Totalne spomaleny comp

Zpráva

alfonz.flower · #1 Příspěvek od **alfonz.flower** » 12 pro 2023 13:21

Dobry den,

totalne sa mi spomalil comp, prosim a kontrolu. Disk, RAM na 100%

#2 Příspěvek od **Rudy** » 12 pro 2023 14:49

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

alfonz.flower · #3 Příspěvek od **alfonz.flower** » 12 pro 2023 14:59

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-12-2023
# Duration: 00:01:45
# OS: Windows 10 (Build 19045.3758)
# Cleaned: 38
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

Deleted MSN Homepage & Bing Search Engine - fcfenmboojpjinhpgggodefccipikbpd

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.ASUSGiftBox Folder C:\Program Files (x86)\ASUS\ASUS GIFTBOX DESKTOP
Deleted Preinstalled.ASUSGiftBox Folder C:\ProgramData\ASUS\ASUS GIFTBOX DESKTOP
Deleted Preinstalled.ASUSGiftBox Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4701E5AB-AF91-4D40-8F18-358CC80E4E5B}
Deleted Preinstalled.ASUSLiveUpdate Folder C:\Program Files (x86)\ASUS\ASUS LIVE UPDATE
Deleted Preinstalled.ASUSLiveUpdate Folder C:\ProgramData\ASUS\ASUS LIVE UPDATE
Deleted Preinstalled.ASUSLiveUpdate Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0743BCAC-C4B1-4377-9434-77FBA4E2A3B2}
Deleted Preinstalled.ASUSLiveUpdate Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Update Checker
Deleted Preinstalled.ASUSLiveUpdate Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}
Deleted Preinstalled.ASUSLiveUpdate Task C:\Windows\System32\Tasks\UPDATE CHECKER
Deleted Preinstalled.ASUSProductRegistration Folder C:\Program Files (x86)\ASUS\APRP
Deleted Preinstalled.ASUSProductRegistration Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{8D6B05E0-F457-408C-9D13-549334D8FAE1}
Deleted Preinstalled.ASUSSmartGesture Folder C:\Program Files (x86)\ASUS\ASUS SMART GESTURE
Deleted Preinstalled.ASUSSmartGesture Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{55EBAAA2-2D7B-475F-B00B-AF66C467BD22}
Deleted Preinstalled.ASUSSmartGesture Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS Smart Gesture Launcher
Deleted Preinstalled.ASUSSmartGesture Registry HKLM\Software\Classes\CLSID\{F31B5912-07D6-4895-B4BA-5486CF3B18B1}
Deleted Preinstalled.ASUSSmartGesture Task C:\Windows\System32\Tasks\ASUS SMART GESTURE LAUNCHER
Deleted Preinstalled.ASUSSplendid Folder C:\Program Files (x86)\ASUS\SPLENDID
Deleted Preinstalled.ASUSSplendid Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EBCBCB80-B386-4D17-869F-E47AAD068627}
Deleted Preinstalled.ASUSSplendid Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS Splendid ACMON
Deleted Preinstalled.ASUSSplendid Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{0969AF05-4FF6-4C00-9406-43599238DE0D}
Deleted Preinstalled.ASUSSplendid Task C:\Windows\System32\Tasks\ASUS SPLENDID ACMON
Deleted Preinstalled.ASUSWebStorage Folder C:\Program Files (x86)\ASUS\WEBSTORAGE
Deleted Preinstalled.ASUSWebStorage Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\WEBSTORAGE
Deleted Preinstalled.ASUSWebStorage Registry HKLM\Software\Classes\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7191}
Deleted Preinstalled.ASUSWebStorage Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|WebStorage
Deleted Preinstalled.ASUSWebStorage Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|WebStorage
Deleted Preinstalled.ASUSWebStorage Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WebStorage
Deleted Preinstalled.WildTangentGamesBundle File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - asus.lnk
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES\APP
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangent wildgames Master Uninstall
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus
Deleted Preinstalled.WildTangentGamesBundle Registry HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Deleted Preinstalled.WildTangentGamesBundle Registry HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [6052 octets] - [12/12/2023 14:18:01]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

alfonz.flower · #4 Příspěvek od **alfonz.flower** » 12 pro 2023 14:59

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 12-12-2023
# Duration: 00:02:40
# OS: Windows 10 (Build 19045.3758)
# Scanned: 32104
# Detected: 38

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

PUP.Optional.Legacy MSN Homepage & Bing Search Engine - fcfenmboojpjinhpgggodefccipikbpd

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.ASUSGiftBox Folder C:\Program Files (x86)\ASUS\ASUS GIFTBOX DESKTOP
Preinstalled.ASUSGiftBox Folder C:\ProgramData\ASUS\ASUS GIFTBOX DESKTOP
Preinstalled.ASUSGiftBox Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4701E5AB-AF91-4D40-8F18-358CC80E4E5B}
Preinstalled.ASUSLiveUpdate Folder C:\Program Files (x86)\ASUS\ASUS LIVE UPDATE
Preinstalled.ASUSLiveUpdate Folder C:\ProgramData\ASUS\ASUS LIVE UPDATE
Preinstalled.ASUSLiveUpdate Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0743BCAC-C4B1-4377-9434-77FBA4E2A3B2}
Preinstalled.ASUSLiveUpdate Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Update Checker
Preinstalled.ASUSLiveUpdate Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}
Preinstalled.ASUSLiveUpdate Task C:\Windows\System32\Tasks\UPDATE CHECKER
Preinstalled.ASUSProductRegistration Folder C:\Program Files (x86)\ASUS\APRP
Preinstalled.ASUSProductRegistration Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{8D6B05E0-F457-408C-9D13-549334D8FAE1}
Preinstalled.ASUSSmartGesture Folder C:\Program Files (x86)\ASUS\ASUS SMART GESTURE
Preinstalled.ASUSSmartGesture Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{55EBAAA2-2D7B-475F-B00B-AF66C467BD22}
Preinstalled.ASUSSmartGesture Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS Smart Gesture Launcher
Preinstalled.ASUSSmartGesture Registry HKLM\Software\Classes\CLSID\{F31B5912-07D6-4895-B4BA-5486CF3B18B1}
Preinstalled.ASUSSmartGesture Task C:\Windows\System32\Tasks\ASUS SMART GESTURE LAUNCHER
Preinstalled.ASUSSplendid Folder C:\Program Files (x86)\ASUS\SPLENDID
Preinstalled.ASUSSplendid Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EBCBCB80-B386-4D17-869F-E47AAD068627}
Preinstalled.ASUSSplendid Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS Splendid ACMON
Preinstalled.ASUSSplendid Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{0969AF05-4FF6-4C00-9406-43599238DE0D}
Preinstalled.ASUSSplendid Task C:\Windows\System32\Tasks\ASUS SPLENDID ACMON
Preinstalled.ASUSWebStorage Folder C:\Program Files (x86)\ASUS\WEBSTORAGE
Preinstalled.ASUSWebStorage Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\WEBSTORAGE
Preinstalled.ASUSWebStorage Registry HKLM\Software\Classes\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7191}
Preinstalled.ASUSWebStorage Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|WebStorage
Preinstalled.ASUSWebStorage Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|WebStorage
Preinstalled.ASUSWebStorage Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WebStorage
Preinstalled.WildTangentGamesBundle File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - asus.lnk
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES\APP
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangent wildgames Master Uninstall
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus
Preinstalled.WildTangentGamesBundle Registry HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Preinstalled.WildTangentGamesBundle Registry HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

alfonz.flower · #5 Příspěvek od **alfonz.flower** » 12 pro 2023 15:40

Prikladam aj nove FRST.
Zda sa mi ze je to troska lepsie, ale stale to nie je ok.

#6 Příspěvek od **Rudy** » 12 pro 2023 16:13

Ty logy jsou nanic, dokud nesmažete ten PUP optional (nedáte do karantény). Preinstaled ponechte, jsou to utility od Asusu. Po smazání restartujte a pak dejte nové logy FRST+Addition.

alfonz.flower · #7 Příspěvek od **alfonz.flower** » 15 pro 2023 08:14

Praveze som do karanteny dal. Nevadi, posielam nove skeny.

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 12-15-2023
# Duration: 00:06:30
# OS: Windows 10 (Build 19045.3758)
# Scanned: 32106
# Detected: 0

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.

AdwCleaner[S00].txt - [6052 octets] - [12/12/2023 14:18:01]
AdwCleaner[C00].txt - [6701 octets] - [12/12/2023 14:24:21]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

#8 Příspěvek od **Rudy** » 15 pro 2023 09:24

Teď je to OK. Poprosím o nové logy FRST+Addition. Děkuji.

alfonz.flower · #9 Příspěvek od **alfonz.flower** » 15 pro 2023 09:32

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-12-2023
Ran by Viera Kadlíčková (15-12-2023 09:07:13)
Running from C:\Users\Viera Kadlíčková\OneDrive\Počítač
Microsoft Windows 10 Home Version 22H2 19045.3758 (X64) (2020-09-01 14:49:53)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-765558173-3457487112-3880999057-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-765558173-3457487112-3880999057-503 - Limited - Disabled)
ejyemxyts (S-1-5-21-765558173-3457487112-3880999057-1002 - Limited - Disabled)
Guest (S-1-5-21-765558173-3457487112-3880999057-501 - Limited - Disabled)
Viera Kadlíčková (S-1-5-21-765558173-3457487112-3880999057-1001 - Administrator - Enabled) => C:\Users\Viera Kadlíčková
WDAGUtilityAccount (S-1-5-21-765558173-3457487112-3880999057-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {DF8BEACB-94C9-218A-73AD-A78362A8C516}
AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AV: ESET Security (Enabled - Up to date) {26E0861C-6FB9-CEF9-E4F0-531986211ACE}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}
FW: ESET Firewall (Enabled) {E7B06BEE-DEA6-20D2-58F2-0EB69C7B826D}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}
FW: ESET Firewall (Enabled) {1EDB0739-25D6-CFA1-CFAF-FA2C78F25DB5}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat Reader - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 22.003.20322 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601053}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
ASUS HiPost (HKLM-x32\...\{04768366-F421-4BA5-8423-B84F644B5249}) (Version: 1.0.6 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0039 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.91 - ICEpower a/s)
Backup and Sync from Google (HKLM\...\{696895F7-52C7-4C9E-998B-C7E0CC907092}) (Version: 3.57.4256.0809 - Google, Inc.)
Balík softvéru eID (HKLM-x32\...\{d2c66c1e-5862-43e7-abe2-9c895312112c}) (Version: 1.0.0.0 - Ministerstvo vnútra Slovenskej republiky) Hidden
BDE 520 pro TaxEdit 25 (HKLM-x32\...\{28D35478-94B4-46E6-9E6E-809EA7004EF9}) (Version: 1.00.0000 - Luyten CZ, s.r.o.)
Bit4id - miniLector (HKLM-x32\...\Bit4id - miniLector) (Version: 3.7 - Bit4id)
CEWE fotosvet (HKLM\...\CEWE fotosvet) (Version: 7.2.5 - CEWE Stiftung u Co. KGaA)
Cisco Webex Meetings (HKU\S-1-5-21-765558173-3457487112-3880999057-1001\...\ActiveTouchMeetingClient) (Version: 41.12.3 - Cisco Webex LLC)
CyberLink PhotoDirector 5 (HKLM\...\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.5.6515 - CyberLink Corp.) Hidden
CyberLink PhotoDirector 5 (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.5.6515 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.4010.0 - CyberLink Corp.) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.4010.0 - CyberLink Corp.)
D.Launcher (x86) (HKLM-x32\...\{0DC85C46-746B-4BC5-B727-D5434DF7E5D0}) (Version: 1.2.0.2 - DITEC, a.s.)
D.Signer/XAdES .NET so zásuvnými modulmi (x86) (HKLM-x32\...\{EDB276CE-A945-4201-A552-2683B13C321F}) (Version: 4.0.24 - DITEC, a.s.)
D.Signer/XAdES .NET Tools (x86) (HKLM-x32\...\{6648F510-5044-4CA9-BC21-494A2A198B3A}) (Version: 4.0.17 - DITEC, a.s.)
D.Suite/eIDAS (x86) (HKLM-x32\...\{8d169eac-87e2-4981-825f-701b32f24d72}) (Version: 1.0.29 - DITEC, a.s.)
D.Viewer .NET (x86) (HKLM-x32\...\{73D635BE-5D6F-43D3-8C1F-63B5CD4D5953}) (Version: 4.0.2033 - DITEC, a.s.)
Disig Web Signer (HKLM-x32\...\{8DF92E56-C8C4-4FE3-AD3B-AA10AF3BF0C6}) (Version: 2.1.1 - Disig)
eDANE – aplikácia sekcie daňovej FR SR pre podávanie daňových dokumentov (HKU\S-1-5-21-765558173-3457487112-3880999057-1001\...\6471891987962ff1) (Version: 1.3.0.3 - Finančné riaditeľstvo SR - Sekcia daňová)
eID Klient (HKLM-x32\...\{5FF5567F-BE16-485F-91D1-5E3CE5EF95AE}) (Version: 4.7.0 - MV SR)
Ekonomický systém Money S3 (HKLM-x32\...\Money S3) (Version: 23.100 (20230123_17) - Seyfor, a.s.)
ESET Security (HKLM\...\{BEFBE0CD-6723-4D98-8263-9A2C376BC6CD}) (Version: 17.0.15.0 - ESET, spol. s r.o.)
Evernote v. 5.8.6 (HKLM-x32\...\{FEDC7C10-EF67-11E4-9B07-00505695D7B0}) (Version: 5.8.6.7519 - Evernote Corp.)
Gaming Assistant (HKLM-x32\...\{C27B0A7C-BD18-46EF-984A-CCD2799F4CD4}) (Version: 1.0.2 - ASUS)
GemPcCCID (HKLM\...\{39417D48-AC92-47A7-9F53-3CA2049231B0}) (Version: 2.0.7 - Gemalto) Hidden
GemPcCCID (HKLM\...\{C2C14C20-A217-4FCA-B668-89B6C70B6EFF}) (Version: 2.0.7 - Gemalto)
GemPcCCID (HKLM-x32\...\{55610A8B-6A3F-4F94-B072-4962B78638E5}) (Version: 4.1.4.0 - Gemalto)
GENERALI Kalkulačka v2.77 (HKU\S-1-5-21-765558173-3457487112-3880999057-1001\...\GENERALI Kalkulačka) (Version: 2.77 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 120.0.6099.71 - Google LLC)
Intel(R) Chipset Device Software (HKLM\...\{8C91A5EB-2C62-4A6D-8802-CC79FD2ED390}) (Version: 10.1.1.7 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 604.10125.2655.573 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{3B6A2A50-CA34-4012-BE2A-DF66DF5E83AE}) (Version: 1.1.1.1 - Intel Corporation) Hidden
Intel(R) Trusted Execution Engine Driver (HKLM\...\{893A5D27-2E60-426C-89BA-EA2020545BFA}) (Version: 1.0.0.1064 - Intel Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 120.0.2210.61 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 120.0.2210.61 - Microsoft Corporation)
Microsoft Office 2016 pre podnikateľov - sk-sk (HKLM\...\HomeBusinessRetail - sk-sk) (Version: 16.0.17029.20068 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24212 (HKLM\...\{F20396E5-D84E-3505-A7A8-7358F0155F6C}) (Version: 14.0.24212 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24212 (HKLM\...\{FAAD7243-0141-3987-AA2F-E56B20F80E41}) (Version: 14.0.24212 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215 (HKLM-x32\...\{69BCE4AC-9572-3271-A2FB-9423BDA36A43}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215 (HKLM-x32\...\{BBF2AC74-720C-3CB3-8291-5E34039232FA}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
NVIDIA Grafický ovládač 388.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.73 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.17029.20000 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.16827.20166 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.16827.20122 - Microsoft Corporation) Hidden
Pervasive PSQL v10 SP2 Workgroup (32-bit) (HKLM-x32\...\{0A3238D7-AB32-1010-B717-F3E3F18B4A8C}) (Version: 10.20.034 - Pervasive Software) Hidden
Pervasive PSQL v10 SP2 Workgroup (32-bit) (HKLM-x32\...\Pervasive PSQL v10 SP2 Workgroup (32-bit)) (Version: 10.20.034 - Pervasive Software)
ProID+ (64-bit) (HKLM\...\{38BC9C6D-0DCF-4456-91EB-8898F6A024C6}) (Version: 2.4.7.21145 - MONET+, a.s.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.2 - Qualcomm Atheros)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.27053 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.36 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.101 - Skype Technologies S.A.)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.38.3 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Windows Driver Package - ASUS (ATP) Mouse (06/17/2015 6.0.0.66) (HKLM\...\1EFB54678773735560B565BE7FA6F2BCC557EE21) (Version: 06/17/2015 6.0.0.66 - ASUS)
Windows Kontrola stavu počítača (HKLM\...\{8D6B9DC1-A437-41E0-8DF1-9F37748394AE}) (Version: 3.6.2204.08001 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
WinPonuka (HKLM-x32\...\CsobApp) (Version: v2.04u Makler Life - MMSoft)
WPS Office for ASUS (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.4947 - Kingsoft Corp.)
Zoom (HKU\S-1-5-21-765558173-3457487112-3880999057-1001\...\ZoomUMX) (Version: 5.4.2 (58740.1105) - Zoom Video Communications, Inc.)

Packages:
=========
ASUS GIFTBOX -> C:\Program Files\WindowsApps\B9ECED6F.ASUSGIFTBOX_3.2.3.0_x64__qmba6cd70vzyy [2021-12-28] (ASUSTeK COMPUTER INC.)
ASUS Welcome -> C:\Program Files\WindowsApps\B9ECED6F.ASUSWelcome_1.0.1.0_x64__qmba6cd70vzyy [2016-02-26] (ASUSTeK COMPUTER INC.)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.208.400.0_x86__kgqvnymyfvs32 [2021-12-28] (king.com)
Doplnok mediálneho nástroja pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-03-17] (Microsoft Corporation)
Flipboard -> C:\Program Files\WindowsApps\Flipboard.Flipboard_2.1.3.0_neutral__3f5azkryzdbc4 [2017-07-16] (Flipboard)
Gameloft Games -> C:\Program Files\WindowsApps\A278AB0D.GameloftGames_1.0.2.6_x86__h6adky7gbf63m [2016-01-03] (Gameloft.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_133.1.340.0_x64__v10z8vjag6ke6 [2021-12-28] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.11.12030.0_x64__8wekyb3d8bbwe [2021-12-28] (Microsoft Studios) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-16] (Netflix, Inc.)
RAR Opener -> C:\Program Files\WindowsApps\DeviceDoctor.RAROpener_1.3.48.0_x64__mkdtfchztkfbm [2017-09-25] (Tiny Opener)
TripAdvisor Hotels Flights Restaurants -> C:\Program Files\WindowsApps\TripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_1.5.10.0_x64__qj0v5chwq8f2g [2016-11-19] (TripAdvisor LLC)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-11] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-765558173-3457487112-3880999057-1001_Classes\CLSID\{1019ADC7-17CB-4489-AFD5-6642C7400ACE}\localserver32 -> C:\Users\Viera Kadlíčková\AppData\Local\Webex\Webex\Applications\ptOIEx64.exe (Cisco WebEx LLC -> Cisco WebEx LLC)
CustomCLSID: HKU\S-1-5-21-765558173-3457487112-3880999057-1001_Classes\CLSID\{6BE99E87-B6FB-4CC3-AE69-DFCF33303D55} -> [Tlačové exporty z Money S3] => C:\Users\Public\Documents\CIGLER SOFTWARE\Money S3\PRINT\ [0000-00-00 00:00]
CustomCLSID: HKU\S-1-5-21-765558173-3457487112-3880999057-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-765558173-3457487112-3880999057-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\Viera Kadlíčková\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => No File
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => -> No File
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) [File not signed]
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2023-12-11] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2023-12-11] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSContextMenu.dll [2015-12-24] (ASUS Cloud Corporation -> ASUS Cloud Corporation)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => -> No File
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-12-19] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2023-12-11] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Viera Kadlíčková\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Vika - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) =============

2023-05-18 13:57 - 2023-05-18 13:57 - 004277248 _____ () [File not signed] C:\Program Files (x86)\eID_klient\botan_x86.dll
2023-05-18 14:02 - 2023-05-18 14:02 - 000151552 _____ () [File not signed] C:\Program Files (x86)\eID_klient\openjpeg.dll
2023-12-15 07:40 - 2023-12-15 07:40 - 000114176 _____ () [File not signed] C:\Users\Viera Kadlíčková\AppData\Local\Temp\_MEI114802\_ctypes.pyd
2023-12-15 07:40 - 2023-12-15 07:40 - 000172544 _____ () [File not signed] C:\Users\Viera Kadlíčková\AppData\Local\Temp\_MEI114802\_elementtree.pyd
2023-12-15 07:40 - 2023-12-15 07:40 - 002255872 _____ () [File not signed] C:\Users\Viera Kadlíčková\AppData\Local\Temp\_MEI114802\_hashlib.pyd
2023-12-15 07:40 - 2023-12-15 07:40 - 000032256 _____ () [File not signed] C:\Users\Viera Kadlíčková\AppData\Local\Temp\_MEI114802\_multiprocessing.pyd
2023-12-15 07:40 - 2023-12-15 07:40 - 000046080 _____ () [File not signed] C:\Users\Viera Kadlíčková\AppData\Local\Temp\_MEI114802\_psutil_windows.pyd
2023-12-15 07:40 - 2023-12-15 07:40 - 000047616 _____ () [File not signed] C:\Users\Viera Kadlíčková\AppData\Local\Temp\_MEI114802\_socket.pyd
2023-12-15 07:40 - 2023-12-15 07:40 - 002825216 _____ () [File not signed] C:\Users\Viera Kadlíčková\AppData\Local\Temp\_MEI114802\_ssl.pyd
2023-12-15 07:40 - 2023-12-15 07:40 - 000026112 _____ () [File not signed] C:\Users\Viera Kadlíčková\AppData\Local\Temp\_MEI114802\_yappi.pyd
2023-12-15 07:40 - 2023-12-15 07:40 - 000080896 _____ () [File not signed] C:\Users\Viera Kadlíčková\AppData\Local\Temp\_MEI114802\bz2.pyd
2023-12-15 07:40 - 2023-12-15 07:40 - 000015872 _____ () [File not signed] C:\Users\Viera Kadlíčková\AppData\Local\Temp\_MEI114802\common.time34.pyd
2023-12-15 07:40 - 2023-12-15 07:40 - 000007680 _____ () [File not signed] C:\Users\Viera Kadlíčková\AppData\Local\Temp\_MEI114802\hashobjs_ext.pyd
2023-12-15 07:40 - 2023-12-15 07:40 - 000301568 _____ () [File not signed] C:\Users\Viera Kadlíčková\AppData\Local\Temp\_MEI114802\PIL._imaging.pyd
2023-12-15 07:40 - 2023-12-15 07:40 - 000168448 _____ () [File not signed] C:\Users\Viera Kadlíčková\AppData\Local\Temp\_MEI114802\pyexpat.pyd
2023-12-15 07:40 - 2023-12-15 07:40 - 001084416 _____ () [File not signed] C:\Users\Viera Kadlíčková\AppData\Local\Temp\_MEI114802\pysqlite2._sqlite.pyd
2023-12-15 07:40 - 2023-12-15 07:40 - 000548864 _____ () [File not signed] C:\Users\Viera Kadlíčková\AppData\Local\Temp\_MEI114802\pythoncom27.dll
2023-12-15 07:40 - 2023-12-15 07:40 - 000137728 _____ () [File not signed] C:\Users\Viera Kadlíčková\AppData\Local\Temp\_MEI114802\pywintypes27.dll
2023-12-15 07:40 - 2023-12-15 07:40 - 000010752 _____ () [File not signed] C:\Users\Viera Kadlíčková\AppData\Local\Temp\_MEI114802\select.pyd
2023-12-15 07:40 - 2023-12-15 07:40 - 000020992 _____ () [File not signed] C:\Users\Viera Kadlíčková\AppData\Local\Temp\_MEI114802\thumbnails_ext.pyd
2023-12-15 07:40 - 2023-12-15 07:40 - 000689664 _____ () [File not signed] C:\Users\Viera Kadlíčková\AppData\Local\Temp\_MEI114802\unicodedata.pyd
2023-12-15 07:40 - 2023-12-15 07:40 - 000119808 _____ () [File not signed] C:\Users\Viera Kadlíčková\AppData\Local\Temp\_MEI114802\usb_ext.pyd
2023-12-15 07:40 - 2023-12-15 07:40 - 000128512 _____ () [File not signed] C:\Users\Viera Kadlíčková\AppData\Local\Temp\_MEI114802\win32api.pyd
2023-12-15 07:40 - 2023-12-15 07:40 - 000438784 _____ () [File not signed] C:\Users\Viera Kadlíčková\AppData\Local\Temp\_MEI114802\win32com.shell.shell.pyd
2023-12-15 07:40 - 2023-12-15 07:40 - 000011776 _____ () [File not signed] C:\Users\Viera Kadlíčková\AppData\Local\Temp\_MEI114802\win32crypt.pyd
2023-12-15 07:40 - 2023-12-15 07:40 - 000023040 _____ () [File not signed] C:\Users\Viera Kadlíčková\AppData\Local\Temp\_MEI114802\win32event.pyd
2023-12-15 07:40 - 2023-12-15 07:40 - 000149504 _____ () [File not signed] C:\Users\Viera Kadlíčková\AppData\Local\Temp\_MEI114802\win32file.pyd
2023-12-15 07:40 - 2023-12-15 07:40 - 000223232 _____ () [File not signed] C:\Users\Viera Kadlíčková\AppData\Local\Temp\_MEI114802\win32gui.pyd
2023-12-15 07:40 - 2023-12-15 07:40 - 000048128 _____ () [File not signed] C:\Users\Viera Kadlíčková\AppData\Local\Temp\_MEI114802\win32inet.pyd
2023-12-15 07:40 - 2023-12-15 07:40 - 000029696 _____ () [File not signed] C:\Users\Viera Kadlíčková\AppData\Local\Temp\_MEI114802\win32pdh.pyd
2023-12-15 07:40 - 2023-12-15 07:40 - 000027648 _____ () [File not signed] C:\Users\Viera Kadlíčková\AppData\Local\Temp\_MEI114802\win32pipe.pyd
2023-12-15 07:40 - 2023-12-15 07:40 - 000044032 _____ () [File not signed] C:\Users\Viera Kadlíčková\AppData\Local\Temp\_MEI114802\win32process.pyd
2023-12-15 07:40 - 2023-12-15 07:40 - 000020480 _____ () [File not signed] C:\Users\Viera Kadlíčková\AppData\Local\Temp\_MEI114802\win32profile.pyd
2023-12-15 07:40 - 2023-12-15 07:40 - 000136192 _____ () [File not signed] C:\Users\Viera Kadlíčková\AppData\Local\Temp\_MEI114802\win32security.pyd
2023-12-15 07:40 - 2023-12-15 07:40 - 000026624 _____ () [File not signed] C:\Users\Viera Kadlíčková\AppData\Local\Temp\_MEI114802\win32ts.pyd
2023-12-15 07:40 - 2023-12-15 07:40 - 000034304 _____ () [File not signed] C:\Users\Viera Kadlíčková\AppData\Local\Temp\_MEI114802\windows.conditional.pyd
2023-12-15 07:40 - 2023-12-15 07:40 - 000037888 _____ () [File not signed] C:\Users\Viera Kadlíčková\AppData\Local\Temp\_MEI114802\windows.connectivity.pyd
2023-12-15 07:40 - 2023-12-15 07:40 - 000071680 _____ () [File not signed] C:\Users\Viera Kadlíčková\AppData\Local\Temp\_MEI114802\windows.device_monitor.pyd
2023-12-15 07:40 - 2023-12-15 07:40 - 000103936 _____ () [File not signed] C:\Users\Viera Kadlíčková\AppData\Local\Temp\_MEI114802\windows.volumes.pyd
2023-12-15 07:40 - 2023-12-15 07:40 - 000019968 _____ () [File not signed] C:\Users\Viera Kadlíčková\AppData\Local\Temp\_MEI114802\windows.winwrap.pyd
2023-12-15 07:40 - 2023-12-15 07:40 - 001325056 _____ () [File not signed] C:\Users\Viera Kadlíčková\AppData\Local\Temp\_MEI114802\wx._controls_.pyd
2023-12-15 07:40 - 2023-12-15 07:40 - 001489408 _____ () [File not signed] C:\Users\Viera Kadlíčková\AppData\Local\Temp\_MEI114802\wx._core_.pyd
2023-12-15 07:40 - 2023-12-15 07:40 - 001007104 _____ () [File not signed] C:\Users\Viera Kadlíčková\AppData\Local\Temp\_MEI114802\wx._gdi_.pyd
2023-12-15 07:40 - 2023-12-15 07:40 - 000103424 _____ () [File not signed] C:\Users\Viera Kadlíčková\AppData\Local\Temp\_MEI114802\wx._html2.pyd
2023-12-15 07:40 - 2023-12-15 07:40 - 000916992 _____ () [File not signed] C:\Users\Viera Kadlíčková\AppData\Local\Temp\_MEI114802\wx._misc_.pyd
2023-12-15 07:40 - 2023-12-15 07:40 - 001039872 _____ () [File not signed] C:\Users\Viera Kadlíčková\AppData\Local\Temp\_MEI114802\wx._windows_.pyd
2015-04-22 14:59 - 2015-04-22 14:59 - 001489920 _____ (ASUS Cloud Corporation.) [File not signed] C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll
2023-12-05 11:39 - 2023-12-05 11:39 - 005855744 _____ (ESET, spol. s r.o. -> ESET) [File not signed] C:\Program Files\ESET\ESET Smart Security\Modules\em045_64\1087\em045_64.dll
2020-04-19 15:49 - 2020-04-19 15:49 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems32.dll] C:\Program Files (x86)\Microsoft Office\root\Office16\AppVIsvSubsystems32.dll
2020-04-19 15:49 - 2020-04-19 15:49 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R32.dll] C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll
2023-12-15 07:40 - 2023-12-15 07:40 - 003043328 _____ (Python Software Foundation) [File not signed] C:\Users\Viera Kadlíčková\AppData\Local\Temp\_MEI114802\python27.dll
2023-05-18 14:02 - 2023-05-18 14:02 - 002579968 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\eID_klient\libcrypto-1_1.dll
2023-05-18 14:02 - 2023-05-18 14:02 - 000535552 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\eID_klient\libssl-1_1.dll
2023-12-15 07:40 - 2023-12-15 07:40 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\Viera Kadlíčková\AppData\Local\Temp\_MEI114802\wxbase30u_net_vc90_x64.dll
2023-12-15 07:40 - 2023-12-15 07:40 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\Viera Kadlíčková\AppData\Local\Temp\_MEI114802\wxbase30u_vc90_x64.dll
2023-12-15 07:40 - 2023-12-15 07:40 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\Viera Kadlíčková\AppData\Local\Temp\_MEI114802\wxmsw30u_adv_vc90_x64.dll
2023-12-15 07:40 - 2023-12-15 07:40 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\Viera Kadlíčková\AppData\Local\Temp\_MEI114802\wxmsw30u_core_vc90_x64.dll
2023-12-15 07:40 - 2023-12-15 07:40 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\Viera Kadlíčková\AppData\Local\Temp\_MEI114802\wxmsw30u_html_vc90_x64.dll
2023-12-15 07:40 - 2023-12-15 07:40 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\Viera Kadlíčková\AppData\Local\Temp\_MEI114802\wxmsw30u_webview_vc90_x64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-765558173-3457487112-3880999057-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.financnasprava.sk/sk/titulna-stranka
HKU\S-1-5-21-765558173-3457487112-3880999057-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
HKU\S-1-5-21-765558173-3457487112-3880999057-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.google.sk/
SearchScopes: HKU\S-1-5-21-765558173-3457487112-3880999057-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-765558173-3457487112-3880999057-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-04-30] (EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-765558173-3457487112-3880999057-1001\...\drsr.sk -> drsr.sk
IE trusted site: HKU\S-1-5-21-765558173-3457487112-3880999057-1001\...\financnasprava.sk -> hxxps://www.financnasprava.sk

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 12:04 - 2021-12-14 21:11 - 000000888 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Pervasive Software\PSQL\bin\;C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Skype\Phone\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\eID_klient\
HKU\S-1-5-21-765558173-3457487112-3880999057-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 10.20.248.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{67ED67EC-1097-43A5-BF1C-5C95EBD7DE27}] => (Allow) C:\Program Files (x86)\Pervasive Software\PSQL\bin\w3dbsmgr.exe (Pervasive Software Inc. -> Pervasive Software Inc.)
FirewallRules: [{D29D3054-4C62-4E92-A2CD-B31888C5DC8B}] => (Allow) C:\Program Files (x86)\Pervasive Software\PSQL\bin\w3dbsmgr.exe (Pervasive Software Inc. -> Pervasive Software Inc.)
FirewallRules: [{375E8B80-748E-428A-AE3D-B13F4AB5F830}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{3193694E-ECA5-460D-B215-FCA600556CA3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{9FA38853-64DF-4C1E-8A1E-2D6EBDF740E3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{56D6318E-E53C-4DDA-A53B-AE9D40ED798A}] => (Allow) C:\Program Files\CyberLink\PowerDirector12\PDR10.EXE => No File
FirewallRules: [{3C3851F2-1990-4E03-BC20-F6FA49BEA4C5}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{400D6BA8-9C4D-4441-ACCB-74F597C5697D}] => (Allow) C:\Users\Viera Kadlíčková\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{E0013D4D-EA5D-4647-B539-5B7C26676E08}] => (Allow) C:\Users\Viera Kadlíčková\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{B8A9730F-3984-4D40-8EA3-D8E3AE6053F9}] => (Allow) C:\Users\Viera Kadlíčková\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{E7E11A41-2CD0-494C-A9B0-20BE74ED005A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0E898429-C116-4FB9-83DC-3478B066798A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AAD55178-EF98-4B2E-9287-19676B08E314}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{99C112F6-7592-4664-881E-1F1B6564ED7A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BB1730F6-B7A7-4860-BDA0-6DBCEDA5DFE8}] => (Allow) C:\Users\Viera Kadlíčková\AppData\Local\Temp\7zS242B\HP.EasyStart.exe (HP Inc. -> HP)
FirewallRules: [{8BF3E1EF-C43B-4CAB-91DE-8CC5D8C3B796}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{11FC2BEF-C41A-4980-96D0-82730656B1D3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{7766F2AE-D450-4526-A0A9-67E71D027991}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D97272D2-C9D7-444B-80C0-0F87C07E99F8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{5C9F4E6A-3391-433C-8105-03A8FFFC8017}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{580A06ED-E74B-4FA6-A473-C926583EA0D2}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.61\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{989B12E2-801A-41AE-B46F-6FB054BB3C66}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

23-10-2023 12:47:01 Scheduled Checkpoint
05-12-2023 11:22:10 Nainštalované eID Klient
11-12-2023 13:28:39 Inštalátor modulov systému Windows
12-12-2023 14:13:15 Inštalátor modulov systému Windows
12-12-2023 14:20:11 AdwCleaner_BeforeCleaning_12/12/2023_14:19:13
15-12-2023 08:37:48 Inštalátor modulov systému Windows

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (12/15/2023 09:26:51 AM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: Nedajú sa získať informácie databázy registry počítadla výkonu pre WSearchIdxPi pre inštanciu následkom tejto chyby: The operation completed successfully. 0x0.

Error: (12/15/2023 09:26:50 AM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Performance monitoring cannot be initialized for the gatherer object, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.

Context: Application, SystemIndex Catalog

Error: (12/15/2023 09:26:45 AM) (Source: Windows Search Service) (EventID: 3006) (User: )
Description: Performance monitoring cannot be initialized for the gatherer service, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.

Error: (12/15/2023 09:00:40 AM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: Nedajú sa získať informácie databázy registry počítadla výkonu pre WSearchIdxPi pre inštanciu následkom tejto chyby: The operation completed successfully. 0x0.

Error: (12/15/2023 09:00:39 AM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Performance monitoring cannot be initialized for the gatherer object, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.

Context: Application, SystemIndex Catalog

Error: (12/15/2023 09:00:37 AM) (Source: Windows Search Service) (EventID: 3006) (User: )
Description: Performance monitoring cannot be initialized for the gatherer service, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.

Error: (12/15/2023 07:35:25 AM) (Source: MsiInstaller) (EventID: 1024) (User: DESKTOP-VAOOUPU)
Description: Produkt: Adobe Acrobat Reader - Slovak – Aktualizáciu Adobe Acrobat Reader (23.006.20380) sa nepodarilo nainštalovať. Kód chyby je 1603. Inštalátor systému Windows umožňuje vytvárať denníky, ktoré vám môžu pomôcť pri odstraňovaní problémov s inštaláciou softvérových balíkov. Pokyny na zapnutie podpory zapisovania do denníka zobrazíte po kliknutí na nasledovné prepojenie: http://go.microsoft.com/fwlink/?LinkId=23127

Error: (12/15/2023 07:35:25 AM) (Source: MsiInstaller) (EventID: 11719) (User: DESKTOP-VAOOUPU)
Description: Produkt: Adobe Acrobat Reader - Slovak – Chyba 1719.Windows Installer service could not be accessed. Contact your support personnel to verify that it is properly registered and enabled.

System errors:
=============
Error: (12/15/2023 08:57:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Windows Search zlyhalo kvôli nasledujúcej chybe:
The service did not respond to the start or control request in a timely fashion.

Error: (12/15/2023 08:57:51 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Windows Search bol dosiahnutý časový limit (30000 ms).

Error: (12/15/2023 07:39:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Windows Presentation Foundation Font Cache 3.0.0.0 zlyhalo kvôli nasledujúcej chybe:
The service did not respond to the start or control request in a timely fashion.

Error: (12/15/2023 07:39:03 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Windows Presentation Foundation Font Cache 3.0.0.0 bol dosiahnutý časový limit (30000 ms).

Error: (12/12/2023 03:49:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Windows Presentation Foundation Font Cache 3.0.0.0 zlyhalo kvôli nasledujúcej chybe:
The service did not respond to the start or control request in a timely fashion.

Error: (12/12/2023 03:49:16 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Windows Presentation Foundation Font Cache 3.0.0.0 bol dosiahnutý časový limit (30000 ms).

Error: (12/12/2023 03:48:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Windows Presentation Foundation Font Cache 3.0.0.0 zlyhalo kvôli nasledujúcej chybe:
The service did not respond to the start or control request in a timely fashion.

Error: (12/12/2023 03:48:40 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Windows Presentation Foundation Font Cache 3.0.0.0 bol dosiahnutý časový limit (30000 ms).

CodeIntegrity:
===============
Date: 2023-12-15 08:54:45
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\ESET\ESET Smart Security\ekrn.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Smart Security\eamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. X550MJ.300 08/17/2015
Motherboard: ASUSTeK COMPUTER INC. X550MJ
Processor: Intel(R) Pentium(R) CPU N3540 @ 2.16GHz
Percentage of memory in use: 91%
Total physical RAM: 3982.29 MB
Available physical RAM: 341.77 MB
Total Virtual: 5710.29 MB
Available Virtual: 1264.52 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:371.78 GB) (Free:262.83 GB) (Model: ST1000LM024 HN-M101MBB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (DATA) (Fixed) (Total:558.91 GB) (Free:558.55 GB) (Model: ST1000LM024 HN-M101MBB) NTFS

\\?\Volume{f4f3c3c9-7f9e-435b-8d88-62f958a36cb2}\ () (Fixed) (Total:0.55 GB) (Free:0.08 GB) NTFS
\\?\Volume{0004a1b6-d53d-4774-88c4-d3c751f0e217}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: FEDF6E7B)

Partition: GPT.

==================== End of Addition.txt =======================

alfonz.flower · #10 Příspěvek od **alfonz.flower** » 15 pro 2023 09:33

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-12-2023
Ran by Viera Kadlíčková (administrator) on DESKTOP-VAOOUPU (ASUSTeK COMPUTER INC. X550MJ) (15-12-2023 08:18:17)
Running from C:\Users\Viera Kadlíčková\OneDrive\Počítač\FRST64.exe
Loaded Profiles: Viera Kadlíčková
Platform: Microsoft Windows 10 Home Version 22H2 19045.3758 (X64) Language: Slovenčina (Slovensko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\acrocef_1\RdrCEF.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(C:\Program Files (x86)\Google\Update\Install\{F7F7D656-E57E-45D8-9886-1FF15E08501B}\120.0.6099.109_120.0.6099.71_chrome_updater.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{F7F7D656-E57E-45D8-9886-1FF15E08501B}\CR_5BCD9.tmp\setup.exe <2>
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.17029.20068\OfficeClickToRun.exe
(C:\Program Files\ESET\ESET Smart Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\eguiProxy.exe
(C:\Program Files\ESET\ESET Smart Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\eOppFrame.exe
(Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\Viera Kadlíčková\AppData\Local\WebEx\WebexHost.exe
(Disig a.s. -> Disig a.s.) C:\Program Files (x86)\Disig\Web Signer\WebSignerTray.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{F7F7D656-E57E-45D8-9886-1FF15E08501B}\120.0.6099.109_120.0.6099.71_chrome_updater.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation -> © 2015 Microsoft Corporation) C:\Users\Viera Kadlíčková\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <10>
(Ministerstvo vnútra Slovenskej republiky -> ) C:\Program Files (x86)\eID_klient\eID_Client.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Pervasive Software Inc. -> Pervasive Software Inc.) C:\Program Files (x86)\Pervasive Software\PSQL\bin\w3dbsmgr.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(services.exe ->) (CyberLink Corp. -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\efwd.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(svchost.exe ->) (Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.3745_none_7ded3f327ca60a41\TiWorker.exe
(svchost.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(svchost.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\ecmdS.exe [195576 2023-12-11] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [eID_Client] => C:\Program Files (x86)\eID_klient\eID_Client.exe [25324840 2023-05-18] (Ministerstvo vnútra Slovenskej republiky -> )
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\84.0.11.0\GoogleDriveFS.exe --startup_mode (No File)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\84.0.11.0\GoogleDriveFS.exe --startup_mode (No File)
HKU\S-1-5-21-765558173-3457487112-3880999057-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [49958368 2022-02-01] (Google LLC -> )
HKU\S-1-5-21-765558173-3457487112-3880999057-1001\...\Run: [BingSvc] => C:\Users\Viera Kadlíčková\AppData\Local\Microsoft\BingSvc\BingSvc.exe [146312 2020-08-15] (Microsoft Corporation -> © 2015 Microsoft Corporation)
HKU\S-1-5-21-765558173-3457487112-3880999057-1001\...\Run: [CiscoMeetingDaemon] => C:\Users\Viera Kadlíčková\AppData\Local\WebEx\WebexHost.exe [7651256 2022-05-12] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-765558173-3457487112-3880999057-1001\...\Run: [Disig Web Signer] => C:\Program Files (x86)\Disig\Web Signer\WebSignerTray.exe [268128 2023-04-05] (Disig a.s. -> Disig a.s.)
HKU\S-1-5-21-765558173-3457487112-3880999057-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Viera Kadlíčková\AppData\Local\Microsoft\Teams\Update.exe [2492128 2022-04-13] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-765558173-3457487112-3880999057-1001\...\Run: [MicrosoftEdgeAutoLaunch_C22EAE16CBAA3356B2E23DC412E05365] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3788736 2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\84.0.11.0\GoogleDriveFS.exe --startup_mode (No File)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\120.0.6099.71\Installer\chrmstp.exe [2023-12-12] (Google LLC -> Google LLC)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
Startup: C:\Users\Viera Kadlíčková\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odoslanie do aplikácie OneNote.lnk [2021-01-16]
ShortcutTarget: Odoslanie do aplikácie OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {F32EFDF7-1E62-43B4-895F-B439591F2DB5} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {4046FE90-343C-47EE-A0A4-643714AA1C7B} - System32\Tasks\{196798AE-8139-4535-A147-DEEA85DC6648} => c:\program files (x86)\google\chrome\application\chrome.exe [2693920 2023-12-06] (Google LLC -> Google LLC) -> hxxp://ui.skype.com/ui/0/7.18.0.112/sk/abandoninstall?source=lightinstaller&page=tsMain
Task: {6C7DD98F-23A7-4E01-B099-F385DBE38414} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {8446504A-7146-475B-AF07-5F0245687CC6} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19782224 2015-05-25] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {AF7E7051-3CE0-41A5-B41C-4932AF0F5638} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe (No File)
Task: {330E18E6-44C7-4BEB-B8F9-D0D780C3E285} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122168 2015-03-10] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {CCC5C4FB-2808-4748-B66C-CD1777CCF1CF} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122168 2015-03-10] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {43B5E1D3-3048-4741-9D9F-D02211086973} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-11] (Google Inc -> Google Inc.)
Task: {ED31C673-7872-47C1-A4C1-4B931AFE90DB} - System32\Tasks\GoogleUpdateTaskMachineCore1d49a0e4b034be => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-11] (Google Inc -> Google Inc.)
Task: {F9AABE8E-33EC-4750-B4C8-FED0D8487433} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-11] (Google Inc -> Google Inc.)
Task: {6C1C7923-0307-4491-A41B-4402F5846B7B} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [38560 2021-12-28] (HP Inc. -> HP Inc.)
Task: {10ECE67F-84FF-4D50-A250-A2BB76A2A8F6} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [38560 2021-12-28] (HP Inc. -> HP Inc.)
Task: {3BC74FE4-2D3B-435A-8535-9E5E9DC3F76A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26977976 2023-10-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {EAE5B860-B64C-4214-B568-9AE5FDB1B4C3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26977976 2023-10-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {25D4CDD2-8258-4C0C-8D8E-778520A24DA3} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [125992 2023-10-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {1A9F1810-5046-4238-8AD2-C2811CCFE010} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [125992 2023-10-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {C63CA5AA-AC67-4261-B876-04B7F220B9F1} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Refresh Group Policy Cache => {07369A67-07A6-4608-ABEA-379491CB7C46} C:\Windows\System32\UpdatePolicy.dll [256512 2023-12-11] (Microsoft Windows -> Microsoft Corporation)
Task: {17C9E091-3A34-4DDE-8589-C60D16350023} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403136 2015-07-29] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {0CD06C75-637A-4AB6-B0DA-53C22AE23801} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16165632 2015-07-29] (Realtek Semiconductor Corp -> Realtek Semiconductor)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.20.248.1
Tcpip\..\Interfaces\{74becc3c-f0dd-4efe-bdc7-d598d77b8a1f}: [DhcpNameServer] 77.48.221.10 10.0.0.1
Tcpip\..\Interfaces\{dd09d04d-3a18-4239-9d5c-9ab97dbcc792}: [DhcpNameServer] 10.20.248.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Viera Kadlíčková\AppData\Local\Microsoft\Edge\User Data\Default [2023-12-15]
Edge HomePage: Default -> hxxps://www.financnasprava.sk/sk/titulna-stranka
Edge Extension: (Dokumenty Google v režime offline) - C:\Users\Viera Kadlíčková\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-12-11]
Edge Extension: (Microsoft Editor: Kontrola pravopisu a gramatiky) - C:\Users\Viera Kadlíčková\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gpaiobkfhnonedkhhfjpmhdalgeoebfa [2023-12-15]
Edge Extension: (Edge relevant text changes) - C:\Users\Viera Kadlíčková\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-12-11]
Edge HKLM-x32\...\Edge\Extension: [nkapkmklnmidbbgjaipbgpcnbomnaakc]

FireFox:
========
FF DefaultProfile: o9gcze65.default
FF ProfilePath: C:\Users\Viera Kadlíčková\AppData\Roaming\Mozilla\Firefox\Profiles\o9gcze65.default [2021-10-22]
FF Homepage: Mozilla\Firefox\Profiles\o9gcze65.default -> hxxp://www.msn.com/?pc=SK216&ocid=SK216DHP&osmkt=en-ww
FF Extension: (Bing Search) - C:\Users\Viera Kadlíčková\AppData\Roaming\Mozilla\Firefox\Profiles\o9gcze65.default\Extensions\bingsearch.full@microsoft.com.xpi [2016-11-17] [Legacy]
FF Extension: (No Name) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [not found]
FF SearchPlugin: C:\Users\Viera Kadlíčková\AppData\Roaming\Mozilla\Firefox\Profiles\o9gcze65.default\searchplugins\bing-.xml [2016-11-17]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-02-14] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: ditec.sk/DAsicFac -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~1.DLL [2021-02-09] (DITEC, a.s. -> Ditec,a.s.)
FF Plugin-x32: ditec.sk/DitecZepDViewerFb -> C:\PROGRA~2\Ditec\DViewer\NPDITE~1.DLL [2021-02-09] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigMessageContainer -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~2.DLL [2021-02-09] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigXadesExtender -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~3.DLL [2021-02-09] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigXadesFb -> C:\PROGRA~2\Ditec\DSIGNE~1.NET\NPDITE~1.DLL [2021-09-06] (DITEC, a.s. -> Ditec,a.s.)
FF Plugin-x32: ditec.sk/XmlDataContainerFb -> C:\PROGRA~2\Ditec\DSIGNE~1.NET\NPDITE~2.DLL [2021-09-06] (DITEC, a.s. -> Ditec,a.s.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\Ditec.Zep.AsicFactory.js [2021-12-14]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\Ditec.Zep.DSigMessageContainerFb.js [2021-12-14]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\Ditec.Zep.DSigXadesExtenderFb.js [2021-12-14]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\Ditec.Zep.DSigXadesFb.js [2021-12-14]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\Ditec.Zep.DViewerFb.js [2021-12-14]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\Ditec.Zep.XmlDataContainerFb.js [2021-12-14]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2021-12-14]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Viera Kadlíčková\AppData\Local\Google\Chrome\User Data\Default [2023-12-12]
CHR Notifications: Default -> hxxps://mail.ovbmail.sk; hxxps://meetings.ipvideotalk.com; hxxps://mkr-novo2.ru; hxxps://podnikam.sk; hxxps://podnikam.webnoviny.sk; hxxps://www.facebook.com
CHR Extension: (Adobe Acrobat: nástroje na upravovanie, prevádzanie a podpisovanie súborov PDF) - C:\Users\Viera Kadlíčková\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-12-12]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Viera Kadlíčková\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-01-25]
CHR Extension: (Spúšťač aplikácie pre Disk (od Googlu)) - C:\Users\Viera Kadlíčková\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-12-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Viera Kadlíčková\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (ESET Browser Privacy & Security) - C:\Users\Viera Kadlíčková\AppData\Local\Google\Chrome\User Data\Default\Extensions\oombnmpbbhbakfpfgdflaajkhicgfaam [2023-12-12]
CHR Profile: C:\Users\Viera Kadlíčková\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-09-16]
CHR Profile: C:\Users\Viera Kadlíčková\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-02-25]
CHR Notifications: Profile 1 -> hxxps://www.facebook.com
CHR Extension: (Adobe Acrobat: nástroje na upravovanie, prevádzanie a podpisovanie súborov PDF) - C:\Users\Viera Kadlíčková\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-02-25]
CHR Extension: (MSN Homepage & Bing Search Engine) - C:\Users\Viera Kadlíčková\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2022-05-23]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Viera Kadlíčková\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-02-01]
CHR Extension: (Skype) - C:\Users\Viera Kadlíčková\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2022-05-13]
CHR Extension: (Spúšťač aplikácie pre Disk (od Googlu)) - C:\Users\Viera Kadlíčková\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-01-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Viera Kadlíčková\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-07-07]
CHR Profile: C:\Users\Viera Kadlíčková\AppData\Local\Google\Chrome\User Data\System Profile [2022-09-16]
CHR HKU\S-1-5-21-765558173-3457487112-3880999057-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd]
CHR HKU\S-1-5-21-765558173-3457487112-3880999057-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]
CHR HKLM-x32\...\Chrome\Extension: [oombnmpbbhbakfpfgdflaajkhicgfaam]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [323152 2015-07-29] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12860928 2023-10-23] (Microsoft Corporation -> Microsoft Corporation)
S2 dLauncherLoopback; C:\Program Files (x86)\Ditec\DLauncher\dLauncherLoopback.exe [154960 2019-08-02] (DITEC, a.s. -> )
R2 efwd; C:\Program Files\ESET\ESET Smart Security\efwd.exe [2537928 2023-12-11] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [3850920 2023-12-11] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [3850920 2023-12-11] (ESET, spol. s r.o. -> ESET)
S3 GameInputSvc; C:\WINDOWS\System32\GameInputSvc.exe [50168 2023-12-11] (Microsoft Corporation -> Microsoft Corporation)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [299680 2021-12-28] (HP Inc. -> HP Inc.)
S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdatesvr.exe [133480 2015-08-15] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
S3 MonS3Service; C:\Program Files (x86)\Common Files\Solitea\MonS3Service.exe [1658400 2023-01-28] (Solitea, a.s. -> Solitea Česká republika, a.s.)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] (CyberLink Corp. -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [15212856 2023-01-18] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 Asus WebStorage Windows Service; "C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe" [X]
S2 ASUSGiftBoxDekstop; C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe [X]
S2 GamesAppIntegrationService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe" [X]
S3 GamesAppService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [215616 2023-12-11] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [120032 2023-12-11] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [16336 2022-08-31] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [254344 2023-12-11] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [55528 2023-12-11] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [81824 2023-12-11] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [124168 2023-12-11] (ESET, spol. s r.o. -> ESET)
S3 GemCCID; C:\WINDOWS\System32\drivers\GemCCID.sys [137712 2016-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Gemalto)
R1 googledrivefs31357; C:\WINDOWS\System32\DriverStore\FileRepository\googledrivefs31357.inf_amd64_a8bf31a168cf7d00\googledrivefs31357.sys [384712 2023-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S4 UCPD; C:\WINDOWS\System32\drivers\UCPD.sys [29184 2023-12-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-12-15 08:18 - 2023-12-15 08:23 - 000026530 _____ C:\Users\Viera Kadlíčková\OneDrive\Počítač\FRST.txt
2023-12-15 08:18 - 2023-12-15 08:18 - 000000000 ____D C:\Users\Viera Kadlíčková\OneDrive\Počítač\FRST-OlderVersion
2023-12-15 07:49 - 2023-12-15 07:49 - 000000000 ___HD C:\$WinREAgent
2023-12-12 15:34 - 2023-12-12 15:34 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2023-12-12 15:34 - 2017-09-14 00:20 - 000798008 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2023-12-12 15:34 - 2017-09-14 00:20 - 000490296 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2023-12-12 15:34 - 2017-09-14 00:19 - 000927544 _____ C:\WINDOWS\system32\vulkan-1.dll
2023-12-12 15:34 - 2017-09-14 00:19 - 000591160 _____ C:\WINDOWS\system32\vulkaninfo.exe
2023-12-12 15:32 - 2023-12-12 15:32 - 000000000 ____D C:\temp
2023-12-12 15:14 - 2018-02-13 13:52 - 036357664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2023-12-12 15:14 - 2018-02-13 13:52 - 029389768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2023-12-12 15:14 - 2018-02-13 13:51 - 000991744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2023-12-12 15:14 - 2018-02-13 13:51 - 000942024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2023-12-12 15:14 - 2018-02-13 13:51 - 000624912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2023-12-12 15:14 - 2018-02-13 13:51 - 000515528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2023-12-12 15:14 - 2018-02-13 13:50 - 001998792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438873.dll
2023-12-12 15:14 - 2018-02-13 13:50 - 001683400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438873.dll
2023-12-12 15:14 - 2018-02-13 13:50 - 001109776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2023-12-12 15:14 - 2018-02-13 13:50 - 001041352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2023-12-12 15:14 - 2018-02-13 13:49 - 040246304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2023-12-12 15:14 - 2018-02-13 13:49 - 035166664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2023-12-12 15:14 - 2018-02-13 13:49 - 004210536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2023-12-12 15:14 - 2018-02-13 13:49 - 003624952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2023-12-12 15:14 - 2018-02-13 13:39 - 023482944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2023-12-12 15:14 - 2018-02-13 13:39 - 019218440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2023-12-12 15:14 - 2018-02-13 13:39 - 014000816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2023-12-12 15:14 - 2018-02-13 13:39 - 013377536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2023-12-12 15:14 - 2018-02-13 13:39 - 010985720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2023-12-12 15:14 - 2018-02-13 13:39 - 001154264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2023-12-12 15:14 - 2018-02-13 13:39 - 000902096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2023-12-12 15:14 - 2018-02-13 13:38 - 011896592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2023-12-12 15:14 - 2018-02-13 13:38 - 003859632 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2023-12-12 15:14 - 2018-02-13 09:05 - 000048510 _____ C:\WINDOWS\system32\nvinfo.pb
2023-12-12 14:59 - 2023-12-12 15:27 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2023-12-12 14:14 - 2023-12-12 14:22 - 000000000 ____D C:\AdwCleaner
2023-12-12 14:11 - 2023-12-12 13:28 - 008791352 _____ (Malwarebytes) C:\Users\Viera Kadlíčková\OneDrive\Počítač\adwcleaner.exe
2023-12-12 13:53 - 2023-12-12 13:53 - 002385408 _____ (Farbar) C:\Users\Viera Kadlíčková\Downloads\FRST64 (1).exe
2023-12-12 12:28 - 2023-12-15 08:20 - 000000000 ____D C:\FRST
2023-12-12 12:25 - 2023-12-15 08:18 - 002386432 _____ (Farbar) C:\Users\Viera Kadlíčková\OneDrive\Počítač\FRST64.exe
2023-12-12 12:23 - 2023-12-12 12:24 - 002385408 _____ (Farbar) C:\Users\Viera Kadlíčková\Downloads\FRST64.exe
2023-12-11 15:57 - 2023-12-11 15:57 - 000000000 ____D C:\WINDOWS\InboxApps
2023-12-11 15:15 - 2023-12-11 15:15 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2023-12-11 15:14 - 2023-12-11 15:14 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afunix.sys
2023-12-11 15:06 - 2023-12-11 15:06 - 000016707 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2023-12-11 12:49 - 2023-12-11 12:49 - 000000000 ____D C:\ProgramData\PLUG
2023-12-05 12:03 - 2023-12-05 12:14 - 000000000 ____D C:\Users\Viera Kadlíčková\AppData\Roaming\AnyDesk
2023-12-05 12:02 - 2023-12-05 12:02 - 005525576 _____ (AnyDesk Software GmbH) C:\Users\Viera Kadlíčková\Downloads\AnyDesk.exe
2023-12-05 12:02 - 2023-12-05 12:02 - 005525576 _____ (AnyDesk Software GmbH) C:\Users\Viera Kadlíčková\Downloads\AnyDesk (3).exe
2023-12-05 12:02 - 2023-12-05 12:02 - 005525576 _____ (AnyDesk Software GmbH) C:\Users\Viera Kadlíčková\Downloads\AnyDesk (2).exe
2023-12-05 12:02 - 2023-12-05 12:02 - 005525576 _____ (AnyDesk Software GmbH) C:\Users\Viera Kadlíčková\Downloads\AnyDesk (1).exe
2023-12-05 11:31 - 2023-12-05 11:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disig Web Signer
2023-12-05 11:29 - 2023-12-05 11:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eID Klient
2023-12-05 11:29 - 2023-12-05 11:29 - 000000000 ____D C:\Program Files (x86)\eID_klient
2023-12-05 11:28 - 2023-12-12 14:16 - 000000000 ____D C:\Users\Viera Kadlíčková\OneDrive\Počítač\ovb
2023-12-05 11:28 - 2023-11-22 19:01 - 004041728 _____ (AnyDesk Software GmbH) C:\Users\Viera Kadlíčková\OneDrive\Počítač\Pomoc_Na_Dialku.exe
2023-12-05 11:28 - 2023-11-16 15:37 - 000001040 _____ C:\Users\Viera Kadlíčková\OneDrive\Počítač\Telegram.lnk
2023-12-05 11:28 - 2023-11-07 15:03 - 005157076 _____ C:\Users\Viera Kadlíčková\OneDrive\Počítač\elektronicka-kniha_zdravy-chrbat.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-12-15 08:46 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-12-15 08:19 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-12-15 08:08 - 2021-12-16 13:01 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-12-15 08:08 - 2015-12-11 11:25 - 000000000 ____D C:\Program Files (x86)\Google
2023-12-15 07:51 - 2020-09-01 15:05 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-12-15 07:42 - 2022-09-27 08:08 - 000000000 ____D C:\Users\Viera Kadlíčková\AppData\Local\eID_klient
2023-12-15 07:39 - 2015-12-11 11:20 - 000000000 __SHD C:\Users\Viera Kadlíčková\IntelGraphicsProfiles
2023-12-12 16:02 - 2017-06-04 19:06 - 000000000 ____D C:\ProgramData\NVIDIA
2023-12-12 15:42 - 2017-01-10 18:45 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2023-12-12 15:41 - 2020-09-01 15:47 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-12-12 15:41 - 2020-09-01 15:05 - 000008192 ___SH C:\DumpStack.log.tmp
2023-12-12 15:41 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-12-12 15:04 - 2022-05-12 06:00 - 000632490 _____ C:\WINDOWS\system32\perfh01B.dat
2023-12-12 15:04 - 2022-05-12 06:00 - 000118084 _____ C:\WINDOWS\system32\perfc01B.dat
2023-12-12 15:04 - 2020-09-01 15:28 - 001481498 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-12-12 14:59 - 2017-06-04 19:07 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2023-12-12 14:25 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-12-12 14:24 - 2017-06-04 19:08 - 000000000 ____D C:\Program Files (x86)\ASUS
2023-12-12 14:24 - 2015-12-11 11:14 - 000000000 ____D C:\ProgramData\ASUS
2023-12-12 14:24 - 2015-08-15 06:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2023-12-12 14:15 - 2023-01-10 11:01 - 000000000 ____D C:\Users\Viera Kadlíčková\OneDrive\Počítač\Dane_23
2023-12-12 14:12 - 2023-10-23 10:26 - 000000000 ____D C:\Users\Viera Kadlíčková\OneDrive\Počítač\blanka
2023-12-12 14:12 - 2021-05-18 07:55 - 000000000 ____D C:\Users\Viera Kadlíčková\OneDrive\Počítač\cus
2023-12-12 14:11 - 2015-12-11 11:24 - 000000000 ___RD C:\Users\Viera Kadlíčková\OneDrive
2023-12-12 13:47 - 2016-01-15 06:10 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2023-12-12 13:47 - 2015-12-11 11:20 - 000000165 _____ C:\Users\Viera Kadlíčková\AppData\Roaming\sp_data.sys
2023-12-12 12:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-12-12 12:16 - 2018-07-15 17:08 - 000000000 ____D C:\Users\Viera Kadlíčková\AppData\Local\D3DSCache
2023-12-12 12:11 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-12-12 12:10 - 2017-12-09 10:58 - 000000000 ____D C:\Users\Viera Kadlíčková\AppData\Local\Packages
2023-12-12 12:01 - 2015-12-11 11:30 - 000002315 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-12-12 11:52 - 2020-06-08 22:14 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-12-12 11:52 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-12-11 16:10 - 2022-05-08 14:28 - 000306320 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-12-11 16:01 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2023-12-11 16:01 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2023-12-11 16:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-12-11 16:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-12-11 16:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2023-12-11 16:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-12-11 16:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2023-12-11 16:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2023-12-11 16:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2023-12-11 16:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2023-12-11 16:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2023-12-11 16:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-12-11 16:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2023-12-11 16:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2023-12-11 16:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-12-11 15:59 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-12-11 15:59 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2023-12-11 15:59 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2023-12-11 15:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-12-11 15:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-12-11 15:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2023-12-11 15:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2023-12-11 15:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2023-12-11 15:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-12-11 15:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-12-11 15:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-12-11 15:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-12-11 15:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-12-11 15:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2023-12-11 15:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2023-12-11 15:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2023-12-11 15:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-12-11 15:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-12-11 15:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-12-11 15:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2023-12-11 15:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-12-11 15:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2023-12-11 15:57 - 2019-12-07 15:39 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-12-11 15:57 - 2019-12-07 15:39 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-12-11 15:57 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-12-11 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-12-11 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-12-11 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2023-12-11 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-12-11 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2023-12-11 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-12-11 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\appcompat
2023-12-11 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2023-12-11 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-12-11 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2023-12-11 15:57 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2023-12-11 15:48 - 2019-12-07 15:39 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2023-12-11 15:48 - 2019-12-07 15:39 - 000020827 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2023-12-11 15:48 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2023-12-11 15:48 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2023-12-11 15:03 - 2020-09-01 15:09 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-12-11 13:28 - 2016-01-12 20:32 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-12-11 12:58 - 2016-01-12 20:31 - 182871392 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-12-11 12:51 - 2020-09-01 15:47 - 000003752 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-12-11 12:51 - 2020-09-01 15:47 - 000003656 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore1d49a0e4b034be
2023-12-11 12:49 - 2022-11-15 18:04 - 000000000 ____D C:\Program Files\RUXIM
2023-12-11 12:49 - 2020-08-14 19:48 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-12-11 09:54 - 2017-01-17 08:15 - 000120032 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2023-12-11 09:54 - 2016-11-21 19:50 - 000055528 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2023-12-11 09:54 - 2015-11-20 13:21 - 000254344 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2023-12-11 09:54 - 2015-11-20 13:21 - 000215616 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2023-12-11 09:54 - 2015-11-20 13:21 - 000124168 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2023-12-11 09:54 - 2015-11-20 13:21 - 000081824 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2023-12-05 12:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-12-05 12:06 - 2016-01-10 10:06 - 000000792 _____ C:\Users\Viera Kadlíčková\OneDrive\Počítač\JU EIS ECAV.lnk
2023-12-05 11:52 - 2022-09-27 08:08 - 000000000 ____D C:\Users\Viera Kadlíčková\AppData\Roaming\eID_klient
2023-12-05 11:28 - 2017-06-15 20:08 - 000000000 ____D C:\Users\Viera Kadlíčková\OneDrive\Počítač\stretávka
2023-12-05 11:12 - 2020-09-01 15:47 - 000003630 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-12-05 11:11 - 2020-09-01 15:47 - 000003506 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

==================== Files in the root of some directories ========

2018-12-22 16:48 - 2018-12-22 16:48 - 007895040 _____ () C:\Program Files (x86)\GUTC9E7.tmp
2015-12-11 11:20 - 2023-12-12 13:47 - 000000165 _____ () C:\Users\Viera Kadlíčková\AppData\Roaming\sp_data.sys
2020-01-24 19:22 - 2020-01-24 19:22 - 000000000 _____ () C:\Users\Viera Kadlíčková\AppData\Local\{1945F6D3-09E7-4D2F-8E5F-B0C88833F712}
2017-03-30 17:59 - 2017-03-30 17:59 - 000000000 _____ () C:\Users\Viera Kadlíčková\AppData\Local\{277E2C48-BF61-4D8A-8784-6DE4069B12AF}
2020-01-24 19:22 - 2020-01-24 19:22 - 000000000 _____ () C:\Users\Viera Kadlíčková\AppData\Local\{788F8675-C1A6-449F-9C5E-0A86A4A7D3DE}
2019-03-30 14:38 - 2019-03-30 14:38 - 000000000 _____ () C:\Users\Viera Kadlíčková\AppData\Local\{84E0EA02-3678-4CA7-83E0-F0D7A66971A0}
2019-03-30 14:38 - 2019-03-30 14:38 - 000000000 _____ () C:\Users\Viera Kadlíčková\AppData\Local\{DE13F611-3A04-46DA-873A-71080AA1B373}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

#11 Příspěvek od **Rudy** » 15 pro 2023 13:44

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\84.0.11.0\GoogleDriveFS.exe --startup_mode (No File)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\84.0.11.0\GoogleDriveFS.exe --startup_mode (No File)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\84.0.11.0\GoogleDriveFS.exe --startup_mode (No File)
Task: {F32EFDF7-1E62-43B4-895F-B439591F2DB5} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {AF7E7051-3CE0-41A5-B41C-4932AF0F5638} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe (No File)
Task: {43B5E1D3-3048-4741-9D9F-D02211086973} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-11] (Google Inc -> Google Inc.)
Task: {ED31C673-7872-47C1-A4C1-4B931AFE90DB} - System32\Tasks\GoogleUpdateTaskMachineCore1d49a0e4b034be => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-11] (Google Inc -> Google Inc.)
Task: {F9AABE8E-33EC-4750-B4C8-FED0D8487433} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-11] (Google Inc -> Google Inc.)
C:\Program Files (x86)\GUTC9E7.tmp
C:\Users\Viera Kadlíčková\AppData\Local\{1945F6D3-09E7-4D2F-8E5F-B0C88833F712}
C:\Users\Viera Kadlíčková\AppData\Local\{277E2C48-BF61-4D8A-8784-6DE4069B12AF}
C:\Users\Viera Kadlíčková\AppData\Local\{788F8675-C1A6-449F-9C5E-0A86A4A7D3DE}
C:\Users\Viera Kadlíčková\AppData\Local\{84E0EA02-3678-4CA7-83E0-F0D7A66971A0}
C:\Users\Viera Kadlíčková\AppData\Local\{DE13F611-3A04-46DA-873A-71080AA1B373}
CustomCLSID: HKU\S-1-5-21-765558173-3457487112-3880999057-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\Viera Kadlíčková\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => No File
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
C:\Users\Viera Kadlíčková\AppData\Local\Temp
SearchScopes: HKU\S-1-5-21-765558173-3457487112-3880999057-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-765558173-3457487112-3880999057-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FirewallRules: [{375E8B80-748E-428A-AE3D-B13F4AB5F830}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{3193694E-ECA5-460D-B215-FCA600556CA3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{9FA38853-64DF-4C1E-8A1E-2D6EBDF740E3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{56D6318E-E53C-4DDA-A53B-AE9D40ED798A}] => (Allow) C:\Program Files\CyberLink\PowerDirector12\PDR10.EXE => No File
FirewallRules: [{E0013D4D-EA5D-4647-B539-5B7C26676E08}] => (Allow) C:\Users\Viera Kadlíčková\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{B8A9730F-3984-4D40-8EA3-D8E3AE6053F9}] => (Allow) C:\Users\Viera Kadlíčková\AppData\Roaming\Zoom\bin\airhost.exe => No File

EmptyTemp:
End

Uložte do C:\Users\Viera Kadlíčková\OneDrive\Počítač jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

alfonz.flower · #12 Příspěvek od **alfonz.flower** » 15 pro 2023 14:39

Parada, je to o nepoznatelnejsie rychlejsie. Super. Dakujeeem moc.
Treba este nieco docistit?

Fix result of Farbar Recovery Scan Tool (x64) Version: 13-12-2023
Ran by Viera Kadlíčková (15-12-2023 13:56:51) Run:1
Running from C:\Users\Viera Kadlíčková\OneDrive\Počítač
Loaded Profiles: Viera Kadlíčková
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\84.0.11.0\GoogleDriveFS.exe --startup_mode (No File)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\84.0.11.0\GoogleDriveFS.exe --startup_mode (No File)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\84.0.11.0\GoogleDriveFS.exe --startup_mode (No File)
Task: {F32EFDF7-1E62-43B4-895F-B439591F2DB5} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {AF7E7051-3CE0-41A5-B41C-4932AF0F5638} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe (No File)
Task: {43B5E1D3-3048-4741-9D9F-D02211086973} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-11] (Google Inc -> Google Inc.)
Task: {ED31C673-7872-47C1-A4C1-4B931AFE90DB} - System32\Tasks\GoogleUpdateTaskMachineCore1d49a0e4b034be => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-11] (Google Inc -> Google Inc.)
Task: {F9AABE8E-33EC-4750-B4C8-FED0D8487433} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-11] (Google Inc -> Google Inc.)
C:\Program Files (x86)\GUTC9E7.tmp
C:\Users\Viera Kadlíčková\AppData\Local\{1945F6D3-09E7-4D2F-8E5F-B0C88833F712}
C:\Users\Viera Kadlíčková\AppData\Local\{277E2C48-BF61-4D8A-8784-6DE4069B12AF}
C:\Users\Viera Kadlíčková\AppData\Local\{788F8675-C1A6-449F-9C5E-0A86A4A7D3DE}
C:\Users\Viera Kadlíčková\AppData\Local\{84E0EA02-3678-4CA7-83E0-F0D7A66971A0}
C:\Users\Viera Kadlíčková\AppData\Local\{DE13F611-3A04-46DA-873A-71080AA1B373}
CustomCLSID: HKU\S-1-5-21-765558173-3457487112-3880999057-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\Viera Kadlíčková\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => No File
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
C:\Users\Viera Kadlíčková\AppData\Local\Temp
SearchScopes: HKU\S-1-5-21-765558173-3457487112-3880999057-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-765558173-3457487112-3880999057-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FirewallRules: [{375E8B80-748E-428A-AE3D-B13F4AB5F830}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{3193694E-ECA5-460D-B215-FCA600556CA3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{9FA38853-64DF-4C1E-8A1E-2D6EBDF740E3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{56D6318E-E53C-4DDA-A53B-AE9D40ED798A}] => (Allow) C:\Program Files\CyberLink\PowerDirector12\PDR10.EXE => No File
FirewallRules: [{E0013D4D-EA5D-4647-B539-5B7C26676E08}] => (Allow) C:\Users\Viera Kadlíčková\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{B8A9730F-3984-4D40-8EA3-D8E3AE6053F9}] => (Allow) C:\Users\Viera Kadlíčková\AppData\Roaming\Zoom\bin\airhost.exe => No File

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
"HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleDriveFS" => removed successfully
"HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleDriveFS" => removed successfully
"HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleDriveFS" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F32EFDF7-1E62-43B4-895F-B439591F2DB5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F32EFDF7-1E62-43B4-895F-B439591F2DB5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AF7E7051-3CE0-41A5-B41C-4932AF0F5638}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AF7E7051-3CE0-41A5-B41C-4932AF0F5638}" => removed successfully
C:\WINDOWS\System32\Tasks\ASUS\ASUS Product Register Service => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS\ASUS Product Register Service" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{43B5E1D3-3048-4741-9D9F-D02211086973}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{43B5E1D3-3048-4741-9D9F-D02211086973}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{ED31C673-7872-47C1-A4C1-4B931AFE90DB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ED31C673-7872-47C1-A4C1-4B931AFE90DB}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1d49a0e4b034be => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore1d49a0e4b034be" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F9AABE8E-33EC-4750-B4C8-FED0D8487433}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F9AABE8E-33EC-4750-B4C8-FED0D8487433}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
C:\Program Files (x86)\GUTC9E7.tmp => moved successfully
C:\Users\Viera Kadlíčková\AppData\Local\{1945F6D3-09E7-4D2F-8E5F-B0C88833F712} => moved successfully
C:\Users\Viera Kadlíčková\AppData\Local\{277E2C48-BF61-4D8A-8784-6DE4069B12AF} => moved successfully
C:\Users\Viera Kadlíčková\AppData\Local\{788F8675-C1A6-449F-9C5E-0A86A4A7D3DE} => moved successfully
C:\Users\Viera Kadlíčková\AppData\Local\{84E0EA02-3678-4CA7-83E0-F0D7A66971A0} => moved successfully
C:\Users\Viera Kadlíčková\AppData\Local\{DE13F611-3A04-46DA-873A-71080AA1B373} => moved successfully
HKU\S-1-5-21-765558173-3457487112-3880999057-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\!AsusWSShellExt_B => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\DriveFS 28 or later => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\DriveFS 28 or later => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\DriveFS 28 or later => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully

"C:\Users\Viera Kadlíčková\AppData\Local\Temp" folder move:

C:\Users\Viera Kadlíčková\AppData\Local\Temp => moved successfully
"HKU\S-1-5-21-765558173-3457487112-3880999057-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-765558173-3457487112-3880999057-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{375E8B80-748E-428A-AE3D-B13F4AB5F830}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3193694E-ECA5-460D-B215-FCA600556CA3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9FA38853-64DF-4C1E-8A1E-2D6EBDF740E3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{56D6318E-E53C-4DDA-A53B-AE9D40ED798A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E0013D4D-EA5D-4647-B539-5B7C26676E08}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B8A9730F-3984-4D40-8EA3-D8E3AE6053F9}" => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 113207042 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 28968795 B
Edge => 0 B
Chrome => 1037754268 B
Firefox => 1011398 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 1356848 B
NetworkService => 1356848 B
Viera Kadlíčková => 16325330 B

RecycleBin => 251431424 B
EmptyTemp: => 1.4 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 14:23:29 ====

#13 Příspěvek od **Rudy** » 15 pro 2023 14:44

Ne, vše by mělo být OK. Byly to jen zbytečnosti. V případě zpomalení ještě zkuste defragmentovat disk.

alfonz.flower · #14 Příspěvek od **alfonz.flower** » 15 pro 2023 14:48

OK, to este mozno skusim, lebo disk je vytazeny na 100%

#15 Příspěvek od **Rudy** » 15 pro 2023 16:40

Který proces vám ten disk zatěžuje nejvíc?

VIRY.CZ

Totalne spomaleny comp

Totalne spomaleny comp

Re: Totalne spomaleny comp

Re: Totalne spomaleny comp

Re: Totalne spomaleny comp

Re: Totalne spomaleny comp

Re: Totalne spomaleny comp

Re: Totalne spomaleny comp

Re: Totalne spomaleny comp

Re: Totalne spomaleny comp

Re: Totalne spomaleny comp

Re: Totalne spomaleny comp

Re: Totalne spomaleny comp

Re: Totalne spomaleny comp

Re: Totalne spomaleny comp

Re: Totalne spomaleny comp