právě se mi asi dostala do PC nějaká havět. Začalo to tak, že se aktualizoval antivirus Avira. Pak se smrštil deštník v ikonce a oznámil program Windows Defender, že ochrana je vypnutá. Po zapnutí to ohlásilo hrozbu a po odstranění to ohlásilo, že se hrozba nepodařila úplně odstranit. V Aviře nejde rozvinout deštník (ochrana v reálném čase nejde zapnout). ještě předtím než se objevila hrozba jsem restartoval PC, jestli se ochrana v Aviře zapne. Nezapne. Defender hlásí hrozbu či pochvíli, že žádná není.
Prosím o kontrolu, zdali tam není nějaká havěť či i něco jiného. Také mě při vkládání příspěvků na net do jedné diskuze zlobí obrázková kapča a nechce mě pustit, že se odesílá z mého PC mnoho dotazů (již se tu dříve řešilo, že to není u mě). Když ty stránky pustím přes online proxy, tak tam mě kapča pustí.
Moc děkuji za vyřešení a odstranění havěti, než to něco napáchá. Posílám logy s FRST a díky za další rady.
![2 :)](./images/smilies/2.gif)
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-07-2022
Ran by Admin (administrator) on DESKTOP-1U0LM3C (12-07-2022 21:36:58)
Running from D:\Aviry
Loaded Profiles: Admin
Platform: Microsoft Windows 10 Home Version 21H1 19043.1766 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <2>
(C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe ->) (Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCopyAccelerator.exe
(D:\Aviry\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) D:\Aviry\Malwarebytes\Anti-Malware\mbamtray.exe
(explorer.exe ->) (Corel Corporation -> WinZip Computing) D:\Archivace\WinZip\WzPreloader.exe
(explorer.exe ->) (Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Office14\ONENOTEM.EXE
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) D:\Aviry\CheckPoint\ZoneAlarm\zatray.exe
(Piriform Software Ltd -> Piriform Software Ltd) D:\Aviry\CCleaner\CCleaner64.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) D:\Prográmky\RealPlayer\Update\realsched.exe
(services.exe ->) (ABBYY Production LLC -> ABBYY Production LLC) C:\Program Files (x86)\Common Files\ABBYY\FineReader\15\Licensing\NetworkLicenseServer.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (Adobe Systems Incorporated -> Adobe Systems Incorporated) D:\Fotoeditory\Adobe Photoshop Elements 11\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ) C:\Windows\System32\AsusUpdateCheck.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(services.exe ->) (geek software GmbH -> geek software GmbH) D:\Prográmky\PDF24\pdf24.exe <2>
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) D:\Aviry\CheckPoint\ZoneAlarm\vsmon.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) D:\Aviry\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 7\updater-ws.exe
(services.exe ->) (pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 7\ws.exe
(services.exe ->) (RealNetworks, Inc. -> RealNetworks, Inc.) D:\Prográmky\UpdateService\RealPlayerUpdateSvc.exe
(services.exe ->) (Softland SRL -> Microsoft) C:\Program Files\Softland\novaPDF 10\Server\novapdfs.exe
(svchost.exe ->) (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe
(svchost.exe ->) (Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(svchost.exe ->) (Hewlett Packard -> Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
Failed to access process -> SearchFilterHost.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3427104 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\...\Run: [PDF24] => D:\Prográmky\PDF24\pdf24.exe [587000 2022-01-05] (geek software GmbH -> geek software GmbH)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [ZoneAlarm] => D:\Aviry\CheckPoint\ZoneAlarm\zatray.exe [325856 2020-01-23] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2623032 2019-07-26] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [TkBellExe] => d:\prográmky\realplayer\Update\realsched.exe [347560 2021-12-26] (RealNetworks, Inc. -> RealNetworks, Inc.)
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files (x86)\Opera\assistant\browser_assistant.exe [4124416 2022-05-17] (Opera Software AS -> Opera Software)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-722231672-965411127-3486821242-1001\...\Run: [CCleaner Smart Cleaning] => D:\Aviry\CCleaner\CCleaner64.exe [36976728 2022-06-14] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-722231672-965411127-3486821242-1001\...\Run: [] => [X]
HKU\S-1-5-21-722231672-965411127-3486821242-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-722231672-965411127-3486821242-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Admin\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-722231672-965411127-3486821242-1001\...\RunOnce: [Uninstall 22.121.0605.0002] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Admin\AppData\Local\Microsoft\OneDrive\22.121.0605.0002" (No File)
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [239704 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\novaPDF 10 Port Monitor: C:\WINDOWS\system32\novamn10.dll [18944 2020-10-19] (Softland) [File not signed]
HKLM\...\Print\Monitors\PCL hpz3lw71: C:\WINDOWS\system32\hpz3lw71.dll [55392 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\PDF Architect 7 Monitor: C:\Windows\system32\spool\DRIVERS\x64\pdf architect_pdfpmon_v.4.12.26.3.dll [932984 2019-11-26] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com))
HKLM\...\Print\Monitors\PDF-XChange5-ABBYY: C:\Windows\system32\pxc50pma.dll [58936 2014-11-13] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
HKLM\...\Print\Monitors\PDF-XChange5-ABBYY-FR15: C:\WINDOWS\system32\pxc50pmaf15.dll [57328 2018-12-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\103.0.5060.114\Installer\chrmstp.exe [2022-07-05] (Google LLC -> Google LLC)
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Avira.lnk [2020-02-02]
ShortcutTarget: Avira.lnk -> C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk [2022-05-13]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files (x86)\Office14\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acrobat Assistant.lnk [2020-01-31]
ShortcutTarget: Acrobat Assistant.lnk -> D:\Programy\Adobe\Adobe Acrobat Distiller 5.0\Distillr\AcroTray.exe (Adobe Systems Inc.) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2019-11-26]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2020-08-11]
ShortcutTarget: WinZip Preloader.lnk -> D:\Archivace\WinZip\WzPreloader.exe (Corel Corporation -> WinZip Computing)
GroupPolicy-Firefox-x32: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {03F66930-921F-40EC-BA4E-3C1562247B55} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-07-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0A523097-1FE5-4E21-A46F-8CEF940D2FD3} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {0C3F0ED1-2C1F-42EA-AECE-130E4BEA6A04} - System32\Tasks\doPDF 10 Telemetry => C:\Program Files\Softland\novaPDF 10\Driver\GoogleAnalytics.exe [51504 2020-10-19] (Softland SRL -> )
Task: {17547B1C-0FF7-4276-9950-7093AF26FEEC} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {1767C569-45CE-4407-9244-E7425723C769} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1642080 2022-07-11] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
Task: {2DA4E14C-06DD-498D-8217-4755502737E1} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-722231672-965411127-3486821242-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [128240 2016-02-03] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {30515FA6-F9ED-44C5-8EFA-8506DAE5A0F2} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-1U0LM3C-Admin => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {511EA8A4-F686-4EB2-BDE1-889A1A750FBF} - System32\Tasks\AviraSystemSpeedupVerify => C:\Program Files (x86)\Avira\System Speedup\setup\avira_speedup_setup.exe [32819448 2022-07-10] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
Task: {5C7D46B2-904D-45BE-B1F4-EB846B4E9264} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {67A9F288-EB9B-4B09-886C-2DE3B1B1701B} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-722231672-965411127-3486821242-1001 => D:\prográmky\realplayer\RealUpgrade.exe [129960 2021-12-26] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {6E2CF984-2BBD-462A-B1A6-B86BD1DBBC32} - \WinZip Update Notifier 3 -> No File <==== ATTENTION
Task: {6EDF3FF7-6C4F-4B3D-AF10-6422F4969E33} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-07-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {73D6DECF-82F9-4D6A-9866-C7FD33DD1FD9} - System32\Tasks\Avira_Security_Update => C:\WINDOWS\system32\net.exe [59904 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {8535C168-1B7B-4928-8996-AF503FDD848C} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3427104 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {9038B369-BC18-4750-915A-B3397AABABBB} - System32\Tasks\GoogleUpdateTaskMachineUA{33399356-FF1B-407B-B2C7-9039A1A671CC} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-11-26] (Google Inc -> Google Inc.)
Task: {90527A75-5A94-4DE8-B113-61468F2FE640} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [258472 2022-07-11] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
Task: {92497EB4-6737-48B2-95AD-E156D36299A7} - \Opera scheduled assistant Autoupdate 1580117963 -> No File <==== ATTENTION
Task: {9D9147FE-E3A9-4DA6-9467-97B7F4A01A0B} - \WinZip Update Notifier 2 -> No File <==== ATTENTION
Task: {A9B5C750-A8A6-46C0-887B-D224DD94FD74} - \WinZip Update Notifier 1 -> No File <==== ATTENTION
Task: {AA1FA4E2-3217-4122-A7F7-D670ADBDE0EC} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-722231672-965411127-3486821242-1001 => D:\prográmky\realplayer\RealUpgrade.exe [129960 2021-12-26] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {AB4BA52F-AA88-4525-B03B-3961F55DA06B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-07-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AE81ECE4-B75D-4D6A-A35C-13A9145C60FA} - System32\Tasks\CCleaner Update => D:\Aviry\CCleaner\CCUpdate.exe [619416 2022-06-20] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {BB9C4A9E-8903-42A2-9BCF-77E08E69BE01} - System32\Tasks\klcp_update => D:\Prográmky\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1907712 2021-04-12] () [File not signed]
Task: {C058F360-D1E7-4B0B-817D-F6E7783E7B0F} - System32\Tasks\RealDownloader Update Check => d:\prográmky\realplayer\downloader2.exe [1167784 2021-12-26] (RealNetworks, Inc. -> )
Task: {D2C135A4-E491-469B-9EE5-8BBB500E2731} - System32\Tasks\CCleanerSkipUAC - Admin => D:\Aviry\CCleaner\CCleaner.exe [31027800 2022-06-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DD4DDD5E-C15D-41A6-BFE2-8EBFC70439DC} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-722231672-965411127-3486821242-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [128240 2016-02-03] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {E1B24382-9B57-4CF1-A9FC-35640CD458F6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-07-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E948ECFF-5A89-46DA-AE8D-EFA7EF4E35F1} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {EB2B61BF-C3A2-4F58-B725-387972CD7149} - System32\Tasks\doPDF 10 Update => C:\Program Files\Softland\novaPDF 10\Driver\UpdateApplication.exe [98096 2020-10-19] (Softland SRL -> )
Task: {F5EE3308-2C52-4889-8A23-7E05F950FFF5} - System32\Tasks\GoogleUpdateTaskMachineCore{97283C65-2A48-44CD-A7A1-B696E3021AB5} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-11-26] (Google Inc -> Google Inc.)
Task: {FF448796-7A7C-4542-85B6-2F9FEA8EE654} - System32\Tasks\Opera scheduled Autoupdate 1574800406 => C:\Program Files (x86)\Opera\launcher.exe [1888240 2022-07-05] (Opera Norway AS -> Opera Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: [S-1-5-21-722231672-965411127-3486821242-1001] => http=;ftp=;https=;
Tcpip\Parameters: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{2344692f-c41b-4ac7-9c50-43b9fc907f50}: [DhcpNameServer] 31.30.90.11 31.30.90.12
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default [2022-07-12]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-07-06]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: 2i1040qs.default-1582311638745
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\u4mgi7h5.default-release [2022-07-12]
FF Homepage: Mozilla\Firefox\Profiles\u4mgi7h5.default-release -> about:home
FF NewTab: Mozilla\Firefox\Profiles\u4mgi7h5.default-release -> about:newtab
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2i1040qs.default-1582311638745 [2022-07-12]
FF NewTab: Mozilla\Firefox\Profiles\2i1040qs.default-1582311638745 -> about:newtab
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> D:\Prográmky\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> D:\Prográmky\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> D:\Prográmky\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> D:\Prográmky\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> D:\Prográmky\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> D:\Prográmky\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-07-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-07-26] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=20.0.7.309 -> d:\prográmky\realplayer\Netscape6\nppl3260.dll [2021-12-26] (RealNetworks, Inc. -> RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=20.0.7.309 -> d:\prográmky\realplayer\Netscape6\nprpplugin.dll [2021-12-26] (RealNetworks, Inc. -> RealPlayer)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-07-26] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Profile 6
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-07-12]
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 6 [2022-07-12]
CHR Extension: (uBlock Origin) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-06-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-06-03]
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\System Profile [2022-07-12]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Opera:
=======
OPR Profile: C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable [2022-07-12]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-07-01]
OPR Extension: (Opera Crypto Wallet) - C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-07-12]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-15]
OPR Extension: (uBlock Origin) - C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2022-07-01]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ABBYY.Licensing.FineReader.15.0; C:\Program Files (x86)\Common Files\ABBYY\FineReader\15\Licensing\NetworkLicenseServer.exe [1058032 2019-07-29] (ABBYY Production LLC -> ABBYY Production LLC)
S2 ABBYY.Licensing.PDFTransformer.Classic.4.0; D:\Programy\ABBYY PDF Transformer+\NetworkLicenseServer.exe [962256 2014-12-02] (ABBYY Production LLC -> ABBYY Production LLC)
R2 AdobeActiveFileMonitor10.0; D:\Fotoeditory\Adobe Photoshop Elements 11\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [816184 2019-07-26] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3815712 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3580200 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AsusUpdateCheck; C:\WINDOWS\System32\AsusUpdateCheck.exe [768408 2022-07-12] (ASUSTeK Computer Inc. -> )
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [3000608 2022-03-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [386864 2022-03-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [264400 2022-07-11] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [284136 2022-07-11] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
S3 CCleanerPerformanceOptimizerService; D:\Aviry\CCleaner\CCleanerPerformanceOptimizerService.exe [1081432 2022-06-14] (Piriform Software Ltd -> )
S2 EndpointProtectionService; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [8445968 2022-06-30] (Avira Operations GmbH -> Avira Operations GmbH)
S3 EndpointProtectionService2; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [8445968 2022-06-30] (Avira Operations GmbH -> Avira Operations GmbH)
R2 MBAMService; D:\Aviry\Malwarebytes\Anti-Malware\MBAMService.exe [8677120 2022-06-21] (Malwarebytes Inc. -> Malwarebytes)
S3 Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Office14\GROOVE.EXE [30963576 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NovaPdf10Server; C:\Program Files\Softland\novaPDF 10\Server\novapdfs.exe [52528 2020-10-19] (Softland SRL -> Microsoft)
R3 PDF Architect 7; C:\Program Files\PDF Architect 7\ws.exe [2579752 2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
S3 PDF Architect 7 Creator; C:\Program Files\PDF Architect 7\creator\common\creator-ws.exe [692008 2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 7 Update Service; C:\Program Files\PDF Architect 7\updater-ws.exe [1832232 2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF24; D:\Prográmky\PDF24\pdf24.exe [587000 2022-01-05] (geek software GmbH -> geek software GmbH)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RealPlayerUpdateSvc; D:\prográmky\UpdateService\RealPlayerUpdateSvc.exe [38856 2021-12-04] (RealNetworks, Inc. -> RealNetworks, Inc.)
S2 RealTimes Desktop Service; d:\prográmky\realplayer\RPDS\Bin\rpdsvc.exe [991176 2021-12-26] (RealNetworks, Inc. -> RealNetworks, Inc.)
R2 vsmon; D:\Aviry\CheckPoint\ZoneAlarm\vsmon.exe [4528344 2020-01-21] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2205.7-0\NisSrv.exe [3120992 2022-07-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2205.7-0\MsMpEng.exe [133544 2022-07-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZA NET ICM Service; C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe [42208 2020-03-13] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 ZAPrivacyService; D:\Aviry\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [114936 2020-01-21] (Check Point Software Technologies Ltd. -> Check Point Software Technologies, Ltd.)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 BdSentry; C:\WINDOWS\System32\DRIVERS\BdSentry.sys [230520 2022-06-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-07-12] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-05-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-07-12] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 netprotection_network_filter; C:\WINDOWS\System32\drivers\netprotection_network_filter.sys [100128 2022-06-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 rtp_elam; C:\WINDOWS\System32\DRIVERS\rtp_elam.sys [24024 2022-06-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH)
R2 rtp_filesystem_filter; C:\WINDOWS\System32\DRIVERS\rtp_filesystem_filter.sys [202584 2022-06-30] (Avira Operations GmbH -> Avira Operations GmbH)
R1 rtp_process_monitor; C:\WINDOWS\system32\DRIVERS\rtp_process_monitor.sys [193304 2022-06-30] (Avira Operations GmbH -> Avira Operations GmbH)
R1 rtp_traverse; C:\WINDOWS\system32\DRIVERS\rtp_traverse.sys [47560 2022-06-30] (Avira Operations GmbH -> Avira Operations GmbH)
R1 Vsdatant; C:\WINDOWS\system32\DRIVERS\vsdatant.sys [461240 2019-07-25] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-07-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [452856 2022-07-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [91384 2022-07-12] (Microsoft Windows -> Microsoft Corporation)
U3 iswSvc; no ImagePath
S3 netprotection_network_filter2; System32\drivers\netprotection_network_filter2.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-07-12 21:25 - 2022-07-12 21:25 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-07-12 21:25 - 2022-07-12 21:25 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-07-12 19:05 - 2022-07-12 21:11 - 001299432 _____ C:\WINDOWS\system32\rtp.db
2022-07-12 19:05 - 2022-07-12 19:05 - 000000000 ____D C:\Program Files\Avira
2022-07-12 19:05 - 2022-06-30 11:17 - 000202584 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp_filesystem_filter.sys
2022-07-12 19:05 - 2022-06-30 11:17 - 000193304 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp_process_monitor.sys
2022-07-12 19:05 - 2022-06-30 11:17 - 000047560 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp_traverse.sys
2022-07-12 19:05 - 2022-06-30 11:17 - 000024024 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp_elam.sys
2022-07-12 19:05 - 2022-06-21 17:57 - 000230520 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\BdSentry.sys
2022-07-12 19:05 - 2022-06-15 09:28 - 000100128 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\netprotection_network_filter.sys
2022-07-12 19:04 - 2022-07-12 19:04 - 000003428 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Service_SCM_Watchdog
2022-07-12 19:04 - 2022-07-12 19:04 - 000000000 ____D C:\WINDOWS\SysWOW64\ncp
2022-07-10 15:00 - 2022-07-10 15:00 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avira
2022-07-10 01:02 - 2022-07-12 21:14 - 000000000 ____D C:\Users\Public\Security Sessions
2022-07-10 01:02 - 2022-07-10 15:01 - 000000000 ____D C:\Users\Admin\AppData\Local\Avira
2022-07-10 01:01 - 2022-07-10 01:01 - 000002818 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Systray
2022-07-10 01:01 - 2022-07-10 01:01 - 000000000 ____D C:\WINDOWS\SysWOW64\statReporter
2022-07-10 01:00 - 2022-07-12 21:12 - 000000000 ____D C:\Users\Public\Speedup Sessions
2022-07-10 01:00 - 2022-07-12 19:04 - 000003474 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update
2022-07-10 01:00 - 2022-07-10 01:00 - 000003788 _____ C:\WINDOWS\system32\Tasks\AviraSystemSpeedupVerify
2022-07-09 23:05 - 2022-07-12 19:04 - 000001078 _____ C:\Users\Public\Desktop\Avira_.lnk
2022-07-06 20:24 - 2022-07-12 21:12 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-07-03 14:15 - 2022-07-12 21:12 - 000078848 _____ C:\WINDOWS\KMSEmulator.exe
2022-06-29 19:48 - 2022-06-29 19:48 - 000000000 ____D C:\Users\Admin\.ms-ad
2022-06-22 00:02 - 2022-06-22 00:02 - 000012371 _____ C:\Users\Admin\Documents\Zakončení cvičebního roku v T.J. Sokol Pražský 21.06.2022.wlmp
2022-06-21 16:38 - 2022-06-21 16:38 - 000104448 _____ C:\WINDOWS\system32\nettraceex.dll
2022-06-21 16:37 - 2022-06-21 16:37 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-06-21 16:37 - 2022-06-21 16:37 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-06-21 16:37 - 2022-06-21 16:37 - 000232288 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2022-06-21 16:37 - 2022-06-21 16:37 - 000011787 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-06-21 16:30 - 2022-06-21 16:30 - 000000000 ___HD C:\$WinREAgent
2022-06-19 13:04 - 2022-06-19 13:04 - 000695079 _____ C:\Users\Admin\Downloads\Léčivé ovoce a zelenina jp.pdf
2022-06-13 11:05 - 2022-06-13 13:09 - 000121946 _____ C:\Users\Admin\Documents\Sokolské Brno 2022.wlmp
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-07-12 21:37 - 2020-02-14 19:00 - 000000000 ____D C:\FRST
2022-07-12 21:31 - 2022-02-08 18:57 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-07-12 21:31 - 2019-11-27 02:56 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\Mozilla
2022-07-12 21:25 - 2021-12-12 14:10 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-07-12 21:25 - 2021-12-12 14:10 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2022-07-12 21:25 - 2020-11-06 00:16 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-07-12 21:24 - 2019-11-20 20:04 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-07-12 21:19 - 2020-11-06 00:18 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-07-12 21:19 - 2019-12-07 16:41 - 000716764 _____ C:\WINDOWS\system32\perfh005.dat
2022-07-12 21:19 - 2019-12-07 16:41 - 000144942 _____ C:\WINDOWS\system32\perfc005.dat
2022-07-12 21:19 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-07-12 21:18 - 2020-04-28 22:25 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-07-12 21:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-07-12 21:15 - 2019-11-26 22:30 - 000000000 ____D C:\Program Files (x86)\Google
2022-07-12 21:15 - 2019-11-26 21:07 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2022-07-12 21:13 - 2021-12-11 00:41 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-722231672-965411127-3486821242-1001
2022-07-12 21:13 - 2020-11-06 00:16 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-722231672-965411127-3486821242-1001
2022-07-12 21:13 - 2020-11-06 00:10 - 000002377 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-07-12 21:13 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-07-12 21:12 - 2021-12-26 19:07 - 000003556 _____ C:\WINDOWS\system32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-722231672-965411127-3486821242-1001
2022-07-12 21:12 - 2021-12-26 19:07 - 000003492 _____ C:\WINDOWS\system32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-722231672-965411127-3486821242-1001
2022-07-12 21:12 - 2020-11-06 00:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-07-12 21:12 - 2020-11-06 00:09 - 000783584 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-07-12 21:12 - 2020-11-06 00:09 - 000008192 ___SH C:\DumpStack.log.tmp
2022-07-12 21:12 - 2019-11-26 22:34 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-07-12 21:12 - 2019-11-26 22:33 - 000000000 ____D C:\Program Files (x86)\Opera
2022-07-12 21:12 - 2019-11-20 20:04 - 000807280 _____ C:\WINDOWS\system32\wpbbin.exe
2022-07-12 21:12 - 2019-11-20 20:04 - 000768408 _____ C:\WINDOWS\system32\AsusUpdateCheck.exe
2022-07-12 21:12 - 2019-11-20 13:12 - 000000000 ____D C:\ProgramData\NVIDIA
2022-07-12 21:11 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-07-12 20:12 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-07-12 20:12 - 2019-11-26 21:17 - 000000000 ____D C:\ProgramData\Avira
2022-07-12 19:04 - 2019-11-26 21:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2022-07-12 16:44 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-07-12 15:50 - 2020-02-05 20:20 - 000000000 ____D C:\Users\Admin\AppData\Roaming\vlc
2022-07-12 00:48 - 2019-11-27 02:03 - 000000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2022-07-10 19:25 - 2019-11-26 22:47 - 000000000 ____D C:\Users\Admin\AppData\Local\Adobe
2022-07-10 01:00 - 2019-11-26 21:17 - 000000000 ____D C:\Program Files (x86)\Avira
2022-07-09 23:05 - 2022-02-01 16:51 - 000000000 ____D C:\ProgramData\Package Cache
2022-07-09 20:42 - 2020-11-06 00:09 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-07-08 14:34 - 2020-06-14 19:30 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-07-08 14:34 - 2020-06-14 19:30 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-07-07 18:59 - 2020-11-06 00:16 - 000003970 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1574800406
2022-07-07 18:59 - 2019-11-26 22:33 - 000001155 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2022-07-06 22:05 - 2021-10-10 21:31 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-07-06 22:04 - 2019-11-26 22:34 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-07-05 21:15 - 2019-11-26 22:30 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-07-05 21:15 - 2019-11-26 22:30 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-07-03 14:15 - 2020-08-25 00:24 - 000000184 _____ C:\WINDOWS\AutoKMS.ini
2022-07-03 13:44 - 2020-11-06 00:16 - 000004194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-07-01 19:15 - 2021-12-27 22:19 - 000000000 ____D C:\Users\Admin\.cache
2022-06-30 19:34 - 2021-12-19 02:46 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-06-29 19:48 - 2020-11-06 00:10 - 000000000 ____D C:\Users\Admin
2022-06-22 23:13 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-06-22 23:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-06-22 23:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-06-22 23:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-06-22 23:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-06-22 23:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-06-22 23:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-06-22 23:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-06-22 23:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-06-22 23:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-06-22 23:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-06-22 23:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-06-22 23:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-06-22 23:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-06-22 23:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-06-22 23:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-06-22 23:13 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2022-06-21 23:37 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-06-21 16:37 - 2020-11-06 00:11 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-06-21 16:30 - 2019-11-26 21:09 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-06-21 16:28 - 2019-11-26 21:09 - 145918784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-06-19 16:36 - 2020-06-07 14:04 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
==================== Files in the root of some directories ========
2022-05-22 12:37 - 2022-05-22 12:38 - 000004608 _____ () C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2022-01-29 16:59 - 2022-01-29 16:59 - 000000000 _____ () C:\Users\Admin\AppData\Local\oobelibMkey.log
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-07-2022
Ran by Admin (12-07-2022 21:39:34)
Running from D:\Aviry
Microsoft Windows 10 Home Version 21H1 19043.1766 (X64) (2020-11-05 22:16:13)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Admin (S-1-5-21-722231672-965411127-3486821242-1001 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-722231672-965411127-3486821242-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-722231672-965411127-3486821242-503 - Limited - Disabled)
Guest (S-1-5-21-722231672-965411127-3486821242-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-722231672-965411127-3486821242-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avira Security (Enabled - Up to date) {76C0BF9F-9FD3-D249-DE2F-7A33A59B9258}
FW: ZoneAlarm Free Firewall Firewall (Enabled) {217C3BCF-3FBD-7C30-A427-2D11E16F3BEB}
FW: ZoneAlarm Free Firewall Firewall (Disabled) {8D637332-9C08-995E-98D7-8237936B0E9F}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 19.01 alpha (x64) (HKLM\...\7-Zip) (Version: 19.01 alpha - Igor Pavlov)
A Sharper Scaling version 1.2 (HKLM-x32\...\{7CFADE53-9599-48C5-9FE3-689E56C1D96B}_is1) (Version: 1.2 - )
ABBYY FineReader 15 (HKLM\...\{F15000FE-0001-6400-0000-074957833700}) (Version: 15.0.1496 - ABBYY Production LLC)
ABBYY PDF Transformer+ (HKLM\...\{FA400000-0001-6400-0000-074957833700}) (Version: 4.2.186 - ABBYY Production LLC)
Adobe Acrobat 5.0 (HKLM-x32\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.001.20169 - Adobe)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.9.0.515 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 7.7.0.35 - Adobe Inc.)
Adobe PageMaker 7.0 (HKLM-x32\...\Adobe PageMaker 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Photoshop Elements 10 (HKLM-x32\...\Adobe Photoshop Elements 10) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-001824458876}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Avira (HKLM-x32\...\{0A659D39-DDCC-4793-BEA2-8D205284272B}) (Version: 1.2.162.7474 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{8ea07ae2-acd9-459e-8fc2-6f31ef667c9c}) (Version: 1.2.162.7474 - Avira Operations GmbH & Co. KG)
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.41.1.25731 - Avira Operations GmbH & Co. KG)
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.1.69.29981 - Avira Operations GmbH & Co. KG)
Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version: - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.19.0.11413 - Avira Operations GmbH & Co. KG)
BAHN 3.81r1 (HKLM-x32\...\BAHN381r1_is1) (Version: 3.81 - JBSS Chemnitz/Dresden)
calibre 64bit (HKLM\...\{6DB760DC-BEC5-4727-AA50-722D2881725E}) (Version: 5.9.0 - Kovid Goyal)
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 6.01 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
doPDF (HKLM\...\{3A2B5138-BDC2-4905-8683-0F416835A4FD}) (Version: 10.9.132 - Softland) Hidden
doPDF 10 add-in for Microsoft Office (x64) (HKLM\...\{064F8223-4848-4562-B77E-997C3E74E749}) (Version: 10.6.122 - Softland)
doPDF 10 add-in for Microsoft Office (x86) (HKLM-x32\...\{705BC7F6-DE19-4764-A8C2-0162DC824AB9}) (Version: 10.6.122 - Softland)
doPDF 10 Printer Driver (HKLM\...\{786E2F7E-E97D-46B7-A9B1-FDEF161F9FE0}) (Version: 10.9.132 - Softland)
Endpoint Protection SDK (HKLM\...\{68E1CCB4-4965-4713-BDEB-77F6D6C9BF9D}_is1) (Version: 1.0.2206.3019 - Avira Operations GmbH & Co. KG) Hidden
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FOTOLAB CEWE fotosvet (HKLM-x32\...\FOTOLAB CEWE fotosvet) (Version: 6.3.7 - CEWE Stiftung u Co. KGaA)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 103.0.5060.114 - Google LLC)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F4200 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{8C925017-72A8-4C4A-AF21-84901E26638F}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
K-Lite Mega Codec Pack 16.4.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 16.4.5 - KLCP)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
LibreOffice 6.3.3.2 (HKLM\...\{4DACF7A7-C851-4943-A63D-3CAE495C48E0}) (Version: 6.3.3.2 - The Document Foundation)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
LWS Facebook (HKLM-x32\...\{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}) (Version: 13.50.854.0 - Logitech) Hidden
LWS Gallery (HKLM-x32\...\{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}) (Version: 13.51.827.0 - Logitech) Hidden
LWS Help_main (HKLM-x32\...\{1651216E-E7AD-4250-92A1-FB8ED61391C9}) (Version: 13.51.828.0 - Logitech) Hidden
LWS Launcher (HKLM-x32\...\{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}) (Version: 13.51.828.0 - Logitech) Hidden
LWS Motion Detection (HKLM-x32\...\{71E66D3F-A009-44AB-8784-75E2819BA4BA}) (Version: 13.51.815.0 - Logitech) Hidden
LWS Pictures And Video (HKLM-x32\...\{08610298-29AE-445B-B37D-EFBE05802967}) (Version: 13.51.815.0 - Logitech) Hidden
LWS Twitter (HKLM-x32\...\{174A3B31-4C43-43DD-866F-73C9DB887B48}) (Version: 13.30.1346.0 - Logitech) Hidden
LWS Webcam Software (HKLM-x32\...\{8937D274-C281-42E4-8CDB-A0B2DF979189}) (Version: 13.51.815.0 - Logitech) Hidden
LWS WLM Plugin (HKLM-x32\...\{9DAEA76B-E50F-4272-A595-0124E826553D}) (Version: 1.30.1201.0 - Logitech) Hidden
LWS YouTube Plugin (HKLM-x32\...\{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}) (Version: 13.31.1038.0 - Logitech) Hidden
Malwarebytes version 4.5.10.200 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.10.200 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 103.0.1264.49 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 103.0.1264.49 - Microsoft Corporation)
Microsoft Office Access MUI (Czech) 2010 (HKLM-x32\...\{90140000-0015-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (HKLM-x32\...\{90140000-0015-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (HKLM-x32\...\{90140000-0117-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Czech) 2010 (HKLM-x32\...\{90140000-0016-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (HKLM-x32\...\{90140000-0016-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (Czech) 2010 (HKLM-x32\...\{90140000-00BA-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (HKLM-x32\...\{90140000-00BA-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Czech) 2010 (HKLM-x32\...\{90140000-0044-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (HKLM-x32\...\{90140000-0044-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Language Pack 2010 - Czech/èeština (HKLM-x32\...\Office14.OMUI.cs-cz) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office O MUI (Czech) 2010 (HKLM-x32\...\{90140000-0100-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (HKLM\...\{90140000-002A-0000-1000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2010 (HKLM-x32\...\{90140000-00A1-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (HKLM-x32\...\{90140000-00A1-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (Czech) 2010 (HKLM-x32\...\{90140000-001A-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2010 (HKLM-x32\...\{90140000-0018-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Office Proof (Czech) 2010 (HKLM-x32\...\{90140000-001F-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2010 (HKLM-x32\...\{90140000-001F-041B-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2010 (HKLM-x32\...\{90140000-002C-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (HKLM-x32\...\{90140000-002C-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Czech) 2010 (HKLM-x32\...\{90140000-0019-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (HKLM-x32\...\{90140000-0019-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2010 (HKLM\...\{90140000-002A-0405-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (HKLM\...\{90140000-002A-0409-1000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (HKLM\...\{90140000-0116-0409-1000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2010 (HKLM-x32\...\{90140000-006E-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (HKLM-x32\...\{90140000-006E-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (HKLM-x32\...\{90140000-0115-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer MUI (Czech) 2010 (HKLM-x32\...\{90140000-0017-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2010 (HKLM-x32\...\{90140000-001B-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (HKLM-x32\...\{90140000-001B-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office X MUI (Czech) 2010 (HKLM-x32\...\{90140000-0101-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-722231672-965411127-3486821242-1001\...\OneDriveSetup.exe) (Version: 22.131.0619.0001 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 x64 Additional Runtime - 14.15.26706 (HKLM\...\{F106B700-BFF8-3065-B305-14D36AD40539}) (Version: 14.15.26706 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 x64 Minimum Runtime - 14.15.26706 (HKLM\...\{C77195A4-CEB8-38EE-BDD6-C46CB459EF6E}) (Version: 14.15.26706 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 x86 Additional Runtime - 14.15.26706 (HKLM-x32\...\{2757496A-3E74-320A-B007-36120A9F126D}) (Version: 14.15.26706 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.15.26706 (HKLM-x32\...\{39E15475-23F2-345D-8977-B5DC47A94E26}) (Version: 14.15.26706 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 102.0.1 (x64 cs)) (Version: 102.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 73.0 - Mozilla)
MSVCRT (HKLM-x32\...\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}) (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (HKLM-x32\...\{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}) (Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (HKLM\...\{E9FA781F-3E80-4399-825A-AD3E11C28C77}) (Version: 16.4.1109.0912 - Microsoft) Hidden
NVIDIA Ovladač HD audia 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 456.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 456.71 - NVIDIA Corporation)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Opera Stable 88.0.4412.74 (HKLM-x32\...\Opera 88.0.4412.74) (Version: 88.0.4412.74 - Opera Software)
PDF Architect 7 (HKLM-x32\...\PDF Architect 7) (Version: 7.1.13.1755 - pdfforge GmbH)
PDF Architect 7 Create Module (HKLM\...\{B600CC13-8F68-4D44-8867-93490894FAE5}) (Version: 7.1.14.4969 - pdfforge GmbH) Hidden
PDF Architect 7 Edit Module (HKLM\...\{BA2C2671-B379-4101-A21C-4C549671FC8D}) (Version: 7.1.14.4969 - pdfforge GmbH) Hidden
PDF Architect 7 View Module (HKLM\...\{E947A304-6110-4CFE-98AD-E6909072E87D}) (Version: 7.1.14.4969 - pdfforge GmbH) Hidden
PDF24 Creator 10.7.1 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 10.7.1 - PDF24.org)
Photo Common (HKLM-x32\...\{15BFD731-A10E-43E9-9D18-0F682BC0480F}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Gallery (HKLM-x32\...\{07AAB66E-4718-422D-9218-4AFB3C922A71}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PSE10 STI Installer (HKLM-x32\...\{11D08055-939C-432b-98C3-E072478A0CD7}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
Rajče verze 2.5.9 sestavení 290 (HKLM-x32\...\Rajče.net_is1) (Version: - rajče.net)
RealDownloader (HKLM-x32\...\{48D18738-099C-4FAA-AFD9-80B592A25478}) (Version: 18.1.3.103 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM-x32\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (HKLM-x32\...\{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}) (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 20.0) (Version: 20.0.7 - RealNetworks)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0015-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0016-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0017-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{2554816C-7768-46D5-A527-DAE1EED850CC}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0019-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001B-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{A71E3AD4-5545-4D59-9F11-75F363563C6A}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{8925227F-C7B5-4C95-AB58-4FCF2433DAEE}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-041B-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{0C337AF5-E6A7-4B6B-8F8E-08F9C6F956B4}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0405-1000-0000000FF1CE}_Office14.OMUI.cs-cz_{7F5CE17A-23B9-4EED-B017-A7EF4547476C}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002C-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{EA82267F-4AAB-46BA-AD6A-9EBB544D0EF7}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0044-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{2C911571-C8B6-400B-B323-417C1806E866}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-00BA-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (HKLM-x32\...\{90140000-0100-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{1FCBAAF2-0321-4986-8DAE-5F2891EC6E8E}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (HKLM-x32\...\{90140000-0101-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{3AC03A87-33F2-41DC-8BA3-EA4B3EC5E4AA}) (Version: - Microsoft) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype verze 8.79 (HKLM-x32\...\Skype_is1) (Version: 8.79 - Skype Technologies S.A.)
UpdateService (HKLM-x32\...\{E3AE96D6-E196-45B4-AF62-2B41998B9E37}) (Version: 1.0.0 - RealNetworks, Inc.) Hidden
vc2012_redist (HKLM-x32\...\{9402AEF2-5981-4097-8BE2-6501DAC4DBFD}) (Version: 1.0.0.0 - Realnetworks) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
vs2015_redist x86 (HKLM-x32\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden
VSO Inspector 2.0.2 (HKLM-x32\...\VSO Inspector_is1) (Version: - VSO-Software SARL)
Windows Live Communications Platform (HKLM-x32\...\{41C61308-6CFD-4D54-AB6A-7136ED08A18E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{66B5819D-DE70-42BE-B40F-978FBA12452E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{9A470EA9-FF86-4C0E-992C-572BF2B9D6FF}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Installer (HKLM-x32\...\{659CB81C-B54E-4DF1-B618-F35777393A54}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (HKLM-x32\...\{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (HKLM-x32\...\{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (HKLM-x32\...\{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (HKLM-x32\...\{D1893000-EA77-493C-8DDD-E262436E959B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (HKLM-x32\...\{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{6522F5F9-411B-4513-A75B-CEA00395F032}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{E100E2B5-F2EF-4955-AB7A-C3F2125A3BCD}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
WinZip (HKLM-x32\...\WinZip) (Version: 10.0 (6667) - WinZip Computing LP)
WinZip 24.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C24127}) (Version: 24.0.14033 - Corel Corporation)
XMedia Recode 64bit verze 3.5.3.7 (HKLM\...\{D31E6E69-4C6A-42CC-926F-CC7B186864EB}_is1) (Version: 3.5.3.7 - XMedia Recode 64bit)
ZoneAlarm Firewall (HKLM-x32\...\{2F77A309-CAB9-4C8A-8ED0-8C8DA3FF0744}) (Version: 15.8.038.18284 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: 15.8.038.18284 - Check Point)
ZoneAlarm Security (HKLM-x32\...\{DA17D180-7193-4070-B085-9827DB80C2F8}) (Version: 15.8.038.18284 - Check Point Software Technologies Ltd.) Hidden
Zoner Photo Studio 8 (HKLM-x32\...\Zoner Photo Studio 8_is1) (Version: - ZONER software)
Packages:
=========
ASUS Grid (Beta) -> C:\Program Files\WindowsApps\B9ECED6F.133F79A42C6_1.0.14.0_x64__qmba6cd70vzyy [2020-07-12] (ASUSTeK COMPUTER INC.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.20.89.0_x64__kgqvnymyfvs32 [2022-06-30] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.84.4.0_x64__kgqvnymyfvs32 [2022-07-06] (king.com)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-07-12] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-07-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-07-12] (Microsoft Corporation) [MS Ad]
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_4.2.3180.0_x64__8wekyb3d8bbwe [2022-04-08] (Microsoft Studios) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.7040.0_x64__8wekyb3d8bbwe [2022-07-12] (Microsoft Studios) [MS Ad]
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.73.51701.0_x64__8wekyb3d8bbwe [2022-06-29] (Microsoft Corporation) [Startup Task]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-15] (Netflix, Inc.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0 [2022-07-12] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-722231672-965411127-3486821242-1001_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> D:\Archivace\WinZip\adxloader64.WinZipExpressForOffice.dll (Corel Corporation -> )
CustomCLSID: HKU\S-1-5-21-722231672-965411127-3486821242-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6723984 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Office14\GROOVEEX.DLL [4222864 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Archivace\7-Zip\7-zip.dll [2019-09-05] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [FineReader15ContextMenu] -> {53339754-4DD1-438B-8D24-0D0730F1A591} => C:\Program Files (x86)\ABBYY FineReader 15\x64\FRIntegration.x64.dll [2019-08-22] (ABBYY Production LLC -> ABBYY Production LLC.)
ContextMenuHandlers1: [PDFArchitect7_ManagerExt] -> {21989F59-B260-4302-90C3-E51740E03639} => C:\Program Files\PDF Architect 7\context-menu.dll [2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2022-05-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1-x32: [Transformer4ContextMenu] -> {558BA64F-C7A8-4B96-BCDD-B46E9D00756A} => D:\Programy\ABBYY PDF Transformer+\TRIntegration.dll [2015-01-28] (ABBYY Production LLC -> ABBYY Production LLC.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\ Archivace\WinRar 5.91\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\ Archivace\WinRar 5.91\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => D:\Archivace\WinZip\wzshls64.dll [2020-02-25] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\Aviry\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-21] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => d:\prográmky\realplayer\RPDS\Bin64\rpcontextmenu.dll [2021-12-26] (RealNetworks, Inc. -> RealNetworks, Inc.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Archivace\7-Zip\7-zip.dll [2019-09-05] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => D:\Aviry\Recuva\RecuvaShell64.dll [2022-04-06] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2022-05-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => D:\Archivace\WinZip\wzshls64.dll [2020-02-25] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2022-05-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Archivace\7-Zip\7-zip.dll [2019-09-05] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [FineReader15ContextMenu] -> {53339754-4DD1-438B-8D24-0D0730F1A591} => C:\Program Files (x86)\ABBYY FineReader 15\x64\FRIntegration.x64.dll [2019-08-22] (ABBYY Production LLC -> ABBYY Production LLC.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\Aviry\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-21] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => D:\Aviry\Recuva\RecuvaShell64.dll [2022-04-06] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers6-x32: [Transformer4ContextMenu] -> {558BA64F-C7A8-4B96-BCDD-B46E9D00756A} => D:\Programy\ABBYY PDF Transformer+\TRIntegration.dll [2015-01-28] (ABBYY Production LLC -> ABBYY Production LLC.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\ Archivace\WinRar 5.91\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\ Archivace\WinRar 5.91\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => D:\Archivace\WinZip\wzshls64.dll [2020-02-25] (Corel Corporation -> WinZip Computing)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.X264] => C:\WINDOWS\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.HFYU] => C:\WINDOWS\system32\huffyuv.dll [55296 2005-01-22] () [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\system32\lagarith.dll [148992 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\system32\xvidvfw.dll [310784 2019-12-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.HFYU] => C:\Windows\SysWOW64\huffyuv.dll [39936 2004-05-18] (Disappearing Inc.) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284160 2019-12-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\SysWOW64\lameACM.acm [473088 2015-02-25] (hxxp://www.mp3dev.org/) [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Network Shortcuts\My Web Sites on MSN\target.lnk -> hxxp://www.msnusers.co
==================== Loaded Modules (Whitelisted) =============
2009-11-17 23:58 - 2009-11-17 23:58 - 000342656 _____ (Hewlett Packard -> Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqmif08.dll
2009-11-17 23:58 - 2009-11-17 23:58 - 000559232 _____ (Hewlett Packard -> Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusg.dll
2012-05-27 17:44 - 2012-05-27 17:44 - 000032256 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.rsc
2011-04-29 12:34 - 2011-04-29 12:34 - 000934400 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsem08.rsc
2011-04-29 12:34 - 2011-04-29 12:34 - 000012288 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqstp08.rsc
2011-04-29 20:08 - 2011-04-29 20:08 - 000048128 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc
2010-08-06 12:15 - 2010-08-06 12:15 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2010-08-06 12:15 - 2010-08-06 12:15 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2010-08-06 12:15 - 2010-08-06 12:15 - 000054784 _____ (Hewlett-Packard) [File not signed] C:\WINDOWS\SYSTEM32\hpzipr12.dll
2020-01-20 22:16 - 2020-01-20 22:16 - 000986112 _____ (Microsoft Corporation) [File not signed] D:\Aviry\CheckPoint\ZoneAlarm\dbghelp.dll
2022-07-10 01:00 - 2022-07-10 01:00 - 003091456 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\fbd91d0b0c038bc0466e585075b1f989\Newtonsoft.Json.ni.dll
2020-10-19 15:04 - 2020-10-19 15:04 - 000018944 _____ (Softland) [File not signed] C:\WINDOWS\System32\novamn10.dll
2018-12-10 11:29 - 2018-12-10 11:29 - 000438272 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] C:\Program Files\PDF Architect 7\libcurl.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: PDF Architect 7 Helper -> {2B035CAB-1F3D-4DE6-A32D-39B9E5F456D0} -> C:\Program Files\PDF Architect 7\creator\plugins\IEAddin\creator-ie-helper.dll [2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> d:\prográmky\realplayer\BrowserRecordPlugin\IE\rndlbrowserrecordplugin64.dll [2021-12-26] (RealNetworks, Inc. -> RealPlayer)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> d:\prográmky\realplayer\BrowserRecordPlugin\IE\rndlbrowserrecordplugin.dll [2021-12-26] (RealNetworks, Inc. -> RealPlayer)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-722231672-965411127-3486821242-1001\...\localhost -> localhost
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2022-01-29 14:29 - 2022-01-29 14:29 - 000000000 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-722231672-965411127-3486821242-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\Pictures\Saved Pictures\m104 - sombrero.bmp
DNS Servers: 31.30.90.11 - 31.30.90.12
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{F1C3FD45-225F-4248-BB58-CC07D80EA9B9}] => (Allow) D:\Aviry\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{7FE0D65D-4851-4F77-BD27-FF9EE5C9BCAA}] => (Allow) D:\Aviry\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{98E55126-E08E-4283-BC9F-1CD4487C5376}] => (Allow) D:\Aviry\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{463A6C42-0E1B-4675-8A95-5E8E0F425848}] => (Allow) D:\Aviry\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{7059C7E5-30C1-4084-A8C6-CA7C0AB13286}] => (Allow) LPort=8501
FirewallRules: [{D9603B5C-325E-4237-BC4E-91DCA55B90A1}] => (Allow) LPort=8501
FirewallRules: [{D33BCFB3-EA54-4BD5-954B-45F544174DFE}] => (Allow) C:\Program Files (x86)\Office14\ONENOTE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{87F08FF4-AAB0-4911-9194-EB67A27D0ED3}] => (Allow) C:\Program Files (x86)\Office14\ONENOTE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{63FD2332-F2D6-45A0-8793-C7410883EF3D}] => (Allow) LPort=1900
FirewallRules: [{09D0FD54-F9E5-4E9B-B5EC-8C5985AB222F}] => (Allow) LPort=2869
FirewallRules: [{13FD4DA9-5757-49F9-987F-7641F63CD5D5}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D53AC4E9-924B-48B4-A6E6-95AF36DAFFDE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3F60A5E6-326B-4D15-A51D-52B43BF1ABC4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CA0013FD-B126-4C46-BEE0-597F4DDB0B80}] => (Allow) C:\Program Files (x86)\Office14\GROOVE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0BBCD6C0-2206-46C3-A2BD-0348B1897A4D}] => (Allow) C:\Program Files (x86)\Office14\GROOVE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6C8F3AE3-4336-4D9E-BA25-A3671EE747A8}] => (Allow) C:\Program Files (x86)\Office14\ONENOTE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9B5E2AB7-51AF-4ED3-B069-4EB883C9A166}] => (Allow) C:\Program Files (x86)\Office14\ONENOTE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{91181CAB-8ADE-439A-8631-8327892A308B}] => (Allow) C:\Program Files (x86)\Office14\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0CE445A5-21BB-467A-A270-7065480A7DB2}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9A0EB60E-5410-48B5-85F9-1C9B71271994}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E6EC08C9-BC65-4D7B-B033-5092276B64F8}] => (Allow) d:\prográmky\realplayer\RPDS\Bin\rpdsvc.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
FirewallRules: [{EEBDC094-AAA2-4871-AD93-AEBBD357AF94}] => (Allow) d:\prográmky\realplayer\RealPlay.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
FirewallRules: [{C50EABFE-71A2-4F77-8CE5-99AEFA6BDBB3}] => (Allow) C:\Program Files (x86)\Opera\88.0.4412.53\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{37CFD4AC-3F87-4B99-87A2-CA934C9B5559}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{ACDEEE04-7CAC-43D3-9ADD-8AA20CF60944}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6715F821-E244-4A7C-B3F2-60DB679AEDFD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3E00C8B9-A0E7-430D-9AFF-7BD2ADB9787A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{7062FC98-41DE-4448-80FB-6D82340BE6B3}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe => No File
FirewallRules: [UDP Query User{1442EBD7-00DA-425F-ACFD-F90D9F096E3D}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe => No File
FirewallRules: [{185E82BB-7023-4EAE-B343-B77E8BB93C84}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{5E2E4C4F-8346-43D0-82E7-89E431BF6E83}] => (Allow) C:\Program Files (x86)\Opera\88.0.4412.74\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{329949B6-825D-429B-B7D3-1814F4CD35D3}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\103.0.1264.49\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8E35B60A-50D6-49F4-9E1A-E347D51D1393}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B757D56B-F20C-428D-AB3A-5A4FDB9A4216}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4DF3F62E-9DED-4946-A33C-DEF6F5747F77}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{61E003C8-7A09-453A-9C44-4C8FCB9CDBBE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A2080A66-3222-4146-8061-0E02BAB08A81}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E99F3D0F-14E7-4040-98CB-F25537E9477F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C921261B-B7BA-4711-9D41-4BDBD4B98A39}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{05E3F73D-BA17-47D9-AEF4-C98FE24920C7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
==================== Restore Points =========================
21-06-2022 16:31:50 Instalační služba modulů systému Windows
05-07-2022 12:10:11 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (07/12/2022 09:13:35 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu FirewallProduct z úložiště dat.
Error: (07/12/2022 09:12:32 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).
Error: (07/12/2022 06:52:59 PM) (Source: COM) (EventID: 10035) (User: )
Description: Řadič standardu COM nebyl schopen opravit nesoulad mezi IID {618736E0-3C3D-11CF-810C-00AA00389B71} poskytovaným serverem a IID {00020400-0000-0000-C000-000000000046}, které požaduje klient, s CLSID identifikátorem ovladače {00000002-F044-0445-E042-9104C8531B01}. Kód chybového hlášení byl 0x80010114.
Error: (07/12/2022 12:14:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: PM70.EXE, verze: 0.7.0.0, časové razítko: 0x3b2d4092
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.1741, časové razítko: 0x221456c9
Kód výjimky: 0xc0000374
Posun chyby: 0x000e6cf3
ID chybujícího procesu: 0x2cb0
Čas spuštění chybující aplikace: 0x01d8955621fd5ecf
Cesta k chybující aplikaci: d:\programy\adobe\pagemaker 7.0\PM70.EXE
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 5e798ed5-dee0-47dd-b280-1203bbd70b2d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (07/11/2022 06:26:51 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).
Error: (07/10/2022 03:00:11 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).
Error: (07/09/2022 10:39:27 AM) (Source: COM) (EventID: 10035) (User: )
Description: Řadič standardu COM nebyl schopen opravit nesoulad mezi IID {618736E0-3C3D-11CF-810C-00AA00389B71} poskytovaným serverem a IID {00020400-0000-0000-C000-000000000046}, které požaduje klient, s CLSID identifikátorem ovladače {76B8ADFF-F280-0475-00E4-B876A69E0B4B}. Kód chybového hlášení byl 0x80010114.
Error: (07/07/2022 06:12:30 PM) (Source: COM) (EventID: 10035) (User: )
Description: Řadič standardu COM nebyl schopen opravit nesoulad mezi IID {618736E0-3C3D-11CF-810C-00AA00389B71} poskytovaným serverem a IID {00020400-0000-0000-C000-000000000046}, které požaduje klient, s CLSID identifikátorem ovladače {00000002-EC9C-042B-882E-0F01F8E81101}. Kód chybového hlášení byl 0x80010114.
System errors:
=============
Error: (07/12/2022 09:32:15 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-1U0LM3C)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (07/12/2022 09:14:14 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Endpoint Protection Service skončila s následující chybou specifickou pro službu:
%%40007
Error: (07/12/2022 09:13:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba RealTimes Desktop Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (07/12/2022 09:13:21 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby ABBYY PDF Transformer+ - Licensing Service bylo dosaženo časového limitu (60000 ms).
Error: (07/12/2022 09:11:44 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba AsusUpdateCheck se po přijetí pokynu pro vypnutí neukončila správně.
Error: (07/12/2022 12:48:03 AM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-1U0LM3C)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (07/11/2022 12:30:12 AM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-1U0LM3C)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (07/10/2022 01:05:50 AM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-1U0LM3C)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Windows Defender:
================
Date: 2022-07-12 21:38:39
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\Windows\KMSEmulator.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-1U0LM3C\Admin
Název procesu: D:\Aviry\FRST64.exe
Verze bezpečnostních informací: AV: 1.371.60.0, AS: 1.371.60.0, NIS: 1.371.60.0
Verze modulu: AM: 1.1.19400.3, NIS: 1.1.19400.3
Date: 2022-07-12 21:24:52
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {024625CF-2308-44B4-8CA2-30DAEBF98E64}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: DESKTOP-1U0LM3C\Admin
Date: 2022-07-12 21:15:27
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: containerfile:_C:\Windows\AutoKMS.exe; file:_C:\Windows\AutoKMS.exe->[MSILRES:AutoKMS.Properties.Resources.resources]; file:_C:\WINDOWS\System32\Tasks\AutoKMS->(UTF-16LE); file:_C:\WINDOWS\System32\Tasks\AutoKMSDaily->(UTF-16LE); file:_C:\WINDOWS\Tasks\AutoKMS.job; file:_C:\WINDOWS\Tasks\AutoKMSDaily.job; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B681C9D8-A6EB-4592-95E5-7130E7641EAD}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DA4D9638-EC04-441E-9325-9F21AB7036CE}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMSDaily; taskscheduler:_C:\WINDOWS\System32\Tasks\AutoKMS; taskscheduler:_C:\WINDOWS\System32\Tasks\AutoKMSDaily; taskscheduler:_C:\WINDOWS\Tasks\AutoKMS.job; taskscheduler:_C:\WINDOWS\Tasks\AutoKMSDaily.job
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.305.2858.0, AS: 1.305.2858.0, NIS: 1.305.2858.0
Verze modulu: AM: 1.1.16500.1, NIS: 1.1.16500.1
Date: 2022-07-12 21:15:23
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: containerfile:_C:\Windows\AutoKMS.exe; file:_C:\Windows\AutoKMS.exe->[MSILRES:AutoKMS.Properties.Resources.resources]; file:_C:\WINDOWS\System32\Tasks\AutoKMS->(UTF-16LE); file:_C:\WINDOWS\System32\Tasks\AutoKMSDaily->(UTF-16LE); file:_C:\WINDOWS\Tasks\AutoKMS.job; file:_C:\WINDOWS\Tasks\AutoKMSDaily.job; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B681C9D8-A6EB-4592-95E5-7130E7641EAD}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DA4D9638-EC04-441E-9325-9F21AB7036CE}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMSDaily; taskscheduler:_C:\WINDOWS\System32\Tasks\AutoKMS; taskscheduler:_C:\WINDOWS\System32\Tasks\AutoKMSDaily; taskscheduler:_C:\WINDOWS\Tasks\AutoKMS.job; taskscheduler:_C:\WINDOWS\Tasks\AutoKMSDaily.job
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.305.2858.0, AS: 1.305.2858.0, NIS: 1.305.2858.0
Verze modulu: AM: 1.1.16500.1, NIS: 1.1.16500.1
Date: 2022-07-12 21:15:02
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: containerfile:_C:\Windows\AutoKMS.exe; file:_C:\Windows\AutoKMS.exe->[MSILRES:AutoKMS.Properties.Resources.resources]; file:_C:\WINDOWS\System32\Tasks\AutoKMS->(UTF-16LE); file:_C:\WINDOWS\System32\Tasks\AutoKMSDaily->(UTF-16LE); file:_C:\WINDOWS\Tasks\AutoKMS.job; file:_C:\WINDOWS\Tasks\AutoKMSDaily.job; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B681C9D8-A6EB-4592-95E5-7130E7641EAD}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DA4D9638-EC04-441E-9325-9F21AB7036CE}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMSDaily; taskscheduler:_C:\WINDOWS\System32\Tasks\AutoKMS; taskscheduler:_C:\WINDOWS\System32\Tasks\AutoKMSDaily; taskscheduler:_C:\WINDOWS\Tasks\AutoKMS.job; taskscheduler:_C:\WINDOWS\Tasks\AutoKMSDaily.job
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.305.2858.0, AS: 1.305.2858.0, NIS: 1.305.2858.0
Verze modulu: AM: 1.1.16500.1, NIS: 1.1.16500.1
CodeIntegrity:
===============
Date: 2022-07-12 21:39:08
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Avira\Endpoint Protection SDK\amsi\x64\avamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 2901 10/16/2019
Motherboard: ASUSTeK COMPUTER INC. ROG STRIX B450-F GAMING
Processor: AMD Ryzen 5 2600 Six-Core Processor
Percentage of memory in use: 49%
Total physical RAM: 8124.13 MB
Available physical RAM: 4134.84 MB
Total Virtual: 9404.13 MB
Available Virtual: 4902.53 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:237.84 GB) (Free:150.83 GB) (Model: ADATA SX8200PNP) NTFS
Drive d: (Místní disk) (Fixed) (Total:931.5 GB) (Free:389.86 GB) (Model: WDC WD10EZEX-60WN4A1) NTFS
\\?\Volume{d6458fe6-83f6-4935-9c1d-28a7f72e381b}\ () (Fixed) (Total:0.52 GB) (Free:0.09 GB) NTFS
\\?\Volume{b5a6f67e-0283-4ca7-8508-df1d94760cbf}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: 39AE08EB)
Partition: GPT.
==================== End of Addition.txt =======================