05-24 13:26 - 001796324 _____ C:\Users\janos\Downloads\4658_Technical Product Manual modulcockpit II 10 2012 (2).pdf
2022-05-24 13:26 - 2022-05-24 13:26 - 001796324 _____ C:\Users\janos\Downloads\4658_Technical Product Manual modulcockpit II 10 2012 (1).pdf
2022-05-24 13:25 - 2022-05-24 13:26 - 001796324 _____ C:\Users\janos\Downloads\4658_Technical Product Manual modulcockpit II 10 2012.pdf
2022-05-24 12:56 - 2022-05-24 21:19 - 000045625 _____ C:\Users\janos\Downloads\Addition.txt
2022-05-24 12:52 - 2022-05-25 08:18 - 000036452 _____ C:\Users\janos\Downloads\FRST.txt
2022-05-24 12:49 - 2022-05-24 12:49 - 002367488 _____ (Farbar) C:\Users\janos\Downloads\FRST64.exe
2022-05-24 10:10 - 2022-05-24 10:10 - 000000000 ____D C:\Users\janos\AppData\Local\ESET
2022-05-24 10:09 - 2022-05-24 10:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2022-05-24 10:09 - 2022-05-24 10:09 - 000000000 ____D C:\ProgramData\ESET
2022-05-24 10:09 - 2022-05-24 10:09 - 000000000 ____D C:\Program Files\ESET
2022-05-24 10:04 - 2022-05-24 10:05 - 000000000 ____D C:\Users\janos\OneDrive\Dokumenty\dobraci docasne
2022-05-24 10:01 - 2022-05-24 10:01 - 008500384 _____ (ESET) C:\Users\janos\Downloads\eset_internet_security_live_installer.exe
2022-05-19 14:55 - 2022-05-19 14:55 - 000150946 _____ C:\Users\janos\Downloads\1652964818719.JPEG
2022-05-19 13:51 - 2022-05-19 14:08 - 000257685 _____ C:\Users\janos\Downloads\zmluva Kovanice Mercedes 811 D.pdf
2022-05-19 10:17 - 2022-05-19 10:17 - 000151780 _____ C:\Users\janos\Downloads\SK6409000000000010309466_8675093912.pdf
2022-05-18 17:55 - 2022-05-18 17:55 - 000042605 _____ C:\Users\janos\Downloads\agrotec uhrada Dobraci.pdf
2022-05-13 22:13 - 2022-05-13 22:13 - 001380537 _____ C:\Users\janos\Downloads\Kópia - EIK3_zoznam_v3.xlsx
2022-05-13 21:52 - 2022-05-13 21:52 - 000000000 ____D C:\Users\janos\Tracing
2022-05-13 08:50 - 2022-05-13 08:50 - 000011799 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-05-13 08:49 - 2022-05-13 08:49 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-05-13 08:49 - 2022-05-13 08:49 - 000093696 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2022-05-13 08:18 - 2022-05-13 08:18 - 000001382 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2022-05-13 08:17 - 2022-05-13 08:17 - 000218337 _____ C:\Users\janos\Downloads\Dobráci s.r.o. zmluva na podpis.pdf
2022-05-13 08:12 - 2022-05-13 08:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GoodSync
2022-05-11 15:07 - 2022-05-11 15:07 - 000000000 ___HD C:\$WinREAgent
2022-05-10 16:37 - 2022-05-10 16:37 - 000850760 _____ C:\Users\janos\Downloads\EPH279923883_adresne_stitky_a4.pdf
2022-05-09 17:42 - 2022-05-09 17:42 - 000034675 _____ C:\Users\janos\Downloads\uznanie-dlhu.pdf
2022-05-09 14:45 - 2022-05-09 14:45 - 000850795 _____ C:\Users\janos\Downloads\EPH279728195_adresne_stitky_a4.pdf
2022-05-09 11:09 - 2022-05-09 11:09 - 000134775 _____ C:\Users\janos\Downloads\dobraci objednavka prepravnych cisiel.pdf
2022-05-06 10:17 - 2022-05-06 10:17 - 000038944 _____ C:\Users\janos\Downloads\dok (2).pdf
2022-05-05 15:44 - 2022-05-05 15:44 - 003621262 _____ C:\Users\janos\Downloads\WhatsApp Video 2022-05-05 at 15.05.19.mp4
2022-05-05 15:25 - 2022-05-05 15:25 - 000249044 _____ C:\Users\janos\Downloads\Doplňujúce údaje k žiadosti vratenie DPH CZ prenajom.pdf
2022-05-04 11:02 - 2022-05-04 11:02 - 000045565 _____ C:\Users\janos\Downloads\Safetech platba 052022.pdf
2022-05-04 11:02 - 2022-05-04 11:02 - 000040950 _____ C:\Users\janos\Downloads\dok (1).pdf
2022-05-04 10:49 - 2022-05-04 10:49 - 000355046 _____ C:\Users\janos\Downloads\V_1257777004_4_20220429_C1_P0.pdf
2022-05-04 09:43 - 2022-05-04 09:43 - 000501440 _____ C:\Users\janos\Downloads\ZSE_poistka.pdf
2022-05-04 09:43 - 2022-05-04 09:43 - 000499631 _____ C:\Users\janos\Downloads\1EKZB_Suhrn_ZE_AS-_VZOR.pdf
2022-05-04 09:17 - 2022-05-04 09:17 - 000258256 _____ C:\Users\janos\Downloads\doklad.pdf
2022-05-04 09:12 - 2022-05-04 09:12 - 000138221 _____ C:\Users\janos\Downloads\Dobraci_Object20220502104452398_1.pdf
2022-05-04 09:10 - 2022-05-04 09:10 - 000136868 _____ C:\Users\janos\Downloads\Object20220502104452398_1.pdf
2022-05-04 09:08 - 2022-05-04 09:08 - 000137688 _____ C:\Users\janos\Downloads\Dobraci_Object20220414120458543_1.pdf
2022-05-04 09:05 - 2022-05-04 09:05 - 000136295 _____ C:\Users\janos\Downloads\Object20220414120458543_1.pdf
2022-05-04 08:48 - 2022-05-04 08:48 - 000511626 _____ C:\Users\janos\Downloads\5301051603.pdf
2022-05-01 18:24 - 2022-05-01 18:24 - 000029476 _____ C:\Users\janos\Downloads\Faktúra Dobráci s.r.o. 2204130473853593.pdf
2022-05-01 18:20 - 2022-05-01 18:20 - 002092382 _____ C:\Users\janos\Downloads\janosova_injury.pdf
2022-04-29 10:19 - 2022-04-29 10:19 - 000808344 _____ C:\Users\janos\Downloads\eustream upomienka 1.pdf
2022-04-29 10:16 - 2022-04-29 10:16 - 000042573 _____ C:\Users\janos\Downloads\eustream_upomienka.pdf
2022-04-29 09:16 - 2022-04-29 09:16 - 000041376 _____ C:\Users\janos\Downloads\calvados_dobraci.pdf
2022-04-27 17:34 - 2022-04-27 17:34 - 000038542 _____ C:\Users\janos\Downloads\Facture-1316414.pdf
2022-04-27 16:13 - 2022-04-27 16:13 - 000000000 ____D C:\Users\janos\AppData\Local\SolidDocuments
2022-04-27 13:31 - 2022-04-27 13:31 - 000000040 ____H C:\04EC72786C80
2022-04-27 13:31 - 2022-04-27 13:31 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2022-04-27 13:27 - 2022-04-27 13:27 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2022-04-27 13:27 - 2022-04-27 13:27 - 000002103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-04-27 13:12 - 2022-05-24 21:09 - 000000000 ___RD C:\Users\janos\Creative Cloud Files
2022-04-27 13:09 - 2022-05-19 14:15 - 000003522 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2022-04-27 09:35 - 2022-04-27 09:35 - 000000298 _____ C:\Users\janos\Downloads\Agorastore.txt
2022-04-26 19:39 - 2022-04-26 19:39 - 000000000 ____D C:\Program Files\PCHealthCheck
2022-04-26 14:54 - 2022-04-26 14:54 - 000038348 _____ C:\Users\janos\Downloads\Facture-1316414 (2).pdf
2022-04-26 14:54 - 2022-04-26 14:54 - 000038348 _____ C:\Users\janos\Downloads\Facture-1316414 (1).pdf
2022-04-25 15:15 - 2022-04-25 15:15 - 000069632 _____ C:\Users\janos\Downloads\ca66912b-3605-4187-857f-b2db72a2a7c5.xls
2022-04-25 14:57 - 2022-04-25 14:57 - 000043480 _____ C:\Users\janos\Downloads\holomy_dobraci.pdf
2022-04-25 12:03 - 2022-04-25 12:06 - 230475667 _____ C:\Users\janos\Downloads\2 Blondinki Hot _ PornWex_ Original.mp4

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-05-25 08:17 - 2014-04-23 12:13 - 000000000 ____D C:\FRST
2022-05-25 08:14 - 2022-02-07 12:00 - 000000000 ____D C:\ProgramData\AnyDesk
2022-05-25 08:14 - 2020-04-03 13:01 - 000000000 ____D C:\Users\janos\AppData\Roaming\WhatsApp
2022-05-25 08:13 - 2022-02-18 18:57 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-05-24 21:24 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-05-24 21:16 - 2020-04-01 18:09 - 000000000 ____D C:\Program Files (x86)\Google
2022-05-24 21:14 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-05-24 21:12 - 2021-11-18 13:09 - 000000000 ____D C:\Program Files\Common Files\Adobe
2022-05-24 21:10 - 2022-02-18 19:15 - 000902246 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-05-24 21:10 - 2020-04-01 23:56 - 000062354 _____ C:\WINDOWS\system32\perfh01B.dat
2022-05-24 21:10 - 2020-04-01 23:56 - 000016154 _____ C:\WINDOWS\system32\perfc01B.dat
2022-05-24 21:08 - 2020-04-01 17:26 - 000000000 ____D C:\Users\janos\AppData\Roaming\ViberPC
2022-05-24 21:07 - 2020-03-31 10:15 - 000000000 ___RD C:\Users\janos\OneDrive
2022-05-24 21:06 - 2022-02-07 11:59 - 000000000 ____D C:\Users\janos\AppData\Roaming\AnyDesk
2022-05-24 21:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-05-24 21:05 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-05-24 21:04 - 2020-03-31 09:59 - 000000000 ____D C:\ProgramData\NVIDIA
2022-05-24 21:03 - 2022-02-18 19:26 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-05-24 21:03 - 2020-04-01 17:49 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-05-24 21:02 - 2022-02-18 18:56 - 000008192 ___SH C:\DumpStack.log.tmp
2022-05-24 21:02 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-05-24 20:56 - 2020-04-17 15:13 - 000000000 ____D C:\Users\janos\AppData\LocalLow\Temp
2022-05-24 20:46 - 2020-04-04 09:33 - 000000000 ____D C:\ProgramData\dzfzx
2022-05-24 10:10 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-05-23 18:18 - 2020-07-12 12:17 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-05-23 17:58 - 2020-06-25 10:43 - 000000000 ____D C:\ProgramData\GoodSync
2022-05-19 14:36 - 2020-04-02 12:29 - 000000000 ____D C:\Users\janos\OneDrive\Dokumenty\Adobe
2022-05-18 11:06 - 2020-04-01 18:11 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-05-18 11:03 - 2021-11-03 15:29 - 000000000 ____D C:\Users\janos\AppData\Local\WhatsApp
2022-05-18 11:00 - 2022-02-18 19:26 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3755753306-3900577581-898390862-1004
2022-05-18 11:00 - 2022-02-18 19:26 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3755753306-3900577581-898390862-1004
2022-05-18 11:00 - 2022-02-18 19:03 - 000002367 _____ C:\Users\janos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-05-13 22:26 - 2022-02-18 19:03 - 000000000 ____D C:\Users\janos
2022-05-13 21:54 - 2020-03-31 10:12 - 000000000 ____D C:\Users\janos\AppData\Local\Packages
2022-05-13 21:38 - 2022-02-18 18:57 - 000470712 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-05-13 21:35 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-05-13 21:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-05-13 21:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-05-13 21:34 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-05-13 21:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-05-13 21:34 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-05-13 09:34 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-05-13 08:18 - 2021-11-18 12:18 - 000000000 ____D C:\Program Files\Adobe
2022-05-13 08:18 - 2020-04-01 19:01 - 000000000 ____D C:\Program Files (x86)\Adobe
2022-05-13 08:12 - 2020-06-25 10:43 - 000000000 ____D C:\Program Files\Siber Systems
2022-05-11 15:01 - 2020-04-01 23:57 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-05-11 14:55 - 2020-04-01 23:56 - 145501456 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-05-10 12:11 - 2020-11-02 09:20 - 000000000 ____D C:\Users\janos\AppData\Roaming\vlc
2022-05-10 09:38 - 2022-03-10 09:57 - 000003538 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d824ea5caa01c6
2022-05-10 09:38 - 2022-02-18 19:26 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-05-06 15:16 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-05-06 11:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-05-06 10:18 - 2022-03-21 09:30 - 000043035 _____ C:\Users\janos\Downloads\jinan_dobraci.pdf
2022-04-29 09:02 - 2022-02-18 19:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2022-04-29 09:02 - 2021-05-13 08:47 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2022-04-28 12:00 - 2020-04-01 18:20 - 000000000 ____D C:\Users\janos\AppData\Local\D3DSCache
2022-04-27 15:55 - 2020-03-31 10:15 - 000000000 ____D C:\ProgramData\Packages
2022-04-27 15:06 - 2020-03-31 10:12 - 000000000 ____D C:\Users\janos\AppData\Roaming\Adobe
2022-04-27 13:37 - 2020-04-01 19:02 - 000000000 ____D C:\Users\janos\AppData\Local\Adobe
2022-04-27 13:31 - 2022-02-18 19:26 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-04-27 13:07 - 2020-04-01 19:01 - 000000000 ____D C:\ProgramData\Adobe
2022-04-26 19:39 - 2022-02-18 21:35 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk

==================== Files in the root of some directories ========

2022-04-27 16:18 - 2022-04-27 16:18 - 000000000 _____ () C:\Users\janos\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

solide
Návštěvník
Návštěvník
Příspěvky: 58
Registrován: 07 lis 2006 09:41

Re: hacknuty mail asi aj pocitac, Windows 10 SK

#10 Příspěvek od solide »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-05-2022
Ran by janos (25-05-2022 08:20:56)
Running from C:\Users\janos\Downloads
Microsoft Windows 10 Home Version 21H2 19044.1706 (X64) (2022-02-18 17:26:48)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3755753306-3900577581-898390862-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3755753306-3900577581-898390862-503 - Limited - Disabled)
Guest (S-1-5-21-3755753306-3900577581-898390862-501 - Limited - Disabled)
janos (S-1-5-21-3755753306-3900577581-898390862-1004 - Administrator - Enabled) => C:\Users\janos
WDAGUtilityAccount (S-1-5-21-3755753306-3900577581-898390862-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {DF8BEACB-94C9-218A-73AD-A78362A8C516}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {E7B06BEE-DEA6-20D2-58F2-0EB69C7B826D}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM-x32\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Amic Email Backup v3.00 (HKLM-x32\...\AmicEmailBackup_is1) (Version: - Amic Tools)
AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 7.0.4 - AnyDesk Software GmbH)
Avidemux VC++ 64bits (HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\{d7e1a4d8-53cd-4168-a576-e806b0c84037}) (Version: 2.7.6 - Mean)
Balík softvéru eID (HKLM-x32\...\{b0b6d0ff-6512-432a-b667-742f673bbc68}) (Version: 1.0.0.0 - Ministerstvo vnútra Slovenskej republiky) Hidden
Balík softvéru eID (HKLM-x32\...\{d2c66c1e-5862-43e7-abe2-9c895312112c}) (Version: 1.0.0.0 - Ministerstvo vnútra Slovenskej republiky) Hidden
Bit4id - miniLector (HKLM-x32\...\Bit4id - miniLector) (Version: 3.7 - Bit4id)
Bonjour (HKLM-x32\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Camtasia Studio 8 (HKLM-x32\...\{5303CFB5-D635-44F0-A94B-9611E81F07C4}) (Version: 8.3.0.1471 - TechSmith Corporation)
CPUID HWMonitor 1.41 (HKLM-x32\...\CPUID HWMonitor_is1) (Version: 1.41 - CPUID, Inc.)
D.Launcher (x86) (HKLM-x32\...\{0DC85C46-746B-4BC5-B727-D5434DF7E5D0}) (Version: 1.2.0.2 - DITEC, a.s.)
D.Signer/XAdES .NET so zásuvnými modulmi (x86) (HKLM-x32\...\{EDB276CE-A945-4201-A552-2683B13C321F}) (Version: 4.0.24 - DITEC, a.s.)
D.Signer/XAdES .NET Tools (x86) (HKLM-x32\...\{6648F510-5044-4CA9-BC21-494A2A198B3A}) (Version: 4.0.17 - DITEC, a.s.)
D.Suite/eIDAS (x86) (HKLM-x32\...\{8d169eac-87e2-4981-825f-701b32f24d72}) (Version: 1.0.29 - DITEC, a.s.)
D.Viewer .NET (x86) (HKLM-x32\...\{73D635BE-5D6F-43D3-8C1F-63B5CD4D5953}) (Version: 4.0.2033 - DITEC, a.s.)
DCC_E2 (HKLM-x32\...\{B170E541-3668-480A-A2F0-3D7BAD17F877}) (Version: 2.40 - BernyR)
Disig Web Signer (HKLM-x32\...\{41C0F02D-2389-4AB5-975C-C2363E7C554C}) (Version: 2.0.7 - Disig)
EAC MW klient (HKLM-x32\...\{E22CF5CA-5935-451D-9B9D-EAA79DE703BD}) (Version: 3.7.0 - Ministerstvo vnútra Slovenskej republiky)
EaseUS Data Recovery Wizard (HKLM-x32\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS)
ESET Security (HKLM-x32\...\{7640EC0A-921E-44D1-9165-DE31D473EAE3}) (Version: 15.1.12.0 - ESET, spol. s r.o.)
GemPcCCID (HKLM-x32\...\{39417D48-AC92-47A7-9F53-3CA2049231B0}) (Version: 2.0.7 - Gemalto) Hidden
GemPcCCID (HKLM-x32\...\{55610A8B-6A3F-4F94-B072-4962B78638E5}) (Version: 4.1.4.0 - Gemalto)
GoodSync (HKLM-x32\...\{B26B00DA-2E5D-4CF2-83C5-911198C0F009}) (Version: 11.11.1.1 - Siber Systems Inc)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 101.0.4951.67 - Google LLC)
GPU Temp version 1.0 (HKLM-x32\...\{8C8711FD-0FC8-4801-B33E-ED19BB0350B1}_is1) (Version: 1.0 - gputemp.com)
GSM-Socket Config (HKLM-x32\...\GSM-Socket Config_is1) (Version: 1.0 - )
iMazing HEIC Converter 1.0.10.0 (HKLM-x32\...\{FA58AFA9-B210-409C-88F1-2A90D577C170}_is1) (Version: 1.0.10.0 - DigiDNA)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Microsoft OneDrive (HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\OneDriveSetup.exe) (Version: 22.089.0426.0003 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.13 - F.J. Wechselberger)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM-x32\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM-x32\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
PC Translator 2004 Komplet (HKLM-x32\...\PC Translator 2004 Komplet) (Version: - JANOSiK TEAM)
rajče beta53 sestavení 96 (HKLM-x32\...\rajče.net_is1) (Version: - rajče.net)
Readiris Pro 11 (HKLM-x32\...\{7C2B745A-E7F1-41F1-B9BB-3DDB8D52E4CE}) (Version: 11.00.4795 - I.R.I.S.)
RoboForm 7-7-0 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 7-7-0 - Siber Systems)
TAP-Windows 9.24.2 (HKLM-x32\...\TAP-Windows) (Version: 9.24.2 - OpenVPN Technologies, Inc.)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.30.3 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM-x32\...\Totalcmd64) (Version: 8.0 beta 18 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM-x32\...\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation)
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
Viber (HKLM-x32\...\{19594CFE-BCF4-49C0-BC50-727E9CD8CE7D}) (Version: 12.7.0.54 - Viber Media S.a.r.l) Hidden
Viber (HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\{7f38ce06-2ae3-4b5b-86d4-a817cb58edb7}) (Version: 12.7.0.54 - 2010-2020 Viber Media S.a.r.l)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM-x32\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM-x32\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Webshare klient (HKLM-x32\...\Webshare klient) (Version: - )
WhatsApp (HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\WhatsApp) (Version: 2.2216.8 - WhatsApp)
Wondershare MobileGo for Android ( Version 2.0.0 ) (HKLM-x32\...\{1E04C795-7359-4E05-8A0E-5644F777AA08}_is1) (Version: 2.0.0 - Wondershare)
Wondershare MobileGo(Version 8.5.0) (HKLM-x32\...\{1E04C795-7359-4E05-8A0E-5644F777AA09}_is1) (Version: 8.5.0 - Wondershare)

Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2022-04-27] (Adobe Systems Incorporated)
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc [2022-04-27] (Adobe Systems Incorporated)
Doplnok mediálneho nástroja pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-03-18] (Microsoft Corporation)
Doplnok pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2022-03-18] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_136.1.269.0_x64__v10z8vjag6ke6 [2022-04-29] (HP Inc.)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1510.7.114.0_x64__8xx8rvfyw5nnt [2022-05-06] (Meta) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-03-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-03-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.5120.0_x64__8wekyb3d8bbwe [2022-05-24] (Microsoft Studios) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3755753306-3900577581-898390862-1004_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-109CC7FE837A} -> [Creative Cloud Files] => C:\Users\janos\Creative Cloud Files [2022-04-27 13:12]
CustomCLSID: HKU\S-1-5-21-3755753306-3900577581-898390862-1004_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-3755753306-3900577581-898390862-1004_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-04-27] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-04-27] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-04-27] (Adobe Inc. -> )
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-04-27] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-03-15] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger) [File not signed]
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-03-15] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-04-27] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-03-15] (ESET, spol. s r.o. -> ESET)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\janos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\Troostwijk Auctions.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=igchalnaibhfhcfeclgagdhbcakmoodj

==================== Loaded Modules (Whitelisted) =============

2018-03-19 16:12 - 2018-03-19 16:12 - 000113678 _____ () [File not signed] C:\Program Files (x86)\Ditec\DLauncher\libgcc_s_dw2-1.dll
2018-03-19 16:12 - 2018-03-19 16:12 - 001542158 _____ () [File not signed] C:\Program Files (x86)\Ditec\DLauncher\libstdc++-6.dll
2021-02-12 08:24 - 2021-02-12 08:24 - 000047104 _____ () [File not signed] C:\Program Files (x86)\EAC MW klient\boost_date_time-vc140-mt-1_62.dll
2021-02-12 08:24 - 2021-02-12 08:24 - 000114688 _____ () [File not signed] C:\Program Files (x86)\EAC MW klient\boost_filesystem-vc140-mt-1_62.dll
2021-02-12 08:23 - 2021-02-12 08:23 - 000029184 _____ () [File not signed] C:\Program Files (x86)\EAC MW klient\boost_chrono-vc140-mt-1_62.dll
2021-02-12 08:24 - 2021-02-12 08:24 - 000605184 _____ () [File not signed] C:\Program Files (x86)\EAC MW klient\boost_log-vc140-mt-1_62.dll
2021-02-12 08:24 - 2021-02-12 08:24 - 000217088 _____ () [File not signed] C:\Program Files (x86)\EAC MW klient\boost_serialization-vc140-mt-1_62.dll
2021-02-12 08:23 - 2021-02-12 08:23 - 000019456 _____ () [File not signed] C:\Program Files (x86)\EAC MW klient\boost_system-vc140-mt-1_62.dll
2021-02-12 08:24 - 2021-02-12 08:24 - 000089600 _____ () [File not signed] C:\Program Files (x86)\EAC MW klient\boost_thread-vc140-mt-1_62.dll
2022-01-29 18:10 - 2022-01-29 18:11 - 001469440 _____ () [File not signed] C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_136.1.269.0_x64__v10z8vjag6ke6\e_sqlite3.dll
2021-01-26 12:52 - 2021-01-26 12:52 - 001928192 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EAC MW klient\xerces-c_3_1.dll
2022-04-29 09:01 - 2022-04-29 09:02 - 119193088 _____ (HP Development Company, L.P.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_136.1.269.0_x64__v10z8vjag6ke6\HP.Smart.dll
2021-11-02 09:14 - 2021-11-02 09:14 - 007170048 _____ (HP Development Company, L.P.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_136.1.269.0_x64__v10z8vjag6ke6\HPPageLift.UWP.dll
2022-04-29 09:01 - 2022-04-29 09:02 - 000133632 _____ (HP Inc) [File not signed] C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_136.1.269.0_x64__v10z8vjag6ke6\HP.OneDriver.UserForms.dll
2022-03-22 09:42 - 2022-03-22 09:43 - 000013824 _____ (HP Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_136.1.269.0_x64__v10z8vjag6ke6\NativeRpcClient.dll
2018-03-19 16:12 - 2018-03-19 16:12 - 000047104 _____ (MingW-W64 Project. All rights reserved.) [File not signed] C:\Program Files (x86)\Ditec\DLauncher\libwinpthread-1.dll
2020-10-12 18:04 - 2015-02-27 10:35 - 000489984 _____ (Newtonsoft) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\Newtonsoft.Json.dll
2022-02-18 19:02 - 2018-03-24 01:05 - 000764640 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI.dll
2022-02-18 19:02 - 2018-03-24 01:05 - 000880024 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll
2022-02-18 19:02 - 2018-03-24 01:05 - 000343728 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NvStereo\_nvstapisvr64.dll
2020-04-01 18:14 - 2009-03-13 14:13 - 006101504 _____ (Siber Systems Inc.) [File not signed] C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm.DLL
2021-04-26 13:52 - 2021-04-26 13:52 - 000409088 _____ (The curl library, hxxps://curl.se/) [File not signed] C:\Program Files (x86)\EAC MW klient\libcurl.dll
2021-04-26 12:09 - 2021-04-26 12:09 - 002551808 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\EAC MW klient\libcrypto-1_1.dll
2021-04-26 12:10 - 2021-04-26 12:10 - 000536064 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\EAC MW klient\libssl-1_1.dll
2021-02-17 22:05 - 2021-02-17 22:05 - 000025088 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\EAC MW klient\imageformats\qgif.dll
2021-02-17 22:05 - 2021-02-17 22:05 - 001021440 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\EAC MW klient\platforms\qwindows.dll
2021-02-17 21:44 - 2021-02-17 21:44 - 004689408 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\EAC MW klient\Qt5Core_mw_x86_vc140.dll
2021-02-17 21:52 - 2021-02-17 21:52 - 005001728 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\EAC MW klient\Qt5Gui_mw_x86_vc140.dll
2021-02-17 21:46 - 2021-02-17 21:46 - 000686592 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\EAC MW klient\Qt5Network_mw_x86_vc140.dll
2021-02-17 22:15 - 2021-02-17 22:15 - 002572800 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\EAC MW klient\Qt5Qml_mw_x86_vc140.dll
2021-02-17 22:22 - 2021-02-17 22:22 - 002727936 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\EAC MW klient\Qt5Quick_mw_x86_vc140.dll
2021-02-17 21:59 - 2021-02-17 21:59 - 004505600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\EAC MW klient\Qt5Widgets_mw_x86_vc140.dll
2021-02-17 21:46 - 2021-02-17 21:46 - 000151040 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\EAC MW klient\Qt5Xml_mw_x86_vc140.dll
2021-02-17 22:27 - 2021-02-17 22:27 - 000013824 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\EAC MW klient\QtQuick.2\qtquick2plugin.dll
2021-03-01 18:57 - 2021-03-01 18:57 - 000097792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\EAC MW klient\scenegraph\softwarecontext.dll
2019-07-01 15:51 - 2019-07-01 15:51 - 006623384 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Ditec\DLauncher\Qt5Core.dll
2020-10-12 18:03 - 2017-06-01 17:31 - 000047104 _____ (Wondershare) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\MobileGo\COM.Net.dll
2020-10-12 18:04 - 2017-03-20 16:13 - 000087552 _____ (Wondershare) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppCollect.dll
2020-10-12 18:04 - 2017-03-20 16:13 - 000197632 _____ (Wondershare) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppCommon.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-3755753306-3900577581-898390862-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.sk/
SearchScopes: HKU\S-1-5-21-3755753306-3900577581-898390862-1004 -> {c2b8e594-d284-ef0b-2c66-48a9c98914bc} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=sk&p_tsrc=fjnhltxzm&p_w=y3w14&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2009-03-13] (Siber Systems Inc.) [File not signed]
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2022-04-07] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2022-04-07] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2009-03-13] (Siber Systems Inc.) [File not signed]
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2022-04-07] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2022-04-07] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2009-03-13] (Siber Systems Inc.) [File not signed]
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2022-04-07] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2009-03-13] (Siber Systems Inc.) [File not signed]
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2022-04-07] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Program Files (x86)\PC Translator\webie.dll [2004-05-13] () [File not signed]
Toolbar: HKU\S-1-5-21-3755753306-3900577581-898390862-1004 -> &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2009-03-13] (Siber Systems Inc.) [File not signed]
Toolbar: HKU\S-1-5-21-3755753306-3900577581-898390862-1004 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2022-04-07] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\sharepoint.com -> hxxps://mylolis-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 06:49 - 2022-05-24 20:52 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3755753306-3900577581-898390862-1004\Control Panel\Desktop\\Wallpaper -> F:\chlapci foto.jpg
DNS Servers: 10.0.0.2 - 10.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{3D3D07DD-ADDD-4310-9BD7-B35A46CC69B1}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B8A4FF9E-60DF-4802-9F38-2A0AC0331B18}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{50020EC5-94E5-4D5C-ABA9-90F3A302E4B6}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5C0BAC14-60F3-43F4-8543-4DA1252F0819}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9393C565-19C0-493C-9BDB-A2E4C30667FD}] => (Block) C:\Program Files\EaseUS\EaseUS Data Recovery Wizard\DRWUI.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
FirewallRules: [{0D66FB96-E430-4123-93D2-72166A56EE27}] => (Block) C:\Program Files\EaseUS\EaseUS Data Recovery Wizard\DRW.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
FirewallRules: [UDP Query User{9AD52B30-3C77-4586-83E0-27E9E98237FE}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe (Wondershare Technology Co.,Ltd -> Wondershare)
FirewallRules: [TCP Query User{61F69D73-CE25-4CA0-B8E8-A16DDE5A1F87}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe (Wondershare Technology Co.,Ltd -> Wondershare)
FirewallRules: [UDP Query User{7CCA1271-B818-47CA-8F51-354E35E5DBA7}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe (Wondershare Technology Co.,Ltd -> Wondershare)
FirewallRules: [TCP Query User{9194052E-BC16-41CA-B821-AF82EFD63E7D}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe (Wondershare Technology Co.,Ltd -> Wondershare)
FirewallRules: [UDP Query User{6E284143-0420-4420-A646-D4A35A9244F7}C:\program files (x86)\wondershare\mobilego\mobilego.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilego.exe (Wondershare Technology Co.,Ltd -> Wondershare)
FirewallRules: [TCP Query User{2D215C5B-41C2-462E-9793-B6A007CA3AA7}C:\program files (x86)\wondershare\mobilego\mobilego.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilego.exe (Wondershare Technology Co.,Ltd -> Wondershare)
FirewallRules: [{5C6B2391-3E6F-4B9F-9F8C-8BCAFB962508}] => (Allow) LPort=8317
FirewallRules: [{7C112D01-6568-4DD7-8D50-3CFAD48FFD7D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{88708B8D-3DBC-4E09-9374-2A54DF1ADE2D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CF5CE838-A1EB-46CA-A116-3F9DF1A2ED3A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6F2CD8BC-250A-4C2B-BA85-68B0FC072115}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4E5F14D2-C659-4DE7-9F38-A422C33FAE8F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A2DE37A5-2B34-4EA7-A874-095C79397FF0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{E1A2B675-81D9-473F-AE4A-02BE193027E7}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [TCP Query User{3B51F701-35E4-4180-A7A8-17920AB3A8C1}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [{75305898-B131-4B7B-91B1-9D9D5EB48902}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{48488D85-87DC-4DC6-81A2-3B379452E55F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9AF7778F-8D8D-4B1B-8067-A0C711360E24}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{621A17D8-027A-4654-A921-644D9CD7B865}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{21534541-0F22-4061-95AC-EA766D6D9BC7}] => (Allow) C:\Program Files\HP\HP DeskJet 5820 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{C0EB321A-BF8F-4C22-BDA0-80221C1428A1}] => (Allow) LPort=5357
FirewallRules: [{C2A874C9-FB0D-450B-A494-5AD39A6D95FB}] => (Allow) C:\Program Files\HP\HP DeskJet 5820 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{9979E779-66B9-4501-A85D-9B970C2D8AA0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{91301EA7-E9DA-463B-9EDF-FF1042796D64}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{DE3A15F3-85D0-4DEA-B8C6-F51B9B9C17A5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{35F9A056-483C-4C81-9F09-D9C8362AE3E7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{66879F1F-9AF1-4A3C-B11C-C9EA8C8079DD}] => (Allow) C:\Program Files\Siber Systems\GoodSync\gs-server.exe (Siber Systems -> )
FirewallRules: [{0FD2EB2B-75E9-449C-9624-47AA589C699B}] => (Allow) C:\Program Files\Siber Systems\GoodSync\goodsync.exe (Siber Systems -> )
FirewallRules: [{6E4C8939-19E7-4BB8-9046-B25B5DFC58A7}] => (Allow) C:\Program Files\Siber Systems\GoodSync\gsexplorer.exe (Siber Systems -> )
FirewallRules: [{20A42191-EBD8-4759-A540-E2CB4D5ADC93}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{700393D0-BB37-4BF5-94F9-A481D309C34E}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{17B6DC93-AC50-40BC-89C9-1954DA084FC4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{101B14E5-978B-4AC3-A435-A5FFB90F36C5}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\101.0.1210.53\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{797D27C8-F6E7-459B-A610-729045444D6A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D6384EAB-18ED-4926-88B0-33119508B217}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5737B7FA-0484-4D31-8F1B-AD549EE990A3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E6C7ADC2-6A80-4723-B4BC-0B8DF9E33EB0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C4B10D0C-548C-49EB-9465-99636D8D1C3E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{35615BB9-E864-4BB5-86B4-8423E71766CD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D6961FD3-5E15-460C-8D82-C4C00C750420}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{CE9CDE5F-F633-49F9-AA97-7D78BC0AB593}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0E98AC3F-2761-4DBF-B196-C608E949A9B6}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{6500CDBC-FECF-4FD9-AB5F-CAA3D2BD6DFC}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{61B08DFC-AE3C-4B76-8E38-7F7D71929921}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{21317264-E00F-4DF1-A2C8-A83C6E8B7CDC}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)

==================== Restore Points =========================

06-05-2022 10:45:21 Scheduled Checkpoint
11-05-2022 15:01:29 Inštalátor modulov systému Windows
24-05-2022 09:33:05 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============

Name: Intel(R) 82579V Gigabit Network Connection
Description: Intel(R) 82579V Gigabit Network Connection
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: e1i65x64
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (05/25/2022 08:18:05 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (05/24/2022 09:10:52 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program AcrobatNotificationClient.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 11dc

Start Time: 01d86fa1ab3c1909

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe

Report Id: 6f24f323-de8f-4767-bf8b-4e85b0913ec1

Faulting package full name: AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r

Faulting package-relative application ID: App

Hang type: Quiesce

Error: (05/24/2022 07:15:54 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v (C:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)

Error: (05/24/2022 07:02:02 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v DATA (F:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)

Error: (05/24/2022 07:01:52 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v LENOVO_PART (H:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)

Error: (05/24/2022 07:01:51 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v Vyhradené systémom (G:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)

Error: (05/24/2022 07:01:51 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v \\?\Volume{d19f8542-0000-0000-0000-500600000000}\, pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)

Error: (05/24/2022 06:30:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SearchApp.exe, verzia: 10.0.19041.1682, časová značka: 0xaf111162
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.1706, časová značka: 0x458acb5b
Kód výnimky: 0xc000027b
Odstup chyby: 0x000000000010fa32
Identifikácia chybujúceho procesu: 0x2a78
Čas spustenia chybujúcej aplikácie: 0x01d86f8b6bdf3ea4
Cesta chybujúcej aplikácie: C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: b7f5c187-02e6-44a6-9f65-a109fdbef69a
Celé meno chybujúceho balíka: Microsoft.Windows.Search_1.14.4.19041_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: CortanaUI


System errors:
=============
Error: (05/25/2022 08:17:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Device Setup Manager zlyhalo kvôli nasledujúcej chybe:
The service did not respond to the start or control request in a timely fashion.

Error: (05/25/2022 08:17:05 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Device Setup Manager bol dosiahnutý časový limit (30000 ms).

Error: (05/25/2022 08:16:37 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {9EA82395-E31B-41CA-8DF7-EC1CEE7194DF} did not register with DCOM within the required timeout.

Error: (05/25/2022 08:14:11 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Počas čakania na odpoveď transakcie od služby FDResPub bol dosiahnutý časový limit (30000 ms).

Error: (05/24/2022 09:10:59 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Správca stiahnutých máp sa pri spustení zablokovala.

Error: (05/24/2022 09:08:50 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Delivery Optimization sa pri spustení zablokovala.

Error: (05/24/2022 09:01:39 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-LQJATP4)
Description: The server {776DBC8D-7347-478C-8D71-791E12EF49D8} did not register with DCOM within the required timeout.

Error: (05/24/2022 09:01:38 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-LQJATP4)
Description: The server {776DBC8D-7347-478C-8D71-791E12EF49D8} did not register with DCOM within the required timeout.


Windows Defender:
================
Date: 2022-05-24 09:54:33
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-05-24 09:02:49
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-05-24 08:57:54
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-05-19 15:12:02
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-05-19 13:13:28
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]:

Date: 2022-03-18 09:54:03
Description:
Microsoft Defender Antivirus has encountered an error trying to load security intelligence and will attempt reverting back to a known-good version.
Security intelligence Attempted: Current
Error Code: 0x80070003
Error description: The system cannot find the path specified.
Security intelligence version: 0.0.0.0;0.0.0.0
Engine version: 0.0.0.0

Date: 2022-03-01 11:54:02
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x80004005
Error description: Unspecified error
Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.

CodeIntegrity:
===============
Date: 2022-05-24 21:12:52
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2022-05-24 12:12:54
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

BIOS: LENOVO DUKT34AUS 08/02/2011
Motherboard: LENOVO 7745
Processor: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz
Percentage of memory in use: 76%
Total physical RAM: 8171.63 MB
Available physical RAM: 1920.02 MB
Total Virtual: 19435.63 MB
Available Virtual: 11972.02 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:440.59 GB) (Free:268.46 GB) (Model: ST2000DM006-2DM164) NTFS
Drive f: (DATA) (Fixed) (Total:1397.15 GB) (Free:728.6 GB) (Model: ST2000DM006-2DM164) NTFS
Drive g: (Vyhradené systémom) (Fixed) (Total:0.1 GB) (Free:0.06 GB) (Model: ST2000DM006-2DM164) NTFS ==>[system with boot components (obtained from drive)]
Drive h: (LENOVO_PART) (Fixed) (Total:25.07 GB) (Free:6.53 GB) (Model: ST2000DM006-2DM164) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{d19f8542-0000-0000-0000-500600000000}\ () (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: D19F8542)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=440.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1863 GB) - (Type=05)

==================== End of Addition.txt =======================

solide
Návštěvník
Návštěvník
Příspěvky: 58
Registrován: 07 lis 2006 09:41

Re: hacknuty mail asi aj pocitac, Windows 10 SK

#11 Příspěvek od solide »

Rudy píše: 24 kvě 2022 20:51 Tenhle log se vám určitě neobjevil. Potřebuji vidět log ze souboru fixlog.txt. Je v C:\Users\janos\Downloads.
prikladam:

Fix result of Farbar Recovery Scan Tool (x64) Version: 23-05-2022
Ran by janos (24-05-2022 20:52:46) Run:1
Running from C:\Users\janos\Downloads
Loaded Profiles: janos
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
CustomCLSID: HKU\S-1-5-21-3755753306-3900577581-898390862-1004_Classes\CLSID\{B4A0E54A-1B25-0F61-F6B4-B1010555D232}\InprocServer32 -> no filepath
FirewallRules: [{0D67B701-0CA0-4B8D-A0C9-E73A82E584E7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe => No File
FirewallRules: [{955B747A-9F56-4BF4-AE22-FE281A50DE5D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe => No File
FirewallRules: [{B89D9362-AFB3-43E9-8564-F85B85C2DC7C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe => No File
FirewallRules: [{981F46DE-388E-4FF6-B17E-DB5AF29FF259}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe => No File
HKLM-x32\...\Run: [] => [X]
Task: {78B260B3-CFB9-481E-BABF-D678675E7A08} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-01] (Google LLC -> Google LLC)
Task: {E3032937-05E4-42A8-B058-867E01766723} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-01] (Google LLC -> Google LLC)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\Users\janos\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

EmptyTemp:
Hosts:

End
*****************

Processes closed successfully.
HKU\S-1-5-21-3755753306-3900577581-898390862-1004_Classes\CLSID\{B4A0E54A-1B25-0F61-F6B4-B1010555D232} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0D67B701-0CA0-4B8D-A0C9-E73A82E584E7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{955B747A-9F56-4BF4-AE22-FE281A50DE5D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B89D9362-AFB3-43E9-8564-F85B85C2DC7C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{981F46DE-388E-4FF6-B17E-DB5AF29FF259}" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{78B260B3-CFB9-481E-BABF-D678675E7A08}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{78B260B3-CFB9-481E-BABF-D678675E7A08}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E3032937-05E4-42A8-B058-867E01766723}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3032937-05E4-42A8-B058-867E01766723}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
C:\Users\janos\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 147871579 B
Java, Discord, Steam htmlcache => 0 B
Windows/system/drivers => 11114808 B
Edge => 11817414 B
Chrome => 1187610100 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 4548 B
NetworkService => 134300 B
janos => 490139260 B

RecycleBin => 2460044190 B
EmptyTemp: => 4 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:01:13 ====

solide
Návštěvník
Návštěvník
Příspěvky: 58
Registrován: 07 lis 2006 09:41

Re: hacknuty mail asi aj pocitac, Windows 10 SK

#12 Příspěvek od solide »

P.S: neviem co mam teraz robit, firemne udaje mam na SD karte, ktoru som nemal zastrcenu v pocitaci, ked mi prisiel ten mail, ze mam hacknutu e-mail adresu. Potrebujem ale s kartou pracovat, ako sa bezpecne presvedcim ze udaje na nej nie su zavirene a ako ci mam zavireny pocitac? Da sa nejako detekovat ci nemam v PC ransonware, ktory znefunkcny dokumenty s koncovkou jpg, word, excel a pod? Predtym som pouzival len antivirus, ktory bol sucastou win 10. Vcera som nainstaloval Eset a nechal prejst cely PC. Naslo 12 potencionalnych hrozieb, ktore Eset zastavil, skor si ale myslim ze to boli nejake patche a pod. Zatial vsetko ide. Dakujem za kazdu, dobru radu. Jan
Naposledy upravil(a) solide dne 25 kvě 2022 08:41, celkem upraveno 1 x.

solide
Návštěvník
Návštěvník
Příspěvky: 58
Registrován: 07 lis 2006 09:41

Re: hacknuty mail asi aj pocitac, Windows 10 SK

#13 Příspěvek od solide »

este prikladam log HijackThis:

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 8:43:27, on 25. 5. 2022
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.19041.1566)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Program Files (x86)\Disig\Web Signer\WebSignerTray.exe
C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
C:\Program Files (x86)\AnyDesk\AnyDesk.exe
C:\Program Files (x86)\Wondershare\MobileGo\MobileGoService.exe
C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
C:\Program Files (x86)\EAC MW klient\EAC_MW_klient.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc\AdobeNotificationClient.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
C:\WINDOWS\SysWOW64\DllHost.exe
C:\Users\janos\Downloads\HijackThis (1).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\101.0.1210.53\BHO\ie_to_edge_bho.dll
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~2\Office16\GROOVEEX.DLL
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O3 - Toolbar: &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\PROGRA~2\PCTRAN~1\webie.dll
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [EAC_MW_klient] "C:\Program Files (x86)\EAC MW klient\EAC_MW_klient.exe"
O4 - HKLM\..\Run: [Adobe CCXProcess] C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKCU\..\Run: [OneDrive] "C:\Users\janos\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Viber] "C:\Users\janos\AppData\Local\Viber\Viber.exe" StartMinimized
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [com.squirrel.WhatsApp.WhatsApp] C:\Users\janos\AppData\Local\WhatsApp\Update.exe --processStart "WhatsApp.exe"
O4 - HKCU\..\Run: [Disig Web Signer] C:\Program Files (x86)\Disig\Web Signer\WebSignerTray.exe
O4 - HKCU\..\Run: [Adobe Reader Synchronizer] "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe"
O4 - HKCU\..\Run: [Adobe Acrobat Synchronizer] "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe"
O4 - Global Startup: AnyDesk.lnk = C:\Program Files (x86)\AnyDesk\AnyDesk.exe
O4 - Global Startup: MobileGo Service.lnk = C:\Program Files (x86)\Wondershare\MobileGo\MobileGoService.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Nástrojová lišta RoboFormu - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Previesť cieľ odkazu do formátu Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Previesť do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Pridať cieľ odkazu do existujúceho súboru PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Pridať do existujúceho súboru PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Prispôsobiť menu - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O8 - Extra context menu item: Uložiť formulár - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Vyplniť formulár - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: @%CommonProgramFiles%\Microsoft Shared\Office16\oregres.dll,-430 - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: @%CommonProgramFiles%\Microsoft Shared\Office16\oregres.dll,-430 - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: Vyplniť formulár - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Vyplniť formulár - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Uložiť - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Uložiť formulár - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Zobraziť panel nástrojov - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Nástrojová lišta RoboFormu - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra button: WebTran - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\PROGRA~2\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\PROGRA~2\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: &Nastaviť prekladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\PROGRA~2\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\PROGRA~2\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: Preložiť &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\PROGRA~2\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\PROGRA~2\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: Preložiť &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\PROGRA~2\PCTRAN~1\webie.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AdobeUpdateService - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: Adobe Genuine Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AnyDesk Service (AnyDesk) - AnyDesk Software GmbH - C:\Program Files (x86)\AnyDesk\AnyDesk.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_662f7 - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: dLauncherLoopback - Unknown owner - C:\Program Files (x86)\Ditec\DLauncher\dLauncherLoopback.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Security\ekrn.exe
O23 - Service: ESET Firewall Helper (ekrnEpfw) - ESET - C:\Program Files\ESET\ESET Security\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\101.0.4951.67\elevation_service.exe
O23 - Service: GoodSync Server (GsServer) - Unknown owner - C:\Program Files\Siber Systems\GoodSync\gs-server.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Print Scan Doctor Service (HPPrintScanDoctorService) - HP Inc. - C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @oem14.inf,%ss_conn_launcher.SvcDesc%;SAMSUNG Mobile USB Connectivity Launcher (ss_conn_launcher_service) - Unknown owner - C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe (file missing)
O23 - Service: TeamViewer - TeamViewer Germany GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wondershare Application Framework Service (WsAppService) - Wondershare - C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe
O23 - Service: Wondershare Driver Install Service (WsDrvInst) - Wondershare - C:\Program Files (x86)\Wondershare\MobileGo\DriverInstall.exe

--
End of file - 18351 bytes

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118152
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: hacknuty mail asi aj pocitac, Windows 10 SK

#14 Příspěvek od Rudy »

Bylo smazáno, PC by již měl být v pořádku. Pokud se vám něco nezdá, udělejte ještě sken AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 . Utilitu stáhněte, spusťte, nechte pracovat a po skončení akce smažte vše, co eventuálně najde. Pozn. Návod v odkazu je na starší verzi.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět