Dobrý deň,
na pracovnom PC mi prenikol nejaký malware alebo niečo podobné a prelomil heslo na mailoch - boli rozposielané spamy ..
Neviem, či je možné aj takto - prípadne ako je možné zamedziť tomu aby sa to stalo opätovne - COMODO mi PC vyčistilo - mám urobiť niečo viac?
Ďakujem
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-03-2022
Ran by POHODA sieť. klient (administrator) on ZIMKLIMA-PC2 (Hewlett-Packard 500-500nc) (21-03-2022 09:27:24)
Running from C:\Users\POHODA sieť. klient\Desktop
Loaded Profiles: POHODA sieť. klient
Platform: Microsoft Windows 10 Home Version 21H1 19043.1586 (X64) Language: Čeština (Česká republika) -> Slovenčina (Slovensko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Autodesk, Inc. -> Autodesk) C:\ProgramData\Autodesk\Genuine Service\x64\GenuineService.exe
(Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe ->) (Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe <2>
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(C:\Program Files\COMODO\COMODO Internet Security\cistray.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe ->) (Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(explorer.exe ->) (Acresso Software Inc. -> Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(explorer.exe ->) (Autodesk, Inc. -> Autodesk) C:\Program Files\Autodesk\Personal Accelerator for Revit\RevitAccelerator.exe
(explorer.exe ->) (CANON INC. -> CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2LAK.EXE
(explorer.exe ->) (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) [File not signed] C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtp.exe
(explorer.exe ->) (Microsoft Corporation -> © 2015 Microsoft Corporation) C:\Users\POHODA sieť. klient\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\9.0.1.1462\AdskLicensingService\AdskLicensingService.exe
(services.exe ->) (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe
(services.exe ->) (Comodo Security Solutions, Inc. -> Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(services.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(services.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
(services.exe ->) (CyberLink Corp. -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(services.exe ->) (Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe <3>
(services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Softex Inc.) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (uvnc bvba -> UltraVNC) C:\Program Files\uvnc bvba\UltraVNC\winvnc.exe <2>
(spool\drivers\x64\3\CNAP2LAK.EXE ->) (CANON INC. -> CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAB8SWK.EXE
(spool\drivers\x64\3\CNAP2LAK.EXE ->) (CANON INC. -> CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2RPK.EXE
(svchost.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(svchost.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(svchost.exe ->) (Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8790264 2016-01-22] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-26] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\nvspcap64.dll [1283136 2014-07-26] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1489088 2017-10-19] (Comodo Security Solutions, Inc. -> COMODO)
HKLM\...\Run: [CNAP2 Launcher] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE [226784 2010-10-14] (CANON INC. -> CANON INC.)
HKLM\...\Run: [pac] => C:\Program Files\Autodesk\Personal Accelerator for Revit\RevitAccelerator.exe [223544 2019-02-01] (Autodesk, Inc. -> Autodesk)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2016-01-12] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2016-01-12] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2016-01-12] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2016-01-12] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2016-01-12] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3084288 2016-01-12] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [590920 2022-02-24] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [Autodesk Genuine Service ] => C:\ProgramData\Autodesk\Genuine Service\x64\GenuineService.exe [3439176 2022-01-25] (Autodesk, Inc. -> Autodesk)
HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2016-01-12] (Acresso Software Inc. -> Acresso Corporation)
HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\...\Run: [BingSvc] => C:\Users\POHODA sieť. klient\AppData\Local\Microsoft\BingSvc\BingSvc.exe [146312 2020-08-25] (Microsoft Corporation -> © 2015 Microsoft Corporation)
HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\...\MountPoints2: {31ea92a8-1827-11eb-8369-3464a91bb632} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\...\MountPoints2: {af3770e3-19c6-11eb-8369-3464a91bb632} - "E:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [239704 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\bizhub C35 PCL6-8 Language Monitor: C:\WINDOWS\system32\KOBJUJDL.dll [25608 2016-03-02] (Microsoft Windows Hardware Compatibility Publisher -> KONICA MINOLTA, INC.)
HKLM\...\Print\Monitors\CNAP2 Monitor: C:\WINDOWS\system32\CNAP2LMD.DLL [486400 2012-09-02] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\WINDOWS\system32\hpbprtmon.dll [423936 2014-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
HKLM\...\Print\Monitors\LIDIL hpzllw71: C:\WINDOWS\system32\hpzllw71.dll [62552 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\novaPDF OEM 7 Monitor: C:\WINDOWS\system32\novamnv7.dll [33056 2014-06-16] (Softland S.R.L. -> Softland)
HKLM\...\Print\Monitors\novaPDF Port Monitor: C:\WINDOWS\system32\novamn8.dll [18944 2016-03-03] (Softland) [File not signed]
HKLM\...\Print\Monitors\PCL hpz3lw71: C:\WINDOWS\system32\hpz3lw71.dll [55392 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2014-09-27] (Softex Inc..) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2014-09-27] (Softex Inc..) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FTP Utility.lnk [2016-03-02]
ShortcutTarget: FTP Utility.lnk -> C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtp.exe (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) [File not signed]
Startup: C:\Users\POHODA sieť. klient\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GenuineService.lnk [2020-02-11]
ShortcutTarget: GenuineService.lnk -> C:\Users\POHODA sieť. klient\Autodesk\Genuine Service\GenuineService.exe (No File)
Startup: C:\Users\POHODA sieť. klient\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odoslanie do aplikácie OneNote.lnk [2018-07-11]
ShortcutTarget: Odoslanie do aplikácie OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {12D50B6A-DB29-4AB3-812F-B5B07872DFE6} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {1B4347F8-EA73-4358-93C4-CAA3D397341C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {212A19E1-5F8A-4407-AA3F-B353BD03E26D} - System32\Tasks\Start OPBHOBrokerDesktop => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [506104 2014-09-27] (Softex Incorporated -> Hewlett-Packard)
Task: {21587808-0270-4380-86D4-96C591D84E7A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (No File)
Task: {3FCB2BBE-21D8-47C1-B940-1577DAFBCDD2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /f (No File)
Task: {40C11307-7AEC-4F8D-8E3F-2860DC557CD2} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {4306B1FA-462A-4CC6-9188-F14036016C04} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1489088 2017-10-19] (Comodo Security Solutions, Inc. -> COMODO)
Task: {43E19732-4E89-4F92-B80A-AECF0C983446} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [4784832 2017-10-19] (Comodo Security Solutions, Inc. -> COMODO)
Task: {4F9682F4-D686-4C80-AEA3-0C1A445E8822} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {4FDAE786-0E99-4766-8BA6-6F787F683083} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22580696 2022-03-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {5718571D-970E-40DE-9DBC-EC5912B25FF0} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {6230A350-4F83-46A2-8B6D-9FC5C082F33D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {63AC3304-D439-451C-8395-8D405EB428BC} - \WPD\SqmUpload_S-1-5-21-3256439801-3967542678-3501957217-1001 -> No File <==== ATTENTION
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {7210876A-0701-4520-B7EF-B087CCA1EB53} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {725B5BC7-AA3C-43A7-81D3-0490B651D8B5} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [110968 2022-03-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {72E60BF6-F604-46C3-8DC6-93BF40CC5C73} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {7912034C-8A48-4847-807F-3C2A385EC43B} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1489088 2017-10-19] (Comodo Security Solutions, Inc. -> COMODO)
Task: {7B7BC449-81A9-4FF0-B965-58E3F5705C0A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [136368 2022-02-25] (HP Inc. -> HP Inc.)
Task: {7FE1F2E1-66B3-4D44-A6A4-4986DA51DAA8} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22580696 2022-03-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {820D9D96-DCF5-4F3B-A4D3-D0E45ECBA45F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {87914A4E-EE96-4FBA-8A6D-85DE7F2468A9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {880977EA-A5FE-43BD-BC58-2FCFF19ED7AF} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [4784832 2017-10-19] (Comodo Security Solutions, Inc. -> COMODO)
Task: {94084583-A2C7-4798-8C6B-816E81BE574C} - System32\Tasks\NvNotifier_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\GFExperience.Deployer\NvNotifier.exe [2014152 2018-02-01] (NVIDIA Corporation -> )
Task: {97D516B5-2260-49E5-8D4E-A4E1F68F3A59} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {A054978F-6F59-4589-9D8D-97BED8058327} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {AD46602F-6333-4ABD-A13C-DBA825B53CDE} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {B9ECAC6E-E28B-4089-9103-54C10F9BD72E} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [4784832 2017-10-19] (Comodo Security Solutions, Inc. -> COMODO)
Task: {C17CC278-3B55-4DBE-AB28-B45FBF80B264} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [4784832 2017-10-19] (Comodo Security Solutions, Inc. -> COMODO)
Task: {CDCCD105-08D2-4212-92B7-86021D6C5589} - System32\Tasks\Start SimplePass => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [4678392 2014-09-27] (Softex Incorporated -> Hewlett-Packard)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {CF6F1EAC-F5F2-465A-8743-D0CE4CDF538A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [110968 2022-03-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {DFEFC9D5-B690-480E-B2B9-E72BE0393343} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {EC859CD7-E2D1-40D9-968F-7138B06E584D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {F191E327-7BBE-4647-955C-D695D89AF2BA} - System32\Tasks\Start OPBHOBroker => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [506104 2014-09-27] (Softex Incorporated -> Hewlett-Packard)
Task: {F98608ED-5FF4-41C6-B1E9-EDB2E168706C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [7347928 2017-02-28] (Piriform Ltd -> Piriform Ltd)
Task: {FD32A1D0-E180-449B-8096-79D4D78310FA} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [4784832 2017-10-19] (Comodo Security Solutions, Inc. -> COMODO)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0d65a4aa-f8ba-493f-9a62-591c6d6a94fb}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{337014e5-4152-45ec-ade3-1157b3d69656}: [DhcpNameServer] 192.168.55.10
Tcpip\..\Interfaces\{85aa2a64-cf7b-450c-b7c6-e2119d21a89b}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\POHODA sieť. klient\AppData\Local\Microsoft\Edge\User Data\Default [2022-03-09]
FireFox:
========
FF DefaultProfile: ddtjhju2.default
FF ProfilePath: C:\Users\POHODA sieť. klient\AppData\Roaming\Mozilla\Firefox\Profiles\ddtjhju2.default [2022-03-18]
FF DownloadDir: C:\Users\POHODA sieť. klient\Downloads
FF Homepage: Mozilla\Firefox\Profiles\ddtjhju2.default -> hxxps://www.google.sk/
FF Extension: (Avira Browser Safety) - C:\Users\POHODA sieť. klient\AppData\Roaming\Mozilla\Firefox\Profiles\ddtjhju2.default\Extensions\abs@avira.com.xpi [2022-01-17]
FF Extension: (Linkificator) - C:\Users\POHODA sieť. klient\AppData\Roaming\Mozilla\Firefox\Profiles\ddtjhju2.default\Extensions\linkificator@markapola.xpi [2019-10-25]
FF HKLM-x32\...\Firefox\Extensions: [firefox@bho.com] - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt
FF Extension: (HP SimplePass) - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt [2015-07-16] [Legacy] [not signed]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-06-19] (Foxit Corporation -> )
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-06-19] (Foxit Corporation -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-04-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-04-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-03-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-12-19] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-12-19] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1134664 2022-02-24] (Autodesk, Inc. -> Autodesk Inc.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [16939312 2019-01-09] (Autodesk, Inc. -> Autodesk)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [270336 2016-01-12] (Brother Industries, Ltd.) [File not signed]
R2 ChromodoUpdater; C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe [2273424 2016-10-03] (Comodo Security Solutions -> Comodo)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11649952 2022-03-04] (Microsoft Corporation -> Microsoft Corporation)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [10501616 2017-10-19] (Comodo Security Solutions, Inc. -> COMODO)
R3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2876096 2017-10-19] (Comodo Security Solutions, Inc. -> COMODO)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2273432 2017-07-14] (Comodo Security Solutions, Inc. -> Comodo)
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [761856 2022-02-25] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [760864 2022-02-25] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [756720 2022-02-25] (HP Inc. -> HP Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [760304 2022-02-25] (HP Inc. -> HP Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192320 2020-09-24] (Huawei Technologies Co., Ltd. -> ) [File not signed]
S2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [50600 2016-03-03] (Softland SRL -> Microsoft)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [94720 2014-09-27] (Softex Inc.) [File not signed]
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2016-01-12] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] (CyberLink Corp. -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13257000 2021-07-01] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 uvnc_service; C:\Program Files\uvnc bvba\UltraVNC\WinVNC.exe [2188880 2016-06-23] (uvnc bvba -> UltraVNC)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 KrosPlusFireBird; "C:\Program Files (x86)\Cenkros\Firebird\FBbin\fbserver.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [40968 2017-08-09] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [827864 2017-08-09] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [50808 2017-08-09] (Comodo Security Solutions, Inc. -> COMODO)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2018-08-23] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [127232 2015-08-05] (Comodo Security Solutions -> COMODO)
R3 ROCKEYNT; C:\WINDOWS\system32\DRIVERS\Rockey4.sys [36904 2016-01-27] (Feitian Technologies Co., Ltd. -> Feitian Technologies Co., Ltd.)
S3 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-03-21 09:27 - 2022-03-21 09:31 - 000031202 _____ C:\Users\POHODA sieť. klient\Desktop\FRST.txt
2022-03-21 09:27 - 2022-03-21 09:27 - 000000000 ____D C:\Users\POHODA sieť. klient\Desktop\FRST-OlderVersion
2022-03-18 13:59 - 2022-03-18 14:00 - 000000000 ____D C:\Users\POHODA sieť. klient\Desktop\Nový priečinok (2)
2022-03-18 10:40 - 2022-03-21 09:30 - 000000000 ____D C:\FRST
2022-03-18 10:38 - 2022-03-21 09:27 - 002364928 _____ (Farbar) C:\Users\POHODA sieť. klient\Desktop\FRST64.exe
2022-03-15 09:12 - 2022-03-15 09:12 - 000674361 _____ C:\Users\POHODA sieť. klient\Desktop\rekarindanove.zip
2022-03-15 09:12 - 2022-03-15 09:12 - 000000000 ____D C:\Users\POHODA sieť. klient\Desktop\rekarindanove
2022-03-14 20:07 - 2022-03-14 20:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-03-11 12:28 - 2022-03-11 12:28 - 000011911 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-03-11 12:25 - 2022-03-11 12:25 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-03-11 12:23 - 2022-03-11 12:23 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2022-03-11 12:21 - 2022-03-11 12:21 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-03-11 12:21 - 2022-03-11 12:21 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe
2022-03-11 09:26 - 2022-03-11 09:26 - 000000000 ___HD C:\$WinREAgent
2022-03-01 17:27 - 2022-03-01 17:27 - 000009611 _____ C:\Users\POHODA sieť. klient\Desktop\mh.xlsx
2022-03-01 16:06 - 2022-03-01 17:58 - 000036648 _____ C:\Users\POHODA sieť. klient\Desktop\Report ponuky 2022.xlsx
2022-03-01 09:08 - 2022-03-01 09:08 - 000001526 _____ C:\Users\POHODA sieť. klient\Desktop\CP435-21-Pa Polyfunkčný dom Galvaniho A,B,C, BA – odkaz.lnk
2022-03-01 09:08 - 2022-03-01 09:08 - 000001445 _____ C:\Users\POHODA sieť. klient\Desktop\CP433-21-Pa Bytový dom Murgašova ulica – odkaz.lnk
2022-02-23 11:34 - 2022-02-23 12:15 - 002212692 _____ C:\WINDOWS\Minidump\022322-49187-01.dmp
2022-02-22 12:15 - 2022-02-22 12:15 - 000044384 _____ C:\Users\POHODA sieť. klient\Desktop\received_710016203516661.jpeg
2022-02-21 10:22 - 2022-02-21 10:24 - 000079350 _____ C:\Users\POHODA sieť. klient\Desktop\received_2152963311549008.jpeg
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-03-21 09:40 - 2022-01-07 08:13 - 000000000 ____D C:\Users\POHODA sieť. klient\Desktop\CP 2022
2022-03-21 09:37 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-03-21 09:35 - 2020-08-12 09:30 - 000004238 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{8E7DBBBB-D05D-4DB1-A0CD-7A279F59342B}
2022-03-21 09:26 - 2020-08-12 08:44 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-03-21 08:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-03-21 08:37 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-03-21 08:06 - 2016-01-28 09:37 - 000000000 ____D C:\ProgramData\Autodesk
2022-03-21 08:00 - 2016-11-18 11:31 - 000000000 ____D C:\Users\POHODA sieť. klient\AppData\LocalLow\Mozilla
2022-03-18 17:34 - 2017-03-14 14:41 - 000000000 ____D C:\Users\POHODA sieť. klient\Documents\Súbory programu Outlook
2022-03-18 16:41 - 2017-12-20 08:51 - 000000000 ____D C:\Users\POHODA sieť. klient\AppData\Local\Packages
2022-03-18 11:27 - 2020-08-12 08:49 - 000000000 ____D C:\Users\Uzivatel_PC1
2022-03-18 10:54 - 2016-01-12 13:15 - 000268778 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2022-03-18 10:40 - 2017-02-21 08:22 - 000000000 ____D C:\Users\POHODA sieť. klient\AppData\Local\CrashDumps
2022-03-18 10:33 - 2022-02-14 12:06 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-03-18 09:39 - 2016-03-02 09:53 - 000000000 ____D C:\Skeny
2022-03-18 09:26 - 2016-10-04 03:21 - 000000000 ____D C:\ProgramData\NVIDIA
2022-03-17 22:45 - 2020-08-12 08:49 - 000000000 ____D C:\Users\POHODA sieť. klient
2022-03-17 14:40 - 2021-08-27 09:12 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-03-17 14:40 - 2015-12-19 14:17 - 000001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-03-14 19:50 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-03-14 17:28 - 2016-02-02 09:07 - 000000000 ____D C:\Users\POHODA sieť. klient\Desktop\Cenníky
2022-03-14 09:20 - 2015-12-19 14:17 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-03-14 08:45 - 2020-08-12 09:05 - 001840852 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-03-14 08:45 - 2019-12-07 15:41 - 000756000 _____ C:\WINDOWS\system32\perfh005.dat
2022-03-14 08:45 - 2019-12-07 15:41 - 000169950 _____ C:\WINDOWS\system32\perfc005.dat
2022-03-14 08:41 - 2015-07-16 23:46 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-03-14 08:39 - 2021-03-26 13:17 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-03-14 08:37 - 2020-08-12 09:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-03-14 08:37 - 2020-08-12 08:44 - 000454960 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-03-14 08:37 - 2020-08-12 08:44 - 000008192 ___SH C:\DumpStack.log.tmp
2022-03-14 08:36 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-03-14 08:34 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-03-14 08:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-03-14 08:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-03-14 08:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-03-14 08:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-03-14 08:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-03-14 08:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-03-14 08:34 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2022-03-14 08:29 - 2020-08-12 09:30 - 000003402 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3256439801-3967542678-3501957217-1001
2022-03-14 08:28 - 2020-08-12 08:49 - 000002463 _____ C:\Users\POHODA sieť. klient\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-03-11 14:11 - 2018-07-06 09:46 - 000000000 ____D C:\Users\POHODA sieť. klient\Desktop\REPORT CP
2022-03-11 13:35 - 2021-01-22 07:25 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-03-11 13:34 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-03-11 12:20 - 2020-08-12 08:50 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-03-11 09:35 - 2020-08-12 09:30 - 000003576 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-03-11 09:35 - 2020-08-12 09:30 - 000003452 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-03-09 08:29 - 2015-12-16 03:57 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-03-09 07:55 - 2015-12-16 03:57 - 145666720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-03-08 18:04 - 2021-05-05 16:57 - 000000000 ____D C:\Users\POHODA sieť. klient\Desktop\DWN
2022-03-08 16:21 - 2022-01-31 13:21 - 000000000 ____D C:\Users\POHODA sieť. klient\Desktop\Výroba 2022
2022-03-08 08:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-03-04 09:27 - 2016-01-28 09:40 - 000000000 ____D C:\Users\POHODA sieť. klient\AppData\Local\Autodesk
2022-03-03 08:17 - 2021-06-23 07:02 - 000000000 ____D C:\Program Files\HP
2022-02-28 05:17 - 2021-12-13 09:13 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3256439801-3967542678-3501957217-1001
2022-02-23 12:16 - 2020-08-26 06:19 - 000000000 ____D C:\WINDOWS\Minidump
2022-02-23 11:34 - 2019-08-15 07:01 - 696254955 _____ C:\WINDOWS\MEMORY.DMP
==================== Files in the root of some directories ========
2018-05-29 15:24 - 2018-05-29 15:24 - 001703168 _____ (Foxit Software) C:\Users\POHODA sieť. klient\FoxitDPFEditor20_enu_Setup.exe
2018-05-29 15:21 - 2018-05-29 15:21 - 010637032 _____ (PortableApps.com) C:\Users\POHODA sieť. klient\Foxit_PDF_Reader_Portable__5.1.4.exe
2017-05-31 11:22 - 2018-06-14 13:08 - 000009416 _____ () C:\Users\POHODA sieť. klient\AppData\Roaming\Hodnoty oddelené čiarkou.EML
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-03-2022
Ran by POHODA sieť. klient (21-03-2022 09:43:36)
Running from C:\Users\POHODA sieť. klient\Desktop
Microsoft Windows 10 Home Version 21H1 19043.1586 (X64) (2020-08-12 08:31:41)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3256439801-3967542678-3501957217-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3256439801-3967542678-3501957217-503 - Limited - Disabled)
Guest (S-1-5-21-3256439801-3967542678-3501957217-501 - Limited - Disabled)
POHODA sieť. klient (S-1-5-21-3256439801-3967542678-3501957217-1001 - Administrator - Enabled) => C:\Users\POHODA sieť. klient
Uzivatel_PC1 (S-1-5-21-3256439801-3967542678-3501957217-1002 - Limited - Enabled) => C:\Users\Uzivatel_PC1
WDAGUtilityAccount (S-1-5-21-3256439801-3967542678-3501957217-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: COMODO Antivirus (Enabled - Up to date) {0C515E80-E355-69BD-3445-A511E5C186FD}
FW: COMODO Firewall (Enabled) {346ADFA5-A93A-68E5-1F1A-0C241B12C186}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 21.011.20039 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader Driver (HKLM-x32\...\AmUStor) (Version: 20.21.3317.03861 - Alcor Micro Corp.)
Any PDF to DWG Converter 2016 (HKLM-x32\...\Any PDF to DWG Converter_is1) (Version: - AnyDWG Software, Inc.)
Autodesk Advanced Material Library Base Resolution Image Library 2020 (HKLM-x32\...\{FF27FA47-6E0F-4654-A435-19916B297565}) (Version: 18.11.1.0 - Autodesk)
Autodesk Advanced Material Library Low Resolution Image Library 2020 (HKLM-x32\...\{042B92EF-929A-40B1-9578-DA8363208D02}) (Version: 18.11.1.0 - Autodesk)
Autodesk Advanced Material Library Medium Resolution Image Library 2020 (HKLM-x32\...\{0F682C15-79B0-4E6F-A2F4-56BC8CD43F1F}) (Version: 18.11.1.0 - Autodesk)
Autodesk Collaboration for Revit 2018 (HKLM\...\{AA384BE4-1800-0010-0000-97E7D7D00B17}) (Version: 18.0.0.420 - Autodesk) Hidden
Autodesk Collaboration for Revit 2018 (HKLM\...\Autodesk Collaboration for Revit 2018) (Version: 18.0.0.420 - Autodesk)
Autodesk Desktop App (HKLM-x32\...\Autodesk Desktop App) (Version: 8.3.0.71 - Autodesk)
Autodesk DWG TrueView 2016 - English (HKLM\...\DWG TrueView 2016 - English) (Version: 20.1.107.4 - Autodesk)
Autodesk DWG TrueView 2021 - English (HKLM\...\DWG TrueView 2021 - English) (Version: 24.0.47.0 - Autodesk)
Autodesk Genuine Service (HKLM\...\{8AD048E5-9570-442E-A5A2-B12C2618977E}) (Version: 4.6.0.124 - Autodesk)
Autodesk Genuine Service (HKLM-x32\...\{317D67F2-9027-4E85-9ED1-ADF4D765AE02}) (Version: 3.0.11 - Autodesk)
Autodesk Material Library 2018 (HKLM-x32\...\{7847611E-92E9-4917-B395-71C91D523104}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library 2020 (HKLM-x32\...\{B9312A51-41B5-479D-9F72-E7448A2D89AF}) (Version: 18.11.1.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2018 (HKLM-x32\...\{FCDED119-A969-4E48-8A32-D21AD6B03253}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2020 (HKLM-x32\...\{0E976988-E753-4C81-BD96-434CE305B176}) (Version: 18.11.1.0 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2018 (HKLM-x32\...\{1B0F011A-66B4-4865-98B7-0FE132841035}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2020 (HKLM-x32\...\{7979E1F2-682E-4A3C-B674-B3336F35D472}) (Version: 18.11.1.0 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2018 (HKLM-x32\...\{6EC5DA32-D02D-47D4-A3C4-988C1BC1A5FE}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2020 (HKLM-x32\...\{B52B3C0C-F56D-44CB-AC81-F86BCBB7550F}) (Version: 18.11.1.0 - Autodesk)
Autodesk Revit 2020 (HKLM\...\Revit 2020) (Version: 20.0.0.377 - Autodesk)
Autodesk Revit 2020 Revit MEP Imperial Content (HKLM\...\{38AEB114-D437-4695-B390-6D03723F32E0}) (Version: 2.2 - Autodesk)
Autodesk Revit 2020 Revit MEP Metric Content (HKLM\...\{6504036D-FF6D-41E0-B3FE-3193E9BC2047}) (Version: 2.2 - Autodesk)
Autodesk Revit Content Libraries 2018 (HKLM\...\Autodesk Revit Content Libraries 2018) (Version: 18.0.0.420 - Autodesk)
Autodesk Revit Content Libraries 2020 (HKLM\...\Revit Content Libraries 2020) (Version: 20.0.0.377 - Autodesk)
Autodesk Revit MEP Imperial Content (HKLM\...\{7A218E72-B73A-44AF-B4CA-D97EEEAACEFF}) (Version: 2.1 - Autodesk)
Autodesk Revit MEP Metric Content (HKLM\...\{14301A33-A4A1-41B8-A3BF-237AEC8561BB}) (Version: 2.1 - Autodesk)
Autodesk Revit Model Review 2018 (HKLM\...\{715812E8-1800-0010-0000-BBB894911B46}) (Version: 18.0.0.420 - Autodesk) Hidden
Autodesk Revit Model Review 2018 (HKLM\...\Autodesk Revit Model Review 2018) (Version: 18.0.0.420 - Autodesk)
Autodesk Revit Model Review 2020 (HKLM\...\{715812E8-2001-0010-0000-BBB894911B46}) (Version: 20.0.0.377 - Autodesk) Hidden
Autodesk Revit Model Review 2020 (HKLM\...\Autodesk Revit Model Review 2020) (Version: 20.0.0.377 - Autodesk)
Autodesk Single Sign On Component (HKLM\...\{E3807FC8-DD0A-4D6D-89E9-EAADE00C845C}) (Version: 10.22.00.1800 - Autodesk)
Autodesk Workflows 2018 (HKLM\...\{28B17270-375A-4844-9D34-754A457E17BF}) (Version: 16.11.1.0 - Autodesk, Inc.)
Batch Print for Autodesk Revit 2018 (HKLM\...\{82AF00E4-1800-0010-0000-FCE0F87063F9}) (Version: 18.0.0.420 - Autodesk) Hidden
Batch Print for Autodesk Revit 2018 (HKLM\...\Batch Print for Autodesk Revit 2018) (Version: 18.0.0.420 - Autodesk)
Batch Print for Autodesk Revit 2020 (HKLM\...\{82AF00E4-2001-0010-0000-FCE0F87063F9}) (Version: 20.0.0.377 - Autodesk) Hidden
Batch Print for Autodesk Revit 2020 (HKLM\...\Batch Print for Autodesk Revit 2020) (Version: 20.0.0.377 - Autodesk)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite DCP-9020CDW (HKLM-x32\...\{E98A9C92-E767-475B-8BC6-8780A86DDC72}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
Canon LBP3010/LBP3018/LBP3050 (HKLM\...\Canon LBP3010/LBP3018/LBP3050) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
CENKROS 4 (HKLM-x32\...\{30044428-2E18-46EF-B473-28BC89909399}) (Version: - KROS a.s.)
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 57.0.2987.93 - Comodo)
COMODO Internet Security Premium (HKLM\...\{04833277-EE61-4251-9273-0CF86C0FE710}) (Version: 10.0.1.6294 - COMODO Security Solutions Inc.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.8.4420 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM\...\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.3.5529 - CyberLink Corp.) Hidden
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.3.5529 - CyberLink Corp.)
CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5.4505 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.8.4316 - CyberLink Corp.)
CyberLink PowerBackup 2.6 (HKLM-x32\...\InstallShield_{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.6.1.0903 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.2.3317 - CyberLink Corp.) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.2.3317 - CyberLink Corp.)
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
DWGSee Pro 2016 (HKLM-x32\...\{84AAA3F4-45CE-4FC6-8C16-35C98E69673C}) (Version: 4.17 - AutoDWG)
Dynamo Revit 1.2.2 (HKLM\...\{0FF47E28-76A5-44BA-8EEF-58824252F528}) (Version: 1.2.2.373 - Dynamo)
Elcomm (HKLM-x32\...\Elcomm) (Version: - )
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
eTransmit for Autodesk Revit 2020 (HKLM\...\{4477F08B-2001-0010-0000-9A09D834DFF5}) (Version: 20.0.0.377 - Autodesk) Hidden
eTransmit for Autodesk Revit 2020 (HKLM\...\eTransmit for Autodesk Revit 2020) (Version: 20.0.0.377 - Autodesk)
FARO LS 1.1.600.6 (64bit) (HKLM-x32\...\{510A08AF-1649-4844-94E5-EAC43A023685}) (Version: 6.0.6.5 - FARO Scanner Production)
FormIt Converter For Revit 2018 (HKLM\...\{9FFF4CAD-41A6-44D2-9467-A16AC4B6DC2A}) (Version: 1.9.3.0 - Autodesk)
FormIt Converter For Revit 2020 (HKLM\...\{7A22DBAA-79A6-4C7B-98FA-9157A97EF6DA}) (Version: 1.9.6.0 - Autodesk)
Foxit PhantomPDF (HKLM-x32\...\{89BF1D4D-1D62-451E-9496-B971BDE82720}) (Version: 6.0.33.715 - Foxit Corporation)
FreeCAD 0.15 - A free open source CAD system (HKLM\...\FreeCAD 0.15) (Version: 0.15.4671 - Juergen Riegel)
FTP Utility (HKLM-x32\...\InstallShield_{A5EC243A-AAB4-4AF0-85A5-07F9F4618353}) (Version: 1.00.0000 - KONICA MINOLTA)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.360 - Huawei Technologies Co., Ltd.)
HP Documentation (HKLM-x32\...\{198B2800-6C16-4F2A-BC52-EA0F7FD67095}) (Version: 1.3.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7745.4851 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.27 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{6135AEC9-9379-4014-8CB6-B0BC69B4BA78}) (Version: 12.17.27.5 - HP)
Chromodo (HKLM-x32\...\Chromodo) (Version: 52.15.25.665 - Comodo)
iMazing HEIC Converter 1.0.13.0 (HKLM\...\{FA58AFA9-B210-409C-88F1-2A90D577C170}_is1) (Version: 1.0.13.0 - DigiDNA)
Inst5675 (HKLM\...\{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}) (Version: 8.01.27 - Softex Inc.) Hidden
Inst5676 (HKLM\...\{878F6913-7421-4713-97F7-0A736EE2A188}) (Version: 8.01.27 - Softex Inc.) Hidden
IronPython 2.7.3 (HKLM-x32\...\{1EBADAEA-1A0F-40E3-848C-0DD8C5E5A10D}) (Version: 2.7.31000.0 - IronPython Team)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Kros (HKLM\...\{148477A0-A868-425E-9F93-CE8CE95AFE44}) (Version: 8.5.940 - Softland) Hidden
Kros PDF (HKLM-x32\...\{e6b27eee-2b6f-4344-8f4b-93591eb3f24e}) (Version: 162.100.1.0 - Kros a.s.)
MediaInfo 21.09 (HKLM\...\MediaInfo) (Version: 21.09 - MediaArea.net)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 99.0.1150.46 - Microsoft Corporation)
Microsoft Office 2016 pre podnikateľov - sk-sk (HKLM\...\HomeBusinessRetail - sk-sk) (Version: 16.0.14931.20132 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\...\OneDriveSetup.exe) (Version: 22.033.0213.0002 - Microsoft Corporation)
Microsoft SharePoint Designer 2010 (HKLM\...\Office14.SharePointDesigner) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{52EBC484-44A1-4DC5-824A-0A503735ABD8}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{5016990D-7F61-4A20-9451-A915D6616DD9}) (Version: 3.66.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox (x64 sk) (HKLM\...\Mozilla Firefox 98.0.1 (x64 sk)) (Version: 98.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 98.0.1.8107 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
novaPDF 8 Printer Driver (HKLM\...\{F9F62525-05B6-4AD7-8D30-0D872CC1FB3C}) (Version: 8.5.940 - Softland)
novaPDF 8 SDK COM (x86) (HKLM-x32\...\{A6DF899D-5518-4DAB-A4F9-F7D0CDD43224}) (Version: 8.5.940 - Softland)
Nuance PaperPort 12 (HKLM-x32\...\{CEB2E185-0481-4926-A976-2EB48D55B366}) (Version: 12.1.0005 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 388.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.73 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 388.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.73 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14931.20010 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14931.20072 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14931.20094 - Microsoft Corporation) Hidden
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
PDF Annotator 8.0.0.817 (HKLM\...\PDFAnnotator_is1) (Version: 8.0.0.817 - GRAHL software design)
PDFsam Basic (HKLM-x32\...\{06F77008-B6FD-4871-809E-1F3E09985A05}) (Version: 3.30.7.0 - Sober Lemur S.a.s. di Vacondio Andrea)
Personal Accelerator for Revit (HKLM\...\{533DE806-7EC5-4A73-841B-007110126A75}) (Version: 21.0.4.0 - Autodesk)
PNotes 9.3.0 (HKLM-x32\...\{949D34E5-F53F-4830-9A50-1E2C39109043}_is1) (Version: 9.3.0 - Andrey Gruber)
Print to PDF Annotator (novaPDF OEM 7.7 printer) (HKLM\...\Print to PDF Annotator_is1) (Version: 7.7.400 - Softland)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7673 - Realtek Semiconductor Corp.)
Revit 2020 (HKLM\...\{7346B4A0-2000-0510-0000-705C0D862004}) (Version: 20.0.0.377 - Autodesk) Hidden
Revit Content Libraries 2018 (HKLM\...\{941030D0-1800-0410-0000-818BB38A95FC}) (Version: 18.0.0.420 - Autodesk) Hidden
Revit Content Libraries 2020 (HKLM\...\{941030D0-2000-0410-0000-818BB38A95FC}) (Version: 20.0.0.377 - Autodesk) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0017-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{98223B6C-F59E-4928-B553-43605D52ED19}) (Version: - Microsoft)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.38 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.38.101 - Skype Technologies S.A.)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.19.5 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH)
UltraVnc (HKLM\...\Ultravnc2_is1) (Version: 1.2.1.1 - uvnc bvba)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Windows Kontrola stavu počítača (HKLM\...\{BDBC15A5-E9F1-485F-A0D3-7526052FB2B2}) (Version: 3.2.2110.14001 - Microsoft Corporation)
WinRAR 5.31 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Worksharing Monitor for Autodesk Revit 2018 (HKLM\...\{5063E738-1800-0010-0000-7B7B9AB0B696}) (Version: 18.0.0.420 - Autodesk) Hidden
Worksharing Monitor for Autodesk Revit 2018 (HKLM\...\Worksharing Monitor for Autodesk Revit 2018) (Version: 18.0.0.420 - Autodesk)
Worksharing Monitor for Autodesk Revit 2020 (HKLM\...\{5063E738-2001-0010-0000-7B7B9AB0B696}) (Version: 20.0.0.377 - Autodesk) Hidden
Worksharing Monitor for Autodesk Revit 2020 (HKLM\...\Worksharing Monitor for Autodesk Revit 2020) (Version: 20.0.0.377 - Autodesk)
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2020-01-29] (Autodesk Inc.)
Getting Started with Windows 8 -> C:\Program Files\WindowsApps\AD2F1837.GettingStartedwithWindows8_1.6.0.0_neutral__v10z8vjag6ke6 [2015-12-16] (Hewlett-Packard Company)
HP Connected Music -> C:\Program Files\WindowsApps\AD2F1837.HPConnectedMusic_1.5.0.253_x86__v10z8vjag6ke6 [2015-12-16] (Hewlett-Packard Company)
HP Registration -> C:\Program Files\WindowsApps\AD2F1837.HPRegistration_1.2.1.166_neutral__v10z8vjag6ke6 [2015-12-16] (Hewlett-Packard Company)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.14.42.0_x64__v10z8vjag6ke6 [2022-03-03] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-16] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-16] (Microsoft Corporation) [MS Ad]
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_4.2.3010.0_x64__8wekyb3d8bbwe [2022-03-11] (Microsoft Studios) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.2180.0_x64__8wekyb3d8bbwe [2022-02-25] (Microsoft Studios) [MS Ad]
MSN Cestovanie -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-12-16] (Microsoft Corporation) [MS Ad]
MSN Jedlá a nápoje -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-12-16] (Microsoft Corporation) [MS Ad]
MSN Zdravie a fitnes -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-12-16] (Microsoft Corporation) [MS Ad]
Snapfish -> C:\Program Files\WindowsApps\AD2F1837.HPConnectedPhotopoweredbySnapfish_6.1.736.0_x86__v10z8vjag6ke6 [2018-08-04] (Snapfish)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0 [2022-03-21] (Spotify AB) [Startup Task]
The Weather Channel for HP -> C:\Program Files\WindowsApps\Weather.TheWeatherChannelforHP_2015.1108.1.0_x64__t3yemqpq4kp7p [2015-12-16] (The Weather Channel.)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2019-08-01] (Microsoft Corporation)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-15] (Twitter Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3256439801-3967542678-3501957217-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2016 - English\dwgviewr.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3256439801-3967542678-3501957217-1001_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2016 - English\en-US\dwgviewrficn.dll (Autodesk, Inc -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2020-01-22] (Autodesk, Inc. -> Autodesk, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2020-01-22] (Autodesk, Inc. -> Autodesk)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-07-24] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2017-08-29] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers1: [DWGSeeMenu] -> {A6EAF440-149E-4AF3-AE84-5DA3CF791E3B} => C:\Program Files (x86)\AutoDWG\DWGSee Pro 2016\DWGSeeMenu64.dll [2016-03-08] (TODO: <Company name>) [File not signed]
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2014-06-19] (Foxit Corporation -> Foxit Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-07-24] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2017-08-29] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-12-19] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2017-08-29] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2014-09-27 13:47 - 2014-09-27 13:47 - 000855552 _____ (%CFullName%) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\OpBHO64.dll
2017-03-10 14:20 - 2017-03-10 14:20 - 000179200 _____ () [File not signed] [File is in use] C:\Program Files\Autodesk\Personal Accelerator for Revit\Autodesk.C4R.AdWebServicesInterop.dll
2014-09-27 13:40 - 2014-09-27 13:40 - 002150400 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2014-09-27 13:39 - 2014-09-27 13:39 - 000021504 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2014-09-27 13:39 - 2014-09-27 13:39 - 000055296 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2014-09-27 13:39 - 2014-09-27 13:39 - 000035840 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2005-09-07 13:03 - 2005-09-07 13:03 - 000036864 ____R (Black Ice Software, Inc.) [File not signed] C:\Program Files (x86)\Nuance\PaperPort\blicectr.dll
2014-09-27 13:39 - 2014-09-27 13:39 - 000702976 _____ (Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\storeng.dll
2014-09-27 13:40 - 2014-09-27 13:40 - 001119232 _____ (Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\userdata.dll
2010-11-18 21:08 - 2010-11-18 21:08 - 000086016 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2004-11-04 19:23 - 2004-11-04 19:23 - 000028672 _____ (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC) [File not signed] C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFTPReg.dll
2004-10-25 15:49 - 2004-10-25 15:49 - 000221184 _____ (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) [File not signed] C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll
2004-10-25 15:50 - 2004-10-25 15:50 - 000061440 _____ (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) [File not signed] C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpEV.dll
2004-10-25 15:50 - 2004-10-25 15:50 - 000053248 _____ (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) [File not signed] C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpSN.dll
2004-10-25 15:50 - 2004-10-25 15:50 - 000049152 _____ (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) [File not signed] C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpVR.dll
2020-04-20 09:29 - 2020-04-20 09:29 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\AppVIsvSubsystems32.dll
2020-04-20 09:29 - 2020-04-20 09:29 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\c2r32.dll
2015-07-16 23:48 - 2014-07-26 07:01 - 001283136 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed] C:\WINDOWS\system32\nvspcap64.dll
2020-08-12 09:03 - 2017-12-19 03:51 - 000874880 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll
2020-08-12 09:04 - 2017-12-19 03:51 - 000339072 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NvStereo\_nvstapisvr64.dll
2014-09-27 13:48 - 2014-09-27 13:48 - 000746064 _____ (Softex Incorporated -> ) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2014-09-27 13:48 - 2014-09-27 13:48 - 000420432 _____ (Softex Incorporated -> ) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2014-09-27 13:48 - 2014-09-27 13:48 - 000760912 _____ (Softex Incorporated -> Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\hdddrv.dll
2014-09-27 13:48 - 2014-09-27 13:48 - 001376848 _____ (Softex Incorporated -> Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\Wbf.dll
2016-03-03 15:18 - 2016-03-03 15:18 - 000018944 _____ (Softland) [File not signed] C:\WINDOWS\System32\novamn8.dll
2016-03-08 12:34 - 2016-03-08 12:34 - 000125952 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\AutoDWG\DWGSee Pro 2016\DWGSeeMenu64.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\WINDOWS\system32\AERTAC64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AERTAR64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BRCOC12A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BrWiaNCp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cdpreference.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CX64APO.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DdcWnsListener.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\FMAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\KOBJUJDL.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6437654.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6438165.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6438546.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6437654.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6438165.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6438546.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RCoInstII64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RltkAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RP3DAA64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RP3DHT64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTCOM64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtCRX64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtDataProc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEED64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEEG64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEEL64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEEP64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkApi64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkCfg64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkCoLDR64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtlCPAPI64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtPgEx64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTSnMg64.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\sl3apo64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\slcnt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\slprp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\sltech64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRCOM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRCOM64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRRPTR64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRSHP64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRSTSH64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRSTSX64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRSWOW64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\RtlExUpd.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BrDctF2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BrDctF2L.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BrDctF2S.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRLM03A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRLMW03A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BROSNMP.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRRBTOOL.EXE:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRTCPCON.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BtnCtlsU.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CBLCtlsU.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\comdlg32.OCX:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\EditCtlsU.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ExLvwU.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\LblCtlsU.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\NSSearch.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\RsCRIcon.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SFCOM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SRCOM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\TabStripCtlU.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_7.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Rockey4.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RTKVHD64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RtsUer.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\POHODA sieť. klient\Downloads\ELKTRO.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\POHODA sieť. klient\Downloads\ELKTRO.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\POHODA sieť. klient\Downloads\VZT.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\POHODA sieť. klient\Downloads\VZT.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\POHODA sieť. klient\Downloads\zasilka-OOG2H63AZNGP4WA3.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\POHODA sieť. klient\Downloads\zasilka-OOG2H63AZNGP4WA3.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\POHODA sieť. klient\Downloads\ZT,-Uk--siete.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\POHODA sieť. klient\Downloads\ZT,-Uk--siete.zip:$CmdZnID [26]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\Software\Classes\.scr: DWGTrueViewScriptFile => C:\WINDOWS\system32\notepad.exe "%1"
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPDTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPDTDFJS
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.sk/
HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
SearchScopes: HKLM -> {811E5583-D01F-45B7-8496-3F94F11C8EC4} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {811E5583-D01F-45B7-8496-3F94F11C8EC4} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-3256439801-3967542678-3501957217-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3256439801-3967542678-3501957217-1001 -> {811E5583-D01F-45B7-8496-3F94F11C8EC4} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2022-03-04] (Microsoft Corporation -> Microsoft Corporation)
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2022-02-25] (HP Inc. -> HP Inc.)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation) [File not signed]
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-04-06] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-04-06] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2022-02-25] (HP Inc. -> HP Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-04] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2017-10-19 11:25 - 000000834 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Hewlett-Packard\SimplePass\;C:\Program Files (x86)\Skype\Phone\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Common Files\Autodesk Shared\
HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
HKU\S-1-5-21-3256439801-3967542678-3501957217-1002\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: COMODO Internet Security Firewall Driver -> inspect (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\...\StartupApproved\StartupFolder: => "Odoslanie do aplikácie OneNote.lnk"
HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{60B67167-1BFA-4F9A-9F76-95AB994F9026}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe => No File
FirewallRules: [{5A596620-2661-483B-9040-CBA8AB989F6F}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe => No File
FirewallRules: [{DACD56BE-AA98-4430-838A-DDAC9A02F9A0}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe => No File
FirewallRules: [{F7A05528-B03A-48B6-A7A2-806109A1D74E}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe => No File
FirewallRules: [UDP Query User{493097C4-55BB-4638-8F63-E32E347A4B02}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{733622C1-4CBE-406E-AA8D-D98566EF54E9}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{7FC70806-5F2E-422C-BBFF-5BF73FA65B22}C:\program files (x86)\konica minolta\ftp utility\kmftp.exe] => (Allow) C:\program files (x86)\konica minolta\ftp utility\kmftp.exe (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) [File not signed]
FirewallRules: [TCP Query User{01DE3A66-38EC-4804-981B-27E868B50737}C:\program files (x86)\konica minolta\ftp utility\kmftp.exe] => (Allow) C:\program files (x86)\konica minolta\ftp utility\kmftp.exe (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) [File not signed]
FirewallRules: [{B87AECFC-6D75-4C3D-AE0A-7686D3384156}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{57A86061-F348-4859-BDA8-A0D5E748EFC3}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{29F63955-C10C-412F-A11D-9A3A8CE99857}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe => No File
FirewallRules: [{C86946B1-7616-4168-B0A8-D29DD8E22758}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe (CyberLink Corp. -> CyberLink)
FirewallRules: [{99D5CA59-0B2B-4546-AE8B-6B31366B1CA9}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe => No File
FirewallRules: [{12BC608A-F0AF-49D6-8C8D-1F2EAEB237AE}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{A992D9C2-3C8D-4178-B959-3C10EEC5ADD7}] => (Allow) c:\Program Files\CyberLink\PowerDirector12\PDR10.EXE => No File
FirewallRules: [{278CFE0E-A62E-4DBA-A688-096043DB5031}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BC6B2838-DA6F-4AB1-9574-A9A3109A5A37}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3D686632-914A-46CD-AE39-86E367DD29EB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{34C2A0E0-62E3-4CDF-903D-F1B34E63FACF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F13F2321-4F74-4FA7-9503-5453FD83D506}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{355321AB-E5E0-40C5-B87C-386DA8F38A51}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{805CB22A-CAEA-45F6-8F12-20CFC3594129}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{768CD8CD-6969-4FDC-A8C8-2AD9C4425E38}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{01B66689-1F39-494B-BB8C-DB0AB6787EB9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A4DA8521-0B3F-4F9A-807C-78C453D5BD81}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E7B3BF22-90C0-486D-AB0B-BE512A4F4696}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EC1B04A5-CA80-4E2A-B206-05CAF16457FF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D1BC6C87-80C5-4621-8455-1293CB8DC56D}] => (Allow) LPort=54925
FirewallRules: [{1DA40CFC-F4EF-4167-8ED7-12FD3BFB18E7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{613B6441-F342-4397-8A0B-EEFFFC649EDF}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe => No File
FirewallRules: [{A2889D9E-18DA-4A41-8FB0-C86D0ECC228D}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe => No File
FirewallRules: [{6A8C56C1-FDEE-4459-9CAD-4A28B67C6F92}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\winvnc.exe (uvnc bvba -> UltraVNC)
FirewallRules: [{DD3D16A1-DEFA-42BC-87C7-D164E2C00337}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\winvnc.exe (uvnc bvba -> UltraVNC)
FirewallRules: [TCP Query User{D9945322-0D2E-4DC3-B8FA-4DB7F718EADA}C:\program files (x86)\konica minolta\ftp utility\kmftp.exe] => (Allow) C:\program files (x86)\konica minolta\ftp utility\kmftp.exe (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) [File not signed]
FirewallRules: [UDP Query User{B8E3F190-EDA5-497F-9052-33F7B53B09AB}C:\program files (x86)\konica minolta\ftp utility\kmftp.exe] => (Allow) C:\program files (x86)\konica minolta\ftp utility\kmftp.exe (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) [File not signed]
FirewallRules: [TCP Query User{CA125568-013C-435F-9C3B-FF5510B664B4}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe
FirewallRules: [UDP Query User{D808204E-C05B-42CE-B2E0-0A9830B7E3C6}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe
FirewallRules: [{EDC0F137-81EC-4D74-914F-E3F404C50F75}] => (Allow) LPort=8501
FirewallRules: [{154407FF-CBC9-4183-83DC-C83A0C0720FB}] => (Allow) LPort=8501
FirewallRules: [{B23D2EED-982F-4B1E-A4A1-FD350B194564}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2E1A5D03-4084-4DAD-AF5C-0193ABFCFF86}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{395EA7F3-FFB4-4288-97FB-A41E267EAE35}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{65877BF8-84B0-4F7E-8D87-6774A56CC677}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{DC93232A-8033-48A2-8B67-F70C45D3C225}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A4F4FC61-CE25-4C10-886F-F84E4B0B72AA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FE6C725F-3EF2-48AB-857F-06B5DD9001F1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0D559624-4F95-4627-A597-32DD6D6D6692}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DD16EC05-0607-4C5A-B3FE-3A3484033B78}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BA661806-7B0D-4DC4-8D12-AD315F027BCE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0768C73C-0145-487F-BAB3-33D4F153D924}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AB8FABD9-FBB3-4A99-803E-35C3E0ED48E0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{079AA165-9432-4B4B-BAB7-67BB2F4829D2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C2DCC888-5075-4BDF-97AE-8AD1DF977F3D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{91A1D406-BA94-4A6E-9506-8DE1E8EE01E9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C26A083D-1FD6-4BC6-AB5A-AF3A39582DBC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{412E5EDF-1274-4B97-92B4-1130928C84E6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
==================== Restore Points =========================
11-03-2022 09:30:00 Inštalátor modulov systému Windows
18-03-2022 12:27:43 Scheduled Checkpoint
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (03/21/2022 08:57:06 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v Recovery Image (D:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
Error: (03/21/2022 08:57:05 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v Windows (C:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
Error: (03/21/2022 08:19:48 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
Error: (03/20/2022 06:58:27 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program StartMenuExperienceHost.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 343c
Start Time: 01d83aa36fb78519
Termination Time: 4294967295
Application Path: C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
Report Id: 0f5de2bc-c0f8-4133-8a9e-2a3292bd2e41
Faulting package full name: Microsoft.Windows.StartMenuExperienceHost_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: App
Hang type: Quiesce
Error: (03/18/2022 12:57:11 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
Error: (03/18/2022 12:29:40 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Cryptographic Services zlyhala pri spracovávaní volania OnIdentity() v objekte System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary MsQuic.
System Error:
Zavaděč prostředku nemohl vyhledat soubor MUI.
.
Error: (03/18/2022 10:39:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: FRST64.exe, verzia: 13.3.2022.0, časová značka: 0x622dd81e
Názov chybujúceho modulu: cmdvrt64.dll, verzia: 10.0.1.6294, časová značka: 0x59a491f4
Kód výnimky: 0xc0000005
Odstup chyby: 0x000000000000c00f
Identifikácia chybujúceho procesu: 0x348c
Čas spustenia chybujúcej aplikácie: 0x01d83aac0b87ad07
Cesta chybujúcej aplikácie: C:\Users\POHODA sieť. klient\Desktop\FRST64.exe
Cesta chybujúceho modulu: C:\WINDOWS\system32\cmdvrt64.dll
Identifikácia hlásenia: 7e82da7b-24d7-4b20-9cba-cfbe1d022b67
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
Error: (03/18/2022 10:33:28 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Cryptographic Services zlyhala pri spracovávaní volania OnIdentity() v objekte System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary MsQuic.
System Error:
Zavaděč prostředku nemohl vyhledat soubor MUI.
.
System errors:
=============
Error: (03/21/2022 07:57:49 AM) (Source: DCOM) (EventID: 10010) (User: ZIMKLIMA-PC2)
Description: The server {5DC4F9AD-3A2B-4DF4-AC39-3FF5A19FCF4C} did not register with DCOM within the required timeout.
Error: (03/20/2022 06:58:50 AM) (Source: DCOM) (EventID: 10010) (User: ZIMKLIMA-PC2)
Description: The server {94269C4E-071A-4116-90E6-52E557067E4E} did not register with DCOM within the required timeout.
Error: (03/20/2022 06:58:15 AM) (Source: DCOM) (EventID: 10010) (User: ZIMKLIMA-PC2)
Description: The server {5DC4F9AD-3A2B-4DF4-AC39-3FF5A19FCF4C} did not register with DCOM within the required timeout.
Error: (03/20/2022 06:57:40 AM) (Source: DCOM) (EventID: 10010) (User: ZIMKLIMA-PC2)
Description: The server NcsiUwpApp_1000.19041.1023.0_neutral_neutral_8wekyb3d8bbwe!App.AppXw175g9nmx2zykh9fyt6xjc0xf8vmj1w6.mca did not register with DCOM within the required timeout.
Error: (03/20/2022 06:57:40 AM) (Source: DCOM) (EventID: 10010) (User: ZIMKLIMA-PC2)
Description: The server Microsoft.MicrosoftOfficeHub_18.2110.13110.0_x64__8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub.AppXt4mh7c9swwc5cmd5jgmtmwcfmvkddpn1.mca did not register with DCOM within the required timeout.
Error: (03/20/2022 06:57:40 AM) (Source: DCOM) (EventID: 10010) (User: ZIMKLIMA-PC2)
Description: The server AD2F1837.HPSupportAssistant_9.14.42.0_x64__v10z8vjag6ke6!AD2F1837.HPSupportAssistant.AppXnh1b2twym8n9380b6n50v24as5w5qk0n.mca did not register with DCOM within the required timeout.
Error: (03/20/2022 06:57:40 AM) (Source: DCOM) (EventID: 10010) (User: ZIMKLIMA-PC2)
Description: The server Microsoft.WindowsStore_22202.1402.2.0_x64__8wekyb3d8bbwe!App.AppX65azfy60a5wn91mcvdd3dr2y0wj02n39.mca did not register with DCOM within the required timeout.
Error: (03/18/2022 09:39:42 AM) (Source: DCOM) (EventID: 10010) (User: ZIMKLIMA-PC2)
Description: The server {5DC4F9AD-3A2B-4DF4-AC39-3FF5A19FCF4C} did not register with DCOM within the required timeout.
CodeIntegrity:
===============
Date: 2022-03-21 09:58:56
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: AMI A0.08 02/24/2017
Motherboard: Hewlett-Packard 2B35
Processor: AMD A8-7600 Radeon R7, 10 Compute Cores 4C+6G
Percentage of memory in use: 74%
Total physical RAM: 4041.71 MB
Available physical RAM: 1046.36 MB
Total Virtual: 10676.95 MB
Available Virtual: 6538.68 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:911.06 GB) (Free:434.28 GB) NTFS
Drive d: (Recovery Image) (Fixed) (Total:18.13 GB) (Free:2.3 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive g: () (Removable) (Total:14.83 GB) (Free:14.37 GB) FAT32
\\?\Volume{7ba3616a-3bb7-4ef8-bf53-b4eba557b4eb}\ (Windows RE tools ) (Fixed) (Total:1 GB) (Free:0.67 GB) NTFS
\\?\Volume{1861037d-ce03-4e13-a6ed-e4e0ef9ba70c}\ () (Fixed) (Total:0.84 GB) (Free:0.4 GB) NTFS
\\?\Volume{e7be1ca3-5090-4a1e-a93c-d2da8ff5de05}\ (SYSTEM) (Fixed) (Total:0.35 GB) (Free:0.27 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: F75FD349)
Partition: GPT.
==========================================================
Disk: 1 (Size: 14.8 GB) (Disk ID: 02EE2059)
Partition 1: (Active) - (Size=14.8 GB) - (Type=0B)
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu FRST
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu FRST
Zdravím!
Nejprve doporučuji změnu přístupového hesle k mailu. Pak spusťte tuto utilitu:
Nejprve doporučuji změnu přístupového hesle k mailu. Pak spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu FRST
# -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build: 11-18-2021
# Database: 2022-03-15.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-21-2022
# Duration: 00:00:21
# OS: Windows 10 Home
# Cleaned: 5
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Users\POHODA sieť. klient\AppData\Local\Assistant
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\tweakbit.com
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\geekbuddyrsp
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [5381 octets] - [21/03/2022 10:21:49]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build: 11-18-2021
# Database: 2022-03-15.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-21-2022
# Duration: 00:00:21
# OS: Windows 10 Home
# Cleaned: 5
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Users\POHODA sieť. klient\AppData\Local\Assistant
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\tweakbit.com
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\geekbuddyrsp
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [5381 octets] - [21/03/2022 10:21:49]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu FRST
Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-03-2022
Ran by POHODA sieť. klient (administrator) on ZIMKLIMA-PC2 (Hewlett-Packard 500-500nc) (21-03-2022 15:50:00)
Running from C:\Users\POHODA sieť. klient\Desktop
Loaded Profiles: POHODA sieť. klient
Platform: Microsoft Windows 10 Home Version 21H1 19043.1586 (X64) Language: Čeština (Česká republika) -> Slovenčina (Slovensko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Autodesk, Inc. -> Autodesk) C:\ProgramData\Autodesk\Genuine Service\x64\GenuineService.exe
(Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe ->) (Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe <2>
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files\COMODO\COMODO Internet Security\cistray.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe ->) (Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\BridgeCommunication.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(explorer.exe ->) (Acresso Software Inc. -> Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(explorer.exe ->) (Autodesk, Inc. -> Autodesk) C:\Program Files\Autodesk\Personal Accelerator for Revit\RevitAccelerator.exe
(explorer.exe ->) (CANON INC. -> CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2LAK.EXE
(explorer.exe ->) (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) [File not signed] C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtp.exe
(explorer.exe ->) (Microsoft Corporation -> © 2015 Microsoft Corporation) C:\Users\POHODA sieť. klient\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Internet Explorer\ielowutil.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\9.0.1.1462\AdskLicensingService\AdskLicensingService.exe
(services.exe ->) (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe
(services.exe ->) (Comodo Security Solutions, Inc. -> Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(services.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(services.exe ->) (CyberLink Corp. -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(services.exe ->) (Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe <3>
(services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Softex Inc.) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (uvnc bvba -> UltraVNC) C:\Program Files\uvnc bvba\UltraVNC\winvnc.exe <2>
(spool\drivers\x64\3\CNAP2LAK.EXE ->) (CANON INC. -> CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAB8SWK.EXE
(spool\drivers\x64\3\CNAP2LAK.EXE ->) (CANON INC. -> CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2RPK.EXE
(svchost.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(svchost.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2202.10603.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(svchost.exe ->) (Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8790264 2016-01-22] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-26] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\nvspcap64.dll [1283136 2014-07-26] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1489088 2017-10-19] (Comodo Security Solutions, Inc. -> COMODO)
HKLM\...\Run: [CNAP2 Launcher] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE [226784 2010-10-14] (CANON INC. -> CANON INC.)
HKLM\...\Run: [pac] => C:\Program Files\Autodesk\Personal Accelerator for Revit\RevitAccelerator.exe [223544 2019-02-01] (Autodesk, Inc. -> Autodesk)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2016-01-12] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2016-01-12] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2016-01-12] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2016-01-12] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2016-01-12] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3084288 2016-01-12] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [590920 2022-02-24] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [Autodesk Genuine Service ] => C:\ProgramData\Autodesk\Genuine Service\x64\GenuineService.exe [3439176 2022-01-25] (Autodesk, Inc. -> Autodesk)
HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2016-01-12] (Acresso Software Inc. -> Acresso Corporation)
HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\...\Run: [BingSvc] => C:\Users\POHODA sieť. klient\AppData\Local\Microsoft\BingSvc\BingSvc.exe [146312 2020-08-25] (Microsoft Corporation -> © 2015 Microsoft Corporation)
HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\...\MountPoints2: {31ea92a8-1827-11eb-8369-3464a91bb632} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\...\MountPoints2: {af3770e3-19c6-11eb-8369-3464a91bb632} - "E:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [239704 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\bizhub C35 PCL6-8 Language Monitor: C:\WINDOWS\system32\KOBJUJDL.dll [25608 2016-03-02] (Microsoft Windows Hardware Compatibility Publisher -> KONICA MINOLTA, INC.)
HKLM\...\Print\Monitors\CNAP2 Monitor: C:\WINDOWS\system32\CNAP2LMD.DLL [486400 2012-09-02] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\WINDOWS\system32\hpbprtmon.dll [423936 2014-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
HKLM\...\Print\Monitors\LIDIL hpzllw71: C:\WINDOWS\system32\hpzllw71.dll [62552 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\novaPDF OEM 7 Monitor: C:\WINDOWS\system32\novamnv7.dll [33056 2014-06-16] (Softland S.R.L. -> Softland)
HKLM\...\Print\Monitors\novaPDF Port Monitor: C:\WINDOWS\system32\novamn8.dll [18944 2016-03-03] (Softland) [File not signed]
HKLM\...\Print\Monitors\PCL hpz3lw71: C:\WINDOWS\system32\hpz3lw71.dll [55392 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2014-09-27] (Softex Inc..) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2014-09-27] (Softex Inc..) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FTP Utility.lnk [2016-03-02]
ShortcutTarget: FTP Utility.lnk -> C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtp.exe (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) [File not signed]
Startup: C:\Users\POHODA sieť. klient\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GenuineService.lnk [2020-02-11]
ShortcutTarget: GenuineService.lnk -> C:\Users\POHODA sieť. klient\Autodesk\Genuine Service\GenuineService.exe (No File)
Startup: C:\Users\POHODA sieť. klient\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odoslanie do aplikácie OneNote.lnk [2018-07-11]
ShortcutTarget: Odoslanie do aplikácie OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {12D50B6A-DB29-4AB3-812F-B5B07872DFE6} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {1B4347F8-EA73-4358-93C4-CAA3D397341C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {212A19E1-5F8A-4407-AA3F-B353BD03E26D} - System32\Tasks\Start OPBHOBrokerDesktop => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [506104 2014-09-27] (Softex Incorporated -> Hewlett-Packard)
Task: {21587808-0270-4380-86D4-96C591D84E7A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (No File)
Task: {3FCB2BBE-21D8-47C1-B940-1577DAFBCDD2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /f (No File)
Task: {40C11307-7AEC-4F8D-8E3F-2860DC557CD2} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {4306B1FA-462A-4CC6-9188-F14036016C04} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1489088 2017-10-19] (Comodo Security Solutions, Inc. -> COMODO)
Task: {43E19732-4E89-4F92-B80A-AECF0C983446} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [4784832 2017-10-19] (Comodo Security Solutions, Inc. -> COMODO)
Task: {4F9682F4-D686-4C80-AEA3-0C1A445E8822} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {4FDAE786-0E99-4766-8BA6-6F787F683083} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22580696 2022-03-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {5718571D-970E-40DE-9DBC-EC5912B25FF0} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {6230A350-4F83-46A2-8B6D-9FC5C082F33D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {63AC3304-D439-451C-8395-8D405EB428BC} - \WPD\SqmUpload_S-1-5-21-3256439801-3967542678-3501957217-1001 -> No File <==== ATTENTION
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {7210876A-0701-4520-B7EF-B087CCA1EB53} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {725B5BC7-AA3C-43A7-81D3-0490B651D8B5} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [110968 2022-03-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {72E60BF6-F604-46C3-8DC6-93BF40CC5C73} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {7912034C-8A48-4847-807F-3C2A385EC43B} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1489088 2017-10-19] (Comodo Security Solutions, Inc. -> COMODO)
Task: {7B7BC449-81A9-4FF0-B965-58E3F5705C0A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [136368 2022-02-25] (HP Inc. -> HP Inc.)
Task: {7FE1F2E1-66B3-4D44-A6A4-4986DA51DAA8} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22580696 2022-03-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {820D9D96-DCF5-4F3B-A4D3-D0E45ECBA45F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {87914A4E-EE96-4FBA-8A6D-85DE7F2468A9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {880977EA-A5FE-43BD-BC58-2FCFF19ED7AF} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [4784832 2017-10-19] (Comodo Security Solutions, Inc. -> COMODO)
Task: {94084583-A2C7-4798-8C6B-816E81BE574C} - System32\Tasks\NvNotifier_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\GFExperience.Deployer\NvNotifier.exe [2014152 2018-02-01] (NVIDIA Corporation -> )
Task: {97D516B5-2260-49E5-8D4E-A4E1F68F3A59} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {A054978F-6F59-4589-9D8D-97BED8058327} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {AD46602F-6333-4ABD-A13C-DBA825B53CDE} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {B9ECAC6E-E28B-4089-9103-54C10F9BD72E} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [4784832 2017-10-19] (Comodo Security Solutions, Inc. -> COMODO)
Task: {C17CC278-3B55-4DBE-AB28-B45FBF80B264} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [4784832 2017-10-19] (Comodo Security Solutions, Inc. -> COMODO)
Task: {CDCCD105-08D2-4212-92B7-86021D6C5589} - System32\Tasks\Start SimplePass => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [4678392 2014-09-27] (Softex Incorporated -> Hewlett-Packard)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {CF6F1EAC-F5F2-465A-8743-D0CE4CDF538A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [110968 2022-03-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {DFEFC9D5-B690-480E-B2B9-E72BE0393343} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {EC859CD7-E2D1-40D9-968F-7138B06E584D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {F191E327-7BBE-4647-955C-D695D89AF2BA} - System32\Tasks\Start OPBHOBroker => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [506104 2014-09-27] (Softex Incorporated -> Hewlett-Packard)
Task: {F98608ED-5FF4-41C6-B1E9-EDB2E168706C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [7347928 2017-02-28] (Piriform Ltd -> Piriform Ltd)
Task: {FD32A1D0-E180-449B-8096-79D4D78310FA} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [4784832 2017-10-19] (Comodo Security Solutions, Inc. -> COMODO)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0d65a4aa-f8ba-493f-9a62-591c6d6a94fb}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{337014e5-4152-45ec-ade3-1157b3d69656}: [DhcpNameServer] 192.168.55.10
Tcpip\..\Interfaces\{85aa2a64-cf7b-450c-b7c6-e2119d21a89b}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\POHODA sieť. klient\AppData\Local\Microsoft\Edge\User Data\Default [2022-03-09]
FireFox:
========
FF DefaultProfile: ddtjhju2.default
FF ProfilePath: C:\Users\POHODA sieť. klient\AppData\Roaming\Mozilla\Firefox\Profiles\ddtjhju2.default [2022-03-21]
FF DownloadDir: C:\Users\POHODA sieť. klient\Downloads
FF Homepage: Mozilla\Firefox\Profiles\ddtjhju2.default -> hxxps://www.google.sk/
FF Extension: (Avira Browser Safety) - C:\Users\POHODA sieť. klient\AppData\Roaming\Mozilla\Firefox\Profiles\ddtjhju2.default\Extensions\abs@avira.com.xpi [2022-01-17]
FF Extension: (Linkificator) - C:\Users\POHODA sieť. klient\AppData\Roaming\Mozilla\Firefox\Profiles\ddtjhju2.default\Extensions\linkificator@markapola.xpi [2019-10-25]
FF HKLM-x32\...\Firefox\Extensions: [firefox@bho.com] - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt
FF Extension: (HP SimplePass) - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt [2015-07-16] [Legacy] [not signed]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-06-19] (Foxit Corporation -> )
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-06-19] (Foxit Corporation -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-04-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-04-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-03-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-12-19] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-12-19] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1134664 2022-02-24] (Autodesk, Inc. -> Autodesk Inc.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [16939312 2019-01-09] (Autodesk, Inc. -> Autodesk)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [270336 2016-01-12] (Brother Industries, Ltd.) [File not signed]
R2 ChromodoUpdater; C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe [2273424 2016-10-03] (Comodo Security Solutions -> Comodo)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11649952 2022-03-04] (Microsoft Corporation -> Microsoft Corporation)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [10501616 2017-10-19] (Comodo Security Solutions, Inc. -> COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2876096 2017-10-19] (Comodo Security Solutions, Inc. -> COMODO)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2273432 2017-07-14] (Comodo Security Solutions, Inc. -> Comodo)
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [761856 2022-02-25] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [760864 2022-02-25] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [756720 2022-02-25] (HP Inc. -> HP Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [760304 2022-02-25] (HP Inc. -> HP Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192320 2020-09-24] (Huawei Technologies Co., Ltd. -> ) [File not signed]
S2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [50600 2016-03-03] (Softland SRL -> Microsoft)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [94720 2014-09-27] (Softex Inc.) [File not signed]
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2016-01-12] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] (CyberLink Corp. -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13257000 2021-07-01] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 uvnc_service; C:\Program Files\uvnc bvba\UltraVNC\WinVNC.exe [2188880 2016-06-23] (uvnc bvba -> UltraVNC)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 KrosPlusFireBird; "C:\Program Files (x86)\Cenkros\Firebird\FBbin\fbserver.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [40968 2017-08-09] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [827864 2017-08-09] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [50808 2017-08-09] (Comodo Security Solutions, Inc. -> COMODO)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2018-08-23] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [127232 2015-08-05] (Comodo Security Solutions -> COMODO)
R3 ROCKEYNT; C:\WINDOWS\system32\DRIVERS\Rockey4.sys [36904 2016-01-27] (Feitian Technologies Co., Ltd. -> Feitian Technologies Co., Ltd.)
S3 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-03-21 15:46 - 2022-03-21 15:46 - 000307395 _____ C:\Users\POHODA sieť. klient\Desktop\DP Baja 2021.pdf
2022-03-21 15:45 - 2022-03-21 15:45 - 000307395 _____ C:\Users\POHODA sieť. klient\Downloads\form.523.DPFOA-21-print-save_2caad914-21e2-4f8c-a982-b0ab1281e737.pdf
2022-03-21 15:45 - 2022-03-21 15:45 - 000004267 _____ C:\Users\POHODA sieť. klient\Desktop\Baja.xml
2022-03-21 14:12 - 2022-03-21 14:12 - 000856321 _____ C:\Users\POHODA sieť. klient\Desktop\form.523.DPFOAv21-poucenie.zip
2022-03-21 10:15 - 2022-03-21 10:22 - 000000000 ____D C:\AdwCleaner
2022-03-21 10:14 - 2022-03-21 10:14 - 008540344 _____ (Malwarebytes) C:\Users\POHODA sieť. klient\Desktop\AdwCleaner.exe
2022-03-21 09:43 - 2022-03-21 09:59 - 000062465 _____ C:\Users\POHODA sieť. klient\Desktop\Addition.txt
2022-03-21 09:27 - 2022-03-21 15:56 - 000031145 _____ C:\Users\POHODA sieť. klient\Desktop\FRST.txt
2022-03-21 09:27 - 2022-03-21 09:27 - 000000000 ____D C:\Users\POHODA sieť. klient\Desktop\FRST-OlderVersion
2022-03-18 13:59 - 2022-03-18 14:00 - 000000000 ____D C:\Users\POHODA sieť. klient\Desktop\Nový priečinok (2)
2022-03-18 10:40 - 2022-03-21 15:54 - 000000000 ____D C:\FRST
2022-03-18 10:38 - 2022-03-21 09:27 - 002364928 _____ (Farbar) C:\Users\POHODA sieť. klient\Desktop\FRST64.exe
2022-03-15 09:12 - 2022-03-15 09:12 - 000674361 _____ C:\Users\POHODA sieť. klient\Desktop\rekarindanove.zip
2022-03-15 09:12 - 2022-03-15 09:12 - 000000000 ____D C:\Users\POHODA sieť. klient\Desktop\rekarindanove
2022-03-14 20:07 - 2022-03-21 10:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-03-11 12:28 - 2022-03-11 12:28 - 000011911 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-03-11 12:25 - 2022-03-11 12:25 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-03-11 12:23 - 2022-03-11 12:23 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2022-03-11 12:21 - 2022-03-11 12:21 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-03-11 12:21 - 2022-03-11 12:21 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe
2022-03-11 09:26 - 2022-03-11 09:26 - 000000000 ___HD C:\$WinREAgent
2022-03-01 17:27 - 2022-03-01 17:27 - 000009611 _____ C:\Users\POHODA sieť. klient\Desktop\mh.xlsx
2022-03-01 16:06 - 2022-03-01 17:58 - 000036648 _____ C:\Users\POHODA sieť. klient\Desktop\Report ponuky 2022.xlsx
2022-03-01 09:08 - 2022-03-01 09:08 - 000001526 _____ C:\Users\POHODA sieť. klient\Desktop\CP435-21-Pa Polyfunkčný dom Galvaniho A,B,C, BA – odkaz.lnk
2022-03-01 09:08 - 2022-03-01 09:08 - 000001445 _____ C:\Users\POHODA sieť. klient\Desktop\CP433-21-Pa Bytový dom Murgašova ulica – odkaz.lnk
2022-02-23 11:34 - 2022-02-23 12:15 - 002212692 _____ C:\WINDOWS\Minidump\022322-49187-01.dmp
2022-02-22 12:15 - 2022-02-22 12:15 - 000044384 _____ C:\Users\POHODA sieť. klient\Desktop\received_710016203516661.jpeg
2022-02-21 10:22 - 2022-02-21 10:24 - 000079350 _____ C:\Users\POHODA sieť. klient\Desktop\received_2152963311549008.jpeg
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-03-21 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-03-21 15:49 - 2020-08-12 09:30 - 000004238 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{8E7DBBBB-D05D-4DB1-A0CD-7A279F59342B}
2022-03-21 15:48 - 2016-11-18 11:31 - 000000000 ____D C:\Users\POHODA sieť. klient\AppData\LocalLow\Mozilla
2022-03-21 15:42 - 2020-08-12 08:44 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-03-21 11:43 - 2017-03-14 14:41 - 000000000 ____D C:\Users\POHODA sieť. klient\Documents\Súbory programu Outlook
2022-03-21 10:42 - 2022-02-14 12:06 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-03-21 10:42 - 2017-02-21 08:22 - 000000000 ____D C:\Users\POHODA sieť. klient\AppData\Local\CrashDumps
2022-03-21 10:38 - 2016-03-02 09:53 - 000000000 ____D C:\Skeny
2022-03-21 10:29 - 2021-03-26 13:17 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-03-21 10:28 - 2020-08-12 09:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-03-21 10:28 - 2016-10-04 03:21 - 000000000 ____D C:\ProgramData\NVIDIA
2022-03-21 10:27 - 2020-08-12 08:44 - 000008192 ___SH C:\DumpStack.log.tmp
2022-03-21 10:27 - 2015-12-19 14:17 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-03-21 10:26 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-03-21 10:26 - 2016-01-12 13:15 - 000268778 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2022-03-21 09:40 - 2022-01-07 08:13 - 000000000 ____D C:\Users\POHODA sieť. klient\Desktop\CP 2022
2022-03-21 08:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-03-21 08:37 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-03-21 08:06 - 2016-01-28 09:37 - 000000000 ____D C:\ProgramData\Autodesk
2022-03-18 16:41 - 2017-12-20 08:51 - 000000000 ____D C:\Users\POHODA sieť. klient\AppData\Local\Packages
2022-03-18 11:27 - 2020-08-12 08:49 - 000000000 ____D C:\Users\Uzivatel_PC1
2022-03-17 22:45 - 2020-08-12 08:49 - 000000000 ____D C:\Users\POHODA sieť. klient
2022-03-17 14:40 - 2021-08-27 09:12 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-03-17 14:40 - 2015-12-19 14:17 - 000001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-03-14 19:50 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-03-14 17:28 - 2016-02-02 09:07 - 000000000 ____D C:\Users\POHODA sieť. klient\Desktop\Cenníky
2022-03-14 08:45 - 2020-08-12 09:05 - 001840852 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-03-14 08:45 - 2019-12-07 15:41 - 000756000 _____ C:\WINDOWS\system32\perfh005.dat
2022-03-14 08:45 - 2019-12-07 15:41 - 000169950 _____ C:\WINDOWS\system32\perfc005.dat
2022-03-14 08:41 - 2015-07-16 23:46 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-03-14 08:37 - 2020-08-12 08:44 - 000454960 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-03-14 08:34 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-03-14 08:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-03-14 08:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-03-14 08:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-03-14 08:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-03-14 08:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-03-14 08:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-03-14 08:34 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2022-03-14 08:29 - 2020-08-12 09:30 - 000003402 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3256439801-3967542678-3501957217-1001
2022-03-14 08:28 - 2020-08-12 08:49 - 000002463 _____ C:\Users\POHODA sieť. klient\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-03-11 14:11 - 2018-07-06 09:46 - 000000000 ____D C:\Users\POHODA sieť. klient\Desktop\REPORT CP
2022-03-11 13:35 - 2021-01-22 07:25 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-03-11 13:34 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-03-11 12:20 - 2020-08-12 08:50 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-03-11 09:35 - 2020-08-12 09:30 - 000003576 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-03-11 09:35 - 2020-08-12 09:30 - 000003452 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-03-09 08:29 - 2015-12-16 03:57 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-03-09 07:55 - 2015-12-16 03:57 - 145666720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-03-08 18:04 - 2021-05-05 16:57 - 000000000 ____D C:\Users\POHODA sieť. klient\Desktop\DWN
2022-03-08 16:21 - 2022-01-31 13:21 - 000000000 ____D C:\Users\POHODA sieť. klient\Desktop\Výroba 2022
2022-03-08 08:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-03-04 09:27 - 2016-01-28 09:40 - 000000000 ____D C:\Users\POHODA sieť. klient\AppData\Local\Autodesk
2022-03-03 08:17 - 2021-06-23 07:02 - 000000000 ____D C:\Program Files\HP
2022-02-28 05:17 - 2021-12-13 09:13 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3256439801-3967542678-3501957217-1001
2022-02-23 12:16 - 2020-08-26 06:19 - 000000000 ____D C:\WINDOWS\Minidump
2022-02-23 11:34 - 2019-08-15 07:01 - 696254955 _____ C:\WINDOWS\MEMORY.DMP
==================== Files in the root of some directories ========
2018-05-29 15:24 - 2018-05-29 15:24 - 001703168 _____ (Foxit Software) C:\Users\POHODA sieť. klient\FoxitDPFEditor20_enu_Setup.exe
2018-05-29 15:21 - 2018-05-29 15:21 - 010637032 _____ (PortableApps.com) C:\Users\POHODA sieť. klient\Foxit_PDF_Reader_Portable__5.1.4.exe
2017-05-31 11:22 - 2018-06-14 13:08 - 000009416 _____ () C:\Users\POHODA sieť. klient\AppData\Roaming\Hodnoty oddelené čiarkou.EML
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-03-2022
Ran by POHODA sieť. klient (21-03-2022 16:05:28)
Running from C:\Users\POHODA sieť. klient\Desktop
Microsoft Windows 10 Home Version 21H1 19043.1586 (X64) (2020-08-12 08:31:41)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3256439801-3967542678-3501957217-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3256439801-3967542678-3501957217-503 - Limited - Disabled)
Guest (S-1-5-21-3256439801-3967542678-3501957217-501 - Limited - Disabled)
POHODA sieť. klient (S-1-5-21-3256439801-3967542678-3501957217-1001 - Administrator - Enabled) => C:\Users\POHODA sieť. klient
Uzivatel_PC1 (S-1-5-21-3256439801-3967542678-3501957217-1002 - Limited - Enabled) => C:\Users\Uzivatel_PC1
WDAGUtilityAccount (S-1-5-21-3256439801-3967542678-3501957217-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: COMODO Antivirus (Enabled - Up to date) {0C515E80-E355-69BD-3445-A511E5C186FD}
FW: COMODO Firewall (Enabled) {346ADFA5-A93A-68E5-1F1A-0C241B12C186}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 21.011.20039 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader Driver (HKLM-x32\...\AmUStor) (Version: 20.21.3317.03861 - Alcor Micro Corp.)
Any PDF to DWG Converter 2016 (HKLM-x32\...\Any PDF to DWG Converter_is1) (Version: - AnyDWG Software, Inc.)
Autodesk Advanced Material Library Base Resolution Image Library 2020 (HKLM-x32\...\{FF27FA47-6E0F-4654-A435-19916B297565}) (Version: 18.11.1.0 - Autodesk)
Autodesk Advanced Material Library Low Resolution Image Library 2020 (HKLM-x32\...\{042B92EF-929A-40B1-9578-DA8363208D02}) (Version: 18.11.1.0 - Autodesk)
Autodesk Advanced Material Library Medium Resolution Image Library 2020 (HKLM-x32\...\{0F682C15-79B0-4E6F-A2F4-56BC8CD43F1F}) (Version: 18.11.1.0 - Autodesk)
Autodesk Collaboration for Revit 2018 (HKLM\...\{AA384BE4-1800-0010-0000-97E7D7D00B17}) (Version: 18.0.0.420 - Autodesk) Hidden
Autodesk Collaboration for Revit 2018 (HKLM\...\Autodesk Collaboration for Revit 2018) (Version: 18.0.0.420 - Autodesk)
Autodesk Desktop App (HKLM-x32\...\Autodesk Desktop App) (Version: 8.3.0.71 - Autodesk)
Autodesk DWG TrueView 2016 - English (HKLM\...\DWG TrueView 2016 - English) (Version: 20.1.107.4 - Autodesk)
Autodesk DWG TrueView 2021 - English (HKLM\...\DWG TrueView 2021 - English) (Version: 24.0.47.0 - Autodesk)
Autodesk Genuine Service (HKLM\...\{8AD048E5-9570-442E-A5A2-B12C2618977E}) (Version: 4.6.0.124 - Autodesk)
Autodesk Genuine Service (HKLM-x32\...\{317D67F2-9027-4E85-9ED1-ADF4D765AE02}) (Version: 3.0.11 - Autodesk)
Autodesk Material Library 2018 (HKLM-x32\...\{7847611E-92E9-4917-B395-71C91D523104}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library 2020 (HKLM-x32\...\{B9312A51-41B5-479D-9F72-E7448A2D89AF}) (Version: 18.11.1.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2018 (HKLM-x32\...\{FCDED119-A969-4E48-8A32-D21AD6B03253}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2020 (HKLM-x32\...\{0E976988-E753-4C81-BD96-434CE305B176}) (Version: 18.11.1.0 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2018 (HKLM-x32\...\{1B0F011A-66B4-4865-98B7-0FE132841035}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2020 (HKLM-x32\...\{7979E1F2-682E-4A3C-B674-B3336F35D472}) (Version: 18.11.1.0 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2018 (HKLM-x32\...\{6EC5DA32-D02D-47D4-A3C4-988C1BC1A5FE}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2020 (HKLM-x32\...\{B52B3C0C-F56D-44CB-AC81-F86BCBB7550F}) (Version: 18.11.1.0 - Autodesk)
Autodesk Revit 2020 (HKLM\...\Revit 2020) (Version: 20.0.0.377 - Autodesk)
Autodesk Revit 2020 Revit MEP Imperial Content (HKLM\...\{38AEB114-D437-4695-B390-6D03723F32E0}) (Version: 2.2 - Autodesk)
Autodesk Revit 2020 Revit MEP Metric Content (HKLM\...\{6504036D-FF6D-41E0-B3FE-3193E9BC2047}) (Version: 2.2 - Autodesk)
Autodesk Revit Content Libraries 2018 (HKLM\...\Autodesk Revit Content Libraries 2018) (Version: 18.0.0.420 - Autodesk)
Autodesk Revit Content Libraries 2020 (HKLM\...\Revit Content Libraries 2020) (Version: 20.0.0.377 - Autodesk)
Autodesk Revit MEP Imperial Content (HKLM\...\{7A218E72-B73A-44AF-B4CA-D97EEEAACEFF}) (Version: 2.1 - Autodesk)
Autodesk Revit MEP Metric Content (HKLM\...\{14301A33-A4A1-41B8-A3BF-237AEC8561BB}) (Version: 2.1 - Autodesk)
Autodesk Revit Model Review 2018 (HKLM\...\{715812E8-1800-0010-0000-BBB894911B46}) (Version: 18.0.0.420 - Autodesk) Hidden
Autodesk Revit Model Review 2018 (HKLM\...\Autodesk Revit Model Review 2018) (Version: 18.0.0.420 - Autodesk)
Autodesk Revit Model Review 2020 (HKLM\...\{715812E8-2001-0010-0000-BBB894911B46}) (Version: 20.0.0.377 - Autodesk) Hidden
Autodesk Revit Model Review 2020 (HKLM\...\Autodesk Revit Model Review 2020) (Version: 20.0.0.377 - Autodesk)
Autodesk Single Sign On Component (HKLM\...\{E3807FC8-DD0A-4D6D-89E9-EAADE00C845C}) (Version: 10.22.00.1800 - Autodesk)
Autodesk Workflows 2018 (HKLM\...\{28B17270-375A-4844-9D34-754A457E17BF}) (Version: 16.11.1.0 - Autodesk, Inc.)
Batch Print for Autodesk Revit 2018 (HKLM\...\{82AF00E4-1800-0010-0000-FCE0F87063F9}) (Version: 18.0.0.420 - Autodesk) Hidden
Batch Print for Autodesk Revit 2018 (HKLM\...\Batch Print for Autodesk Revit 2018) (Version: 18.0.0.420 - Autodesk)
Batch Print for Autodesk Revit 2020 (HKLM\...\{82AF00E4-2001-0010-0000-FCE0F87063F9}) (Version: 20.0.0.377 - Autodesk) Hidden
Batch Print for Autodesk Revit 2020 (HKLM\...\Batch Print for Autodesk Revit 2020) (Version: 20.0.0.377 - Autodesk)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite DCP-9020CDW (HKLM-x32\...\{E98A9C92-E767-475B-8BC6-8780A86DDC72}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
Canon LBP3010/LBP3018/LBP3050 (HKLM\...\Canon LBP3010/LBP3018/LBP3050) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
CENKROS 4 (HKLM-x32\...\{30044428-2E18-46EF-B473-28BC89909399}) (Version: - KROS a.s.)
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 57.0.2987.93 - Comodo)
COMODO Internet Security Premium (HKLM\...\{04833277-EE61-4251-9273-0CF86C0FE710}) (Version: 10.0.1.6294 - COMODO Security Solutions Inc.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.8.4420 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM\...\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.3.5529 - CyberLink Corp.) Hidden
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.3.5529 - CyberLink Corp.)
CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5.4505 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.8.4316 - CyberLink Corp.)
CyberLink PowerBackup 2.6 (HKLM-x32\...\InstallShield_{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.6.1.0903 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.2.3317 - CyberLink Corp.) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.2.3317 - CyberLink Corp.)
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
DWGSee Pro 2016 (HKLM-x32\...\{84AAA3F4-45CE-4FC6-8C16-35C98E69673C}) (Version: 4.17 - AutoDWG)
Dynamo Revit 1.2.2 (HKLM\...\{0FF47E28-76A5-44BA-8EEF-58824252F528}) (Version: 1.2.2.373 - Dynamo)
Elcomm (HKLM-x32\...\Elcomm) (Version: - )
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
eTransmit for Autodesk Revit 2020 (HKLM\...\{4477F08B-2001-0010-0000-9A09D834DFF5}) (Version: 20.0.0.377 - Autodesk) Hidden
eTransmit for Autodesk Revit 2020 (HKLM\...\eTransmit for Autodesk Revit 2020) (Version: 20.0.0.377 - Autodesk)
FARO LS 1.1.600.6 (64bit) (HKLM-x32\...\{510A08AF-1649-4844-94E5-EAC43A023685}) (Version: 6.0.6.5 - FARO Scanner Production)
FormIt Converter For Revit 2018 (HKLM\...\{9FFF4CAD-41A6-44D2-9467-A16AC4B6DC2A}) (Version: 1.9.3.0 - Autodesk)
FormIt Converter For Revit 2020 (HKLM\...\{7A22DBAA-79A6-4C7B-98FA-9157A97EF6DA}) (Version: 1.9.6.0 - Autodesk)
Foxit PhantomPDF (HKLM-x32\...\{89BF1D4D-1D62-451E-9496-B971BDE82720}) (Version: 6.0.33.715 - Foxit Corporation)
FreeCAD 0.15 - A free open source CAD system (HKLM\...\FreeCAD 0.15) (Version: 0.15.4671 - Juergen Riegel)
FTP Utility (HKLM-x32\...\InstallShield_{A5EC243A-AAB4-4AF0-85A5-07F9F4618353}) (Version: 1.00.0000 - KONICA MINOLTA)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.360 - Huawei Technologies Co., Ltd.)
HP Documentation (HKLM-x32\...\{198B2800-6C16-4F2A-BC52-EA0F7FD67095}) (Version: 1.3.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7745.4851 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.27 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{6135AEC9-9379-4014-8CB6-B0BC69B4BA78}) (Version: 12.17.27.5 - HP)
Chromodo (HKLM-x32\...\Chromodo) (Version: 52.15.25.665 - Comodo)
iMazing HEIC Converter 1.0.13.0 (HKLM\...\{FA58AFA9-B210-409C-88F1-2A90D577C170}_is1) (Version: 1.0.13.0 - DigiDNA)
Inst5675 (HKLM\...\{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}) (Version: 8.01.27 - Softex Inc.) Hidden
Inst5676 (HKLM\...\{878F6913-7421-4713-97F7-0A736EE2A188}) (Version: 8.01.27 - Softex Inc.) Hidden
IronPython 2.7.3 (HKLM-x32\...\{1EBADAEA-1A0F-40E3-848C-0DD8C5E5A10D}) (Version: 2.7.31000.0 - IronPython Team)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Kros (HKLM\...\{148477A0-A868-425E-9F93-CE8CE95AFE44}) (Version: 8.5.940 - Softland) Hidden
Kros PDF (HKLM-x32\...\{e6b27eee-2b6f-4344-8f4b-93591eb3f24e}) (Version: 162.100.1.0 - Kros a.s.)
MediaInfo 21.09 (HKLM\...\MediaInfo) (Version: 21.09 - MediaArea.net)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 99.0.1150.46 - Microsoft Corporation)
Microsoft Office 2016 pre podnikateľov - sk-sk (HKLM\...\HomeBusinessRetail - sk-sk) (Version: 16.0.14931.20132 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\...\OneDriveSetup.exe) (Version: 22.033.0213.0002 - Microsoft Corporation)
Microsoft SharePoint Designer 2010 (HKLM\...\Office14.SharePointDesigner) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{52EBC484-44A1-4DC5-824A-0A503735ABD8}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{5016990D-7F61-4A20-9451-A915D6616DD9}) (Version: 3.66.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox (x64 sk) (HKLM\...\Mozilla Firefox 98.0.1 (x64 sk)) (Version: 98.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 98.0.1.8107 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
novaPDF 8 Printer Driver (HKLM\...\{F9F62525-05B6-4AD7-8D30-0D872CC1FB3C}) (Version: 8.5.940 - Softland)
novaPDF 8 SDK COM (x86) (HKLM-x32\...\{A6DF899D-5518-4DAB-A4F9-F7D0CDD43224}) (Version: 8.5.940 - Softland)
Nuance PaperPort 12 (HKLM-x32\...\{CEB2E185-0481-4926-A976-2EB48D55B366}) (Version: 12.1.0005 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 388.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.73 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 388.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.73 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14931.20010 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14931.20072 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14931.20094 - Microsoft Corporation) Hidden
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
PDF Annotator 8.0.0.817 (HKLM\...\PDFAnnotator_is1) (Version: 8.0.0.817 - GRAHL software design)
PDFsam Basic (HKLM-x32\...\{06F77008-B6FD-4871-809E-1F3E09985A05}) (Version: 3.30.7.0 - Sober Lemur S.a.s. di Vacondio Andrea)
Personal Accelerator for Revit (HKLM\...\{533DE806-7EC5-4A73-841B-007110126A75}) (Version: 21.0.4.0 - Autodesk)
PNotes 9.3.0 (HKLM-x32\...\{949D34E5-F53F-4830-9A50-1E2C39109043}_is1) (Version: 9.3.0 - Andrey Gruber)
Print to PDF Annotator (novaPDF OEM 7.7 printer) (HKLM\...\Print to PDF Annotator_is1) (Version: 7.7.400 - Softland)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7673 - Realtek Semiconductor Corp.)
Revit 2020 (HKLM\...\{7346B4A0-2000-0510-0000-705C0D862004}) (Version: 20.0.0.377 - Autodesk) Hidden
Revit Content Libraries 2018 (HKLM\...\{941030D0-1800-0410-0000-818BB38A95FC}) (Version: 18.0.0.420 - Autodesk) Hidden
Revit Content Libraries 2020 (HKLM\...\{941030D0-2000-0410-0000-818BB38A95FC}) (Version: 20.0.0.377 - Autodesk) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0017-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{98223B6C-F59E-4928-B553-43605D52ED19}) (Version: - Microsoft)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.38 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.38.101 - Skype Technologies S.A.)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.19.5 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH)
UltraVnc (HKLM\...\Ultravnc2_is1) (Version: 1.2.1.1 - uvnc bvba)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Windows Kontrola stavu počítača (HKLM\...\{BDBC15A5-E9F1-485F-A0D3-7526052FB2B2}) (Version: 3.2.2110.14001 - Microsoft Corporation)
WinRAR 5.31 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Worksharing Monitor for Autodesk Revit 2018 (HKLM\...\{5063E738-1800-0010-0000-7B7B9AB0B696}) (Version: 18.0.0.420 - Autodesk) Hidden
Worksharing Monitor for Autodesk Revit 2018 (HKLM\...\Worksharing Monitor for Autodesk Revit 2018) (Version: 18.0.0.420 - Autodesk)
Worksharing Monitor for Autodesk Revit 2020 (HKLM\...\{5063E738-2001-0010-0000-7B7B9AB0B696}) (Version: 20.0.0.377 - Autodesk) Hidden
Worksharing Monitor for Autodesk Revit 2020 (HKLM\...\Worksharing Monitor for Autodesk Revit 2020) (Version: 20.0.0.377 - Autodesk)
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2020-01-29] (Autodesk Inc.)
Getting Started with Windows 8 -> C:\Program Files\WindowsApps\AD2F1837.GettingStartedwithWindows8_1.6.0.0_neutral__v10z8vjag6ke6 [2015-12-16] (Hewlett-Packard Company)
HP Connected Music -> C:\Program Files\WindowsApps\AD2F1837.HPConnectedMusic_1.5.0.253_x86__v10z8vjag6ke6 [2015-12-16] (Hewlett-Packard Company)
HP Registration -> C:\Program Files\WindowsApps\AD2F1837.HPRegistration_1.2.1.166_neutral__v10z8vjag6ke6 [2015-12-16] (Hewlett-Packard Company)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.14.42.0_x64__v10z8vjag6ke6 [2022-03-03] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-16] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-16] (Microsoft Corporation) [MS Ad]
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_4.2.3010.0_x64__8wekyb3d8bbwe [2022-03-11] (Microsoft Studios) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.2180.0_x64__8wekyb3d8bbwe [2022-02-25] (Microsoft Studios) [MS Ad]
MSN Cestovanie -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-12-16] (Microsoft Corporation) [MS Ad]
MSN Jedlá a nápoje -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-12-16] (Microsoft Corporation) [MS Ad]
MSN Zdravie a fitnes -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-12-16] (Microsoft Corporation) [MS Ad]
Snapfish -> C:\Program Files\WindowsApps\AD2F1837.HPConnectedPhotopoweredbySnapfish_6.1.736.0_x86__v10z8vjag6ke6 [2018-08-04] (Snapfish)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0 [2022-03-21] (Spotify AB) [Startup Task]
The Weather Channel for HP -> C:\Program Files\WindowsApps\Weather.TheWeatherChannelforHP_2015.1108.1.0_x64__t3yemqpq4kp7p [2015-12-16] (The Weather Channel.)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2019-08-01] (Microsoft Corporation)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-15] (Twitter Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3256439801-3967542678-3501957217-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2016 - English\dwgviewr.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3256439801-3967542678-3501957217-1001_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2016 - English\en-US\dwgviewrficn.dll (Autodesk, Inc -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2020-01-22] (Autodesk, Inc. -> Autodesk, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2020-01-22] (Autodesk, Inc. -> Autodesk)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-07-24] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2017-08-29] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers1: [DWGSeeMenu] -> {A6EAF440-149E-4AF3-AE84-5DA3CF791E3B} => C:\Program Files (x86)\AutoDWG\DWGSee Pro 2016\DWGSeeMenu64.dll [2016-03-08] (TODO: <Company name>) [File not signed]
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2014-06-19] (Foxit Corporation -> Foxit Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-07-24] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2017-08-29] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-12-19] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2017-08-29] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2014-09-27 13:47 - 2014-09-27 13:47 - 000855552 _____ (%CFullName%) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\OpBHO64.dll
2017-03-10 14:20 - 2017-03-10 14:20 - 000179200 _____ () [File not signed] [File is in use] C:\Program Files\Autodesk\Personal Accelerator for Revit\Autodesk.C4R.AdWebServicesInterop.dll
2014-09-27 13:40 - 2014-09-27 13:40 - 002150400 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2014-09-27 13:39 - 2014-09-27 13:39 - 000021504 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2014-09-27 13:39 - 2014-09-27 13:39 - 000055296 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2014-09-27 13:39 - 2014-09-27 13:39 - 000035840 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2005-09-07 13:03 - 2005-09-07 13:03 - 000036864 ____R (Black Ice Software, Inc.) [File not signed] C:\Program Files (x86)\Nuance\PaperPort\blicectr.dll
2014-09-27 13:39 - 2014-09-27 13:39 - 000702976 _____ (Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\storeng.dll
2014-09-27 13:40 - 2014-09-27 13:40 - 001119232 _____ (Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\userdata.dll
2010-11-18 21:08 - 2010-11-18 21:08 - 000086016 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2004-11-04 19:23 - 2004-11-04 19:23 - 000028672 _____ (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC) [File not signed] C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFTPReg.dll
2004-10-25 15:49 - 2004-10-25 15:49 - 000221184 _____ (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) [File not signed] C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll
2004-10-25 15:50 - 2004-10-25 15:50 - 000061440 _____ (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) [File not signed] C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpEV.dll
2004-10-25 15:50 - 2004-10-25 15:50 - 000053248 _____ (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) [File not signed] C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpSN.dll
2004-10-25 15:50 - 2004-10-25 15:50 - 000049152 _____ (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) [File not signed] C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpVR.dll
2020-08-12 08:55 - 2020-08-12 08:55 - 001658368 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\MFC80.DLL
2020-04-20 09:29 - 2020-04-20 09:29 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\AppVIsvSubsystems32.dll
2020-04-20 09:29 - 2020-04-20 09:29 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\c2r32.dll
2011-08-02 14:30 - 2011-08-02 14:30 - 000091648 _____ (Nuance Communications, Inc.) [File not signed] C:\Program Files (x86)\Nuance\PaperPort\PDFProFilterPP.dll
2015-07-16 23:48 - 2014-07-26 07:01 - 001283136 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed] C:\WINDOWS\system32\nvspcap64.dll
2020-08-12 09:03 - 2017-12-19 03:51 - 000874880 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll
2020-08-12 09:04 - 2017-12-19 03:51 - 000339072 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NvStereo\_nvstapisvr64.dll
2014-09-27 13:48 - 2014-09-27 13:48 - 000746064 _____ (Softex Incorporated -> ) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2014-09-27 13:48 - 2014-09-27 13:48 - 000420432 _____ (Softex Incorporated -> ) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2014-09-27 13:48 - 2014-09-27 13:48 - 000760912 _____ (Softex Incorporated -> Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\hdddrv.dll
2014-09-27 13:48 - 2014-09-27 13:48 - 001376848 _____ (Softex Incorporated -> Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\Wbf.dll
2016-03-03 15:18 - 2016-03-03 15:18 - 000018944 _____ (Softland) [File not signed] C:\WINDOWS\System32\novamn8.dll
2016-03-08 12:34 - 2016-03-08 12:34 - 000125952 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\AutoDWG\DWGSee Pro 2016\DWGSeeMenu64.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\WINDOWS\system32\AERTAC64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AERTAR64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BRCOC12A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BrWiaNCp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cdpreference.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CX64APO.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DdcWnsListener.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\FMAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\KOBJUJDL.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6437654.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6438165.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6438546.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6437654.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6438165.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6438546.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RCoInstII64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RltkAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RP3DAA64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RP3DHT64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTCOM64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtCRX64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtDataProc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEED64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEEG64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEEL64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEEP64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkApi64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkCfg64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkCoLDR64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtlCPAPI64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtPgEx64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTSnMg64.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\sl3apo64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\slcnt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\slprp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\sltech64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRCOM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRCOM64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRRPTR64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRSHP64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRSTSH64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRSTSX64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRSWOW64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\RtlExUpd.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BrDctF2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BrDctF2L.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BrDctF2S.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRLM03A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRLMW03A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BROSNMP.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRRBTOOL.EXE:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRTCPCON.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BtnCtlsU.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CBLCtlsU.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\comdlg32.OCX:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\EditCtlsU.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ExLvwU.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\LblCtlsU.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\NSSearch.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\RsCRIcon.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SFCOM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SRCOM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\TabStripCtlU.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_7.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Rockey4.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RTKVHD64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RtsUer.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\POHODA sieť. klient\Downloads\ELKTRO.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\POHODA sieť. klient\Downloads\ELKTRO.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\POHODA sieť. klient\Downloads\VZT.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\POHODA sieť. klient\Downloads\VZT.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\POHODA sieť. klient\Downloads\zasilka-OOG2H63AZNGP4WA3.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\POHODA sieť. klient\Downloads\zasilka-OOG2H63AZNGP4WA3.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\POHODA sieť. klient\Downloads\ZT,-Uk--siete.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\POHODA sieť. klient\Downloads\ZT,-Uk--siete.zip:$CmdZnID [26]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\Software\Classes\.scr: DWGTrueViewScriptFile => C:\WINDOWS\system32\notepad.exe "%1"
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPDTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPDTDFJS
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.sk/
HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
SearchScopes: HKLM -> {811E5583-D01F-45B7-8496-3F94F11C8EC4} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {811E5583-D01F-45B7-8496-3F94F11C8EC4} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-3256439801-3967542678-3501957217-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3256439801-3967542678-3501957217-1001 -> {811E5583-D01F-45B7-8496-3F94F11C8EC4} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2022-03-04] (Microsoft Corporation -> Microsoft Corporation)
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2022-02-25] (HP Inc. -> HP Inc.)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation) [File not signed]
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-04-06] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-04-06] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2022-02-25] (HP Inc. -> HP Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-04] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2017-10-19 11:25 - 000000834 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Hewlett-Packard\SimplePass\;C:\Program Files (x86)\Skype\Phone\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Common Files\Autodesk Shared\
HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
HKU\S-1-5-21-3256439801-3967542678-3501957217-1002\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: COMODO Internet Security Firewall Driver -> inspect (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\...\StartupApproved\StartupFolder: => "Odoslanie do aplikácie OneNote.lnk"
HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{60B67167-1BFA-4F9A-9F76-95AB994F9026}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe => No File
FirewallRules: [{5A596620-2661-483B-9040-CBA8AB989F6F}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe => No File
FirewallRules: [{DACD56BE-AA98-4430-838A-DDAC9A02F9A0}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe => No File
FirewallRules: [{F7A05528-B03A-48B6-A7A2-806109A1D74E}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe => No File
FirewallRules: [UDP Query User{493097C4-55BB-4638-8F63-E32E347A4B02}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{733622C1-4CBE-406E-AA8D-D98566EF54E9}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{7FC70806-5F2E-422C-BBFF-5BF73FA65B22}C:\program files (x86)\konica minolta\ftp utility\kmftp.exe] => (Allow) C:\program files (x86)\konica minolta\ftp utility\kmftp.exe (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) [File not signed]
FirewallRules: [TCP Query User{01DE3A66-38EC-4804-981B-27E868B50737}C:\program files (x86)\konica minolta\ftp utility\kmftp.exe] => (Allow) C:\program files (x86)\konica minolta\ftp utility\kmftp.exe (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) [File not signed]
FirewallRules: [{B87AECFC-6D75-4C3D-AE0A-7686D3384156}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{57A86061-F348-4859-BDA8-A0D5E748EFC3}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{29F63955-C10C-412F-A11D-9A3A8CE99857}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe => No File
FirewallRules: [{C86946B1-7616-4168-B0A8-D29DD8E22758}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe (CyberLink Corp. -> CyberLink)
FirewallRules: [{99D5CA59-0B2B-4546-AE8B-6B31366B1CA9}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe => No File
FirewallRules: [{12BC608A-F0AF-49D6-8C8D-1F2EAEB237AE}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{A992D9C2-3C8D-4178-B959-3C10EEC5ADD7}] => (Allow) c:\Program Files\CyberLink\PowerDirector12\PDR10.EXE => No File
FirewallRules: [{278CFE0E-A62E-4DBA-A688-096043DB5031}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BC6B2838-DA6F-4AB1-9574-A9A3109A5A37}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3D686632-914A-46CD-AE39-86E367DD29EB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{34C2A0E0-62E3-4CDF-903D-F1B34E63FACF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F13F2321-4F74-4FA7-9503-5453FD83D506}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{355321AB-E5E0-40C5-B87C-386DA8F38A51}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{805CB22A-CAEA-45F6-8F12-20CFC3594129}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{768CD8CD-6969-4FDC-A8C8-2AD9C4425E38}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{01B66689-1F39-494B-BB8C-DB0AB6787EB9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A4DA8521-0B3F-4F9A-807C-78C453D5BD81}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E7B3BF22-90C0-486D-AB0B-BE512A4F4696}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EC1B04A5-CA80-4E2A-B206-05CAF16457FF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D1BC6C87-80C5-4621-8455-1293CB8DC56D}] => (Allow) LPort=54925
FirewallRules: [{1DA40CFC-F4EF-4167-8ED7-12FD3BFB18E7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{613B6441-F342-4397-8A0B-EEFFFC649EDF}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe => No File
FirewallRules: [{A2889D9E-18DA-4A41-8FB0-C86D0ECC228D}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe => No File
FirewallRules: [{6A8C56C1-FDEE-4459-9CAD-4A28B67C6F92}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\winvnc.exe (uvnc bvba -> UltraVNC)
FirewallRules: [{DD3D16A1-DEFA-42BC-87C7-D164E2C00337}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\winvnc.exe (uvnc bvba -> UltraVNC)
FirewallRules: [TCP Query User{D9945322-0D2E-4DC3-B8FA-4DB7F718EADA}C:\program files (x86)\konica minolta\ftp utility\kmftp.exe] => (Allow) C:\program files (x86)\konica minolta\ftp utility\kmftp.exe (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) [File not signed]
FirewallRules: [UDP Query User{B8E3F190-EDA5-497F-9052-33F7B53B09AB}C:\program files (x86)\konica minolta\ftp utility\kmftp.exe] => (Allow) C:\program files (x86)\konica minolta\ftp utility\kmftp.exe (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) [File not signed]
FirewallRules: [TCP Query User{CA125568-013C-435F-9C3B-FF5510B664B4}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe
FirewallRules: [UDP Query User{D808204E-C05B-42CE-B2E0-0A9830B7E3C6}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe
FirewallRules: [{EDC0F137-81EC-4D74-914F-E3F404C50F75}] => (Allow) LPort=8501
FirewallRules: [{154407FF-CBC9-4183-83DC-C83A0C0720FB}] => (Allow) LPort=8501
FirewallRules: [{B23D2EED-982F-4B1E-A4A1-FD350B194564}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2E1A5D03-4084-4DAD-AF5C-0193ABFCFF86}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{395EA7F3-FFB4-4288-97FB-A41E267EAE35}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{65877BF8-84B0-4F7E-8D87-6774A56CC677}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{DC93232A-8033-48A2-8B67-F70C45D3C225}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A4F4FC61-CE25-4C10-886F-F84E4B0B72AA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FE6C725F-3EF2-48AB-857F-06B5DD9001F1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0D559624-4F95-4627-A597-32DD6D6D6692}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DD16EC05-0607-4C5A-B3FE-3A3484033B78}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BA661806-7B0D-4DC4-8D12-AD315F027BCE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0768C73C-0145-487F-BAB3-33D4F153D924}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AB8FABD9-FBB3-4A99-803E-35C3E0ED48E0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{079AA165-9432-4B4B-BAB7-67BB2F4829D2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C2DCC888-5075-4BDF-97AE-8AD1DF977F3D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{91A1D406-BA94-4A6E-9506-8DE1E8EE01E9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C26A083D-1FD6-4BC6-AB5A-AF3A39582DBC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{412E5EDF-1274-4B97-92B4-1130928C84E6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
==================== Restore Points =========================
11-03-2022 09:30:00 Inštalátor modulov systému Windows
18-03-2022 12:27:43 Scheduled Checkpoint
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (03/21/2022 12:55:28 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
Error: (03/21/2022 10:50:46 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
Error: (03/21/2022 10:42:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: ADPClientService.exe, verzia: 4.1.16.0, časová značka: 0x61ee7d78
Názov chybujúceho modulu: ucrtbase.dll, verzia: 10.0.19041.789, časová značka: 0x82dc99a2
Kód výnimky: 0xc0000005
Odstup chyby: 0x0004dccf
Identifikácia chybujúceho procesu: 0x1fcc
Čas spustenia chybujúcej aplikácie: 0x01d83d07b2793189
Cesta chybujúcej aplikácie: C:\Program Files (x86)\Autodesk\Autodesk Desktop App\ADPClientService.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\ucrtbase.dll
Identifikácia hlásenia: 55686544-3d23-495d-8cf5-1514049f9e3b
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
Error: (03/21/2022 10:33:38 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
Error: (03/21/2022 10:29:28 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1
Error: (03/21/2022 10:29:25 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1
Error: (03/21/2022 10:29:25 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1
Error: (03/21/2022 08:57:06 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v Recovery Image (D:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
System errors:
=============
Error: (03/21/2022 10:30:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby NovaPdfServer zlyhalo kvôli nasledujúcej chybe:
The service did not respond to the start or control request in a timely fashion.
Error: (03/21/2022 10:30:02 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby NovaPdfServer bol dosiahnutý časový limit (45000 ms).
Error: (03/21/2022 10:29:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby KrosPlusFireBird zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.
Error: (03/21/2022 10:22:55 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Autodesk Desktop App Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (03/21/2022 10:22:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusti sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 0 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
Error: (03/21/2022 10:22:47 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Bonjour Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (03/21/2022 10:22:47 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HuaweiHiSuiteService64.exe sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (03/21/2022 10:22:47 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HP SimplePass Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
CodeIntegrity:
===============
Date: 2022-03-21 16:20:15
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: AMI A0.08 02/24/2017
Motherboard: Hewlett-Packard 2B35
Processor: AMD A8-7600 Radeon R7, 10 Compute Cores 4C+6G
Percentage of memory in use: 75%
Total physical RAM: 4041.71 MB
Available physical RAM: 1010.27 MB
Total Virtual: 9161.71 MB
Available Virtual: 4967.06 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:911.06 GB) (Free:434.49 GB) NTFS
Drive d: (Recovery Image) (Fixed) (Total:18.13 GB) (Free:2.3 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: () (Removable) (Total:14.83 GB) (Free:14.36 GB) FAT32
\\?\Volume{7ba3616a-3bb7-4ef8-bf53-b4eba557b4eb}\ (Windows RE tools ) (Fixed) (Total:1 GB) (Free:0.67 GB) NTFS
\\?\Volume{1861037d-ce03-4e13-a6ed-e4e0ef9ba70c}\ () (Fixed) (Total:0.84 GB) (Free:0.4 GB) NTFS
\\?\Volume{e7be1ca3-5090-4a1e-a93c-d2da8ff5de05}\ (SYSTEM) (Fixed) (Total:0.35 GB) (Free:0.27 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: F75FD349)
Partition: GPT.
==========================================================
Disk: 1 (Size: 14.8 GB) (Disk ID: 02EE2059)
Partition 1: (Active) - (Size=14.8 GB) - (Type=0B)
==================== End of Addition.txt =======================
Ran by POHODA sieť. klient (administrator) on ZIMKLIMA-PC2 (Hewlett-Packard 500-500nc) (21-03-2022 15:50:00)
Running from C:\Users\POHODA sieť. klient\Desktop
Loaded Profiles: POHODA sieť. klient
Platform: Microsoft Windows 10 Home Version 21H1 19043.1586 (X64) Language: Čeština (Česká republika) -> Slovenčina (Slovensko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Autodesk, Inc. -> Autodesk) C:\ProgramData\Autodesk\Genuine Service\x64\GenuineService.exe
(Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe ->) (Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe <2>
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files\COMODO\COMODO Internet Security\cistray.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe ->) (Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\BridgeCommunication.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(explorer.exe ->) (Acresso Software Inc. -> Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(explorer.exe ->) (Autodesk, Inc. -> Autodesk) C:\Program Files\Autodesk\Personal Accelerator for Revit\RevitAccelerator.exe
(explorer.exe ->) (CANON INC. -> CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2LAK.EXE
(explorer.exe ->) (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) [File not signed] C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtp.exe
(explorer.exe ->) (Microsoft Corporation -> © 2015 Microsoft Corporation) C:\Users\POHODA sieť. klient\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Internet Explorer\ielowutil.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\9.0.1.1462\AdskLicensingService\AdskLicensingService.exe
(services.exe ->) (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe
(services.exe ->) (Comodo Security Solutions, Inc. -> Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(services.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(services.exe ->) (CyberLink Corp. -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(services.exe ->) (Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe <3>
(services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Softex Inc.) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (uvnc bvba -> UltraVNC) C:\Program Files\uvnc bvba\UltraVNC\winvnc.exe <2>
(spool\drivers\x64\3\CNAP2LAK.EXE ->) (CANON INC. -> CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAB8SWK.EXE
(spool\drivers\x64\3\CNAP2LAK.EXE ->) (CANON INC. -> CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2RPK.EXE
(svchost.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(svchost.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2202.10603.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(svchost.exe ->) (Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8790264 2016-01-22] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-26] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\nvspcap64.dll [1283136 2014-07-26] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1489088 2017-10-19] (Comodo Security Solutions, Inc. -> COMODO)
HKLM\...\Run: [CNAP2 Launcher] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE [226784 2010-10-14] (CANON INC. -> CANON INC.)
HKLM\...\Run: [pac] => C:\Program Files\Autodesk\Personal Accelerator for Revit\RevitAccelerator.exe [223544 2019-02-01] (Autodesk, Inc. -> Autodesk)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2016-01-12] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2016-01-12] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2016-01-12] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2016-01-12] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2016-01-12] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3084288 2016-01-12] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [590920 2022-02-24] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [Autodesk Genuine Service ] => C:\ProgramData\Autodesk\Genuine Service\x64\GenuineService.exe [3439176 2022-01-25] (Autodesk, Inc. -> Autodesk)
HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2016-01-12] (Acresso Software Inc. -> Acresso Corporation)
HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\...\Run: [BingSvc] => C:\Users\POHODA sieť. klient\AppData\Local\Microsoft\BingSvc\BingSvc.exe [146312 2020-08-25] (Microsoft Corporation -> © 2015 Microsoft Corporation)
HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\...\MountPoints2: {31ea92a8-1827-11eb-8369-3464a91bb632} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\...\MountPoints2: {af3770e3-19c6-11eb-8369-3464a91bb632} - "E:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [239704 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\bizhub C35 PCL6-8 Language Monitor: C:\WINDOWS\system32\KOBJUJDL.dll [25608 2016-03-02] (Microsoft Windows Hardware Compatibility Publisher -> KONICA MINOLTA, INC.)
HKLM\...\Print\Monitors\CNAP2 Monitor: C:\WINDOWS\system32\CNAP2LMD.DLL [486400 2012-09-02] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\WINDOWS\system32\hpbprtmon.dll [423936 2014-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
HKLM\...\Print\Monitors\LIDIL hpzllw71: C:\WINDOWS\system32\hpzllw71.dll [62552 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\novaPDF OEM 7 Monitor: C:\WINDOWS\system32\novamnv7.dll [33056 2014-06-16] (Softland S.R.L. -> Softland)
HKLM\...\Print\Monitors\novaPDF Port Monitor: C:\WINDOWS\system32\novamn8.dll [18944 2016-03-03] (Softland) [File not signed]
HKLM\...\Print\Monitors\PCL hpz3lw71: C:\WINDOWS\system32\hpz3lw71.dll [55392 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2014-09-27] (Softex Inc..) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2014-09-27] (Softex Inc..) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FTP Utility.lnk [2016-03-02]
ShortcutTarget: FTP Utility.lnk -> C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtp.exe (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) [File not signed]
Startup: C:\Users\POHODA sieť. klient\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GenuineService.lnk [2020-02-11]
ShortcutTarget: GenuineService.lnk -> C:\Users\POHODA sieť. klient\Autodesk\Genuine Service\GenuineService.exe (No File)
Startup: C:\Users\POHODA sieť. klient\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odoslanie do aplikácie OneNote.lnk [2018-07-11]
ShortcutTarget: Odoslanie do aplikácie OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {12D50B6A-DB29-4AB3-812F-B5B07872DFE6} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {1B4347F8-EA73-4358-93C4-CAA3D397341C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {212A19E1-5F8A-4407-AA3F-B353BD03E26D} - System32\Tasks\Start OPBHOBrokerDesktop => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [506104 2014-09-27] (Softex Incorporated -> Hewlett-Packard)
Task: {21587808-0270-4380-86D4-96C591D84E7A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (No File)
Task: {3FCB2BBE-21D8-47C1-B940-1577DAFBCDD2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /f (No File)
Task: {40C11307-7AEC-4F8D-8E3F-2860DC557CD2} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {4306B1FA-462A-4CC6-9188-F14036016C04} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1489088 2017-10-19] (Comodo Security Solutions, Inc. -> COMODO)
Task: {43E19732-4E89-4F92-B80A-AECF0C983446} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [4784832 2017-10-19] (Comodo Security Solutions, Inc. -> COMODO)
Task: {4F9682F4-D686-4C80-AEA3-0C1A445E8822} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {4FDAE786-0E99-4766-8BA6-6F787F683083} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22580696 2022-03-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {5718571D-970E-40DE-9DBC-EC5912B25FF0} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {6230A350-4F83-46A2-8B6D-9FC5C082F33D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {63AC3304-D439-451C-8395-8D405EB428BC} - \WPD\SqmUpload_S-1-5-21-3256439801-3967542678-3501957217-1001 -> No File <==== ATTENTION
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {7210876A-0701-4520-B7EF-B087CCA1EB53} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {725B5BC7-AA3C-43A7-81D3-0490B651D8B5} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [110968 2022-03-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {72E60BF6-F604-46C3-8DC6-93BF40CC5C73} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {7912034C-8A48-4847-807F-3C2A385EC43B} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1489088 2017-10-19] (Comodo Security Solutions, Inc. -> COMODO)
Task: {7B7BC449-81A9-4FF0-B965-58E3F5705C0A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [136368 2022-02-25] (HP Inc. -> HP Inc.)
Task: {7FE1F2E1-66B3-4D44-A6A4-4986DA51DAA8} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22580696 2022-03-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {820D9D96-DCF5-4F3B-A4D3-D0E45ECBA45F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {87914A4E-EE96-4FBA-8A6D-85DE7F2468A9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {880977EA-A5FE-43BD-BC58-2FCFF19ED7AF} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [4784832 2017-10-19] (Comodo Security Solutions, Inc. -> COMODO)
Task: {94084583-A2C7-4798-8C6B-816E81BE574C} - System32\Tasks\NvNotifier_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\GFExperience.Deployer\NvNotifier.exe [2014152 2018-02-01] (NVIDIA Corporation -> )
Task: {97D516B5-2260-49E5-8D4E-A4E1F68F3A59} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {A054978F-6F59-4589-9D8D-97BED8058327} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {AD46602F-6333-4ABD-A13C-DBA825B53CDE} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {B9ECAC6E-E28B-4089-9103-54C10F9BD72E} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [4784832 2017-10-19] (Comodo Security Solutions, Inc. -> COMODO)
Task: {C17CC278-3B55-4DBE-AB28-B45FBF80B264} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [4784832 2017-10-19] (Comodo Security Solutions, Inc. -> COMODO)
Task: {CDCCD105-08D2-4212-92B7-86021D6C5589} - System32\Tasks\Start SimplePass => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [4678392 2014-09-27] (Softex Incorporated -> Hewlett-Packard)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {CF6F1EAC-F5F2-465A-8743-D0CE4CDF538A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [110968 2022-03-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {DFEFC9D5-B690-480E-B2B9-E72BE0393343} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {EC859CD7-E2D1-40D9-968F-7138B06E584D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {F191E327-7BBE-4647-955C-D695D89AF2BA} - System32\Tasks\Start OPBHOBroker => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [506104 2014-09-27] (Softex Incorporated -> Hewlett-Packard)
Task: {F98608ED-5FF4-41C6-B1E9-EDB2E168706C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [7347928 2017-02-28] (Piriform Ltd -> Piriform Ltd)
Task: {FD32A1D0-E180-449B-8096-79D4D78310FA} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [4784832 2017-10-19] (Comodo Security Solutions, Inc. -> COMODO)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0d65a4aa-f8ba-493f-9a62-591c6d6a94fb}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{337014e5-4152-45ec-ade3-1157b3d69656}: [DhcpNameServer] 192.168.55.10
Tcpip\..\Interfaces\{85aa2a64-cf7b-450c-b7c6-e2119d21a89b}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\POHODA sieť. klient\AppData\Local\Microsoft\Edge\User Data\Default [2022-03-09]
FireFox:
========
FF DefaultProfile: ddtjhju2.default
FF ProfilePath: C:\Users\POHODA sieť. klient\AppData\Roaming\Mozilla\Firefox\Profiles\ddtjhju2.default [2022-03-21]
FF DownloadDir: C:\Users\POHODA sieť. klient\Downloads
FF Homepage: Mozilla\Firefox\Profiles\ddtjhju2.default -> hxxps://www.google.sk/
FF Extension: (Avira Browser Safety) - C:\Users\POHODA sieť. klient\AppData\Roaming\Mozilla\Firefox\Profiles\ddtjhju2.default\Extensions\abs@avira.com.xpi [2022-01-17]
FF Extension: (Linkificator) - C:\Users\POHODA sieť. klient\AppData\Roaming\Mozilla\Firefox\Profiles\ddtjhju2.default\Extensions\linkificator@markapola.xpi [2019-10-25]
FF HKLM-x32\...\Firefox\Extensions: [firefox@bho.com] - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt
FF Extension: (HP SimplePass) - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt [2015-07-16] [Legacy] [not signed]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-06-19] (Foxit Corporation -> )
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-06-19] (Foxit Corporation -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-04-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-04-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-03-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-12-19] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-12-19] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1134664 2022-02-24] (Autodesk, Inc. -> Autodesk Inc.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [16939312 2019-01-09] (Autodesk, Inc. -> Autodesk)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [270336 2016-01-12] (Brother Industries, Ltd.) [File not signed]
R2 ChromodoUpdater; C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe [2273424 2016-10-03] (Comodo Security Solutions -> Comodo)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11649952 2022-03-04] (Microsoft Corporation -> Microsoft Corporation)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [10501616 2017-10-19] (Comodo Security Solutions, Inc. -> COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2876096 2017-10-19] (Comodo Security Solutions, Inc. -> COMODO)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2273432 2017-07-14] (Comodo Security Solutions, Inc. -> Comodo)
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [761856 2022-02-25] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [760864 2022-02-25] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [756720 2022-02-25] (HP Inc. -> HP Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [760304 2022-02-25] (HP Inc. -> HP Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192320 2020-09-24] (Huawei Technologies Co., Ltd. -> ) [File not signed]
S2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [50600 2016-03-03] (Softland SRL -> Microsoft)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [94720 2014-09-27] (Softex Inc.) [File not signed]
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2016-01-12] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] (CyberLink Corp. -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13257000 2021-07-01] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 uvnc_service; C:\Program Files\uvnc bvba\UltraVNC\WinVNC.exe [2188880 2016-06-23] (uvnc bvba -> UltraVNC)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 KrosPlusFireBird; "C:\Program Files (x86)\Cenkros\Firebird\FBbin\fbserver.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [40968 2017-08-09] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [827864 2017-08-09] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [50808 2017-08-09] (Comodo Security Solutions, Inc. -> COMODO)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2018-08-23] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [127232 2015-08-05] (Comodo Security Solutions -> COMODO)
R3 ROCKEYNT; C:\WINDOWS\system32\DRIVERS\Rockey4.sys [36904 2016-01-27] (Feitian Technologies Co., Ltd. -> Feitian Technologies Co., Ltd.)
S3 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-03-21 15:46 - 2022-03-21 15:46 - 000307395 _____ C:\Users\POHODA sieť. klient\Desktop\DP Baja 2021.pdf
2022-03-21 15:45 - 2022-03-21 15:45 - 000307395 _____ C:\Users\POHODA sieť. klient\Downloads\form.523.DPFOA-21-print-save_2caad914-21e2-4f8c-a982-b0ab1281e737.pdf
2022-03-21 15:45 - 2022-03-21 15:45 - 000004267 _____ C:\Users\POHODA sieť. klient\Desktop\Baja.xml
2022-03-21 14:12 - 2022-03-21 14:12 - 000856321 _____ C:\Users\POHODA sieť. klient\Desktop\form.523.DPFOAv21-poucenie.zip
2022-03-21 10:15 - 2022-03-21 10:22 - 000000000 ____D C:\AdwCleaner
2022-03-21 10:14 - 2022-03-21 10:14 - 008540344 _____ (Malwarebytes) C:\Users\POHODA sieť. klient\Desktop\AdwCleaner.exe
2022-03-21 09:43 - 2022-03-21 09:59 - 000062465 _____ C:\Users\POHODA sieť. klient\Desktop\Addition.txt
2022-03-21 09:27 - 2022-03-21 15:56 - 000031145 _____ C:\Users\POHODA sieť. klient\Desktop\FRST.txt
2022-03-21 09:27 - 2022-03-21 09:27 - 000000000 ____D C:\Users\POHODA sieť. klient\Desktop\FRST-OlderVersion
2022-03-18 13:59 - 2022-03-18 14:00 - 000000000 ____D C:\Users\POHODA sieť. klient\Desktop\Nový priečinok (2)
2022-03-18 10:40 - 2022-03-21 15:54 - 000000000 ____D C:\FRST
2022-03-18 10:38 - 2022-03-21 09:27 - 002364928 _____ (Farbar) C:\Users\POHODA sieť. klient\Desktop\FRST64.exe
2022-03-15 09:12 - 2022-03-15 09:12 - 000674361 _____ C:\Users\POHODA sieť. klient\Desktop\rekarindanove.zip
2022-03-15 09:12 - 2022-03-15 09:12 - 000000000 ____D C:\Users\POHODA sieť. klient\Desktop\rekarindanove
2022-03-14 20:07 - 2022-03-21 10:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-03-11 12:28 - 2022-03-11 12:28 - 000011911 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-03-11 12:25 - 2022-03-11 12:25 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-03-11 12:23 - 2022-03-11 12:23 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2022-03-11 12:21 - 2022-03-11 12:21 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-03-11 12:21 - 2022-03-11 12:21 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe
2022-03-11 09:26 - 2022-03-11 09:26 - 000000000 ___HD C:\$WinREAgent
2022-03-01 17:27 - 2022-03-01 17:27 - 000009611 _____ C:\Users\POHODA sieť. klient\Desktop\mh.xlsx
2022-03-01 16:06 - 2022-03-01 17:58 - 000036648 _____ C:\Users\POHODA sieť. klient\Desktop\Report ponuky 2022.xlsx
2022-03-01 09:08 - 2022-03-01 09:08 - 000001526 _____ C:\Users\POHODA sieť. klient\Desktop\CP435-21-Pa Polyfunkčný dom Galvaniho A,B,C, BA – odkaz.lnk
2022-03-01 09:08 - 2022-03-01 09:08 - 000001445 _____ C:\Users\POHODA sieť. klient\Desktop\CP433-21-Pa Bytový dom Murgašova ulica – odkaz.lnk
2022-02-23 11:34 - 2022-02-23 12:15 - 002212692 _____ C:\WINDOWS\Minidump\022322-49187-01.dmp
2022-02-22 12:15 - 2022-02-22 12:15 - 000044384 _____ C:\Users\POHODA sieť. klient\Desktop\received_710016203516661.jpeg
2022-02-21 10:22 - 2022-02-21 10:24 - 000079350 _____ C:\Users\POHODA sieť. klient\Desktop\received_2152963311549008.jpeg
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-03-21 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-03-21 15:49 - 2020-08-12 09:30 - 000004238 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{8E7DBBBB-D05D-4DB1-A0CD-7A279F59342B}
2022-03-21 15:48 - 2016-11-18 11:31 - 000000000 ____D C:\Users\POHODA sieť. klient\AppData\LocalLow\Mozilla
2022-03-21 15:42 - 2020-08-12 08:44 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-03-21 11:43 - 2017-03-14 14:41 - 000000000 ____D C:\Users\POHODA sieť. klient\Documents\Súbory programu Outlook
2022-03-21 10:42 - 2022-02-14 12:06 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-03-21 10:42 - 2017-02-21 08:22 - 000000000 ____D C:\Users\POHODA sieť. klient\AppData\Local\CrashDumps
2022-03-21 10:38 - 2016-03-02 09:53 - 000000000 ____D C:\Skeny
2022-03-21 10:29 - 2021-03-26 13:17 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-03-21 10:28 - 2020-08-12 09:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-03-21 10:28 - 2016-10-04 03:21 - 000000000 ____D C:\ProgramData\NVIDIA
2022-03-21 10:27 - 2020-08-12 08:44 - 000008192 ___SH C:\DumpStack.log.tmp
2022-03-21 10:27 - 2015-12-19 14:17 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-03-21 10:26 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-03-21 10:26 - 2016-01-12 13:15 - 000268778 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2022-03-21 09:40 - 2022-01-07 08:13 - 000000000 ____D C:\Users\POHODA sieť. klient\Desktop\CP 2022
2022-03-21 08:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-03-21 08:37 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-03-21 08:06 - 2016-01-28 09:37 - 000000000 ____D C:\ProgramData\Autodesk
2022-03-18 16:41 - 2017-12-20 08:51 - 000000000 ____D C:\Users\POHODA sieť. klient\AppData\Local\Packages
2022-03-18 11:27 - 2020-08-12 08:49 - 000000000 ____D C:\Users\Uzivatel_PC1
2022-03-17 22:45 - 2020-08-12 08:49 - 000000000 ____D C:\Users\POHODA sieť. klient
2022-03-17 14:40 - 2021-08-27 09:12 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-03-17 14:40 - 2015-12-19 14:17 - 000001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-03-14 19:50 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-03-14 17:28 - 2016-02-02 09:07 - 000000000 ____D C:\Users\POHODA sieť. klient\Desktop\Cenníky
2022-03-14 08:45 - 2020-08-12 09:05 - 001840852 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-03-14 08:45 - 2019-12-07 15:41 - 000756000 _____ C:\WINDOWS\system32\perfh005.dat
2022-03-14 08:45 - 2019-12-07 15:41 - 000169950 _____ C:\WINDOWS\system32\perfc005.dat
2022-03-14 08:41 - 2015-07-16 23:46 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-03-14 08:37 - 2020-08-12 08:44 - 000454960 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-03-14 08:34 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-03-14 08:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-03-14 08:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-03-14 08:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-03-14 08:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-03-14 08:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-03-14 08:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-03-14 08:34 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2022-03-14 08:29 - 2020-08-12 09:30 - 000003402 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3256439801-3967542678-3501957217-1001
2022-03-14 08:28 - 2020-08-12 08:49 - 000002463 _____ C:\Users\POHODA sieť. klient\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-03-11 14:11 - 2018-07-06 09:46 - 000000000 ____D C:\Users\POHODA sieť. klient\Desktop\REPORT CP
2022-03-11 13:35 - 2021-01-22 07:25 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-03-11 13:34 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-03-11 12:20 - 2020-08-12 08:50 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-03-11 09:35 - 2020-08-12 09:30 - 000003576 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-03-11 09:35 - 2020-08-12 09:30 - 000003452 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-03-09 08:29 - 2015-12-16 03:57 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-03-09 07:55 - 2015-12-16 03:57 - 145666720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-03-08 18:04 - 2021-05-05 16:57 - 000000000 ____D C:\Users\POHODA sieť. klient\Desktop\DWN
2022-03-08 16:21 - 2022-01-31 13:21 - 000000000 ____D C:\Users\POHODA sieť. klient\Desktop\Výroba 2022
2022-03-08 08:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-03-04 09:27 - 2016-01-28 09:40 - 000000000 ____D C:\Users\POHODA sieť. klient\AppData\Local\Autodesk
2022-03-03 08:17 - 2021-06-23 07:02 - 000000000 ____D C:\Program Files\HP
2022-02-28 05:17 - 2021-12-13 09:13 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3256439801-3967542678-3501957217-1001
2022-02-23 12:16 - 2020-08-26 06:19 - 000000000 ____D C:\WINDOWS\Minidump
2022-02-23 11:34 - 2019-08-15 07:01 - 696254955 _____ C:\WINDOWS\MEMORY.DMP
==================== Files in the root of some directories ========
2018-05-29 15:24 - 2018-05-29 15:24 - 001703168 _____ (Foxit Software) C:\Users\POHODA sieť. klient\FoxitDPFEditor20_enu_Setup.exe
2018-05-29 15:21 - 2018-05-29 15:21 - 010637032 _____ (PortableApps.com) C:\Users\POHODA sieť. klient\Foxit_PDF_Reader_Portable__5.1.4.exe
2017-05-31 11:22 - 2018-06-14 13:08 - 000009416 _____ () C:\Users\POHODA sieť. klient\AppData\Roaming\Hodnoty oddelené čiarkou.EML
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-03-2022
Ran by POHODA sieť. klient (21-03-2022 16:05:28)
Running from C:\Users\POHODA sieť. klient\Desktop
Microsoft Windows 10 Home Version 21H1 19043.1586 (X64) (2020-08-12 08:31:41)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3256439801-3967542678-3501957217-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3256439801-3967542678-3501957217-503 - Limited - Disabled)
Guest (S-1-5-21-3256439801-3967542678-3501957217-501 - Limited - Disabled)
POHODA sieť. klient (S-1-5-21-3256439801-3967542678-3501957217-1001 - Administrator - Enabled) => C:\Users\POHODA sieť. klient
Uzivatel_PC1 (S-1-5-21-3256439801-3967542678-3501957217-1002 - Limited - Enabled) => C:\Users\Uzivatel_PC1
WDAGUtilityAccount (S-1-5-21-3256439801-3967542678-3501957217-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: COMODO Antivirus (Enabled - Up to date) {0C515E80-E355-69BD-3445-A511E5C186FD}
FW: COMODO Firewall (Enabled) {346ADFA5-A93A-68E5-1F1A-0C241B12C186}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 21.011.20039 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader Driver (HKLM-x32\...\AmUStor) (Version: 20.21.3317.03861 - Alcor Micro Corp.)
Any PDF to DWG Converter 2016 (HKLM-x32\...\Any PDF to DWG Converter_is1) (Version: - AnyDWG Software, Inc.)
Autodesk Advanced Material Library Base Resolution Image Library 2020 (HKLM-x32\...\{FF27FA47-6E0F-4654-A435-19916B297565}) (Version: 18.11.1.0 - Autodesk)
Autodesk Advanced Material Library Low Resolution Image Library 2020 (HKLM-x32\...\{042B92EF-929A-40B1-9578-DA8363208D02}) (Version: 18.11.1.0 - Autodesk)
Autodesk Advanced Material Library Medium Resolution Image Library 2020 (HKLM-x32\...\{0F682C15-79B0-4E6F-A2F4-56BC8CD43F1F}) (Version: 18.11.1.0 - Autodesk)
Autodesk Collaboration for Revit 2018 (HKLM\...\{AA384BE4-1800-0010-0000-97E7D7D00B17}) (Version: 18.0.0.420 - Autodesk) Hidden
Autodesk Collaboration for Revit 2018 (HKLM\...\Autodesk Collaboration for Revit 2018) (Version: 18.0.0.420 - Autodesk)
Autodesk Desktop App (HKLM-x32\...\Autodesk Desktop App) (Version: 8.3.0.71 - Autodesk)
Autodesk DWG TrueView 2016 - English (HKLM\...\DWG TrueView 2016 - English) (Version: 20.1.107.4 - Autodesk)
Autodesk DWG TrueView 2021 - English (HKLM\...\DWG TrueView 2021 - English) (Version: 24.0.47.0 - Autodesk)
Autodesk Genuine Service (HKLM\...\{8AD048E5-9570-442E-A5A2-B12C2618977E}) (Version: 4.6.0.124 - Autodesk)
Autodesk Genuine Service (HKLM-x32\...\{317D67F2-9027-4E85-9ED1-ADF4D765AE02}) (Version: 3.0.11 - Autodesk)
Autodesk Material Library 2018 (HKLM-x32\...\{7847611E-92E9-4917-B395-71C91D523104}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library 2020 (HKLM-x32\...\{B9312A51-41B5-479D-9F72-E7448A2D89AF}) (Version: 18.11.1.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2018 (HKLM-x32\...\{FCDED119-A969-4E48-8A32-D21AD6B03253}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2020 (HKLM-x32\...\{0E976988-E753-4C81-BD96-434CE305B176}) (Version: 18.11.1.0 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2018 (HKLM-x32\...\{1B0F011A-66B4-4865-98B7-0FE132841035}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2020 (HKLM-x32\...\{7979E1F2-682E-4A3C-B674-B3336F35D472}) (Version: 18.11.1.0 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2018 (HKLM-x32\...\{6EC5DA32-D02D-47D4-A3C4-988C1BC1A5FE}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2020 (HKLM-x32\...\{B52B3C0C-F56D-44CB-AC81-F86BCBB7550F}) (Version: 18.11.1.0 - Autodesk)
Autodesk Revit 2020 (HKLM\...\Revit 2020) (Version: 20.0.0.377 - Autodesk)
Autodesk Revit 2020 Revit MEP Imperial Content (HKLM\...\{38AEB114-D437-4695-B390-6D03723F32E0}) (Version: 2.2 - Autodesk)
Autodesk Revit 2020 Revit MEP Metric Content (HKLM\...\{6504036D-FF6D-41E0-B3FE-3193E9BC2047}) (Version: 2.2 - Autodesk)
Autodesk Revit Content Libraries 2018 (HKLM\...\Autodesk Revit Content Libraries 2018) (Version: 18.0.0.420 - Autodesk)
Autodesk Revit Content Libraries 2020 (HKLM\...\Revit Content Libraries 2020) (Version: 20.0.0.377 - Autodesk)
Autodesk Revit MEP Imperial Content (HKLM\...\{7A218E72-B73A-44AF-B4CA-D97EEEAACEFF}) (Version: 2.1 - Autodesk)
Autodesk Revit MEP Metric Content (HKLM\...\{14301A33-A4A1-41B8-A3BF-237AEC8561BB}) (Version: 2.1 - Autodesk)
Autodesk Revit Model Review 2018 (HKLM\...\{715812E8-1800-0010-0000-BBB894911B46}) (Version: 18.0.0.420 - Autodesk) Hidden
Autodesk Revit Model Review 2018 (HKLM\...\Autodesk Revit Model Review 2018) (Version: 18.0.0.420 - Autodesk)
Autodesk Revit Model Review 2020 (HKLM\...\{715812E8-2001-0010-0000-BBB894911B46}) (Version: 20.0.0.377 - Autodesk) Hidden
Autodesk Revit Model Review 2020 (HKLM\...\Autodesk Revit Model Review 2020) (Version: 20.0.0.377 - Autodesk)
Autodesk Single Sign On Component (HKLM\...\{E3807FC8-DD0A-4D6D-89E9-EAADE00C845C}) (Version: 10.22.00.1800 - Autodesk)
Autodesk Workflows 2018 (HKLM\...\{28B17270-375A-4844-9D34-754A457E17BF}) (Version: 16.11.1.0 - Autodesk, Inc.)
Batch Print for Autodesk Revit 2018 (HKLM\...\{82AF00E4-1800-0010-0000-FCE0F87063F9}) (Version: 18.0.0.420 - Autodesk) Hidden
Batch Print for Autodesk Revit 2018 (HKLM\...\Batch Print for Autodesk Revit 2018) (Version: 18.0.0.420 - Autodesk)
Batch Print for Autodesk Revit 2020 (HKLM\...\{82AF00E4-2001-0010-0000-FCE0F87063F9}) (Version: 20.0.0.377 - Autodesk) Hidden
Batch Print for Autodesk Revit 2020 (HKLM\...\Batch Print for Autodesk Revit 2020) (Version: 20.0.0.377 - Autodesk)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite DCP-9020CDW (HKLM-x32\...\{E98A9C92-E767-475B-8BC6-8780A86DDC72}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
Canon LBP3010/LBP3018/LBP3050 (HKLM\...\Canon LBP3010/LBP3018/LBP3050) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
CENKROS 4 (HKLM-x32\...\{30044428-2E18-46EF-B473-28BC89909399}) (Version: - KROS a.s.)
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 57.0.2987.93 - Comodo)
COMODO Internet Security Premium (HKLM\...\{04833277-EE61-4251-9273-0CF86C0FE710}) (Version: 10.0.1.6294 - COMODO Security Solutions Inc.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.8.4420 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM\...\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.3.5529 - CyberLink Corp.) Hidden
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.3.5529 - CyberLink Corp.)
CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5.4505 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.8.4316 - CyberLink Corp.)
CyberLink PowerBackup 2.6 (HKLM-x32\...\InstallShield_{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.6.1.0903 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.2.3317 - CyberLink Corp.) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.2.3317 - CyberLink Corp.)
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
DWGSee Pro 2016 (HKLM-x32\...\{84AAA3F4-45CE-4FC6-8C16-35C98E69673C}) (Version: 4.17 - AutoDWG)
Dynamo Revit 1.2.2 (HKLM\...\{0FF47E28-76A5-44BA-8EEF-58824252F528}) (Version: 1.2.2.373 - Dynamo)
Elcomm (HKLM-x32\...\Elcomm) (Version: - )
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
eTransmit for Autodesk Revit 2020 (HKLM\...\{4477F08B-2001-0010-0000-9A09D834DFF5}) (Version: 20.0.0.377 - Autodesk) Hidden
eTransmit for Autodesk Revit 2020 (HKLM\...\eTransmit for Autodesk Revit 2020) (Version: 20.0.0.377 - Autodesk)
FARO LS 1.1.600.6 (64bit) (HKLM-x32\...\{510A08AF-1649-4844-94E5-EAC43A023685}) (Version: 6.0.6.5 - FARO Scanner Production)
FormIt Converter For Revit 2018 (HKLM\...\{9FFF4CAD-41A6-44D2-9467-A16AC4B6DC2A}) (Version: 1.9.3.0 - Autodesk)
FormIt Converter For Revit 2020 (HKLM\...\{7A22DBAA-79A6-4C7B-98FA-9157A97EF6DA}) (Version: 1.9.6.0 - Autodesk)
Foxit PhantomPDF (HKLM-x32\...\{89BF1D4D-1D62-451E-9496-B971BDE82720}) (Version: 6.0.33.715 - Foxit Corporation)
FreeCAD 0.15 - A free open source CAD system (HKLM\...\FreeCAD 0.15) (Version: 0.15.4671 - Juergen Riegel)
FTP Utility (HKLM-x32\...\InstallShield_{A5EC243A-AAB4-4AF0-85A5-07F9F4618353}) (Version: 1.00.0000 - KONICA MINOLTA)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.360 - Huawei Technologies Co., Ltd.)
HP Documentation (HKLM-x32\...\{198B2800-6C16-4F2A-BC52-EA0F7FD67095}) (Version: 1.3.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7745.4851 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.27 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{6135AEC9-9379-4014-8CB6-B0BC69B4BA78}) (Version: 12.17.27.5 - HP)
Chromodo (HKLM-x32\...\Chromodo) (Version: 52.15.25.665 - Comodo)
iMazing HEIC Converter 1.0.13.0 (HKLM\...\{FA58AFA9-B210-409C-88F1-2A90D577C170}_is1) (Version: 1.0.13.0 - DigiDNA)
Inst5675 (HKLM\...\{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}) (Version: 8.01.27 - Softex Inc.) Hidden
Inst5676 (HKLM\...\{878F6913-7421-4713-97F7-0A736EE2A188}) (Version: 8.01.27 - Softex Inc.) Hidden
IronPython 2.7.3 (HKLM-x32\...\{1EBADAEA-1A0F-40E3-848C-0DD8C5E5A10D}) (Version: 2.7.31000.0 - IronPython Team)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Kros (HKLM\...\{148477A0-A868-425E-9F93-CE8CE95AFE44}) (Version: 8.5.940 - Softland) Hidden
Kros PDF (HKLM-x32\...\{e6b27eee-2b6f-4344-8f4b-93591eb3f24e}) (Version: 162.100.1.0 - Kros a.s.)
MediaInfo 21.09 (HKLM\...\MediaInfo) (Version: 21.09 - MediaArea.net)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 99.0.1150.46 - Microsoft Corporation)
Microsoft Office 2016 pre podnikateľov - sk-sk (HKLM\...\HomeBusinessRetail - sk-sk) (Version: 16.0.14931.20132 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\...\OneDriveSetup.exe) (Version: 22.033.0213.0002 - Microsoft Corporation)
Microsoft SharePoint Designer 2010 (HKLM\...\Office14.SharePointDesigner) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{52EBC484-44A1-4DC5-824A-0A503735ABD8}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{5016990D-7F61-4A20-9451-A915D6616DD9}) (Version: 3.66.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox (x64 sk) (HKLM\...\Mozilla Firefox 98.0.1 (x64 sk)) (Version: 98.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 98.0.1.8107 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
novaPDF 8 Printer Driver (HKLM\...\{F9F62525-05B6-4AD7-8D30-0D872CC1FB3C}) (Version: 8.5.940 - Softland)
novaPDF 8 SDK COM (x86) (HKLM-x32\...\{A6DF899D-5518-4DAB-A4F9-F7D0CDD43224}) (Version: 8.5.940 - Softland)
Nuance PaperPort 12 (HKLM-x32\...\{CEB2E185-0481-4926-A976-2EB48D55B366}) (Version: 12.1.0005 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 388.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.73 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 388.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.73 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14931.20010 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14931.20072 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14931.20094 - Microsoft Corporation) Hidden
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
PDF Annotator 8.0.0.817 (HKLM\...\PDFAnnotator_is1) (Version: 8.0.0.817 - GRAHL software design)
PDFsam Basic (HKLM-x32\...\{06F77008-B6FD-4871-809E-1F3E09985A05}) (Version: 3.30.7.0 - Sober Lemur S.a.s. di Vacondio Andrea)
Personal Accelerator for Revit (HKLM\...\{533DE806-7EC5-4A73-841B-007110126A75}) (Version: 21.0.4.0 - Autodesk)
PNotes 9.3.0 (HKLM-x32\...\{949D34E5-F53F-4830-9A50-1E2C39109043}_is1) (Version: 9.3.0 - Andrey Gruber)
Print to PDF Annotator (novaPDF OEM 7.7 printer) (HKLM\...\Print to PDF Annotator_is1) (Version: 7.7.400 - Softland)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7673 - Realtek Semiconductor Corp.)
Revit 2020 (HKLM\...\{7346B4A0-2000-0510-0000-705C0D862004}) (Version: 20.0.0.377 - Autodesk) Hidden
Revit Content Libraries 2018 (HKLM\...\{941030D0-1800-0410-0000-818BB38A95FC}) (Version: 18.0.0.420 - Autodesk) Hidden
Revit Content Libraries 2020 (HKLM\...\{941030D0-2000-0410-0000-818BB38A95FC}) (Version: 20.0.0.377 - Autodesk) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0017-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{98223B6C-F59E-4928-B553-43605D52ED19}) (Version: - Microsoft)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.38 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.38.101 - Skype Technologies S.A.)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.19.5 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH)
UltraVnc (HKLM\...\Ultravnc2_is1) (Version: 1.2.1.1 - uvnc bvba)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Windows Kontrola stavu počítača (HKLM\...\{BDBC15A5-E9F1-485F-A0D3-7526052FB2B2}) (Version: 3.2.2110.14001 - Microsoft Corporation)
WinRAR 5.31 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Worksharing Monitor for Autodesk Revit 2018 (HKLM\...\{5063E738-1800-0010-0000-7B7B9AB0B696}) (Version: 18.0.0.420 - Autodesk) Hidden
Worksharing Monitor for Autodesk Revit 2018 (HKLM\...\Worksharing Monitor for Autodesk Revit 2018) (Version: 18.0.0.420 - Autodesk)
Worksharing Monitor for Autodesk Revit 2020 (HKLM\...\{5063E738-2001-0010-0000-7B7B9AB0B696}) (Version: 20.0.0.377 - Autodesk) Hidden
Worksharing Monitor for Autodesk Revit 2020 (HKLM\...\Worksharing Monitor for Autodesk Revit 2020) (Version: 20.0.0.377 - Autodesk)
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2020-01-29] (Autodesk Inc.)
Getting Started with Windows 8 -> C:\Program Files\WindowsApps\AD2F1837.GettingStartedwithWindows8_1.6.0.0_neutral__v10z8vjag6ke6 [2015-12-16] (Hewlett-Packard Company)
HP Connected Music -> C:\Program Files\WindowsApps\AD2F1837.HPConnectedMusic_1.5.0.253_x86__v10z8vjag6ke6 [2015-12-16] (Hewlett-Packard Company)
HP Registration -> C:\Program Files\WindowsApps\AD2F1837.HPRegistration_1.2.1.166_neutral__v10z8vjag6ke6 [2015-12-16] (Hewlett-Packard Company)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.14.42.0_x64__v10z8vjag6ke6 [2022-03-03] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-16] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-16] (Microsoft Corporation) [MS Ad]
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_4.2.3010.0_x64__8wekyb3d8bbwe [2022-03-11] (Microsoft Studios) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.2180.0_x64__8wekyb3d8bbwe [2022-02-25] (Microsoft Studios) [MS Ad]
MSN Cestovanie -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-12-16] (Microsoft Corporation) [MS Ad]
MSN Jedlá a nápoje -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-12-16] (Microsoft Corporation) [MS Ad]
MSN Zdravie a fitnes -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-12-16] (Microsoft Corporation) [MS Ad]
Snapfish -> C:\Program Files\WindowsApps\AD2F1837.HPConnectedPhotopoweredbySnapfish_6.1.736.0_x86__v10z8vjag6ke6 [2018-08-04] (Snapfish)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0 [2022-03-21] (Spotify AB) [Startup Task]
The Weather Channel for HP -> C:\Program Files\WindowsApps\Weather.TheWeatherChannelforHP_2015.1108.1.0_x64__t3yemqpq4kp7p [2015-12-16] (The Weather Channel.)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2019-08-01] (Microsoft Corporation)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-15] (Twitter Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3256439801-3967542678-3501957217-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2016 - English\dwgviewr.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3256439801-3967542678-3501957217-1001_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2016 - English\en-US\dwgviewrficn.dll (Autodesk, Inc -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2020-01-22] (Autodesk, Inc. -> Autodesk, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2020-01-22] (Autodesk, Inc. -> Autodesk)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-07-24] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2017-08-29] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers1: [DWGSeeMenu] -> {A6EAF440-149E-4AF3-AE84-5DA3CF791E3B} => C:\Program Files (x86)\AutoDWG\DWGSee Pro 2016\DWGSeeMenu64.dll [2016-03-08] (TODO: <Company name>) [File not signed]
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2014-06-19] (Foxit Corporation -> Foxit Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-07-24] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2017-08-29] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-12-19] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2017-08-29] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2014-09-27 13:47 - 2014-09-27 13:47 - 000855552 _____ (%CFullName%) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\OpBHO64.dll
2017-03-10 14:20 - 2017-03-10 14:20 - 000179200 _____ () [File not signed] [File is in use] C:\Program Files\Autodesk\Personal Accelerator for Revit\Autodesk.C4R.AdWebServicesInterop.dll
2014-09-27 13:40 - 2014-09-27 13:40 - 002150400 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2014-09-27 13:39 - 2014-09-27 13:39 - 000021504 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2014-09-27 13:39 - 2014-09-27 13:39 - 000055296 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2014-09-27 13:39 - 2014-09-27 13:39 - 000035840 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2005-09-07 13:03 - 2005-09-07 13:03 - 000036864 ____R (Black Ice Software, Inc.) [File not signed] C:\Program Files (x86)\Nuance\PaperPort\blicectr.dll
2014-09-27 13:39 - 2014-09-27 13:39 - 000702976 _____ (Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\storeng.dll
2014-09-27 13:40 - 2014-09-27 13:40 - 001119232 _____ (Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\userdata.dll
2010-11-18 21:08 - 2010-11-18 21:08 - 000086016 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2004-11-04 19:23 - 2004-11-04 19:23 - 000028672 _____ (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC) [File not signed] C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFTPReg.dll
2004-10-25 15:49 - 2004-10-25 15:49 - 000221184 _____ (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) [File not signed] C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll
2004-10-25 15:50 - 2004-10-25 15:50 - 000061440 _____ (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) [File not signed] C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpEV.dll
2004-10-25 15:50 - 2004-10-25 15:50 - 000053248 _____ (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) [File not signed] C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpSN.dll
2004-10-25 15:50 - 2004-10-25 15:50 - 000049152 _____ (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) [File not signed] C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpVR.dll
2020-08-12 08:55 - 2020-08-12 08:55 - 001658368 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\MFC80.DLL
2020-04-20 09:29 - 2020-04-20 09:29 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\AppVIsvSubsystems32.dll
2020-04-20 09:29 - 2020-04-20 09:29 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\c2r32.dll
2011-08-02 14:30 - 2011-08-02 14:30 - 000091648 _____ (Nuance Communications, Inc.) [File not signed] C:\Program Files (x86)\Nuance\PaperPort\PDFProFilterPP.dll
2015-07-16 23:48 - 2014-07-26 07:01 - 001283136 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed] C:\WINDOWS\system32\nvspcap64.dll
2020-08-12 09:03 - 2017-12-19 03:51 - 000874880 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll
2020-08-12 09:04 - 2017-12-19 03:51 - 000339072 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NvStereo\_nvstapisvr64.dll
2014-09-27 13:48 - 2014-09-27 13:48 - 000746064 _____ (Softex Incorporated -> ) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2014-09-27 13:48 - 2014-09-27 13:48 - 000420432 _____ (Softex Incorporated -> ) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2014-09-27 13:48 - 2014-09-27 13:48 - 000760912 _____ (Softex Incorporated -> Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\hdddrv.dll
2014-09-27 13:48 - 2014-09-27 13:48 - 001376848 _____ (Softex Incorporated -> Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\Wbf.dll
2016-03-03 15:18 - 2016-03-03 15:18 - 000018944 _____ (Softland) [File not signed] C:\WINDOWS\System32\novamn8.dll
2016-03-08 12:34 - 2016-03-08 12:34 - 000125952 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\AutoDWG\DWGSee Pro 2016\DWGSeeMenu64.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\WINDOWS\system32\AERTAC64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AERTAR64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BRCOC12A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BrWiaNCp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cdpreference.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CX64APO.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DdcWnsListener.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\FMAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\KOBJUJDL.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6437654.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6438165.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6438546.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6437654.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6438165.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6438546.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RCoInstII64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RltkAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RP3DAA64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RP3DHT64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTCOM64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtCRX64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtDataProc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEED64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEEG64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEEL64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEEP64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkApi64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkCfg64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkCoLDR64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtlCPAPI64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtPgEx64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTSnMg64.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\sl3apo64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\slcnt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\slprp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\sltech64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRCOM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRCOM64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRRPTR64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRSHP64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRSTSH64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRSTSX64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRSWOW64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\RtlExUpd.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BrDctF2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BrDctF2L.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BrDctF2S.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRLM03A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRLMW03A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BROSNMP.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRRBTOOL.EXE:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRTCPCON.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BtnCtlsU.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CBLCtlsU.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\comdlg32.OCX:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\EditCtlsU.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ExLvwU.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\LblCtlsU.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\NSSearch.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\RsCRIcon.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SFCOM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SRCOM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\TabStripCtlU.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_7.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Rockey4.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RTKVHD64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RtsUer.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\POHODA sieť. klient\Downloads\ELKTRO.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\POHODA sieť. klient\Downloads\ELKTRO.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\POHODA sieť. klient\Downloads\VZT.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\POHODA sieť. klient\Downloads\VZT.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\POHODA sieť. klient\Downloads\zasilka-OOG2H63AZNGP4WA3.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\POHODA sieť. klient\Downloads\zasilka-OOG2H63AZNGP4WA3.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\POHODA sieť. klient\Downloads\ZT,-Uk--siete.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\POHODA sieť. klient\Downloads\ZT,-Uk--siete.zip:$CmdZnID [26]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\Software\Classes\.scr: DWGTrueViewScriptFile => C:\WINDOWS\system32\notepad.exe "%1"
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPDTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPDTDFJS
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.sk/
HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
SearchScopes: HKLM -> {811E5583-D01F-45B7-8496-3F94F11C8EC4} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {811E5583-D01F-45B7-8496-3F94F11C8EC4} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-3256439801-3967542678-3501957217-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3256439801-3967542678-3501957217-1001 -> {811E5583-D01F-45B7-8496-3F94F11C8EC4} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2022-03-04] (Microsoft Corporation -> Microsoft Corporation)
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2022-02-25] (HP Inc. -> HP Inc.)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation) [File not signed]
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-04-06] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-04-06] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2022-02-25] (HP Inc. -> HP Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-04] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2017-10-19 11:25 - 000000834 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Hewlett-Packard\SimplePass\;C:\Program Files (x86)\Skype\Phone\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Common Files\Autodesk Shared\
HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
HKU\S-1-5-21-3256439801-3967542678-3501957217-1002\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: COMODO Internet Security Firewall Driver -> inspect (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\...\StartupApproved\StartupFolder: => "Odoslanie do aplikácie OneNote.lnk"
HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{60B67167-1BFA-4F9A-9F76-95AB994F9026}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe => No File
FirewallRules: [{5A596620-2661-483B-9040-CBA8AB989F6F}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe => No File
FirewallRules: [{DACD56BE-AA98-4430-838A-DDAC9A02F9A0}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe => No File
FirewallRules: [{F7A05528-B03A-48B6-A7A2-806109A1D74E}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe => No File
FirewallRules: [UDP Query User{493097C4-55BB-4638-8F63-E32E347A4B02}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{733622C1-4CBE-406E-AA8D-D98566EF54E9}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{7FC70806-5F2E-422C-BBFF-5BF73FA65B22}C:\program files (x86)\konica minolta\ftp utility\kmftp.exe] => (Allow) C:\program files (x86)\konica minolta\ftp utility\kmftp.exe (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) [File not signed]
FirewallRules: [TCP Query User{01DE3A66-38EC-4804-981B-27E868B50737}C:\program files (x86)\konica minolta\ftp utility\kmftp.exe] => (Allow) C:\program files (x86)\konica minolta\ftp utility\kmftp.exe (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) [File not signed]
FirewallRules: [{B87AECFC-6D75-4C3D-AE0A-7686D3384156}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{57A86061-F348-4859-BDA8-A0D5E748EFC3}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{29F63955-C10C-412F-A11D-9A3A8CE99857}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe => No File
FirewallRules: [{C86946B1-7616-4168-B0A8-D29DD8E22758}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe (CyberLink Corp. -> CyberLink)
FirewallRules: [{99D5CA59-0B2B-4546-AE8B-6B31366B1CA9}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe => No File
FirewallRules: [{12BC608A-F0AF-49D6-8C8D-1F2EAEB237AE}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{A992D9C2-3C8D-4178-B959-3C10EEC5ADD7}] => (Allow) c:\Program Files\CyberLink\PowerDirector12\PDR10.EXE => No File
FirewallRules: [{278CFE0E-A62E-4DBA-A688-096043DB5031}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BC6B2838-DA6F-4AB1-9574-A9A3109A5A37}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3D686632-914A-46CD-AE39-86E367DD29EB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{34C2A0E0-62E3-4CDF-903D-F1B34E63FACF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F13F2321-4F74-4FA7-9503-5453FD83D506}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{355321AB-E5E0-40C5-B87C-386DA8F38A51}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{805CB22A-CAEA-45F6-8F12-20CFC3594129}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{768CD8CD-6969-4FDC-A8C8-2AD9C4425E38}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{01B66689-1F39-494B-BB8C-DB0AB6787EB9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A4DA8521-0B3F-4F9A-807C-78C453D5BD81}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E7B3BF22-90C0-486D-AB0B-BE512A4F4696}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EC1B04A5-CA80-4E2A-B206-05CAF16457FF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D1BC6C87-80C5-4621-8455-1293CB8DC56D}] => (Allow) LPort=54925
FirewallRules: [{1DA40CFC-F4EF-4167-8ED7-12FD3BFB18E7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{613B6441-F342-4397-8A0B-EEFFFC649EDF}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe => No File
FirewallRules: [{A2889D9E-18DA-4A41-8FB0-C86D0ECC228D}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe => No File
FirewallRules: [{6A8C56C1-FDEE-4459-9CAD-4A28B67C6F92}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\winvnc.exe (uvnc bvba -> UltraVNC)
FirewallRules: [{DD3D16A1-DEFA-42BC-87C7-D164E2C00337}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\winvnc.exe (uvnc bvba -> UltraVNC)
FirewallRules: [TCP Query User{D9945322-0D2E-4DC3-B8FA-4DB7F718EADA}C:\program files (x86)\konica minolta\ftp utility\kmftp.exe] => (Allow) C:\program files (x86)\konica minolta\ftp utility\kmftp.exe (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) [File not signed]
FirewallRules: [UDP Query User{B8E3F190-EDA5-497F-9052-33F7B53B09AB}C:\program files (x86)\konica minolta\ftp utility\kmftp.exe] => (Allow) C:\program files (x86)\konica minolta\ftp utility\kmftp.exe (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) [File not signed]
FirewallRules: [TCP Query User{CA125568-013C-435F-9C3B-FF5510B664B4}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe
FirewallRules: [UDP Query User{D808204E-C05B-42CE-B2E0-0A9830B7E3C6}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe
FirewallRules: [{EDC0F137-81EC-4D74-914F-E3F404C50F75}] => (Allow) LPort=8501
FirewallRules: [{154407FF-CBC9-4183-83DC-C83A0C0720FB}] => (Allow) LPort=8501
FirewallRules: [{B23D2EED-982F-4B1E-A4A1-FD350B194564}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2E1A5D03-4084-4DAD-AF5C-0193ABFCFF86}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{395EA7F3-FFB4-4288-97FB-A41E267EAE35}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{65877BF8-84B0-4F7E-8D87-6774A56CC677}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{DC93232A-8033-48A2-8B67-F70C45D3C225}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A4F4FC61-CE25-4C10-886F-F84E4B0B72AA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FE6C725F-3EF2-48AB-857F-06B5DD9001F1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0D559624-4F95-4627-A597-32DD6D6D6692}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DD16EC05-0607-4C5A-B3FE-3A3484033B78}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BA661806-7B0D-4DC4-8D12-AD315F027BCE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0768C73C-0145-487F-BAB3-33D4F153D924}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AB8FABD9-FBB3-4A99-803E-35C3E0ED48E0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{079AA165-9432-4B4B-BAB7-67BB2F4829D2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C2DCC888-5075-4BDF-97AE-8AD1DF977F3D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{91A1D406-BA94-4A6E-9506-8DE1E8EE01E9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C26A083D-1FD6-4BC6-AB5A-AF3A39582DBC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{412E5EDF-1274-4B97-92B4-1130928C84E6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
==================== Restore Points =========================
11-03-2022 09:30:00 Inštalátor modulov systému Windows
18-03-2022 12:27:43 Scheduled Checkpoint
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (03/21/2022 12:55:28 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
Error: (03/21/2022 10:50:46 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
Error: (03/21/2022 10:42:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: ADPClientService.exe, verzia: 4.1.16.0, časová značka: 0x61ee7d78
Názov chybujúceho modulu: ucrtbase.dll, verzia: 10.0.19041.789, časová značka: 0x82dc99a2
Kód výnimky: 0xc0000005
Odstup chyby: 0x0004dccf
Identifikácia chybujúceho procesu: 0x1fcc
Čas spustenia chybujúcej aplikácie: 0x01d83d07b2793189
Cesta chybujúcej aplikácie: C:\Program Files (x86)\Autodesk\Autodesk Desktop App\ADPClientService.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\ucrtbase.dll
Identifikácia hlásenia: 55686544-3d23-495d-8cf5-1514049f9e3b
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
Error: (03/21/2022 10:33:38 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
Error: (03/21/2022 10:29:28 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1
Error: (03/21/2022 10:29:25 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1
Error: (03/21/2022 10:29:25 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1
Error: (03/21/2022 08:57:06 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v Recovery Image (D:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
System errors:
=============
Error: (03/21/2022 10:30:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby NovaPdfServer zlyhalo kvôli nasledujúcej chybe:
The service did not respond to the start or control request in a timely fashion.
Error: (03/21/2022 10:30:02 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby NovaPdfServer bol dosiahnutý časový limit (45000 ms).
Error: (03/21/2022 10:29:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby KrosPlusFireBird zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.
Error: (03/21/2022 10:22:55 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Autodesk Desktop App Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (03/21/2022 10:22:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusti sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 0 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
Error: (03/21/2022 10:22:47 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Bonjour Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (03/21/2022 10:22:47 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HuaweiHiSuiteService64.exe sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (03/21/2022 10:22:47 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HP SimplePass Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
CodeIntegrity:
===============
Date: 2022-03-21 16:20:15
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: AMI A0.08 02/24/2017
Motherboard: Hewlett-Packard 2B35
Processor: AMD A8-7600 Radeon R7, 10 Compute Cores 4C+6G
Percentage of memory in use: 75%
Total physical RAM: 4041.71 MB
Available physical RAM: 1010.27 MB
Total Virtual: 9161.71 MB
Available Virtual: 4967.06 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:911.06 GB) (Free:434.49 GB) NTFS
Drive d: (Recovery Image) (Fixed) (Total:18.13 GB) (Free:2.3 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: () (Removable) (Total:14.83 GB) (Free:14.36 GB) FAT32
\\?\Volume{7ba3616a-3bb7-4ef8-bf53-b4eba557b4eb}\ (Windows RE tools ) (Fixed) (Total:1 GB) (Free:0.67 GB) NTFS
\\?\Volume{1861037d-ce03-4e13-a6ed-e4e0ef9ba70c}\ () (Fixed) (Total:0.84 GB) (Free:0.4 GB) NTFS
\\?\Volume{e7be1ca3-5090-4a1e-a93c-d2da8ff5de05}\ (SYSTEM) (Fixed) (Total:0.35 GB) (Free:0.27 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: F75FD349)
Partition: GPT.
==========================================================
Disk: 1 (Size: 14.8 GB) (Disk ID: 02EE2059)
Partition 1: (Active) - (Size=14.8 GB) - (Type=0B)
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu FRST
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\...\Run: [BingSvc] => C:\Users\POHODA sieť. klient\AppData\Local\Microsoft\BingSvc\BingSvc.exe [146312 2020-08-25] (Microsoft Corporation -> © 2015 Microsoft Corporation)
HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\...\MountPoints2: {31ea92a8-1827-11eb-8369-3464a91bb632} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\...\MountPoints2: {af3770e3-19c6-11eb-8369-3464a91bb632} - "E:\HiSuiteDownLoader.exe"
Task: {12D50B6A-DB29-4AB3-812F-B5B07872DFE6} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {1B4347F8-EA73-4358-93C4-CAA3D397341C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {21587808-0270-4380-86D4-96C591D84E7A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (No File)
Task: {3FCB2BBE-21D8-47C1-B940-1577DAFBCDD2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /f (No File)
Task: {4F9682F4-D686-4C80-AEA3-0C1A445E8822} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {5718571D-970E-40DE-9DBC-EC5912B25FF0} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {6230A350-4F83-46A2-8B6D-9FC5C082F33D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {63AC3304-D439-451C-8395-8D405EB428BC} - \WPD\SqmUpload_S-1-5-21-3256439801-3967542678-3501957217-1001 -> No File <==== ATTENTION
Task: {72E60BF6-F604-46C3-8DC6-93BF40CC5C73} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {97D516B5-2260-49E5-8D4E-A4E1F68F3A59} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {AD46602F-6333-4ABD-A13C-DBA825B53CDE} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {EC859CD7-E2D1-40D9-968F-7138B06E584D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
AlternateDataStreams: C:\WINDOWS\system32\AERTAC64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AERTAR64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BRCOC12A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BrWiaNCp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cdpreference.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CX64APO.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DdcWnsListener.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\FMAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\KOBJUJDL.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6437654.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6438165.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6438546.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6437654.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6438165.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6438546.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RCoInstII64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RltkAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RP3DAA64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RP3DHT64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTCOM64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtCRX64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtDataProc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEED64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEEG64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEEL64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEEP64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkApi64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkCfg64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkCoLDR64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtlCPAPI64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtPgEx64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTSnMg64.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\sl3apo64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\slcnt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\slprp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\sltech64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRCOM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRCOM64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRRPTR64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRSHP64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRSTSH64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRSTSX64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRSWOW64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\RtlExUpd.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BrDctF2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BrDctF2L.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BrDctF2S.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRLM03A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRLMW03A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BROSNMP.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRRBTOOL.EXE:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRTCPCON.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BtnCtlsU.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CBLCtlsU.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\comdlg32.OCX:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\EditCtlsU.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ExLvwU.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\LblCtlsU.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\NSSearch.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\RsCRIcon.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SFCOM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SRCOM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\TabStripCtlU.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_7.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Rockey4.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RTKVHD64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RtsUer.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\POHODA sieť. klient\Downloads\ELKTRO.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\POHODA sieť. klient\Downloads\ELKTRO.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\POHODA sieť. klient\Downloads\VZT.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\POHODA sieť. klient\Downloads\VZT.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\POHODA sieť. klient\Downloads\zasilka-OOG2H63AZNGP4WA3.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\POHODA sieť. klient\Downloads\zasilka-OOG2H63AZNGP4WA3.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\POHODA sieť. klient\Downloads\ZT,-Uk--siete.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\POHODA sieť. klient\Downloads\ZT,-Uk--siete.zip:$CmdZnID [26]
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPDTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPDTDFJS
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
SearchScopes: HKU\S-1-5-21-3256439801-3967542678-3501957217-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3256439801-3967542678-3501957217-1001 -> {811E5583-D01F-45B7-8496-3F94F11C8EC4} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2022-03-04] (Microsoft Corporation -> Microsoft Corporation)
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
FirewallRules: [{60B67167-1BFA-4F9A-9F76-95AB994F9026}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe => No File
FirewallRules: [{5A596620-2661-483B-9040-CBA8AB989F6F}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe => No File
FirewallRules: [{DACD56BE-AA98-4430-838A-DDAC9A02F9A0}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe => No File
FirewallRules: [{F7A05528-B03A-48B6-A7A2-806109A1D74E}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe => No File
FirewallRules: [{29F63955-C10C-412F-A11D-9A3A8CE99857}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe => No File
FirewallRules: [{A992D9C2-3C8D-4178-B959-3C10EEC5ADD7}] => (Allow) c:\Program Files\CyberLink\PowerDirector12\PDR10.EXE => No File
FirewallRules: [{613B6441-F342-4397-8A0B-EEFFFC649EDF}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe => No File
FirewallRules: [{A2889D9E-18DA-4A41-8FB0-C86D0ECC228D}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe => No File
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu FRST
Fix result of Farbar Recovery Scan Tool (x64) Version: 20-03-2022
Ran by POHODA sieť. klient (21-03-2022 17:09:22) Run:1
Running from C:\Users\POHODA sieť. klient\Desktop
Loaded Profiles: POHODA sieť. klient & Uzivatel_PC1
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\...\Run: [BingSvc] => C:\Users\POHODA sieť. klient\AppData\Local\Microsoft\BingSvc\BingSvc.exe [146312 2020-08-25] (Microsoft Corporation -> © 2015 Microsoft Corporation)
HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\...\MountPoints2: {31ea92a8-1827-11eb-8369-3464a91bb632} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\...\MountPoints2: {af3770e3-19c6-11eb-8369-3464a91bb632} - "E:\HiSuiteDownLoader.exe"
Task: {12D50B6A-DB29-4AB3-812F-B5B07872DFE6} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {1B4347F8-EA73-4358-93C4-CAA3D397341C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {21587808-0270-4380-86D4-96C591D84E7A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (No File)
Task: {3FCB2BBE-21D8-47C1-B940-1577DAFBCDD2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /f (No File)
Task: {4F9682F4-D686-4C80-AEA3-0C1A445E8822} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {5718571D-970E-40DE-9DBC-EC5912B25FF0} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {6230A350-4F83-46A2-8B6D-9FC5C082F33D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {63AC3304-D439-451C-8395-8D405EB428BC} - \WPD\SqmUpload_S-1-5-21-3256439801-3967542678-3501957217-1001 -> No File <==== ATTENTION
Task: {72E60BF6-F604-46C3-8DC6-93BF40CC5C73} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {97D516B5-2260-49E5-8D4E-A4E1F68F3A59} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {AD46602F-6333-4ABD-A13C-DBA825B53CDE} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {EC859CD7-E2D1-40D9-968F-7138B06E584D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
AlternateDataStreams: C:\WINDOWS\system32\AERTAC64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AERTAR64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BRCOC12A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BrWiaNCp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cdpreference.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CX64APO.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DdcWnsListener.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\FMAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\KOBJUJDL.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6437654.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6438165.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6438546.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6437654.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6438165.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6438546.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RCoInstII64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RltkAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RP3DAA64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RP3DHT64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTCOM64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtCRX64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtDataProc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEED64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEEG64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEEL64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEEP64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkApi64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkCfg64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkCoLDR64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtlCPAPI64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtPgEx64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTSnMg64.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\sl3apo64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\slcnt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\slprp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\sltech64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRCOM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRCOM64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRRPTR64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRSHP64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRSTSH64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRSTSX64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRSWOW64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\RtlExUpd.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BrDctF2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BrDctF2L.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BrDctF2S.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRLM03A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRLMW03A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BROSNMP.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRRBTOOL.EXE:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRTCPCON.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BtnCtlsU.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CBLCtlsU.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\comdlg32.OCX:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\EditCtlsU.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ExLvwU.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\LblCtlsU.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\NSSearch.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\RsCRIcon.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SFCOM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SRCOM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\TabStripCtlU.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_7.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Rockey4.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RTKVHD64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RtsUer.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\POHODA sieť. klient\Downloads\ELKTRO.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\POHODA sieť. klient\Downloads\ELKTRO.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\POHODA sieť. klient\Downloads\VZT.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\POHODA sieť. klient\Downloads\VZT.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\POHODA sieť. klient\Downloads\zasilka-OOG2H63AZNGP4WA3.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\POHODA sieť. klient\Downloads\zasilka-OOG2H63AZNGP4WA3.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\POHODA sieť. klient\Downloads\ZT,-Uk--siete.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\POHODA sieť. klient\Downloads\ZT,-Uk--siete.zip:$CmdZnID [26]
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPDTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPDTDFJS
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
SearchScopes: HKU\S-1-5-21-3256439801-3967542678-3501957217-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3256439801-3967542678-3501957217-1001 -> {811E5583-D01F-45B7-8496-3F94F11C8EC4} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2022-03-04] (Microsoft Corporation -> Microsoft Corporation)
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
FirewallRules: [{60B67167-1BFA-4F9A-9F76-95AB994F9026}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe => No File
FirewallRules: [{5A596620-2661-483B-9040-CBA8AB989F6F}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe => No File
FirewallRules: [{DACD56BE-AA98-4430-838A-DDAC9A02F9A0}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe => No File
FirewallRules: [{F7A05528-B03A-48B6-A7A2-806109A1D74E}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe => No File
FirewallRules: [{29F63955-C10C-412F-A11D-9A3A8CE99857}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe => No File
FirewallRules: [{A992D9C2-3C8D-4178-B959-3C10EEC5ADD7}] => (Allow) c:\Program Files\CyberLink\PowerDirector12\PDR10.EXE => No File
FirewallRules: [{613B6441-F342-4397-8A0B-EEFFFC649EDF}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe => No File
FirewallRules: [{A2889D9E-18DA-4A41-8FB0-C86D0ECC228D}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe => No File
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
"HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\Software\Microsoft\Windows\CurrentVersion\Run\\BingSvc" => removed successfully
HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{31ea92a8-1827-11eb-8369-3464a91bb632} => removed successfully
HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{af3770e3-19c6-11eb-8369-3464a91bb632} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{12D50B6A-DB29-4AB3-812F-B5B07872DFE6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{12D50B6A-DB29-4AB3-812F-B5B07872DFE6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1B4347F8-EA73-4358-93C4-CAA3D397341C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1B4347F8-EA73-4358-93C4-CAA3D397341C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{21587808-0270-4380-86D4-96C591D84E7A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{21587808-0270-4380-86D4-96C591D84E7A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{352E6CA0-7314-4DF4-89C4-682368D80D57}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{352E6CA0-7314-4DF4-89C4-682368D80D57}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3FCB2BBE-21D8-47C1-B940-1577DAFBCDD2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3FCB2BBE-21D8-47C1-B940-1577DAFBCDD2}" => removed successfully
C:\WINDOWS\System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4F9682F4-D686-4C80-AEA3-0C1A445E8822}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F9682F4-D686-4C80-AEA3-0C1A445E8822}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5718571D-970E-40DE-9DBC-EC5912B25FF0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5718571D-970E-40DE-9DBC-EC5912B25FF0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6230A350-4F83-46A2-8B6D-9FC5C082F33D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6230A350-4F83-46A2-8B6D-9FC5C082F33D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{63AC3304-D439-451C-8395-8D405EB428BC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{63AC3304-D439-451C-8395-8D405EB428BC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-3256439801-3967542678-3501957217-1001" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{72E60BF6-F604-46C3-8DC6-93BF40CC5C73}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{72E60BF6-F604-46C3-8DC6-93BF40CC5C73}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{97D516B5-2260-49E5-8D4E-A4E1F68F3A59}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{97D516B5-2260-49E5-8D4E-A4E1F68F3A59}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AD46602F-6333-4ABD-A13C-DBA825B53CDE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AD46602F-6333-4ABD-A13C-DBA825B53CDE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EC859CD7-E2D1-40D9-968F-7138B06E584D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC859CD7-E2D1-40D9-968F-7138B06E584D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
C:\WINDOWS\system32\AERTAC64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\AERTAR64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\BRCOC12A.DLL => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\BrWiaNCp.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\cdpreference.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\CX64APO.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_43.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dcsx_43.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_30.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\DdcWnsListener.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\FMAPO64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\indexeddbserver.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\KOBJUJDL.DLL => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\nvdispco6437654.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\nvdispco6438165.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\nvdispco6438546.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\nvdispgenco6437654.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\nvdispgenco6438165.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\nvdispgenco6438546.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RCoInstII64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RltkAPO64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RP3DAA64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RP3DHT64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RTCOM64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RtCRX64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RtDataProc64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RTEED64A.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RTEEG64A.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RTEEL64A.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RTEEP64A.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RtkApi64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RtkCfg64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RtkCoLDR64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RtlCPAPI64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RtPgEx64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RTSnMg64.cpl => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\sl3apo64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\slcnt64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\slprp64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\sltech64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\SRAPO64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\SRCOM.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\SRCOM64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\SRRPTR64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\SRSHP64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\SRSTSH64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\SRSTSX64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\SRSWOW64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\x3daudio1_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine3_7.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAPOFX1_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAudio2_7.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xinput1_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\RtlExUpd.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\BrDctF2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\BrDctF2L.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\BrDctF2S.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\BRLM03A.DLL => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\BRLMW03A.DLL => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\BROSNMP.DLL => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\BRRBTOOL.EXE => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\BRTCPCON.DLL => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\BtnCtlsU.ocx => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\CBLCtlsU.ocx => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\comdlg32.OCX => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_43.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dcsx_43.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_30.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\EditCtlsU.ocx => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\ExLvwU.ocx => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\indexeddbserver.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\LblCtlsU.ocx => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\NSSearch.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\RsCRIcon.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\SFCOM.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\SRCOM.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\TabStripCtlU.ocx => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\x3daudio1_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine3_7.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAPOFX1_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAudio2_7.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xinput1_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\Rockey4.sys => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\RTKVHD64.sys => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\RtsUer.sys => ":$CmdTcID" ADS could not remove.
C:\Users\POHODA sieť. klient\Downloads\ELKTRO.zip => ":$CmdTcID" ADS could not remove.
C:\Users\POHODA sieť. klient\Downloads\ELKTRO.zip => ":$CmdZnID" ADS removed successfully
C:\Users\POHODA sieť. klient\Downloads\VZT.zip => ":$CmdTcID" ADS could not remove.
C:\Users\POHODA sieť. klient\Downloads\VZT.zip => ":$CmdZnID" ADS removed successfully
C:\Users\POHODA sieť. klient\Downloads\zasilka-OOG2H63AZNGP4WA3.zip => ":$CmdTcID" ADS could not remove.
C:\Users\POHODA sieť. klient\Downloads\zasilka-OOG2H63AZNGP4WA3.zip => ":$CmdZnID" ADS removed successfully
C:\Users\POHODA sieť. klient\Downloads\ZT,-Uk--siete.zip => ":$CmdTcID" ADS could not remove.
C:\Users\POHODA sieť. klient\Downloads\ZT,-Uk--siete.zip => ":$CmdZnID" ADS removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Error setting value.
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
"HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page" => removed successfully
"HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL" => removed successfully
HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{811E5583-D01F-45B7-8496-3F94F11C8EC4} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} => removed successfully
HKLM\Software\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF} => removed successfully
HKLM\Software\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{60B67167-1BFA-4F9A-9F76-95AB994F9026}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5A596620-2661-483B-9040-CBA8AB989F6F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DACD56BE-AA98-4430-838A-DDAC9A02F9A0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F7A05528-B03A-48B6-A7A2-806109A1D74E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{29F63955-C10C-412F-A11D-9A3A8CE99857}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A992D9C2-3C8D-4178-B959-3C10EEC5ADD7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{613B6441-F342-4397-8A0B-EEFFFC649EDF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A2889D9E-18DA-4A41-8FB0-C86D0ECC228D}" => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 50888877 B
Java, Flash, Steam htmlcache => 2053 B
Windows/system/drivers => 101276431 B
Edge => 8251285 B
Firefox => 2127430424 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 35840000 B
LocalService => 36199310 B
NetworkService => 36201232 B
POHODA sieť. klient => 2216019315 B
Uzivatel_PC1 => 2216028523 B
RecycleBin => 16893655763 B
EmptyTemp: => 22.1 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 19:03:47 ====
Ran by POHODA sieť. klient (21-03-2022 17:09:22) Run:1
Running from C:\Users\POHODA sieť. klient\Desktop
Loaded Profiles: POHODA sieť. klient & Uzivatel_PC1
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\...\Run: [BingSvc] => C:\Users\POHODA sieť. klient\AppData\Local\Microsoft\BingSvc\BingSvc.exe [146312 2020-08-25] (Microsoft Corporation -> © 2015 Microsoft Corporation)
HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\...\MountPoints2: {31ea92a8-1827-11eb-8369-3464a91bb632} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\...\MountPoints2: {af3770e3-19c6-11eb-8369-3464a91bb632} - "E:\HiSuiteDownLoader.exe"
Task: {12D50B6A-DB29-4AB3-812F-B5B07872DFE6} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {1B4347F8-EA73-4358-93C4-CAA3D397341C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {21587808-0270-4380-86D4-96C591D84E7A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (No File)
Task: {3FCB2BBE-21D8-47C1-B940-1577DAFBCDD2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /f (No File)
Task: {4F9682F4-D686-4C80-AEA3-0C1A445E8822} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {5718571D-970E-40DE-9DBC-EC5912B25FF0} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {6230A350-4F83-46A2-8B6D-9FC5C082F33D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {63AC3304-D439-451C-8395-8D405EB428BC} - \WPD\SqmUpload_S-1-5-21-3256439801-3967542678-3501957217-1001 -> No File <==== ATTENTION
Task: {72E60BF6-F604-46C3-8DC6-93BF40CC5C73} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {97D516B5-2260-49E5-8D4E-A4E1F68F3A59} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {AD46602F-6333-4ABD-A13C-DBA825B53CDE} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {EC859CD7-E2D1-40D9-968F-7138B06E584D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
AlternateDataStreams: C:\WINDOWS\system32\AERTAC64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AERTAR64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BRCOC12A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BrWiaNCp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cdpreference.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CX64APO.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DdcWnsListener.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\FMAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\KOBJUJDL.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6437654.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6438165.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6438546.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6437654.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6438165.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6438546.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RCoInstII64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RltkAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RP3DAA64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RP3DHT64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTCOM64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtCRX64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtDataProc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEED64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEEG64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEEL64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEEP64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkApi64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkCfg64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkCoLDR64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtlCPAPI64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtPgEx64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTSnMg64.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\sl3apo64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\slcnt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\slprp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\sltech64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRCOM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRCOM64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRRPTR64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRSHP64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRSTSH64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRSTSX64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRSWOW64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\RtlExUpd.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BrDctF2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BrDctF2L.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BrDctF2S.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRLM03A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRLMW03A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BROSNMP.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRRBTOOL.EXE:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRTCPCON.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BtnCtlsU.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CBLCtlsU.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\comdlg32.OCX:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\EditCtlsU.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ExLvwU.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\LblCtlsU.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\NSSearch.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\RsCRIcon.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SFCOM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SRCOM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\TabStripCtlU.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_7.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Rockey4.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RTKVHD64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RtsUer.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\POHODA sieť. klient\Downloads\ELKTRO.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\POHODA sieť. klient\Downloads\ELKTRO.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\POHODA sieť. klient\Downloads\VZT.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\POHODA sieť. klient\Downloads\VZT.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\POHODA sieť. klient\Downloads\zasilka-OOG2H63AZNGP4WA3.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\POHODA sieť. klient\Downloads\zasilka-OOG2H63AZNGP4WA3.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\POHODA sieť. klient\Downloads\ZT,-Uk--siete.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\POHODA sieť. klient\Downloads\ZT,-Uk--siete.zip:$CmdZnID [26]
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPDTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPDTDFJS
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
SearchScopes: HKU\S-1-5-21-3256439801-3967542678-3501957217-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3256439801-3967542678-3501957217-1001 -> {811E5583-D01F-45B7-8496-3F94F11C8EC4} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2022-03-04] (Microsoft Corporation -> Microsoft Corporation)
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
FirewallRules: [{60B67167-1BFA-4F9A-9F76-95AB994F9026}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe => No File
FirewallRules: [{5A596620-2661-483B-9040-CBA8AB989F6F}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe => No File
FirewallRules: [{DACD56BE-AA98-4430-838A-DDAC9A02F9A0}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe => No File
FirewallRules: [{F7A05528-B03A-48B6-A7A2-806109A1D74E}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe => No File
FirewallRules: [{29F63955-C10C-412F-A11D-9A3A8CE99857}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe => No File
FirewallRules: [{A992D9C2-3C8D-4178-B959-3C10EEC5ADD7}] => (Allow) c:\Program Files\CyberLink\PowerDirector12\PDR10.EXE => No File
FirewallRules: [{613B6441-F342-4397-8A0B-EEFFFC649EDF}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe => No File
FirewallRules: [{A2889D9E-18DA-4A41-8FB0-C86D0ECC228D}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe => No File
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
"HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\Software\Microsoft\Windows\CurrentVersion\Run\\BingSvc" => removed successfully
HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{31ea92a8-1827-11eb-8369-3464a91bb632} => removed successfully
HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{af3770e3-19c6-11eb-8369-3464a91bb632} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{12D50B6A-DB29-4AB3-812F-B5B07872DFE6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{12D50B6A-DB29-4AB3-812F-B5B07872DFE6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1B4347F8-EA73-4358-93C4-CAA3D397341C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1B4347F8-EA73-4358-93C4-CAA3D397341C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{21587808-0270-4380-86D4-96C591D84E7A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{21587808-0270-4380-86D4-96C591D84E7A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{352E6CA0-7314-4DF4-89C4-682368D80D57}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{352E6CA0-7314-4DF4-89C4-682368D80D57}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3FCB2BBE-21D8-47C1-B940-1577DAFBCDD2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3FCB2BBE-21D8-47C1-B940-1577DAFBCDD2}" => removed successfully
C:\WINDOWS\System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4F9682F4-D686-4C80-AEA3-0C1A445E8822}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F9682F4-D686-4C80-AEA3-0C1A445E8822}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5718571D-970E-40DE-9DBC-EC5912B25FF0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5718571D-970E-40DE-9DBC-EC5912B25FF0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6230A350-4F83-46A2-8B6D-9FC5C082F33D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6230A350-4F83-46A2-8B6D-9FC5C082F33D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{63AC3304-D439-451C-8395-8D405EB428BC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{63AC3304-D439-451C-8395-8D405EB428BC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-3256439801-3967542678-3501957217-1001" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{72E60BF6-F604-46C3-8DC6-93BF40CC5C73}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{72E60BF6-F604-46C3-8DC6-93BF40CC5C73}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{97D516B5-2260-49E5-8D4E-A4E1F68F3A59}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{97D516B5-2260-49E5-8D4E-A4E1F68F3A59}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AD46602F-6333-4ABD-A13C-DBA825B53CDE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AD46602F-6333-4ABD-A13C-DBA825B53CDE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EC859CD7-E2D1-40D9-968F-7138B06E584D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC859CD7-E2D1-40D9-968F-7138B06E584D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
C:\WINDOWS\system32\AERTAC64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\AERTAR64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\BRCOC12A.DLL => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\BrWiaNCp.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\cdpreference.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\CX64APO.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_43.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dcsx_43.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_30.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\DdcWnsListener.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\FMAPO64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\indexeddbserver.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\KOBJUJDL.DLL => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\nvdispco6437654.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\nvdispco6438165.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\nvdispco6438546.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\nvdispgenco6437654.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\nvdispgenco6438165.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\nvdispgenco6438546.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RCoInstII64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RltkAPO64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RP3DAA64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RP3DHT64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RTCOM64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RtCRX64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RtDataProc64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RTEED64A.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RTEEG64A.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RTEEL64A.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RTEEP64A.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RtkApi64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RtkCfg64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RtkCoLDR64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RtlCPAPI64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RtPgEx64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RTSnMg64.cpl => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\sl3apo64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\slcnt64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\slprp64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\sltech64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\SRAPO64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\SRCOM.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\SRCOM64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\SRRPTR64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\SRSHP64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\SRSTSH64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\SRSTSX64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\SRSWOW64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\x3daudio1_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine3_7.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAPOFX1_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAudio2_7.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xinput1_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\RtlExUpd.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\BrDctF2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\BrDctF2L.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\BrDctF2S.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\BRLM03A.DLL => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\BRLMW03A.DLL => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\BROSNMP.DLL => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\BRRBTOOL.EXE => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\BRTCPCON.DLL => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\BtnCtlsU.ocx => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\CBLCtlsU.ocx => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\comdlg32.OCX => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_43.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dcsx_43.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_30.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\EditCtlsU.ocx => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\ExLvwU.ocx => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\indexeddbserver.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\LblCtlsU.ocx => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\NSSearch.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\RsCRIcon.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\SFCOM.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\SRCOM.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\TabStripCtlU.ocx => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\x3daudio1_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine3_7.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAPOFX1_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAudio2_7.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xinput1_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\Rockey4.sys => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\RTKVHD64.sys => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\RtsUer.sys => ":$CmdTcID" ADS could not remove.
C:\Users\POHODA sieť. klient\Downloads\ELKTRO.zip => ":$CmdTcID" ADS could not remove.
C:\Users\POHODA sieť. klient\Downloads\ELKTRO.zip => ":$CmdZnID" ADS removed successfully
C:\Users\POHODA sieť. klient\Downloads\VZT.zip => ":$CmdTcID" ADS could not remove.
C:\Users\POHODA sieť. klient\Downloads\VZT.zip => ":$CmdZnID" ADS removed successfully
C:\Users\POHODA sieť. klient\Downloads\zasilka-OOG2H63AZNGP4WA3.zip => ":$CmdTcID" ADS could not remove.
C:\Users\POHODA sieť. klient\Downloads\zasilka-OOG2H63AZNGP4WA3.zip => ":$CmdZnID" ADS removed successfully
C:\Users\POHODA sieť. klient\Downloads\ZT,-Uk--siete.zip => ":$CmdTcID" ADS could not remove.
C:\Users\POHODA sieť. klient\Downloads\ZT,-Uk--siete.zip => ":$CmdZnID" ADS removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Error setting value.
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
"HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page" => removed successfully
"HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL" => removed successfully
HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKU\S-1-5-21-3256439801-3967542678-3501957217-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{811E5583-D01F-45B7-8496-3F94F11C8EC4} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} => removed successfully
HKLM\Software\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF} => removed successfully
HKLM\Software\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{60B67167-1BFA-4F9A-9F76-95AB994F9026}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5A596620-2661-483B-9040-CBA8AB989F6F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DACD56BE-AA98-4430-838A-DDAC9A02F9A0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F7A05528-B03A-48B6-A7A2-806109A1D74E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{29F63955-C10C-412F-A11D-9A3A8CE99857}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A992D9C2-3C8D-4178-B959-3C10EEC5ADD7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{613B6441-F342-4397-8A0B-EEFFFC649EDF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A2889D9E-18DA-4A41-8FB0-C86D0ECC228D}" => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 50888877 B
Java, Flash, Steam htmlcache => 2053 B
Windows/system/drivers => 101276431 B
Edge => 8251285 B
Firefox => 2127430424 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 35840000 B
LocalService => 36199310 B
NetworkService => 36201232 B
POHODA sieť. klient => 2216019315 B
Uzivatel_PC1 => 2216028523 B
RecycleBin => 16893655763 B
EmptyTemp: => 22.1 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 19:03:47 ====
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu FRST
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu FRST
Počítač je rýchlejší, nespúšťa sa toľko procesov. Síce ma odvšadiaľ poodhlasovalo, ala to nevadí.
Skôr sa obávam ešte zadať nové prihlasovacie údaje do mailov - či tam nie je ešte niečo, čo tam nemá byť.
Skôr sa obávam ešte zadať nové prihlasovacie údaje do mailov - či tam nie je ešte niečo, čo tam nemá byť.
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu FRST
V PC by nemělo být nic. To, že vás to odhlásilo je tím, že skeny uvedou vše v PC do defaultu. Ještě zkuste sken AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 . Utilitu stáhněte, spusťte a nechte pracovat. Po skončení akce smažte vše, co najde. Návod v odkazu je na starší verzi.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu FRST
Sken vykonaný, nič sa nenašlo.
Veľmi ste mi pomohli, ďakujem
Veľmi ste mi pomohli, ďakujem
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu FRST
Nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?