Stále přetrvává problém s padající databází - mizely mi i tisíce řádku. Dokonce se mi přepsala snad nějaká hodnota, což je průser jako vrata.
Tu prosím FRST logy, abych vyloučil malware.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25.01.2024
Ran by admin (administrator) on DESKTOP-FS31EKR (HP HP Z240 Tower Workstation) (26-01-2024 19:41:34)
Running from C:\Users\admin\Desktop\viry.cz\FRST64.exe
Loaded Profiles: admin & MariaDB
Platform: Microsoft Windows 10 Pro Version 22H2 19045.3930 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\EasyPHP-DevServer-14.1VC11.exe ->) () [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\mysql\bin\eds-mysqld.exe
(C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\EasyPHP-DevServer-14.1VC11.exe ->) (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\bin\eds-httpd.exe <2>
(C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\EasyPHP-DevServer-14.1VC11.exe ->) (Jan Fiala -> Jan Fiala) C:\Program Files (x86)\PSPad editor\PSPad.exe
(C:\Program Files\Google\Drive File Stream\85.0.37.0\GoogleDriveFS.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\85.0.37.0\crashpad_handler.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23112.87.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23112.87.0_x64__8wekyb3d8bbwe\YourPhoneAppProxy.exe
(cmd.exe ->) (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\php.exe <3>
(explorer.exe ->) (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corp.) C:\Program Files (x86)\Common Files\Manažer instalací SOLIDWORKS\BackgroundDownloading\sldBgDwld.exe
(explorer.exe ->) (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corp.) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\sldworks_fs.exe
(explorer.exe ->) (EasyPHP) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\EasyPHP-DevServer-14.1VC11.exe
(explorer.exe ->) (Ghisler Software GmbH -> Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <40>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\85.0.37.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Petr Laštovička) [File not signed] D:\ZÁLOHOVÁNÍ\#INSTALL\Instalace 2016-10-23\hotkeyp\HotkeyP.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(explorer.exe ->) (Star Micronics Co., Ltd.) [File not signed] C:\Program Files (x86)\StarMicronics\TSP100\Software\20221130\Ondemand.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleCrashHandler64.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe <3>
(rdpclip.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rdpinput.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\TRENDnet Wireless USB Adapter Driver\WPSService20.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Remote Desktop\121.0.6167.13\remoting_host.exe <2>
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_9949412f65718dfe\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_670360bdb5a40a0d\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_45efd8a6478e15ce\lib\TPMProvisioningService.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (MariaDB Corporation Ab -> ) C:\Program Files\MariaDB 11.3\bin\mysqld.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvwu.inf_amd64_3f2a4c162f79e81f\Display.NvContainer\NVDisplay.Container.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvwu.inf_amd64_3f2a4c162f79e81f\NVWMI\nvWmi64.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\admin\AppData\Local\Microsoft\OneDrive\24.010.0114.0001\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <6>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rdpclip.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(winlogon.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LogonUI.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391120 2019-03-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [TSP100ecoOndemand] => C:\Program Files (x86)\StarMicronics\TSP100\Software\20221130\Ondemand.exe [476672 2017-12-22] (Star Micronics Co., Ltd.) [File not signed]
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\85.0.37.0\GoogleDriveFS.exe [58857760 2024-01-23] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\85.0.37.0\GoogleDriveFS.exe [58857760 2024-01-23] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-4195152011-4283894360-3570850043-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\85.0.37.0\GoogleDriveFS.exe [58857760 2024-01-23] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-4195152011-4283894360-3570850043-1001\...\Run: [EasyPHP] => C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\EasyPHP-DevServer-14.1VC11.exe [279552 2014-01-09] (EasyPHP) [File not signed]
HKU\S-1-5-21-4195152011-4283894360-3570850043-1001\...\Run: [HotkeyP] => D:\ZÁLOHOVÁNÍ\#INSTALL\Instalace 2016-10-23\hotkeyp\HotkeyP.exe [147456 2012-11-20] (Petr Laštovička) [File not signed]
HKU\S-1-5-21-4195152011-4283894360-3570850043-1001\...\Run: [MicrosoftEdgeAutoLaunch_29EBC4579851B72EE312C449CF839B1A] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3854376 2024-01-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4195152011-4283894360-3570850043-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [39936 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-80-3070791953-3247979545-275873789-2352004973-969172767\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\85.0.37.0\GoogleDriveFS.exe [58857760 2024-01-23] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\85.0.37.0\GoogleDriveFS.exe [58857760 2024-01-23] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\Star Language Monitor Host: C:\Windows\system32\SMJLMHOST.DLL [31048 2021-09-03] (Microsoft Windows Hardware Compatibility Publisher -> Star Micronics Co., Ltd.)
HKLM\...\Print\Monitors\TSP100LAN Port: C:\Windows\system32\smjt100epm.dll [360960 2021-10-06] (Star Micronics Co., Ltd.) [File not signed]
HKLM\...\Print\Monitors\ZDesigner Language Monitor: C:\Windows\system32\zdnNLM64.dll [645760 2021-02-03] (Microsoft Windows Hardware Compatibility Publisher -> Euro Plus d.o.o.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\120.0.6099.227\Installer\chrmstp.exe [2024-01-25] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2016 Rychlé spuštění.lnk [2023-10-29]
ShortcutTarget: SOLIDWORKS 2016 Rychlé spuštění.lnk -> C:\Windows\Installer\{768F3B65-1695-47B7-9002-B11400CB111D}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS Nástroj pro stahování na pozadí.lnk [2023-10-29]
ShortcutTarget: SOLIDWORKS Nástroj pro stahování na pozadí.lnk -> C:\Program Files (x86)\Common Files\Manažer instalací SOLIDWORKS\BackgroundDownloading\sldBgDwld.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corp.)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {5D63C96B-20D2-44BA-AE44-37DB4E1A4C75} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-21] (Adobe Inc. -> Adobe Inc.)
Task: {325799CC-9E03-484E-BF8D-D4A3D534CED2} - System32\Tasks\FIRMA EnviCon WIN CRON 231122 => C:\Users\admin\Documents\www\www.admin.loc\system\BAT\environment_control.bat [252 2023-12-21] () [File not signed]
Task: {A816C1B9-AFD2-418C-9CF4-D55E2508ADB1} - System32\Tasks\FIRMA IMAP syncro 231018 => C:\Users\admin\Documents\www\www.admin.loc\system\Python\imap_syncro.bat [111 2023-04-12] () [File not signed]
Task: {9D47B887-D9C3-40A0-A6D2-7ABFDEA1DB0E} - System32\Tasks\FIRMA machines_log => C:\Users\admin\Documents\www\www.admin.loc\system\BAT\machines_log_loop.bat [429 2023-07-26] () [File not signed]
Task: {F1219E15-2BD8-451F-A89E-6C690EEAB6BD} - System32\Tasks\FIRMA ModBus update_register_values => C:\Users\admin\Documents\www\www.admin.loc\system\BAT\update_modbus_register_values.bat [403 2023-10-09] () [File not signed]
Task: {2B61D230-7393-4B16-8082-D54EA0E74425} - System32\Tasks\FIRMA MySQL repair tables => C:\Users\admin\Documents\www\www.admin.loc\system\BAT\mysqlcheck_repair_database.bat [703 2023-10-10] () [File not signed]
Task: {57BE48EC-80C8-46FD-949A-A6630EC03B01} - System32\Tasks\FIRMA netatmo WIN CRON 231122 => C:\Users\admin\Documents\www\www.admin.loc\system\BAT\neatmo_datalogger_loop.bat [254 2023-11-17] () [File not signed]
Task: {09A4D201-68D7-4D48-92E7-584D051C1066} - System32\Tasks\FIRMA update => C:\Users\admin\Documents\www\www.admin.loc\system\BAT\update_company_loop.bat [393 2023-07-26] () [File not signed]
Task: {95D27C17-C4B6-422F-9FD3-4B4032E03327} - System32\Tasks\GoogleUpdateTaskMachineCore{14F6E4FD-4A95-4512-A579-10B78508DD57} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-10-28] (Google LLC -> Google LLC)
Task: {FE3EE97F-7B93-4382-B4D3-03960DA2409B} - System32\Tasks\GoogleUpdateTaskMachineUA{16D9D042-4507-4C25-A602-9373832C8FF8} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-10-28] (Google LLC -> Google LLC)
Task: {63F8C573-B758-4621-A1CE-737C519AC508} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [703536 2024-01-04] (HP Inc. -> HP Inc.)
Task: {2C06E407-82AE-49BB-8802-DCBA29FAEEB0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2024-01-04] (HP Inc. -> HP Inc.)
Task: {EFFF80A3-16B0-4759-A841-7D89ECD47A52} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPPrinterLowInk => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPPrinterLowInk\HPPrinterLowInk.exe [231472 2024-01-04] (HP Inc. -> HP Inc.)
Task: {37CA53B6-61A3-4C28-890F-4A27523479EB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6D518084-0DF4-4995-913F-40F0739F4C15} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3026EE8E-CC51-4CE2-9104-4F6758959632} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {121F59AA-7453-4782-9928-60077FD898E5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D5D95642-ED86-4F5B-A37D-6C737AAD7121} - System32\Tasks\nWizard_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [1554120 2023-10-29] (Nvidia Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.11.1
Tcpip\..\Interfaces\{e8b2eadf-34b4-491c-8507-1c3a230950d9}: [DhcpNameServer] 192.168.11.1
Tcpip\..\Interfaces\{e8b2eadf-34b4-491c-8507-1c3a230950d9}: [DhcpDomain] suchomelplasty.loc
Edge:
=======
Edge Profile: C:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default [2024-01-26]
Edge Session Restore: Default -> is enabled.
Edge Extension: (Dokumenty Google offline) - C:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-22]
Edge Extension: (Edge relevant text changes) - C:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
FireFox:
========
FF Plugin: 3ds.com/ComposerPlayerWebPlugin_x86_64 -> C:\PROGRA~1\SOLIDW~1\SOLIDW~3\Bin\NPCOMP~1.DLL [2016-10-13] (DASSAULT SYSTEMES SA -> Dassault Systemes)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-01-13] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: 3ds.com/ComposerPlayerWebPlugin -> C:\PROGRA~1\SOLIDW~1\SOLIDW~3\Bin\x86\NPCOMP~1.DLL [2016-10-13] (DASSAULT SYSTEMES SA -> Dassault Systemes)
Chrome:
=======
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default [2024-01-26]
CHR Notifications: Default -> hxxps://calendar.google.com
CHR StartupUrls: Default -> "hxxps://tvgo.t-mobile.cz/"
CHR Extension: (Tablet Gestures) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpfjochlgeifbpfnlchcdcmoaafnoim [2023-10-28]
CHR Extension: (Adblock na Youtube™) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2024-01-26]
CHR Extension: (Type-ahead-find) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpecbmjeidppdiampimghndkikcmoadk [2023-10-28]
CHR Extension: (Typio Form Recovery) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\djkbihbnjhkjahbhjaadbepppbpoedaa [2023-10-28]
CHR Extension: (Adobe Acrobat: nástroje pro úpravu, převod a podpis souborů PDF) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-12-16]
CHR Extension: (I don't care about cookies) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2023-12-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-13]
CHR Extension: (RestMan) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihgpcfpkpmdcghlnaofdmjkoemnlijdi [2023-10-28]
CHR Extension: (Chrome Remote Desktop) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2023-10-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-10-28]
CHR Extension: (Open Email Client) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\oofmnabdpcibefadlibdpnnbglcehfpj [2023-10-28]
CHR HKU\S-1-5-21-4195152011-4283894360-3570850043-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-4195152011-4283894360-3570850043-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-21] (Adobe Inc. -> Adobe Inc.)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\121.0.6167.13\remoting_host.exe [74528 2023-12-11] (Google LLC -> Google LLC)
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [888880 2024-01-04] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [887848 2024-01-04] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [884784 2024-01-04] (HP Inc. -> HP Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230360 2024-01-18] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [886832 2024-01-04] (HP Inc. -> HP Inc.)
R2 MariaDB; C:\Program Files\MariaDB 11.3\bin\mysqld.exe [34728 2023-09-17] (MariaDB Corporation Ab -> )
S3 mc-wps-secdashboardservice; C:\Program Files (x86)\HP\HP Support Framework\Resources\mc-wps-secdashboardservice.exe [1204608 2024-01-04] (McAfee, LLC -> McAfee, LLC)
R2 NVWMI; C:\Windows\System32\DriverStore\FileRepository\nvwu.inf_amd64_3f2a4c162f79e81f\NVWMI\nvWmi64.exe [4476632 2023-10-29] (Nvidia Corporation -> NVIDIA Corporation)
S3 PortEmulator; C:\Program Files\StarMicronics\TSP100\Software\20221130\portemu_umdf_tsp100.exe [207872 2016-02-26] () [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534472 2023-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2023-10-29] (SolidWorks) [File not signed]
S3 TcpEmulatorTSP100LAN; C:\Program Files\StarMicronics\TSP100\Software\20221130\tcpemu_tsp100lan.exe [351744 2015-05-22] (STAR MICRONICS CO,.LTD) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WPSService20; C:\Program Files (x86)\TRENDnet Wireless USB Adapter Driver\WPSService20.exe [96768 2017-01-06] () [File not signed]
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvwu.inf_amd64_3f2a4c162f79e81f\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvwu.inf_amd64_3f2a4c162f79e81f\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 googledrivefs31357; C:\Windows\System32\DriverStore\FileRepository\googledrivefs31357.inf_amd64_a8bf31a168cf7d00\googledrivefs31357.sys [384712 2023-10-28] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 MpKsl4d13f5a9; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FF95ED77-E781-4955-925C-19F4B5CCCE0C}\MpKslDrv.sys [263560 2024-01-26] (Microsoft Windows -> Microsoft Corporation)
R3 plser; C:\Windows\system32\DRIVERS\plser64.sys [315368 2023-04-28] (Microsoft Windows Hardware Compatibility Publisher -> Prolific Technology Inc.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [55856 2023-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [594304 2023-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-01-26 19:41 - 2024-01-26 19:41 - 000000000 ____D C:\Users\admin\Desktop\viry.cz
2024-01-26 19:41 - 2024-01-26 19:41 - 000000000 ____D C:\FRST
2024-01-26 09:57 - 2024-01-26 09:57 - 000319488 _____ C:\Users\admin\Downloads\RE_ _EXTERNAL_ Re_ RFQ_ 4VTCQ915Txxx nabídka.msg
2024-01-24 21:55 - 2024-01-26 19:12 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2024-01-22 08:57 - 2024-01-22 08:57 - 000099569 _____ C:\Users\admin\Desktop\Dodaci-list-D230175__klice_zelene_a_cervene.pdf
2024-01-21 10:44 - 2024-01-21 10:44 - 000210553 _____ C:\Users\admin\Downloads\company.sql
2024-01-18 19:21 - 2024-01-18 19:21 - 002317373 _____ C:\Users\admin\Downloads\prezentace-ivt-air-x-2023.pdf
2024-01-18 19:20 - 2024-01-18 19:20 - 000129298 _____ C:\Users\admin\Downloads\test-tepelnych-cerpadel-vzduch-voda-2014.pdf
2024-01-18 12:57 - 2024-01-18 12:57 - 004072595 _____ C:\Users\admin\Downloads\1704963605962-PLC 410-33 (1).pdf
2024-01-18 10:12 - 2024-01-18 10:12 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2024-01-17 19:12 - 2024-01-17 19:12 - 000000000 ____D C:\Users\admin\Documents\IV-Navigator
2024-01-17 19:11 - 2024-01-17 19:11 - 000002103 _____ C:\Users\Public\Desktop\IVP-Converter.lnk
2024-01-17 19:11 - 2024-01-17 19:11 - 000002098 _____ C:\Users\Public\Desktop\IV-Navigator.lnk
2024-01-17 19:11 - 2024-01-17 19:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KEYENCE Applications
2024-01-17 19:11 - 2024-01-17 19:11 - 000000000 ____D C:\Program Files (x86)\KEYENCE
2024-01-15 13:42 - 2024-01-15 13:42 - 003107764 _____ C:\Users\admin\Downloads\1704963616324-PLC410-33 (1).stp
2024-01-13 11:02 - 2024-01-13 11:02 - 000176666 _____ C:\Users\admin\Downloads\uz-464100007407-20230412-091439 (2).pdf
2024-01-13 11:02 - 2024-01-13 11:02 - 000166960 _____ C:\Users\admin\Downloads\priloha v ucetni zaverce - wuders s.r.o - 2022 (1).pdf
2024-01-12 19:40 - 2024-01-12 19:40 - 000176666 _____ C:\Users\admin\Downloads\uz-464100007407-20230412-091439 (1).pdf
2024-01-12 19:39 - 2024-01-12 19:39 - 000176666 _____ C:\Users\admin\Downloads\uz-464100007407-20230412-091439.pdf
2024-01-12 19:39 - 2024-01-12 19:39 - 000166960 _____ C:\Users\admin\Downloads\priloha v ucetni zaverce - wuders s.r.o - 2022.pdf
2024-01-10 09:41 - 2024-01-10 09:43 - 000000000 ___HD C:\$WinREAgent
2024-01-09 12:34 - 2024-01-09 12:34 - 000000000 ____D C:\Users\admin\AppData\Roaming\EDrawings
2024-01-08 18:16 - 2024-01-08 18:16 - 000000863 _____ C:\Users\admin\Desktop\AR6x2.B.cfg
2024-01-08 18:12 - 2024-01-08 18:15 - 000000000 ____D C:\Users\admin\Documents\ARsoft
2024-01-08 18:12 - 2024-01-08 18:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ARsoft
2024-01-08 18:12 - 2024-01-08 18:12 - 000000000 ____D C:\Program Files (x86)\ARsoft
2024-01-08 16:54 - 2024-01-08 16:54 - 000002074 _____ C:\Users\admin\Downloads\3D_analysis.vbs
2024-01-08 12:37 - 2024-01-08 12:37 - 000350155 _____ C:\Users\admin\Desktop\snímače_teploty_modbus.zip
2024-01-08 09:37 - 2024-01-08 09:34 - 1609661000 _____ (Autodesk, Inc.) C:\Users\admin\Downloads\MFC_2023_FCS_Multilingual_Win_64bit_dlm.sfx.exe
2024-01-08 09:29 - 2024-01-08 09:31 - 203858681 _____ C:\Users\admin\Downloads\zasilka-NUTYUR93GCVCLC39.zip
2024-01-07 09:06 - 2024-01-07 09:06 - 000110176 _____ C:\Users\admin\Desktop\unifi_os_backup_1704614760409_3c36504e-c8cc-420a-9c5a-3b59578802ac.unifi
2024-01-05 13:01 - 2024-01-19 20:20 - 000000000 ____D C:\Users\admin\Desktop\#TEMP_MAZAT#
2024-01-05 08:53 - 2024-01-05 08:53 - 002893777 _____ C:\Users\admin\Downloads\easy-braid-purex-brochure.pdf
2024-01-05 08:02 - 2024-01-05 08:02 - 000000000 ____D C:\Users\admin\Documents\smazat
2024-01-04 16:18 - 2024-01-26 09:31 - 000000000 _____ C:\Users\admin\AppData\Local\Temptable.xml
2024-01-04 08:37 - 2024-01-04 08:37 - 000681858 _____ C:\Users\admin\Desktop\Slozenka - Informace k platbe pojisteni c 829645449.zip
2024-01-04 08:37 - 2023-11-16 10:46 - 000700807 ____N C:\Users\admin\Desktop\Složenka - Informace k platbě pojištění č 829645449.pdf
2023-12-31 09:15 - 2024-01-05 05:37 - 000000000 ____D C:\Users\admin\Documents\#OSTATNÍ
2023-12-30 12:37 - 2023-12-30 12:37 - 000276727 _____ C:\Users\admin\Downloads\SOFARSOLAR ModBus-RTU Communication Protocol.pdf
2023-12-30 12:37 - 2023-12-30 12:37 - 000276727 _____ C:\Users\admin\Downloads\SOFARSOLAR ModBus-RTU Communication Protocol (1).pdf
2023-12-29 10:11 - 2023-12-29 10:11 - 000013413 _____ C:\Users\admin\Desktop\JS_FV+likvidace_2023_opraveno_1.xlsx
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-01-26 19:40 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-01-26 19:34 - 2023-10-28 20:11 - 000000000 ____D C:\Program Files (x86)\Google
2024-01-26 19:34 - 2022-09-08 04:11 - 000000000 ____D C:\Windows\SystemTemp
2024-01-26 19:25 - 2023-10-29 20:01 - 000000000 ____D C:\ProgramData\NVIDIA
2024-01-26 19:25 - 2023-10-28 20:09 - 000000000 ___SD C:\Users\admin\AppData\Roaming\Microsoft\Credentials
2024-01-26 19:17 - 2023-10-28 20:08 - 001694140 _____ C:\Windows\system32\PerfStringBackup.INI
2024-01-26 19:17 - 2019-12-07 15:43 - 000717008 _____ C:\Windows\system32\perfh005.dat
2024-01-26 19:17 - 2019-12-07 15:43 - 000145186 _____ C:\Windows\system32\perfc005.dat
2024-01-26 19:17 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2024-01-26 19:15 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2024-01-26 19:14 - 2023-10-29 14:25 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-01-26 19:12 - 2023-10-29 14:25 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2024-01-26 19:12 - 2023-10-29 14:25 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-01-26 19:12 - 2023-10-28 20:33 - 000000000 ____D C:\Users\admin\AppData\Local\D3DSCache
2024-01-26 19:10 - 2023-10-28 19:59 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-01-26 19:10 - 2023-10-28 19:58 - 000008192 ___SH C:\DumpStack.log.tmp
2024-01-26 19:10 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-01-26 19:10 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState
2024-01-26 19:09 - 2023-10-28 20:08 - 000000000 ____D C:\Users\admin
2024-01-26 19:09 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2024-01-26 18:59 - 2023-10-28 19:58 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-01-25 11:21 - 2023-10-28 20:11 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4195152011-4283894360-3570850043-1001
2024-01-25 11:21 - 2023-10-28 20:10 - 000003380 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4195152011-4283894360-3570850043-1001
2024-01-25 11:21 - 2023-10-28 20:08 - 000002381 _____ C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-01-25 11:16 - 2023-10-28 11:58 - 000000378 _____ C:\Users\admin\Desktop\!zaslat.cz.csv
2024-01-25 09:55 - 2023-10-29 14:30 - 000000000 ____D C:\Users\admin\Documents\2.Suchomel PLASTY
2024-01-25 04:36 - 2023-10-28 20:12 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-01-24 20:11 - 2023-10-28 11:58 - 000000000 ___RD C:\Users\admin\Desktop\!FAKTURY VYDANÉ
2024-01-23 20:36 - 2023-10-28 20:14 - 000002173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2024-01-23 18:33 - 2023-10-28 11:58 - 000000179 _____ C:\Users\admin\Desktop\!podani_online.csv
2024-01-23 13:11 - 2023-10-29 15:04 - 000000000 ____D C:\Users\admin\AppData\Local\TempAdresářZálohySW
2024-01-23 10:53 - 2023-12-03 09:15 - 000004346 _____ C:\Windows\system32\Tasks\FIRMA IMAP syncro 231018
2024-01-19 14:01 - 2023-10-30 10:01 - 000004398 _____ C:\Windows\system32\Tasks\FIRMA MySQL repair tables
2024-01-19 11:28 - 2023-10-28 20:32 - 000000000 ____D C:\Users\admin\AppData\Local\GHISLER
2024-01-19 03:35 - 2023-10-28 19:59 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-01-18 17:41 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\NDF
2024-01-17 20:30 - 2023-10-28 21:43 - 000002342 ____H C:\Users\admin\Documents\Default.rdp
2024-01-17 19:49 - 2019-12-07 15:45 - 000000000 ____D C:\Windows\system32\FxsTmp
2024-01-16 15:31 - 2023-10-29 16:11 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2024-01-16 15:31 - 2023-10-29 16:11 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-01-14 00:42 - 2023-12-12 14:33 - 000000000 ____D C:\Users\admin\AppData\Local\ElevatedDiagnostics
2024-01-13 09:05 - 2023-10-29 19:55 - 000000000 ____D C:\Users\admin\AppData\LocalLow\Adobe
2024-01-13 08:41 - 2023-10-29 15:05 - 000000000 ____D C:\Windows\system32\Tasks\Hewlett-Packard
2024-01-13 08:41 - 2023-10-28 19:58 - 001405608 _____ C:\Windows\system32\FNTCACHE.DAT
2024-01-13 08:40 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2024-01-13 08:40 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2024-01-13 08:40 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2024-01-13 08:40 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2024-01-13 08:40 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellExperiences
2024-01-13 08:40 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2024-01-13 08:33 - 2023-10-28 12:01 - 000001327 _____ C:\Users\admin\Desktop\wake_up_PS.lnk
2024-01-13 08:32 - 2023-10-29 15:02 - 000000000 ____D C:\Users\admin\AppData\Local\SolidWorks
2024-01-12 19:11 - 2023-11-25 11:35 - 000000000 ____D C:\Program Files\HP
2024-01-12 07:50 - 2023-10-28 22:21 - 000918944 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2024-01-10 09:53 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2024-01-10 09:42 - 2023-10-28 23:28 - 000000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER
2024-01-10 08:49 - 2023-10-28 23:23 - 000000000 ____D C:\Windows\system32\MRT
2024-01-10 08:46 - 2023-10-28 23:23 - 189718008 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-01-05 14:32 - 2023-10-28 20:09 - 000000000 ___SD C:\Users\admin\AppData\Roaming\Microsoft\Protect
2024-01-03 09:46 - 2023-10-30 20:24 - 000000000 ____D C:\Users\admin\Documents\INSTALL
2024-01-03 09:46 - 2023-10-30 19:50 - 000000000 ____D C:\Users\admin\Documents\Moje knihovny
2023-12-28 23:16 - 2023-10-28 21:11 - 000003534 _____ C:\Windows\system32\Tasks\FIRMA update
==================== Files in the root of some directories ========
2023-10-28 20:37 - 2021-12-21 09:07 - 000001587 _____ () C:\Users\admin\AppData\Roaming\instalace_2021-11-15.txt
2023-11-13 12:54 - 2023-11-13 13:00 - 000000128 _____ () C:\Users\admin\AppData\Local\PUTTY.RND
2024-01-04 16:18 - 2024-01-26 09:31 - 000000000 _____ () C:\Users\admin\AppData\Local\Temptable.xml
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25.01.2024
Ran by admin (26-01-2024 19:43:18)
Running from C:\Users\admin\Desktop\viry.cz
Microsoft Windows 10 Pro Version 22H2 19045.3930 (X64) (2023-10-28 19:00:44)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
admin (S-1-5-21-4195152011-4283894360-3570850043-1001 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-4195152011-4283894360-3570850043-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4195152011-4283894360-3570850043-503 - Limited - Disabled)
Guest (S-1-5-21-4195152011-4283894360-3570850043-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-4195152011-4283894360-3570850043-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 23.008.20470 - Adobe)
ARsoftCFG (HKLM-x32\...\ARsoftCFG_is1) (Version: - Apar)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cognex In-Sight Software 6.5.0 (HKLM-x32\...\{82D1D72F-40B6-428B-92E7-000600050000}) (Version: 6.5.0.42 - Cognex Corporation)
Dynamic Application Loader Host Interface Service (HKLM\...\{E3AB2E94-D548-48A7-9F0E-A44D82ED1D7A}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 85.0.37.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 120.0.6099.227 - Google LLC)
HSMWorks x64 2016 R2.40513 (HKLM\...\{07404224-03A7-4ffc-9AFB-EC32BD898C55}_is1) (Version: 2016 R2.40513 - Autodesk, Inc.)
Chrome Remote Desktop Host (HKLM-x32\...\{6A53EDCE-B3CE-4C1C-83FF-D78E08CE6747}) (Version: 121.0.6167.13 - Google LLC)
Intel(R) Icls (HKLM\...\{57640D80-A187-4A4F-BB91-7F2EF7AB5FE9}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) LMS (HKLM\...\{62609178-ECD7-473C-9D1F-9E0CF6927E45}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2242.3.34.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{939DFEE4-2675-4B42-904B-B213B857E347}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{E4697D8A-D9C0-4BCE-AC7F-5A56DD250529}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{EC8B054F-9D60-4AFC-9920-25ABFF987B29}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) ME WMI Provider (HKLM\...\{3C66C597-3BAA-403D-9BCD-561ED78B0F1B}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) SOL LMS Extension (HKLM\...\{D36619E0-ADBA-41C6-A5AC-222FCFBF762B}) (Version: 1.0.0.0 - Intel Corporation) Hidden
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.42 - Irfan Skiljan)
IVC Studio 3.3_SR3 (HKLM-x32\...\{ecc1cc9a-79a4-4df8-910d-ae9f1bea86fa}) (Version: 3.3.6.12 - SICK)
IV-Navigator (HKLM-x32\...\{03DCFA6F-A000-4FD8-9A56-A73475D6AD21}) (Version: 5.50.20.0 - KEYENCE CORPORATION)
Kits Configuration Installer (HKLM-x32\...\{78011ACC-E1CB-4B42-EDC3-91EAED6F933B}) (Version: 10.1.22621.2428 - Microsoft) Hidden
LibreOffice 7.5.7.1 (HKLM\...\{E2C32F4F-C16F-4266-A996-F27C7C38B36E}) (Version: 7.5.7.1 - The Document Foundation)
MariaDB 11.3 (x64) (HKLM\...\{5FF32D41-2607-426F-BD7B-A361B93740CD}) (Version: 11.3.0.0 - MariaDB Corporation Ab) Hidden
MariaDB 11.3 (x64) (HKLM\...\MariaDB 11.3 (x64)) (Version: 11.3.0.0 - MariaDB Corporation Ab)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 120.0.2210.144 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 120.0.2210.144 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4195152011-4283894360-3570850043-1001\...\OneDriveSetup.exe) (Version: 24.010.0114.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual Basic for Applications 7.1 (x64) (HKLM\...\{90120064-0070-0000-0000-4000000FF1CE}) (Version: 7.1.00.00 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x64) English (HKLM\...\{90F60409-7000-11D3-8CFE-0150048383C9}) (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24212 (HKLM-x32\...\{844ECB74-9B63-3D5C-958C-30BD23F19EE4}) (Version: 14.0.24212 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24212 (HKLM-x32\...\{37B55901-995A-3650-80B1-BBFD047E2911}) (Version: 14.0.24212 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version: - Microsoft Corporation)
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-4195152011-4283894360-3570850043-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.84.2 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 115.4.1 - Mozilla)
Mozilla Thunderbird (x64 cs) (HKLM\...\Mozilla Thunderbird 115.7.0 (x64 cs)) (Version: 115.7.0 - Mozilla)
NVIDIA Ovladač HD audia 1.3.39.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.3 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 512.78 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 512.78 - NVIDIA Corporation)
NVIDIA RTX Desktop Manager 202.85 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 202.85 - NVIDIA Corporation)
PSPad editor (HKLM-x32\...\PSPad editor 32bit_is1) (Version: 5.0.7.775 - Jan Fiala)
PuTTY release 0.79 (64-bit) (HKLM\...\{E07417FF-E888-4648-878C-73E25D64D50D}) (Version: 0.79.0.0 - Simon Tatham)
Python 3.12.0 (64-bit) (HKU\S-1-5-21-4195152011-4283894360-3570850043-1001\...\{cf9c4d97-48a7-4a27-b9fc-91b88a803c40}) (Version: 3.12.150.0 - Python Software Foundation)
Python 3.12.0 Add to Path (64-bit) (HKLM\...\{380DEEDA-4227-4F0E-9F7C-34C75649DE59}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python 3.12.0 Core Interpreter (64-bit) (HKLM\...\{6B58F6F9-656A-4CC4-8BAB-22177BFFA45F}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python 3.12.0 Development Libraries (64-bit) (HKLM\...\{225BAA2C-BDCA-4D63-9D72-D92CE5E2421D}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python 3.12.0 Documentation (64-bit) (HKLM\...\{5DF0B8D8-4E7F-43EB-AD16-30FFA931A905}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python 3.12.0 Executables (64-bit) (HKLM\...\{575EC8EB-A481-4CF1-BAB0-3C1DBD2E50A7}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python 3.12.0 pip Bootstrap (64-bit) (HKLM\...\{24B8988D-E785-4124-BF77-1DC6A3E62050}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python 3.12.0 Standard Library (64-bit) (HKLM\...\{14BBD330-AA3F-4F7A-8A39-DFB28AECFA82}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python 3.12.0 Tcl/Tk Support (64-bit) (HKLM\...\{6EAF677E-4EE8-4A22-9781-9131C5298D26}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python 3.12.0 Test Suite (64-bit) (HKLM\...\{0A9B38A7-D393-44A5-A94E-9FEC927DC39C}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{3182A195-B671-44A8-B0C7-7876B916BA5A}) (Version: 3.12.150.0 - Python Software Foundation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8644 - Realtek Semiconductor Corp.)
SDK Debuggers (HKLM-x32\...\{7BCA6411-E2E7-D7F5-10D4-382BA91890B1}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden
SOLIDWORKS 2016 x64 Czech Resources (HKLM\...\{BD37B53B-592C-41B4-BECA-D156E3D0B058}) (Version: 24.150.58 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS 2016 x64 Edition SP05 (HKLM\...\{768F3B65-1695-47B7-9002-B11400CB111D}) (Version: 24.150.58 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS 2016 x64 Edition SP05 (HKLM-x32\...\SolidWorks Installation Manager 20160-40500-1100-100) (Version: 24.5.0.58 - SolidWorks Corporation)
SOLIDWORKS Composer Player 2016 SP05 x64 Edition (HKLM\...\{8537E059-C18B-4DE6-AED6-CD9B90240C35}) (Version: 24.50.58 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS eDrawings 2016 x64 Edition SP05 (HKLM\...\{12339098-76B6-47CD-B52A-52E4809108F6}) (Version: 16.5.0084 - Společnost Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS Explorer 2016 SP05 x64 Edition (HKLM\...\{41E08694-1890-4B39-9D1C-B9D27A1D67B3}) (Version: 24.50.58 - Společnost Dassault Systemes SolidWorks Corp) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 11.01 - Ghisler Software GmbH)
TRENDnet Wireless USB Adapter Driver (HKLM-x32\...\{B63CCD1C-A133-4DF8-8306-DA0387231152}) (Version: 1.00.0274 - TRENDnet Inc.)
TSP100 Setup Version 7.7.0 (HKLM\...\{3A67E289-0888-4BD5-A334-B0CECABF7128}) (Version: 7.7.0 - Star Micronics)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
Windows SDK EULA (HKLM-x32\...\{7520C851-321C-30E7-0372-74CC71E40113}) (Version: 10.1.22621.2428 - Microsoft Corporations) Hidden
Windows Software Development Kit - Windows 10.0.22621.2428 (HKLM-x32\...\{7645bd51-e95b-48cd-bf4b-0e9ab7ef33b0}) (Version: 10.1.22621.2428 - Microsoft Corporation)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WPTx64 (HKLM-x32\...\{0B2C58EB-67A2-225B-60B2-D1990E55DD33}) (Version: 8.100.26866 - Microsoft)
Zebra Setup Utilities (HKLM-x32\...\{9207A8EC-3B2D-4A4A-8BF7-957FC19BB3DE}) (Version: 1.1.9.1290 - Zebra Technologies) Hidden
Zebra Setup Utilities (HKLM-x32\...\Zebra Setup Utilities) (Version: 1.1.9.1290 - Zebra Technologies)
Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-01-13] ()
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_151.3.1092.0_x64__v10z8vjag6ke6 [2024-01-18] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.32.31.0_x64__v10z8vjag6ke6 [2024-01-12] (HP Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-10-29] (NVIDIA Corp.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.18.11020.0_x64__8wekyb3d8bbwe [2023-11-18] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0 [2024-01-20] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4195152011-4283894360-3570850043-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-4195152011-4283894360-3570850043-1001_Classes\CLSID\{73a1ee5f-5a0a-484b-b770-46bfbc161c24}\InprocServer32 -> C:\Program Files\Mozilla Thunderbird\notificationserver.dll => No File
CustomCLSID: HKU\S-1-5-21-4195152011-4283894360-3570850043-1001_Classes\CLSID\{BEA218D2-6950-497B-9434-61683EC065FE}\InprocServer32 -> C:\Users\admin\AppData\Local\Programs\Python\Launcher\pyshellext.amd64.dll (Python Software Foundation -> Python Software Foundation)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\85.0.37.0\drivefsext.dll [2024-01-23] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\85.0.37.0\drivefsext.dll [2024-01-23] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\85.0.37.0\drivefsext.dll [2024-01-23] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\85.0.37.0\drivefsext.dll [2024-01-23] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\85.0.37.0\drivefsext.dll [2024-01-23] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\85.0.37.0\drivefsext.dll [2024-01-23] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\85.0.37.0\drivefsext.dll [2024-01-23] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvwu.inf_amd64_3f2a4c162f79e81f\nvshext.dll [2023-10-29] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [NvQuadroView] -> {1E9B04FB-F9E5-4718-997B-B8DA88302A48} => C:\Program Files\NVIDIA Corporation\nview\nvshell.dll [2023-10-29] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\admin\Desktop\wake_up_PS.lnk -> G:\Můj disk\#dev\Python\WakeOnLAN\wake_up_PS.bat ()
ShortcutWithArgument: C:\Users\admin\Documents\www\www.admin.loc\modules\_dev\require\SolidWorks\Macros\SLDWORKS.lnk -> C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\SLDWORKS.exe (Dassault Systèmes SolidWorks Corp.) -> /m "C:\Users\admin\Documents\www\www.admin.loc\modules\_dev\require\SolidWorks\Macros\analysis_pictures-v1.10.swp"
==================== Loaded Modules (Whitelisted) =============
2023-10-28 20:50 - 2013-07-08 17:34 - 000114688 _____ () [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\bin\pcre.dll
2020-08-27 16:46 - 2020-08-27 16:46 - 000091136 _____ () [File not signed] C:\Program Files (x86)\StarMicronics\TSP100\Software\20221130\StarMicronicsCloudNativeLibrary_futurePRNT.dll
2023-10-28 20:50 - 2013-11-22 02:12 - 000152576 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\bin\libapr-1.dll
2023-10-28 20:50 - 2013-11-22 02:12 - 000027136 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\bin\libapriconv-1.dll
2023-10-28 20:50 - 2013-11-22 02:12 - 000206848 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\bin\libaprutil-1.dll
2023-10-28 20:50 - 2013-11-22 02:13 - 000328192 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\bin\libhttpd.dll
2023-10-28 20:50 - 2013-11-22 02:07 - 000012288 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_access_compat.so
2023-10-28 20:50 - 2013-11-22 02:07 - 000011264 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_actions.so
2023-10-28 20:50 - 2013-11-22 02:07 - 000013824 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_alias.so
2023-10-28 20:50 - 2013-11-22 02:07 - 000009728 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_allowmethods.so
2023-10-28 20:50 - 2013-11-22 02:07 - 000010752 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_asis.so
2023-10-28 20:50 - 2013-11-22 02:07 - 000014336 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_auth_basic.so
2023-10-28 20:50 - 2013-11-22 02:07 - 000011776 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_authn_core.so
2023-10-28 20:50 - 2013-11-22 02:07 - 000011264 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_authn_file.so
2023-10-28 20:50 - 2013-11-22 02:07 - 000018944 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_authz_core.so
2023-10-28 20:50 - 2013-11-22 02:07 - 000011776 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_authz_groupfile.so
2023-10-28 20:50 - 2013-11-22 02:07 - 000011264 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_authz_host.so
2023-10-28 20:50 - 2013-11-22 02:07 - 000009728 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_authz_user.so
2023-10-28 20:50 - 2013-11-22 02:07 - 000030208 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_autoindex.so
2023-10-28 20:50 - 2013-11-22 02:07 - 000020480 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_cgi.so
2023-10-28 20:50 - 2013-11-22 02:07 - 000012288 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_dir.so
2023-10-28 20:50 - 2013-11-22 02:07 - 000010752 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_env.so
2023-10-28 20:50 - 2013-11-22 02:08 - 000039424 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_include.so
2023-10-28 20:50 - 2013-11-22 02:08 - 000024064 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_isapi.so
2023-10-28 20:50 - 2013-11-22 02:08 - 000024576 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_log_config.so
2023-10-28 20:50 - 2013-11-22 02:08 - 000016896 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_mime.so
2023-10-28 20:50 - 2013-11-22 02:08 - 000029184 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_negotiation.so
2023-10-28 20:50 - 2013-11-22 02:08 - 000051200 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_rewrite.so
2023-10-28 20:50 - 2013-11-22 02:08 - 000013824 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_setenvif.so
2023-11-22 08:16 - 2017-01-06 16:51 - 000524288 _____ (Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\TRENDnet Wireless USB Adapter Driver\RtlLib.dll
2023-11-22 08:16 - 2017-01-06 16:51 - 000200704 _____ (Realtek) [File not signed] C:\Program Files (x86)\TRENDnet Wireless USB Adapter Driver\IpLib.dll
2023-11-22 08:16 - 2017-01-06 16:51 - 000286720 _____ (Realtek) [File not signed] C:\Program Files (x86)\TRENDnet Wireless USB Adapter Driver\RtlIhvOid.dll
2015-10-27 10:28 - 2015-10-27 10:28 - 000486912 _____ (Star Micronics Co., Ltd.) [File not signed] C:\Program Files\StarMicronics\TSP100\Software\20221130\StarIOPort.dll
2021-10-06 18:43 - 2021-10-06 18:43 - 000360960 _____ (Star Micronics Co., Ltd.) [File not signed] C:\Windows\System32\smjt100epm.dll
2023-10-28 20:50 - 2013-07-08 17:29 - 001175040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\bin\libeay32.dll
2023-10-28 20:50 - 2013-07-08 17:29 - 000269312 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\bin\ssleay32.dll
2023-10-28 21:06 - 2014-01-09 07:37 - 001169920 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\LIBEAY32.dll
2023-10-28 21:06 - 2014-01-09 07:37 - 000269312 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\SSLEAY32.dll
2023-11-22 08:16 - 2017-01-06 16:51 - 001122304 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\TRENDnet Wireless USB Adapter Driver\LIBEAY32.dll
2023-10-28 21:06 - 2014-01-09 07:37 - 000066560 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_bz2.dll
2023-10-28 21:06 - 2014-01-09 07:37 - 000492032 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_curl.dll
2023-10-28 21:06 - 2014-01-09 07:37 - 001348096 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_gd2.dll
2023-10-28 21:06 - 2014-01-09 07:37 - 000831488 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_imap.dll
2023-10-28 21:06 - 2014-01-09 07:37 - 001239552 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_mbstring.dll
2023-10-28 21:06 - 2014-01-09 07:37 - 000036864 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_mysql.dll
2023-10-28 21:06 - 2014-01-09 07:37 - 000088576 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_mysqli.dll
2023-10-28 21:06 - 2014-01-09 07:37 - 000072704 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_openssl.dll
2023-10-28 21:06 - 2014-01-09 07:37 - 000024576 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_pdo_mysql.dll
2023-10-28 21:06 - 2014-01-09 07:37 - 000399872 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_pdo_sqlite.dll
2023-10-28 21:06 - 2014-01-09 07:37 - 000054784 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_sockets.dll
2023-10-28 21:06 - 2014-01-09 07:37 - 000553472 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_sqlite3.dll
2023-10-28 21:06 - 2014-01-09 07:37 - 000231936 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_xsl.dll
2023-10-28 21:06 - 2014-01-09 07:37 - 000026624 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\php5apache2_4.dll
2023-10-28 21:06 - 2014-01-09 07:37 - 006155264 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\php5ts.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2024-01-04] (HP Inc. -> HP Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2024-01-04] (HP Inc. -> HP Inc.)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\PuTTY\
HKU\S-1-5-21-4195152011-4283894360-3570850043-1001\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-80-3070791953-3247979545-275873789-2352004973-969172767\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.11.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{FD422773-E821-40FD-B9AB-7FC479280E6F}C:\program files (x86)\easyphp-devserver-14.1vc11\binaries\apache\bin\eds-httpd.exe] => (Allow) C:\program files (x86)\easyphp-devserver-14.1vc11\binaries\apache\bin\eds-httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [UDP Query User{67BE45B1-8730-4A7E-93DB-B19DD1C4BF1A}C:\program files (x86)\easyphp-devserver-14.1vc11\binaries\apache\bin\eds-httpd.exe] => (Allow) C:\program files (x86)\easyphp-devserver-14.1vc11\binaries\apache\bin\eds-httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [{103E3917-2EDD-445A-8703-282FAD00D933}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{20135625-797B-42C8-ACA1-D5A35488A6BA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0713621F-B954-46BB-97E8-D7F07D37D913}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{15C345E4-6B36-4BD1-BF4D-9D9CFE2C1457}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0806160D-4AD9-496F-AB0C-3FBD061A1471}] => (Allow) C:\Program Files\MariaDB 11.3\bin\mysqld.exe (MariaDB Corporation Ab -> )
FirewallRules: [TCP Query User{1F4FDF1D-2174-45B3-97BD-994AE027F281}C:\program files (x86)\easyphp-devserver-14.1vc11\binaries\php\php_runningversion\php.exe] => (Allow) C:\program files (x86)\easyphp-devserver-14.1vc11\binaries\php\php_runningversion\php.exe (The PHP Group) [File not signed]
FirewallRules: [UDP Query User{14C32BEC-7936-47CD-94F9-4F861DED6789}C:\program files (x86)\easyphp-devserver-14.1vc11\binaries\php\php_runningversion\php.exe] => (Allow) C:\program files (x86)\easyphp-devserver-14.1vc11\binaries\php\php_runningversion\php.exe (The PHP Group) [File not signed]
FirewallRules: [TCP Query User{18B15418-E882-4D23-A6C7-4AC10C016185}C:\program files (x86)\starmicronics\tsp100\software\20221130\tsp100lan_bt_setting.exe] => (Allow) C:\program files (x86)\starmicronics\tsp100\software\20221130\tsp100lan_bt_setting.exe (STAR MICRONICS CO., LTD. -> Star Micronics Co., Ltd.)
FirewallRules: [UDP Query User{5E3855C6-738D-4DE6-9A96-34BE61CC647D}C:\program files (x86)\starmicronics\tsp100\software\20221130\tsp100lan_bt_setting.exe] => (Allow) C:\program files (x86)\starmicronics\tsp100\software\20221130\tsp100lan_bt_setting.exe (STAR MICRONICS CO., LTD. -> Star Micronics Co., Ltd.)
FirewallRules: [{BB8D6D90-3A7A-4F78-8BE6-CA45B1827F9E}] => (Allow) C:\Program Files (x86)\Cognex\In-Sight\In-Sight Explorer 6.5.0\In-Sight Explorer.exe (Cognex Corporation -> Cognex Corporation)
FirewallRules: [{4514D332-57D0-45EE-903A-2E88F7908CD1}] => (Allow) C:\Program Files (x86)\Cognex\In-Sight\In-Sight Explorer 6.5.0\In-Sight Explorer.exe (Cognex Corporation -> Cognex Corporation)
FirewallRules: [{D2AAC823-B91F-4D97-9A15-0F015DCEA24B}] => (Allow) C:\Program Files (x86)\Cognex\In-Sight\Emulators\6.5.0\In-Sight.exe (Cognex Corporation -> )
FirewallRules: [{4232BE96-E3A1-442D-8D65-F35DA3035CEE}] => (Allow) C:\Program Files (x86)\Cognex\In-Sight\Emulators\6.5.0\In-Sight.exe (Cognex Corporation -> )
FirewallRules: [{BA1486DF-A30B-45F8-BBF8-CD193BCADA10}] => (Allow) C:\Program Files (x86)\Cognex\In-Sight\Emulators\4.10.5 PR1\In-Sight.exe () [File not signed]
FirewallRules: [{885DC3E2-C07D-4610-8B4B-ADA663BEA37B}] => (Allow) C:\Program Files (x86)\Cognex\In-Sight\Emulators\4.10.5 PR1\In-Sight.exe () [File not signed]
FirewallRules: [{F82C510C-CAF7-4C4F-9E54-D61F4E2E7ACB}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\121.0.6167.13\remoting_host.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{58058B60-C2B9-4421-B44D-A223B0F1BA43}C:\program files (x86)\keyence\iv-navigator\iv-navigator.exe] => (Allow) C:\program files (x86)\keyence\iv-navigator\iv-navigator.exe (KEYENCE CORPORATION) [File not signed]
FirewallRules: [UDP Query User{685E7925-C794-43B5-8B26-C3F5F717C602}C:\program files (x86)\keyence\iv-navigator\iv-navigator.exe] => (Allow) C:\program files (x86)\keyence\iv-navigator\iv-navigator.exe (KEYENCE CORPORATION) [File not signed]
FirewallRules: [{6A2239E5-0E17-472B-A753-1F1D8C533601}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.144\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{165D7732-9AE2-4DA7-9A92-A050E4902F0F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E6C84A2C-CB23-4579-AC93-3E6D3651F7E3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{96A43701-5F5D-447A-A9C5-72C43E1E803F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A82BF2B0-8984-405B-99D2-320A40DCBDE7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BB59C109-6B28-4136-87CD-C8B1345A2C53}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8F15A8BD-0277-4E19-BAC3-0E647A068938}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DD070F8C-2A03-4C06-B81D-E03D3C31B1DE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9A7373E4-FCAD-4358-8DA1-8FED4A1E17DE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{09452970-75A0-4515-AC40-30DD091450BA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7D77F5C8-346D-4EF3-A5B9-13B3974F884E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BA5B87D5-DD77-4FB6-B017-FFA9F193E8E5}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{C370A198-CDFF-4F76-A67F-E7301ED9C6DF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.111.3607.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F95CE5F8-AB58-4967-AAC1-172F325AEB48}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.111.3607.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{986E4BCD-5C38-4143-A264-ADE87F1ADC17}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.111.3607.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CA0E299D-3ABB-4E63-9D4D-7FD65A1CC813}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.111.3607.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
10-01-2024 09:33:09 Instalační služba modulů systému Windows
17-01-2024 19:11:17 Installed IV-Navigator.
25-01-2024 19:51:18 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
Name: Řadič sběrnice SM
Description: Řadič sběrnice SM
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Kompatibilní myš PS/2
Description: Kompatibilní myš PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Řadič PCI pro získávání dat a zpracování signálu
Description: Řadič PCI pro získávání dat a zpracování signálu
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Standardní klávesnice PS/2
Description: Standardní klávesnice PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní klávesnice)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: WD SES Device USB Device
Description: WD SES Device USB Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Řadič paměti na sběrnici PCI
Description: Řadič paměti na sběrnici PCI
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (01/26/2024 07:18:52 PM) (Source: Winlogon) (EventID: 4005) (User: )
Description: Proces přihlášení do systému Windows byl neočekávaně ukončen.
Error: (01/26/2024 07:11:51 PM) (Source: MySQL) (EventID: 100) (User: )
Description: Event-ID 100
Error: (01/26/2024 06:55:14 PM) (Source: MySQL) (EventID: 100) (User: )
Description: Event-ID 100
Error: (01/26/2024 06:55:13 PM) (Source: MySQL) (EventID: 100) (User: )
Description: Event-ID 100
Error: (01/26/2024 05:55:14 PM) (Source: MySQL) (EventID: 100) (User: )
Description: Event-ID 100
Error: (01/26/2024 05:55:14 PM) (Source: MySQL) (EventID: 100) (User: )
Description: Event-ID 100
Error: (01/26/2024 04:55:14 PM) (Source: MySQL) (EventID: 100) (User: )
Description: Event-ID 100
Error: (01/26/2024 04:55:13 PM) (Source: MySQL) (EventID: 100) (User: )
Description: Event-ID 100
System errors:
=============
Error: (01/26/2024 07:10:48 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba SysMain byla ukončena s následující chybou:
Parametr není správný.
Error: (01/26/2024 10:29:39 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-FS31EKR)
Description: Server {83A33D30-27C5-11CE-BFD4-00400513BB57} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/26/2024 09:04:05 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-FS31EKR)
Description: Server {83A33D30-27C5-11CE-BFD4-00400513BB57} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/25/2024 06:05:06 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.
Error: (01/25/2024 03:14:18 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-FS31EKR)
Description: Server {83A33D30-27C5-11CE-BFD4-00400513BB57} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/25/2024 09:57:27 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-FS31EKR)
Description: Server {83A33D30-27C5-11CE-BFD4-00400513BB57} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/23/2024 11:43:10 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-FS31EKR)
Description: Server {83A33D30-27C5-11CE-BFD4-00400513BB57} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/23/2024 11:41:55 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-FS31EKR)
Description: Server {83A33D30-27C5-11CE-BFD4-00400513BB57} se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
================
Date: 2024-01-25 14:45:39
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Exploit:O97M/CVE-2017-11882.O
Závažnost: Vážné
Kategorie: Zneužití
Cesta: file:_E:\0.ZÁLOHY\HP-Z240-OS\Dokumenty 240125\www\www.admin.loc\data\projects\co\emails\attachments\1198__E26929A__Boots-image001.doc; file:_E:\0.ZÁLOHY\HP-Z240-OS\Dokumenty 240125\www\www.admin.loc\data\projects\co\emails\attachments\1198__E26929A__Boots-image002.doc
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-FS31EKR\admin
Název procesu: C:\Program Files\totalcmd\TOTALCMD64.EXE
Verze bezpečnostních informací: AV: 1.403.2668.0, AS: 1.403.2668.0, NIS: 1.403.2668.0
Verze modulu: AM: 1.1.23110.2, NIS: 1.1.23110.2
Date: 2024-01-25 14:45:38
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Exploit:O97M/CVE-2017-11882.O
Závažnost: Vážné
Kategorie: Zneužití
Cesta: file:_E:\0.ZÁLOHY\HP-Z240-OS\Dokumenty 240125\www\www.admin.loc\data\projects\co\emails\attachments\1198__E26929A__Boots-image001.doc
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-FS31EKR\admin
Název procesu: C:\Program Files\totalcmd\TOTALCMD64.EXE
Verze bezpečnostních informací: AV: 1.403.2668.0, AS: 1.403.2668.0, NIS: 1.403.2668.0
Verze modulu: AM: 1.1.23110.2, NIS: 1.1.23110.2
Date: 2024-01-25 10:33:54
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D2C08ABF-FECC-4E71-83F7-2F0551FCD90F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-01-22 15:13:45
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1859A571-FCB5-4D82-9E73-45F691EC4FBA}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-01-20 08:41:34
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {DA376C79-291A-45C0-9505-1DD87E805BA9}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:
Date: 2023-11-13 16:54:04
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: Ovladač filtru byl úspěšně restartován.
Date: 2023-11-13 16:54:00
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: Neočekávaně bylo zrušeno zavedení ovladače filtru.
Date: 2023-11-13 16:54:00
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Monitorování chování
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: Neočekávaně bylo zrušeno zavedení ovladače filtru.
Date: 2023-11-13 16:54:00
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: Neočekávaně bylo zrušeno zavedení ovladače filtru.
Date: 2023-11-13 16:53:58
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: Ovladač filtru byl úspěšně restartován.
CodeIntegrity:
===============
Date: 2024-01-26 19:42:00
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.
Date: 2024-01-26 19:30:21
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: HP N51 Ver. 01.89 07/28/2023
Motherboard: HP 802F
Processor: Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz
Percentage of memory in use: 27%
Total physical RAM: 32686.74 MB
Available physical RAM: 23741.42 MB
Total Virtual: 44462.74 MB
Available Virtual: 28908.45 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:475.75 GB) (Free:100.08 GB) (Model: MTFDDAK512MBF-1AN1ZABHA) NTFS
Drive d: (Nový svazek) (Fixed) (Total:931.39 GB) (Free:100.45 GB) (Model: WDC WD10EZEX-60WN4A0) NTFS
Drive e: (My Book) (Fixed) (Total:5589 GB) (Free:1367.73 GB) (Model: WD My Book 25EE USB Device) exFAT
Drive g: (Google Drive) (Fixed) (Total:200 GB) (Free:33.99 GB) (Model: MTFDDAK512MBF-1AN1ZABHA) FAT32
\\?\Volume{2d11b580-00ec-446f-8c28-fccb217c6554}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.43 GB) NTFS
\\?\Volume{8cece581-d353-4b03-a381-f10bd18e0060}\ () (Fixed) (Total:0.63 GB) (Free:0.08 GB) NTFS
\\?\Volume{a70e0bb1-edf6-4ce0-9565-b1fe5b665825}\ () (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 476.9 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 2 (Size: 5589 GB) (Disk ID: 16F2A91F)
Partition: GPT.
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Pomalé PC WIN 10
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalé PC WIN 10
FRST jsme už kontrolovali, ale podívám se. Otevřte poznámkový blok a zkopírujte do něj:
Uložte do C:\Users\admin\Desktop\viry.cz jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
Task: {95D27C17-C4B6-422F-9FD3-4B4032E03327} - System32\Tasks\GoogleUpdateTaskMachineCore{14F6E4FD-4A95-4512-A579-10B78508DD57} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-10-28] (Google LLC -> Google LLC)
Task: {FE3EE97F-7B93-4382-B4D3-03960DA2409B} - System32\Tasks\GoogleUpdateTaskMachineUA{16D9D042-4507-4C25-A602-9373832C8FF8} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-10-28] (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-4195152011-4283894360-3570850043-1001_Classes\CLSID\{73a1ee5f-5a0a-484b-b770-46bfbc161c24}\InprocServer32 -> C:\Program Files\Mozilla Thunderbird\notificationserver.dll => No File
E:\0.ZÁLOHY\HP-Z240-OS\Dokumenty 240125\www\www.admin.loc\data\projects\co\emails\attachments\1198__E26929A__Boots-image001.doc
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalé PC WIN 10
Díky. Tu log po fix.
Fix result of Farbar Recovery Scan Tool (x64) Version: 03.02.2024 01
Ran by admin (09-02-2024 07:41:48) Run:1
Running from C:\Users\admin\Desktop\viry.cz
Loaded Profiles: admin & MariaDB
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
Task: {95D27C17-C4B6-422F-9FD3-4B4032E03327} - System32\Tasks\GoogleUpdateTaskMachineCore{14F6E4FD-4A95-4512-A579-10B78508DD57} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-10-28] (Google LLC -> Google LLC)
Task: {FE3EE97F-7B93-4382-B4D3-03960DA2409B} - System32\Tasks\GoogleUpdateTaskMachineUA{16D9D042-4507-4C25-A602-9373832C8FF8} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-10-28] (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-4195152011-4283894360-3570850043-1001_Classes\CLSID\{73a1ee5f-5a0a-484b-b770-46bfbc161c24}\InprocServer32 -> C:\Program Files\Mozilla Thunderbird\notificationserver.dll => No File
E:\0.Z�LOHY\HP-Z240-OS\Dokumenty 240125\www\www.admin.loc\data\projects\co\emails\attachments\1198__E26929A__Boots-image001.doc
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{95D27C17-C4B6-422F-9FD3-4B4032E03327}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{95D27C17-C4B6-422F-9FD3-4B4032E03327}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore{14F6E4FD-4A95-4512-A579-10B78508DD57} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore{14F6E4FD-4A95-4512-A579-10B78508DD57}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FE3EE97F-7B93-4382-B4D3-03960DA2409B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE3EE97F-7B93-4382-B4D3-03960DA2409B}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA{16D9D042-4507-4C25-A602-9373832C8FF8} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA{16D9D042-4507-4C25-A602-9373832C8FF8}" => removed successfully
HKU\S-1-5-21-4195152011-4283894360-3570850043-1001_Classes\CLSID\{73a1ee5f-5a0a-484b-b770-46bfbc161c24} => removed successfully
"E:\0.Z�LOHY\HP-Z240-OS\Dokumenty 240125\www\www.admin.loc\data\projects\co\emails\attachments\1198__E26929A__Boots-image001.doc" => not found
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 120173260 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 2923109 B
Edge => 0 B
Chrome => 1162989219 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 132170 B
admin => 185062999 B
MariaDB => 185062999 B
RecycleBin => 27161637801 B
EmptyTemp: => 26.8 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 07:45:57 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 03.02.2024 01
Ran by admin (09-02-2024 07:41:48) Run:1
Running from C:\Users\admin\Desktop\viry.cz
Loaded Profiles: admin & MariaDB
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
Task: {95D27C17-C4B6-422F-9FD3-4B4032E03327} - System32\Tasks\GoogleUpdateTaskMachineCore{14F6E4FD-4A95-4512-A579-10B78508DD57} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-10-28] (Google LLC -> Google LLC)
Task: {FE3EE97F-7B93-4382-B4D3-03960DA2409B} - System32\Tasks\GoogleUpdateTaskMachineUA{16D9D042-4507-4C25-A602-9373832C8FF8} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-10-28] (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-4195152011-4283894360-3570850043-1001_Classes\CLSID\{73a1ee5f-5a0a-484b-b770-46bfbc161c24}\InprocServer32 -> C:\Program Files\Mozilla Thunderbird\notificationserver.dll => No File
E:\0.Z�LOHY\HP-Z240-OS\Dokumenty 240125\www\www.admin.loc\data\projects\co\emails\attachments\1198__E26929A__Boots-image001.doc
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{95D27C17-C4B6-422F-9FD3-4B4032E03327}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{95D27C17-C4B6-422F-9FD3-4B4032E03327}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore{14F6E4FD-4A95-4512-A579-10B78508DD57} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore{14F6E4FD-4A95-4512-A579-10B78508DD57}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FE3EE97F-7B93-4382-B4D3-03960DA2409B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE3EE97F-7B93-4382-B4D3-03960DA2409B}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA{16D9D042-4507-4C25-A602-9373832C8FF8} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA{16D9D042-4507-4C25-A602-9373832C8FF8}" => removed successfully
HKU\S-1-5-21-4195152011-4283894360-3570850043-1001_Classes\CLSID\{73a1ee5f-5a0a-484b-b770-46bfbc161c24} => removed successfully
"E:\0.Z�LOHY\HP-Z240-OS\Dokumenty 240125\www\www.admin.loc\data\projects\co\emails\attachments\1198__E26929A__Boots-image001.doc" => not found
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 120173260 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 2923109 B
Edge => 0 B
Chrome => 1162989219 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 132170 B
admin => 185062999 B
MariaDB => 185062999 B
RecycleBin => 27161637801 B
EmptyTemp: => 26.8 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 07:45:57 ====
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalé PC WIN 10
Bylo smazíno. V dočasných souborech bylo celkem skoro 27GB zbytečností. PC je třeba občas vyčistit (CCleaner), aby se tyto zbytečnosti netvořily. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalé PC WIN 10
Rádo se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?