Dobrý!
Prosím o kontrolu PC.V poslednom čase sa neako spomalil....
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Spomalený počítač, prosím o kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Spomalený počítač, prosím o kontrolu
FRST log
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25.03.2024
Ran by Izoplast (administrator) on DESKTOP-IZOPLAS (27-03-2024 13:53:30)
Running from C:\Users\Izoplast\Desktop\FRST64.exe
Loaded Profiles: Izoplast
Platform: Microsoft Windows 10 Pro Version 22H2 19045.3930 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer.exe ->) (TeamViewer Germany GmbH -> ) C:\Program Files (x86)\TeamViewer\crashpad_handler.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(C:\Program Files\Malwarebytes Anti-Malware Premium 2.2.1.1043 Final Portable (CZ)\MalwarebytesPortable.exe ->) (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware Premium 2.2.1.1043 Final Portable (CZ)\App\Malwarebytes\mbam.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <10>
(explorer.exe ->) (Malwarebytes Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes Anti-Malware Premium 2.2.1.1043 Final Portable (CZ)\MalwarebytesPortable.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.363\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.363\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Izoplast\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Izoplast\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(services.exe ->) (Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(services.exe ->) (Firebird Project) [File not signed] C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\NisSrv.exe
(services.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.123.11012.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.123.11012.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2401.2.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Windows.Media.BackgroundPlayback.exe
(TeamViewer Germany GmbH -> ) C:\Windows\Temp\nse7FA0.tmp\TvUpdateInfo.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\RedFox\CloneCD\CloneCDTray.exe [57344 2016-03-29] (RedFox) [File not signed]
HKLM-x32\...\Run: [tsnp2uvc] => C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe [322560 2012-02-23] (Sonix Technology Co., Ltd.) [File not signed]
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-21-1765005129-1590092598-4036685488-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [40412984 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP270 series: C:\WINDOWS\system32\CNMLM9X.DLL [336896 2010-04-24] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP280 series: C:\WINDOWS\system32\CNMLMAA.DLL [385024 2012-03-14] (CANON INC.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\123.0.6312.86\Installer\chrmstp.exe [2024-03-27] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ALFA plus - rýchle spustenie.lnk [2024-03-13]
ShortcutTarget: ALFA plus - rýchle spustenie.lnk -> C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe (Kros a.s. -> KROS a.s.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Web Signer.lnk [2019-01-08]
ShortcutTarget: Web Signer.lnk -> C:\Program Files (x86)\Disig\Disig Web Signer 1.0.7\Updater\WebSignerTray.exe (Disig a.s. -> Disig a.s.)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0A40253A-1C39-4716-B770-70651ACC48A5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {C0A37426-E2F8-4B21-B35D-E5FA920BC5CD} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {B18BFAFF-F764-48BF-9DDB-FEB9AA67B2BA} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703544 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "00312e41-2f7e-4c9d-942b-8f98591fba54" --version "6.11.10455" --silent
Task: {E11A0817-4B7B-4074-8FB5-80FD2790D78D} - System32\Tasks\CCleanerSkipUAC - Izoplast => C:\Program Files\CCleaner\CCleaner.exe [34159416 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {3D350203-C18F-4FE7-8B8E-EAF7505E0464} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-06] (Google Inc -> Google Inc.)
Task: {E14DEC4B-4FA6-4C90-8575-619269D7C2AC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-06] (Google Inc -> Google Inc.)
Task: {705E4F27-311B-4F71-81F7-D9031FBAD03B} - System32\Tasks\Hewlett-Packard\HP Diagnostics\HPDIAGS-c8c166e6-9cc6-4662-8b5d-e9ceab535bd7 => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe [61881520 2019-01-29] (HP Inc. -> ) -> C:\Program Files (x86)\HP\HpHwDiag\-runtests=53a826d5-9440-4b66-8cab-bf8a44956a7e,9f8e8ee1-02f7-414f-87e0-24fc8798e6b7,4e9e1ce2-4e01-4cf0-bb65-5ccd4b82edc3,3006e6d6-5ab9-414c-a53b-86e19e9ff4fd,855caf66-b69f-46e8-b9d1-4c1582494d19
Task: {FDA1B184-1A42-4120-AFAA-76926BA5447A} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64464 2024-03-11] (HP Inc. -> HP Inc.)
Task: {BD5F1972-7E7E-4D82-B78F-BABB09B5688B} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64464 2024-03-11] (HP Inc. -> HP Inc.)
Task: {FF1B5F4D-A16E-45E5-A2D6-BC4BC9823AA9} - System32\Tasks\HPCustParticipation HP LaserJet MFP M28-M31 => C:\Program Files\HP\HP LaserJet MFP M28-M31\Bin\HPCustPartic.exe [6662792 2018-07-04] (Hewlett Packard -> HP Inc.)
Task: {1A547BF1-7EF8-4A70-A9C5-A30FED287608} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-IZOPLAS-Izoplast DESKTOP-IZOPLAST => C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE [469640 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {3EA7001E-495B-4CAE-B7E1-92FF4319AAFA} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1642672 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {C17A376D-2DB4-4D49-90FF-D9206014B036} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {7CA36315-9A54-4EF7-9FEB-EAC81CC5B360} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {F18AA1AB-2D73-41C2-A929-390E2C510281} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E5509A68-C0D0-4D9C-BBBC-239932E29873} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5D142B7E-CBF4-4E4C-91C0-437C5ED826BB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A1094C36-1D9E-4DCE-BDFF-24C9BB5DB4DF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {28501DA9-5C76-4929-B67C-89501D491BEF} - System32\Tasks\Opera scheduled Autoupdate 1543062956 => C:\Users\Izoplast\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {CD41BEA6-7DED-4EDA-8063-B421FFFB2828} - System32\Tasks\Opera scheduled Autoupdate 1544693054 => C:\Users\Izoplast\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{4059de78-04cc-4b21-8e44-bafd7c2a750c}: [NameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Profile 1
Edge Profile: C:\Users\Izoplast\AppData\Local\Microsoft\Edge\User Data\Default [2024-03-26]
Edge DownloadDir: Default -> C:\Users\Izoplast\Downloads
Edge Extension: (Dokumenty Google v režime offline) - C:\Users\Izoplast\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-09]
Edge Extension: (Edge relevant text changes) - C:\Users\Izoplast\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-09]
Edge Profile: C:\Users\Izoplast\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2024-03-26]
Edge Extension: (Dokumenty Google v režime offline) - C:\Users\Izoplast\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-12-01]
Edge Extension: (Edge relevant text changes) - C:\Users\Izoplast\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-12-01]
Edge Profile: C:\Users\Izoplast\AppData\Local\Microsoft\Edge\User Data\Profile 2 [2024-03-26]
Edge Extension: (Dokumenty Google v režime offline) - C:\Users\Izoplast\AppData\Local\Microsoft\Edge\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-09]
Edge Extension: (Edge relevant text changes) - C:\Users\Izoplast\AppData\Local\Microsoft\Edge\User Data\Profile 2\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-09]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-01-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-08-10] (Nero AG -> Nero AG)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.14 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: ditec.sk/DAsicFac -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~1.DLL [2021-02-09] (DITEC, a.s. -> Ditec,a.s.)
FF Plugin-x32: ditec.sk/DitecZepDViewerFb -> C:\PROGRA~2\Ditec\DViewer\NPDITE~1.DLL [2021-02-09] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigMessageContainer -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~2.DLL [2021-02-09] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigXadesExtender -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~3.DLL [2021-02-09] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigXadesFb -> C:\PROGRA~2\Ditec\DSIGNE~1.NET\NPDITE~1.DLL [2021-09-06] (DITEC, a.s. -> Ditec,a.s.)
FF Plugin-x32: ditec.sk/XmlDataContainerFb -> C:\PROGRA~2\Ditec\DSIGNE~1.NET\NPDITE~2.DLL [2021-09-06] (DITEC, a.s. -> Ditec,a.s.)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\Izoplast\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-03-26]
CHR Profile: C:\Users\Izoplast\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-03-27]
CHR StartupUrls: Profile 1 -> "hxxps://www.google.sk/?gws_rd=cr,ssl&ei=cyJrVIjnDcHNOLu5gMAD"
CHR Extension: (Prekladač Google) - C:\Users\Izoplast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-08-01]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Izoplast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-03-10]
CHR Extension: (AdBlock - najlepší blokovač reklám) - C:\Users\Izoplast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-03-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Izoplast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-19]
CHR Profile: C:\Users\Izoplast\AppData\Local\Google\Chrome\User Data\System Profile [2024-03-26]
CHR HKLM-x32\...\Chrome\Extension: [odbdbcaekkgabdfaabepfjgiooilmaoe]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R2 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1063736 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 FirebirdServerKROS_20400; C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe [3764224 2011-10-11] (Firebird Project) [File not signed]
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [234968 2024-03-11] (HP Inc. -> HP Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192320 2020-08-17] (Huawei Technologies Co., Ltd. -> ) [File not signed]
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware Premium 2.2.1.1043 Final Portable (CZ)\App\Malwarebytes\mbamservice.exe [1136608 2016-07-21] (Malwarebytes Corporation -> Malwarebytes)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534472 2024-01-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [18575672 2024-03-18] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\NisSrv.exe [3191272 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe [133688 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 MBAMScheduler; "\mbamscheduler.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R3 ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [40872 2014-02-10] (SlySoft, Inc. -> SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40872 2014-02-10] (SlySoft, Inc. -> SlySoft, Inc.)
R1 EpfwLWF; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [44632 2015-03-10] (ESET, spol. s r.o. -> ESET)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2024-03-27] (Malwarebytes Corporation -> Malwarebytes)
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] (ASUSTeK Computer Inc. -> )
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20928 2024-03-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [603416 2024-03-13] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105752 2024-03-13] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-03-27 13:53 - 2024-03-27 13:56 - 000021556 _____ C:\Users\Izoplast\Desktop\FRST.txt
2024-03-27 13:52 - 2024-03-27 13:55 - 000000000 ____D C:\FRST
2024-03-27 13:51 - 2024-03-27 13:51 - 002391552 _____ (Farbar) C:\Users\Izoplast\Desktop\FRST64.exe
2024-03-27 11:23 - 2024-03-27 11:23 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-03-26 17:35 - 2024-03-26 17:35 - 000581358 _____ C:\Users\Izoplast\Documents\Faktura c. 242501.PDF
2024-03-26 16:55 - 2024-03-26 16:55 - 000000000 ___HD C:\$WinREAgent
2024-03-13 12:13 - 2024-03-27 13:48 - 000004144 _____ C:\WINDOWS\system32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-IZOPLAS-Izoplast DESKTOP-IZOPLAST
2024-03-13 12:02 - 2024-03-13 12:02 - 000003062 _____ C:\Users\Izoplast\mbam-log-2024-03-13 (11-29-43).xml
2024-03-13 11:29 - 2024-03-27 11:23 - 000192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2024-03-13 11:27 - 2024-03-13 11:27 - 000001846 _____ C:\Users\Izoplast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MalwarebytesPortable.lnk
2024-03-13 11:26 - 2024-03-13 11:29 - 000000000 ____D C:\Program Files\Malwarebytes Anti-Malware Premium 2.2.1.1043 Final Portable (CZ)
2024-03-13 11:22 - 2024-03-13 11:22 - 000003066 _____ C:\Users\Izoplast\mbam-log-2024-03-13 (10-45-20).xml
2024-03-13 10:20 - 2024-03-13 10:20 - 000003878 _____ C:\Users\Izoplast\mbam-log-2024-03-13 (09-19-45).xml
2024-03-11 12:05 - 2024-03-27 13:54 - 000003386 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1765005129-1590092598-4036685488-1001
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-03-27 13:54 - 2022-09-25 17:37 - 000002380 _____ C:\Users\Izoplast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-03-27 13:54 - 2021-12-13 08:55 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1765005129-1590092598-4036685488-1001
2024-03-27 13:48 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-03-27 13:45 - 2018-11-06 17:37 - 000000000 ____D C:\ProgramData\firebird
2024-03-27 13:44 - 2018-11-06 14:37 - 000000000 ____D C:\Users\Izoplast\Documents\Súbory programu Outlook
2024-03-27 13:43 - 2020-09-15 16:35 - 000003542 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-03-27 13:35 - 2022-01-06 14:11 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-03-27 13:35 - 2018-11-06 17:18 - 000000000 ____D C:\Program Files (x86)\Google
2024-03-27 13:20 - 2018-11-09 10:15 - 000000000 ____D C:\Users\Izoplast\Documents\Bluetooth
2024-03-27 13:11 - 2018-11-06 15:22 - 000000000 ____D C:\Users\Izoplast\AppData\Roaming\Microsoft\Excel
2024-03-27 12:34 - 2020-09-15 16:04 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-03-27 12:18 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2024-03-27 12:18 - 2018-11-07 10:10 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2024-03-27 12:07 - 2018-11-06 14:30 - 000000000 ____D C:\Users\Izoplast\AppData\Roaming\Microsoft\Word
2024-03-27 11:22 - 2018-11-13 09:30 - 000000000 ____D C:\Program Files\CCleaner
2024-03-27 11:18 - 2020-09-15 16:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-03-27 11:18 - 2020-09-15 16:03 - 000008192 ___SH C:\DumpStack.log.tmp
2024-03-27 11:17 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-03-27 11:16 - 2018-11-06 17:51 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-03-27 11:15 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-03-27 09:06 - 2020-09-15 16:35 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-03-26 17:47 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-03-26 17:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-03-26 17:45 - 2020-06-09 08:52 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-03-26 16:59 - 2020-09-15 16:35 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-03-26 16:59 - 2020-09-15 16:35 - 000003508 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-03-26 16:56 - 2022-11-28 07:28 - 000000000 ____D C:\Program Files\RUXIM
2024-03-13 12:51 - 2018-11-22 12:20 - 000000000 ____D C:\Users\Izoplast\Documents\Ccleaner
2024-03-13 12:45 - 2024-01-08 09:14 - 000002142 _____ C:\Users\Public\Desktop\ALFA plus.lnk
2024-03-13 12:45 - 2019-04-02 16:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KROS
2024-03-13 12:02 - 2020-09-15 16:08 - 000000000 ____D C:\Users\Izoplast
2024-03-13 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2024-03-13 10:20 - 2022-05-13 10:12 - 000000004 _____ C:\WINDOWS\system32\Drivers\etc\hosts.BackupByMalwarebytesPortable
2024-03-13 08:12 - 2018-11-06 14:38 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-03-13 08:05 - 2018-11-06 14:38 - 190470136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-03-13 08:04 - 2018-11-06 10:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-03-12 15:28 - 2018-11-06 14:30 - 000000000 ____D C:\Users\Izoplast\AppData\Roaming\Microsoft\Šablóny
2024-03-12 14:46 - 2019-03-23 19:22 - 000000000 ____D C:\Users\Izoplast\AppData\Local\ElevatedDiagnostics
2024-03-11 13:21 - 2021-06-24 18:06 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2024-03-11 13:21 - 2021-03-23 19:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2024-03-10 10:26 - 2023-05-15 09:17 - 000000000 ____D C:\Users\Izoplast\AppData\Roaming\vlc
2024-03-10 09:36 - 2021-09-07 13:36 - 000000000 ____D C:\Users\Izoplast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2024-03-10 09:36 - 2021-09-07 13:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2024-03-10 09:36 - 2019-01-19 19:22 - 000000000 ____D C:\Program Files (x86)\WinRAR
2024-03-10 09:36 - 2018-11-06 13:38 - 000000000 ____D C:\Program Files\WinRAR
==================== Files in the root of some directories ========
2018-11-24 13:38 - 2020-08-23 17:56 - 000000136 _____ () C:\Users\Izoplast\AppData\Roaming\downloads.json
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25.03.2024
Ran by Izoplast (27-03-2024 13:58:42)
Running from C:\Users\Izoplast\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.3930 (X64) (2020-09-15 15:36:02)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1765005129-1590092598-4036685488-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1765005129-1590092598-4036685488-503 - Limited - Disabled)
Guest (S-1-5-21-1765005129-1590092598-4036685488-501 - Limited - Disabled)
Izoplast (S-1-5-21-1765005129-1590092598-4036685488-1001 - Administrator - Enabled) => C:\Users\Izoplast
WDAGUtilityAccount (S-1-5-21-1765005129-1590092598-4036685488-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 23.01 (x64) (HKLM\...\7-Zip) (Version: 23.01 - Igor Pavlov)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1051-1033-7760-BC15014EA700}) (Version: 23.008.20458 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601053}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
ALFA plus 15.22.00 - C:\Program Files (x86)\KROS\ALFA plus\ (HKLM-x32\...\{17F87645-0DDA-488B-A12A-62589C630BA2}) (Version: 15.22.00 - KROS a.s.)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Asistent pri aktualizácii na Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22589 - Microsoft Corporation)
Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5 (HKLM-x32\...\{E031338C-839D-4EDD-9537-99B653C39D81}) (Version: 6.5.5.24 - Autodesk, Inc.)
AUTOPLAN 2021 RE1 (HKLM-x32\...\AUTOPLAN_is1) (Version: - KROB software s.r.o.)
Balík softvéru eID (HKLM-x32\...\{ea81dcd3-f9f3-4959-8bee-0349fc294ae5}) (Version: 1.0.0.0 - Ministerstvo vnútra Slovenskej republiky) Hidden
Bit4id - miniLector (HKLM-x32\...\Bit4id - miniLector) (Version: 3.7 - Bit4id)
Catalyst Control Center - Branding (HKLM-x32\...\{11087D24-567D-7D88-69C6-D7A08B5F4C47}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 6.11 - Piriform)
CloneCD (HKLM-x32\...\CloneCD) (Version: 5.3.4.0 - SlySoft)
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.3 - Elaborate Bytes)
D.Launcher (x86) (HKLM-x32\...\{0DC85C46-746B-4BC5-B727-D5434DF7E5D0}) (Version: 1.2.0.2 - DITEC, a.s.)
D.Signer/XAdES .NET so zásuvnými modulmi (x86) (HKLM-x32\...\{EDB276CE-A945-4201-A552-2683B13C321F}) (Version: 4.0.24 - DITEC, a.s.)
D.Signer/XAdES .NET Tools (x86) (HKLM-x32\...\{6648F510-5044-4CA9-BC21-494A2A198B3A}) (Version: 4.0.17 - DITEC, a.s.)
D.Suite/eIDAS (x86) (HKLM-x32\...\{8d169eac-87e2-4981-825f-701b32f24d72}) (Version: 1.0.29 - DITEC, a.s.)
D.Viewer .NET (x86) (HKLM-x32\...\{73D635BE-5D6F-43D3-8C1F-63B5CD4D5953}) (Version: 4.0.2033 - DITEC, a.s.)
Disig Web Signer 1.0.7 (HKLM-x32\...\{21859B7E-5E38-4892-A480-FA8B180ADE72}) (Version: 1.1.8 - Disig)
EAC MW klient (HKLM-x32\...\{BC7979F7-EC8D-4BA0-95D5-950630FFB2E9}) (Version: 3.0.0 - Ministerstvo vnútra Slovenskej republiky)
Elcomm (HKLM-x32\...\Elcomm) (Version: - )
Flvto Youtube Downloader (HKLM\...\Flvto Youtube Downloader) (Version: 1.2.1 - Hotger)
GemPcCCID (HKLM\...\{C2C14C20-A217-4FCA-B668-89B6C70B6EFF}) (Version: 2.0.7 - Gemalto)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 123.0.6312.86 - Google LLC)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 10.1.1.500 - Huawei Technologies Co., Ltd.)
HP Dropbox Plugin (HKLM-x32\...\{9646F2DC-B09E-4314-92EC-B3332900A7EE}) (Version: 36.0.191.0 - HP)
HP EmailSMTP Plugin (HKLM-x32\...\{AF9F1F16-F6B4-4A66-B789-9F00B40B08AF}) (Version: 43.0.191.0 - HP)
HP FTP Plugin (HKLM-x32\...\{7DB5EDF6-8009-4E01-AF0D-4F3E02A0287F}) (Version: 43.0.191.0 - HP)
HP Google Drive Plugin (HKLM-x32\...\{07F30E12-A85F-4EA4-A5B3-3728FAB947ED}) (Version: 36.0.191.0 - HP)
HP LaserJet MFP M28-M31 Basic Device Software (HKLM\...\{08644094-D714-4B6E-9CEB-11433F5CBDB7}) (Version: 46.2.2636.18185 - HP Inc.)
HP LaserJet MFP M28-M31 Help (HKLM-x32\...\{0DF6621D-67C2-4E12-A5CF-260E985B8743}) (Version: 0.00.0005 - HP)
HP OneDrive Plugin (HKLM-x32\...\{8ED0A60F-9F44-4B7F-9C88-CC9E0B362628}) (Version: 36.0.191.0 - HP)
HP PC Hardware Diagnostics Windows (HKLM-x32\...\{02E639C2-2C8A-4A55-8DFF-43666B46E8F3}) (Version: 1.5.6.0 - HP Inc.)
HP SFTP Plugin (HKLM-x32\...\{1F0191BF-E339-4192-85D9-C369CA3FE9F1}) (Version: 43.0.191.0 - HP)
HP SharePoint Plugin (HKLM-x32\...\{96DB7179-0B69-45E1-A109-3A3A1F5BBCDF}) (Version: 43.0.191.0 - HP)
I.R.I.S OCR (HKLM-x32\...\{3913CCF7-436B-4A7A-A265-62E9FFDD03D9}) (Version: 15.2.10.1114 - HP Inc.)
MF DachDesigner Demo (HKLM-x32\...\DachDesigner.EXE) (Version: - )
Microsoft Access MUI (Slovak) 2013 (HKLM\...\{90150000-0015-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft DCF MUI (Slovak) 2013 (HKLM\...\{90150000-0090-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 122.0.2365.92 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 122.0.2365.92 - Microsoft Corporation)
Microsoft Excel MUI (Slovak) 2013 (HKLM\...\{90150000-0016-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Groove MUI (Slovak) 2013 (HKLM\...\{90150000-00BA-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (Slovak) 2013 (HKLM\...\{90150000-0044-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Lync MUI (Slovak) 2013 (HKLM\...\{90150000-012B-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Office 2013 Professional Plus (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office 32-bit Components 2013 (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Nyelvi ellenőrző eszközök 2013 – magyar (HKLM\...\{90150000-001F-040E-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Slovak) 2013 (HKLM\...\{90150000-00E1-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Slovak) 2013 (HKLM\...\{90150000-00E2-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Slovak) 2013 (HKLM\...\{90150000-002C-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (Slovak) 2013 (HKLM\...\{90150000-00C1-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Slovak) 2013 (HKLM\...\{90150000-006E-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-1765005129-1590092598-4036685488-1001\...\OneDriveSetup.exe) (Version: 24.045.0303.0003 - Microsoft Corporation)
Microsoft OneNote MUI (Slovak) 2013 (HKLM\...\{90150000-00A1-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Slovak) 2013 (HKLM\...\{90150000-001A-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Slovak) 2013 (HKLM\...\{90150000-0018-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (Slovak) 2013 (HKLM\...\{90150000-0019-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (HKLM\...\{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (HKLM\...\{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (HKLM-x32\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (HKLM-x32\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Word MUI (Slovak) 2013 (HKLM\...\{90150000-001B-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nero 12 (HKLM-x32\...\{560FC78C-A4B2-461D-9B47-820C1EEF87B8}) (Version: 12.0.02000 - Nero AG)
Nero Audio Pack 1 (HKLM-x32\...\{A7A0BF2E-31CC-49E3-9913-52C503EB969D}) (Version: 11.0.11500.110.0 - Nero AG) Hidden
Nero BackItUp (HKLM-x32\...\{0071820F-09B0-4998-8320-F89629DCBC99}) (Version: 12.0.2001 - Nero AG) Hidden
Nero BackItUp Help (CHM) (HKLM-x32\...\{EF0D1292-8FC1-41BE-9740-DBC134F66415}) (Version: 12.0.3000 - Nero AG) Hidden
Nero Blu-ray Player (HKLM-x32\...\{A2FE691E-3F8E-4E30-AA7D-FF17AC77EA87}) (Version: 12.0.14300 - Nero AG) Hidden
Nero Blu-ray Player Help (CHM) (HKLM-x32\...\{5B79E730-D897-4B8F-A1AD-7BB2D1F22B96}) (Version: 12.0.4000 - Nero AG) Hidden
Nero Burning ROM (HKLM-x32\...\{5963F4B4-D138-47CD-ADEF-470E87E185BD}) (Version: 12.0.20000 - Nero AG) Hidden
Nero Burning ROM Help (CHM) (HKLM-x32\...\{2890E324-6F3B-4975-8B95-E7D6D80E0226}) (Version: 12.0.3000 - Nero AG) Hidden
Nero ControlCenter (HKLM-x32\...\{ABC88553-8770-4B97-B43E-5A90647A5B63}) (Version: 11.0.15200 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (HKLM-x32\...\{C994C746-C6D0-4EBA-B09E-DF7B18381B69}) (Version: 12.0.5000 - Nero AG) Hidden
Nero Core Components (HKLM-x32\...\{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}) (Version: 11.0.18100 - Nero AG) Hidden
Nero Disc Menus Basic (HKLM-x32\...\{E17BCB76-9924-4BD5-B6D6-50D3407B4E74}) (Version: 12.0.11500 - Nero AG) Hidden
Nero Effects Basic (HKLM-x32\...\{29F67D84-3A70-456E-806A-52301B02070B}) (Version: 12.0.11500 - Nero AG) Hidden
Nero Express (HKLM-x32\...\{848A7C68-0ADC-4193-8A89-2CEA78E56A0C}) (Version: 12.0.20000 - Nero AG) Hidden
Nero Express Help (CHM) (HKLM-x32\...\{0708FF30-78C0-47B0-81F0-C84604DC769C}) (Version: 12.0.5000 - Nero AG) Hidden
Nero Kwik Media (HKLM-x32\...\{052A1E34-A54B-458C-A4E3-24C3E054754A}) (Version: 1.18.18200 - Nero AG) Hidden
Nero Kwik Media Help (CHM) (HKLM-x32\...\{1F16820E-D0E7-4636-939E-45CBFEFB06E1}) (Version: 12.0.4000 - Nero AG) Hidden
Nero Kwik Themes Basic (HKLM-x32\...\{1B6F5E51-575E-4693-BCA2-7543570D076D}) (Version: 12.0.11500 - Nero AG) Hidden
Nero Launcher (HKLM-x32\...\{0E4630AF-0AB7-440E-A978-1A78FC4F43B9}) (Version: 12.2.2000 - Nero AG) Hidden
Nero PiP Effects Basic (HKLM-x32\...\{ACE49D50-19CD-44A6-B192-46F985283B26}) (Version: 12.0.11500 - Nero AG) Hidden
Nero Recode (HKLM-x32\...\{1943C3BD-4462-4612-92C3-D36DD917C447}) (Version: 12.0.24000 - Nero AG) Hidden
Nero Recode Help (CHM) (HKLM-x32\...\{86847081-B387-4F49-AED1-C9B0A090D66C}) (Version: 12.0.4000 - Nero AG) Hidden
Nero RescueAgent (HKLM-x32\...\{B953732D-B623-4E84-B369-CFFF7B1AE06F}) (Version: 12.0.9000 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (HKLM-x32\...\{0B311221-05A5-4766-8D03-7A6446794156}) (Version: 12.0.3000 - Nero AG) Hidden
Nero SharedVideoCodecs (HKLM-x32\...\{2432E589-6256-4513-B0BF-EFA8E325D5F0}) (Version: 1.0.12100.2.0 - Nero AG) Hidden
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 11.0.11800.31.0 - Nero AG) Hidden
Nero Video (HKLM-x32\...\{83FCCFCD-46E3-43FB-A397-78BFD5A8980A}) (Version: 12.0.3000 - Nero AG) Hidden
Nero Video Help (CHM) (HKLM-x32\...\{B128179D-A5E1-43AC-9422-12A109ECD2A0}) (Version: 12.0.4000 - Nero AG) Hidden
neroxml (HKLM-x32\...\{56C049BE-79E9-4502-BEA7-9754A3E60F9B}) (Version: 1.0.0 - Nero AG) Hidden
Product Improvement Study for HP LaserJet MFP M28-M31 (HKLM\...\{B50C256D-80E2-473E-9546-0410162F44D5}) (Version: 46.2.2636.18185 - HP Inc.)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.52.3 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{B9A7A138-BFD5-4C73-A269-F78CCA28150E}) (Version: 8.94.0.0 - Microsoft Corporation)
USB Video Device (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.54300.120 - Sonix)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.20 - VideoLAN)
Welcome App (Start-up experience) (HKLM-x32\...\{828175FA-7307-4DBF-95AD-9CEE086B6F45}) (Version: 12.0.14000 - Nero AG) Hidden
Windows Kontrola stavu počítača (HKLM\...\{8D6B9DC1-A437-41E0-8DF1-9F37748394AE}) (Version: 3.6.2204.08001 - Microsoft Corporation)
WinRAR 7.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 7.00.0 - win.rar GmbH)
WinRAR 7.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.00.0 - win.rar GmbH)
Packages:
=========
Amazon Rainforest -> C:\Program Files\WindowsApps\Microsoft.AmazonRainforest_1.0.0.0_neutral__8wekyb3d8bbwe [2018-11-09] (Microsoft Corporation)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2722.1.0_x64__kgqvnymyfvs32 [2024-03-11] (king.com)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.20.3368.0_x64__rz1tebttyb220 [2024-03-11] (Dolby Laboratories)
Doplnok mediálneho nástroja pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-08-27] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_152.1.1099.0_x64__v10z8vjag6ke6 [2024-03-11] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-20] (Microsoft Corporation) [MS Ad]
My Photos -> C:\Program Files\WindowsApps\4846UtilitiesTools.MyPhotos_1.1.3.0_x64__b17t1j31etq18 [2019-06-07] (Utilities Tools) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-23] (Netflix, Inc.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.19.1262.0_x64__8wekyb3d8bbwe [2024-03-10] (Microsoft Studios) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-02-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-02-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-02-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-02-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-02-26] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Izoplast\AppData\Local\Microsoft\Edge\User Data\Profile 1\Profil 2 - Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\Izoplast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\KROS Fakturácia.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=noccbdmhngpfbghcheakieamkbkkepgk
ShortcutWithArgument: C:\Users\Izoplast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\Izoplast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\188f5ec9d11ded56\Profil 2 - Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Profile 1"
==================== Loaded Modules (Whitelisted) =============
2024-03-27 11:23 - 2024-03-27 11:23 - 000008704 _____ () [File not signed] C:\Users\Izoplast\AppData\Local\Temp\nsfC3CB.tmp\newadvsplash.dll
2024-03-27 11:23 - 2024-03-27 11:23 - 000025088 _____ () [File not signed] C:\Users\Izoplast\AppData\Local\Temp\nsfC3CB.tmp\Registry.dll
2024-03-27 11:23 - 2024-03-27 11:23 - 000010752 _____ () [File not signed] C:\Users\Izoplast\AppData\Local\Temp\nsfC3CB.tmp\System.dll
2015-11-04 15:40 - 2015-11-04 15:40 - 000004608 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamenu.dll
2018-11-12 20:28 - 2010-04-24 05:00 - 000336896 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMLM9X.DLL
2018-11-07 08:14 - 2012-03-14 05:00 - 000385024 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMLMAA.DLL
2018-11-06 17:31 - 2011-10-11 09:59 - 000007680 _____ (Firebird Project) [File not signed] C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\ib_util.dll
2018-11-06 17:31 - 2011-10-11 09:59 - 000921600 _____ (Firebird Project) [File not signed] C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\intl\fbintl.DLL
2018-11-06 17:31 - 2011-10-11 09:59 - 000434176 _____ (Firebird Project) [File not signed] C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\plugins\fbtrace.dll
2018-11-06 17:31 - 2011-10-11 09:59 - 001568768 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\icudt30.dll
2018-11-06 17:31 - 2011-10-11 09:59 - 000675840 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\icuuc30.dll
2022-07-05 12:58 - 2023-06-20 09:00 - 000101376 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2024-03-27 11:16 - 2024-03-27 12:01 - 000000006 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1765005129-1590092598-4036685488-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet 2: Epfw NDIS LightWeight Filter -> ESET_EpfwLWF (enabled)
Ethernet 3: Epfw NDIS LightWeight Filter -> ESET_EpfwLWF (enabled)
Ethernet 4: Epfw NDIS LightWeight Filter -> ESET_EpfwLWF (enabled)
Ethernet: Epfw NDIS LightWeight Filter -> ESET_EpfwLWF (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "ALFA plus - rýchle spustenie.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Web Signer.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "CanonMyPrinter"
HKLM\...\StartupApproved\Run: => "Realtek Camera Manager"
HKLM\...\StartupApproved\Run32: => "CanonSolutionMenuEx"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "CloneCDTray"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "tsnp2uvc"
HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher"
HKU\S-1-5-21-1765005129-1590092598-4036685488-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1765005129-1590092598-4036685488-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{5FA4DB26-1EC8-43C3-A056-16B9FEB6634F}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{4571C068-720F-49FE-9CE3-9B222A9CDE51}] => (Allow) LPort=5357
FirewallRules: [{782178F6-7D19-4E64-8AA0-CFE41C66E8D2}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{E57AEF23-191E-4EF4-BA6F-AAE9319C0A34}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\bin\DigitalWizards.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{0B3B81BB-6574-4DBA-B606-51FE4CC143E4}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\bin\EWSProxy.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{7FEC1A33-C813-437C-BF5D-3D31BDACCE80}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
FirewallRules: [{BDD477C4-484E-4D5E-8C3C-432B156F140D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
FirewallRules: [{C249D09D-B9A8-4879-B430-03A3CDE52E9C}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe (Nero AG -> Nero AG)
FirewallRules: [{45DA8CB5-C63A-4667-AD75-1405827BC68F}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe (Nero AG -> Nero AG)
FirewallRules: [{9D3EDDCA-923A-4182-9A8A-714C6BEBFB7F}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{07AD04A3-FDAC-43FC-A8FA-5772964982AF}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A3250133-0752-4540-93ED-1288A1FC3F4B}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5745DA3C-18F9-483E-BF01-C407EF8380EE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{83198189-2D21-4112-9C86-DE74470EC39E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E29FD033-7D8C-4754-A3F9-8C8A5F43F517}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{DF3B8380-CBA7-4C5F-A378-24BADA7BED0B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{DF08C95C-112A-4191-A760-5EDF0A7D73CF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{314BCAE1-4F23-4B02-8989-B23621DB6892}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{1AB6F2F0-77E8-4E51-8F2B-65F2C07B16C5}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{117FE7F6-6E5A-41BA-9BB6-559FE1E57609}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1CE86A61-C10F-4C08-A8BF-398EF73EE350}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DE1A5452-7C6E-4E37-8A1A-B2F5C52C7ABF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6D1C2134-CF95-46E2-BF3D-7A4D00B37D8B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EA4113AE-6940-4AF9-B810-FACA006169CC}] => (Allow) LPort=20400
FirewallRules: [{1BB86038-2339-414D-95EE-DB4A462299D0}] => (Allow) LPort=20401
FirewallRules: [{27B5F54B-400D-4AFB-B60C-8EDB20C2016D}] => (Allow) LPort=20402
FirewallRules: [{BB6D04C7-1AFD-4A0E-BC63-FF7117E2671F}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4D41F722-CCF6-4660-BF52-19625408A119}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{3181BC7F-A485-481B-915F-CDBF0B19D3A5}] => (Allow) C:\Program Files\Malwarebytes Anti-Malware Premium 2.2.1.1043 Final Portable (CZ)\App\Malwarebytes\mbam.exe (Malwarebytes Corporation -> Malwarebytes)
FirewallRules: [{0E5F2A2D-FF69-4E5C-B93F-2B9842A28CB4}] => (Allow) C:\Program Files\Malwarebytes Anti-Malware Premium 2.2.1.1043 Final Portable (CZ)\App\Malwarebytes\mbam.exe (Malwarebytes Corporation -> Malwarebytes)
FirewallRules: [{9CCB83D2-A96B-41AD-9E28-2AA5906785DE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{BDE35376-602C-4651-97DB-366E42407055}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{FFDE57A9-33FE-4B78-B4FF-2C9EA4F41090}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{7835BA94-1EFD-4D42-B381-FB2802A1764F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
==================== Restore Points =========================
13-03-2024 08:48:25 Inštalátor modulov systému Windows
13-03-2024 09:33:03 Inštalátor modulov systému Windows
13-03-2024 10:53:09 Inštalátor modulov systému Windows
26-03-2024 17:21:54 Inštalátor modulov systému Windows
27-03-2024 10:04:08 Inštalátor modulov systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (03/27/2024 12:38:17 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v HDD disc (D:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
Error: (03/27/2024 12:38:16 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v Vyhradené systémom (K:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
Error: (03/27/2024 12:38:15 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v Vyhradené systémom, pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
Error: (03/27/2024 12:23:15 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v HDD disc (D:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
Error: (03/27/2024 12:23:14 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v Vyhradené systémom (K:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
Error: (03/27/2024 12:23:13 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v Vyhradené systémom, pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
Error: (03/27/2024 12:14:35 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v HDD disc (D:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
Error: (03/27/2024 12:14:34 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v Vyhradené systémom (K:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
System errors:
=============
Error: (03/27/2024 11:23:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby MBAMScheduler zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.
Error: (03/27/2024 11:23:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby MBAMScheduler zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.
Error: (03/27/2024 11:16:57 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
Error: (03/27/2024 11:07:36 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x8007000d: 2024-03 Kumulatívna aktualizácia pre Windows 10 Version 22H2 pre systémy s procesorom typu x64 (KB5035845).
Error: (03/27/2024 10:48:58 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (03/27/2024 10:42:15 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (03/27/2024 10:42:12 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (03/27/2024 10:42:09 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Windows Defender:
================
Date: 2024-03-27 12:18:16
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-03-27 11:44:20
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-03-13 12:36:59
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-03-13 12:25:45
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-03-13 12:14:48
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]:
Date: 2024-03-27 09:14:17
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.407.391.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.24020.9
Error code: 0x80070020
Error description: The process cannot access the file because it is being used by another process.
Date: 2024-03-27 09:14:17
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.407.391.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.24020.9
Error code: 0x80070020
Error description: The process cannot access the file because it is being used by another process.
Date: 2024-03-27 09:14:17
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.407.391.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.24020.9
Error code: 0x80070020
Error description: The process cannot access the file because it is being used by another process.
Date: 2024-03-27 09:11:52
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.407.391.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.24020.9
Error code: 0x80240016
Error description: Počas vyhľadávania aktualizácií sa vyskytol neočakávaný problém. Informácie o inštalácii aktualizácií a riešení problémov s aktualizáciami nájdete v Pomoci a technickej podpore.
Date: 2024-03-27 09:05:19
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.407.391.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.24020.9
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
CodeIntegrity:
===============
Date: 2023-12-05 08:17:02
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-11-03 10:20:11
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-10-04 13:40:55
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-07-26 11:43:51
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-06-19 07:58:59
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-05-17 09:25:02
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 0501 08/03/2010
Motherboard: ASUSTeK Computer INC. M4N68T-M-LE-V2
Processor: AMD Athlon(tm) II X4 640 Processor
Percentage of memory in use: 79%
Total physical RAM: 4095.22 MB
Available physical RAM: 819.88 MB
Total Virtual: 5055.22 MB
Available Virtual: 1200.74 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:233.57 GB) (Free:144.94 GB) (Model: SAMSUNG HD502HJ SCSI Disk Device) NTFS
Drive d: (HDD disc) (Fixed) (Total:298.09 GB) (Free:217.52 GB) (Model: ST320DM0 00-1BD14C SCSI Disk Device) NTFS
Drive e: (Lokalny disk) (Fixed) (Total:231.29 GB) (Free:226.28 GB) (Model: SAMSUNG HD502HJ SCSI Disk Device) NTFS
Drive k: (Vyhradené systémom) (Fixed) (Total:0.34 GB) (Free:0.33 GB) (Model: SAMSUNG HD320KJ SCSI Disk Device) NTFS
Drive l: (HDD 2 disk) (Fixed) (Total:297.75 GB) (Free:163.41 GB) (Model: SAMSUNG HD320KJ SCSI Disk Device) NTFS
\\?\Volume{5bc53d8b-0000-0000-0000-100000000000}\ (Vyhradené systémom) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{5bc53d8b-0000-0000-0000-a06a3a000000}\ () (Fixed) (Total:0.81 GB) (Free:0.25 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 5BC53D8B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=233.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=826 MB) - (Type=27)
Partition 4: (Not Active) - (Size=231.3 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 0C800C7F)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=297.7 GB) - (Type=07 NTFS)
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: EF498C61)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25.03.2024
Ran by Izoplast (administrator) on DESKTOP-IZOPLAS (27-03-2024 13:53:30)
Running from C:\Users\Izoplast\Desktop\FRST64.exe
Loaded Profiles: Izoplast
Platform: Microsoft Windows 10 Pro Version 22H2 19045.3930 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer.exe ->) (TeamViewer Germany GmbH -> ) C:\Program Files (x86)\TeamViewer\crashpad_handler.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(C:\Program Files\Malwarebytes Anti-Malware Premium 2.2.1.1043 Final Portable (CZ)\MalwarebytesPortable.exe ->) (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware Premium 2.2.1.1043 Final Portable (CZ)\App\Malwarebytes\mbam.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <10>
(explorer.exe ->) (Malwarebytes Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes Anti-Malware Premium 2.2.1.1043 Final Portable (CZ)\MalwarebytesPortable.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.363\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.363\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Izoplast\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Izoplast\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(services.exe ->) (Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(services.exe ->) (Firebird Project) [File not signed] C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\NisSrv.exe
(services.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.123.11012.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.123.11012.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2401.2.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Windows.Media.BackgroundPlayback.exe
(TeamViewer Germany GmbH -> ) C:\Windows\Temp\nse7FA0.tmp\TvUpdateInfo.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\RedFox\CloneCD\CloneCDTray.exe [57344 2016-03-29] (RedFox) [File not signed]
HKLM-x32\...\Run: [tsnp2uvc] => C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe [322560 2012-02-23] (Sonix Technology Co., Ltd.) [File not signed]
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-21-1765005129-1590092598-4036685488-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [40412984 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP270 series: C:\WINDOWS\system32\CNMLM9X.DLL [336896 2010-04-24] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP280 series: C:\WINDOWS\system32\CNMLMAA.DLL [385024 2012-03-14] (CANON INC.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\123.0.6312.86\Installer\chrmstp.exe [2024-03-27] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ALFA plus - rýchle spustenie.lnk [2024-03-13]
ShortcutTarget: ALFA plus - rýchle spustenie.lnk -> C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe (Kros a.s. -> KROS a.s.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Web Signer.lnk [2019-01-08]
ShortcutTarget: Web Signer.lnk -> C:\Program Files (x86)\Disig\Disig Web Signer 1.0.7\Updater\WebSignerTray.exe (Disig a.s. -> Disig a.s.)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0A40253A-1C39-4716-B770-70651ACC48A5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {C0A37426-E2F8-4B21-B35D-E5FA920BC5CD} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {B18BFAFF-F764-48BF-9DDB-FEB9AA67B2BA} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703544 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "00312e41-2f7e-4c9d-942b-8f98591fba54" --version "6.11.10455" --silent
Task: {E11A0817-4B7B-4074-8FB5-80FD2790D78D} - System32\Tasks\CCleanerSkipUAC - Izoplast => C:\Program Files\CCleaner\CCleaner.exe [34159416 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {3D350203-C18F-4FE7-8B8E-EAF7505E0464} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-06] (Google Inc -> Google Inc.)
Task: {E14DEC4B-4FA6-4C90-8575-619269D7C2AC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-06] (Google Inc -> Google Inc.)
Task: {705E4F27-311B-4F71-81F7-D9031FBAD03B} - System32\Tasks\Hewlett-Packard\HP Diagnostics\HPDIAGS-c8c166e6-9cc6-4662-8b5d-e9ceab535bd7 => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe [61881520 2019-01-29] (HP Inc. -> ) -> C:\Program Files (x86)\HP\HpHwDiag\-runtests=53a826d5-9440-4b66-8cab-bf8a44956a7e,9f8e8ee1-02f7-414f-87e0-24fc8798e6b7,4e9e1ce2-4e01-4cf0-bb65-5ccd4b82edc3,3006e6d6-5ab9-414c-a53b-86e19e9ff4fd,855caf66-b69f-46e8-b9d1-4c1582494d19
Task: {FDA1B184-1A42-4120-AFAA-76926BA5447A} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64464 2024-03-11] (HP Inc. -> HP Inc.)
Task: {BD5F1972-7E7E-4D82-B78F-BABB09B5688B} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64464 2024-03-11] (HP Inc. -> HP Inc.)
Task: {FF1B5F4D-A16E-45E5-A2D6-BC4BC9823AA9} - System32\Tasks\HPCustParticipation HP LaserJet MFP M28-M31 => C:\Program Files\HP\HP LaserJet MFP M28-M31\Bin\HPCustPartic.exe [6662792 2018-07-04] (Hewlett Packard -> HP Inc.)
Task: {1A547BF1-7EF8-4A70-A9C5-A30FED287608} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-IZOPLAS-Izoplast DESKTOP-IZOPLAST => C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE [469640 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {3EA7001E-495B-4CAE-B7E1-92FF4319AAFA} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1642672 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {C17A376D-2DB4-4D49-90FF-D9206014B036} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {7CA36315-9A54-4EF7-9FEB-EAC81CC5B360} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {F18AA1AB-2D73-41C2-A929-390E2C510281} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E5509A68-C0D0-4D9C-BBBC-239932E29873} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5D142B7E-CBF4-4E4C-91C0-437C5ED826BB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A1094C36-1D9E-4DCE-BDFF-24C9BB5DB4DF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {28501DA9-5C76-4929-B67C-89501D491BEF} - System32\Tasks\Opera scheduled Autoupdate 1543062956 => C:\Users\Izoplast\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {CD41BEA6-7DED-4EDA-8063-B421FFFB2828} - System32\Tasks\Opera scheduled Autoupdate 1544693054 => C:\Users\Izoplast\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{4059de78-04cc-4b21-8e44-bafd7c2a750c}: [NameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Profile 1
Edge Profile: C:\Users\Izoplast\AppData\Local\Microsoft\Edge\User Data\Default [2024-03-26]
Edge DownloadDir: Default -> C:\Users\Izoplast\Downloads
Edge Extension: (Dokumenty Google v režime offline) - C:\Users\Izoplast\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-09]
Edge Extension: (Edge relevant text changes) - C:\Users\Izoplast\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-09]
Edge Profile: C:\Users\Izoplast\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2024-03-26]
Edge Extension: (Dokumenty Google v režime offline) - C:\Users\Izoplast\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-12-01]
Edge Extension: (Edge relevant text changes) - C:\Users\Izoplast\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-12-01]
Edge Profile: C:\Users\Izoplast\AppData\Local\Microsoft\Edge\User Data\Profile 2 [2024-03-26]
Edge Extension: (Dokumenty Google v režime offline) - C:\Users\Izoplast\AppData\Local\Microsoft\Edge\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-09]
Edge Extension: (Edge relevant text changes) - C:\Users\Izoplast\AppData\Local\Microsoft\Edge\User Data\Profile 2\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-09]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-01-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-08-10] (Nero AG -> Nero AG)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.14 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: ditec.sk/DAsicFac -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~1.DLL [2021-02-09] (DITEC, a.s. -> Ditec,a.s.)
FF Plugin-x32: ditec.sk/DitecZepDViewerFb -> C:\PROGRA~2\Ditec\DViewer\NPDITE~1.DLL [2021-02-09] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigMessageContainer -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~2.DLL [2021-02-09] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigXadesExtender -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~3.DLL [2021-02-09] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigXadesFb -> C:\PROGRA~2\Ditec\DSIGNE~1.NET\NPDITE~1.DLL [2021-09-06] (DITEC, a.s. -> Ditec,a.s.)
FF Plugin-x32: ditec.sk/XmlDataContainerFb -> C:\PROGRA~2\Ditec\DSIGNE~1.NET\NPDITE~2.DLL [2021-09-06] (DITEC, a.s. -> Ditec,a.s.)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\Izoplast\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-03-26]
CHR Profile: C:\Users\Izoplast\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-03-27]
CHR StartupUrls: Profile 1 -> "hxxps://www.google.sk/?gws_rd=cr,ssl&ei=cyJrVIjnDcHNOLu5gMAD"
CHR Extension: (Prekladač Google) - C:\Users\Izoplast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-08-01]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Izoplast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-03-10]
CHR Extension: (AdBlock - najlepší blokovač reklám) - C:\Users\Izoplast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-03-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Izoplast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-19]
CHR Profile: C:\Users\Izoplast\AppData\Local\Google\Chrome\User Data\System Profile [2024-03-26]
CHR HKLM-x32\...\Chrome\Extension: [odbdbcaekkgabdfaabepfjgiooilmaoe]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R2 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1063736 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 FirebirdServerKROS_20400; C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe [3764224 2011-10-11] (Firebird Project) [File not signed]
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [234968 2024-03-11] (HP Inc. -> HP Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192320 2020-08-17] (Huawei Technologies Co., Ltd. -> ) [File not signed]
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware Premium 2.2.1.1043 Final Portable (CZ)\App\Malwarebytes\mbamservice.exe [1136608 2016-07-21] (Malwarebytes Corporation -> Malwarebytes)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534472 2024-01-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [18575672 2024-03-18] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\NisSrv.exe [3191272 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe [133688 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 MBAMScheduler; "\mbamscheduler.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R3 ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [40872 2014-02-10] (SlySoft, Inc. -> SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40872 2014-02-10] (SlySoft, Inc. -> SlySoft, Inc.)
R1 EpfwLWF; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [44632 2015-03-10] (ESET, spol. s r.o. -> ESET)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2024-03-27] (Malwarebytes Corporation -> Malwarebytes)
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] (ASUSTeK Computer Inc. -> )
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20928 2024-03-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [603416 2024-03-13] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105752 2024-03-13] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-03-27 13:53 - 2024-03-27 13:56 - 000021556 _____ C:\Users\Izoplast\Desktop\FRST.txt
2024-03-27 13:52 - 2024-03-27 13:55 - 000000000 ____D C:\FRST
2024-03-27 13:51 - 2024-03-27 13:51 - 002391552 _____ (Farbar) C:\Users\Izoplast\Desktop\FRST64.exe
2024-03-27 11:23 - 2024-03-27 11:23 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-03-26 17:35 - 2024-03-26 17:35 - 000581358 _____ C:\Users\Izoplast\Documents\Faktura c. 242501.PDF
2024-03-26 16:55 - 2024-03-26 16:55 - 000000000 ___HD C:\$WinREAgent
2024-03-13 12:13 - 2024-03-27 13:48 - 000004144 _____ C:\WINDOWS\system32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-IZOPLAS-Izoplast DESKTOP-IZOPLAST
2024-03-13 12:02 - 2024-03-13 12:02 - 000003062 _____ C:\Users\Izoplast\mbam-log-2024-03-13 (11-29-43).xml
2024-03-13 11:29 - 2024-03-27 11:23 - 000192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2024-03-13 11:27 - 2024-03-13 11:27 - 000001846 _____ C:\Users\Izoplast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MalwarebytesPortable.lnk
2024-03-13 11:26 - 2024-03-13 11:29 - 000000000 ____D C:\Program Files\Malwarebytes Anti-Malware Premium 2.2.1.1043 Final Portable (CZ)
2024-03-13 11:22 - 2024-03-13 11:22 - 000003066 _____ C:\Users\Izoplast\mbam-log-2024-03-13 (10-45-20).xml
2024-03-13 10:20 - 2024-03-13 10:20 - 000003878 _____ C:\Users\Izoplast\mbam-log-2024-03-13 (09-19-45).xml
2024-03-11 12:05 - 2024-03-27 13:54 - 000003386 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1765005129-1590092598-4036685488-1001
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-03-27 13:54 - 2022-09-25 17:37 - 000002380 _____ C:\Users\Izoplast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-03-27 13:54 - 2021-12-13 08:55 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1765005129-1590092598-4036685488-1001
2024-03-27 13:48 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-03-27 13:45 - 2018-11-06 17:37 - 000000000 ____D C:\ProgramData\firebird
2024-03-27 13:44 - 2018-11-06 14:37 - 000000000 ____D C:\Users\Izoplast\Documents\Súbory programu Outlook
2024-03-27 13:43 - 2020-09-15 16:35 - 000003542 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-03-27 13:35 - 2022-01-06 14:11 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-03-27 13:35 - 2018-11-06 17:18 - 000000000 ____D C:\Program Files (x86)\Google
2024-03-27 13:20 - 2018-11-09 10:15 - 000000000 ____D C:\Users\Izoplast\Documents\Bluetooth
2024-03-27 13:11 - 2018-11-06 15:22 - 000000000 ____D C:\Users\Izoplast\AppData\Roaming\Microsoft\Excel
2024-03-27 12:34 - 2020-09-15 16:04 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-03-27 12:18 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2024-03-27 12:18 - 2018-11-07 10:10 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2024-03-27 12:07 - 2018-11-06 14:30 - 000000000 ____D C:\Users\Izoplast\AppData\Roaming\Microsoft\Word
2024-03-27 11:22 - 2018-11-13 09:30 - 000000000 ____D C:\Program Files\CCleaner
2024-03-27 11:18 - 2020-09-15 16:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-03-27 11:18 - 2020-09-15 16:03 - 000008192 ___SH C:\DumpStack.log.tmp
2024-03-27 11:17 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-03-27 11:16 - 2018-11-06 17:51 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-03-27 11:15 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-03-27 09:06 - 2020-09-15 16:35 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-03-26 17:47 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-03-26 17:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-03-26 17:45 - 2020-06-09 08:52 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-03-26 16:59 - 2020-09-15 16:35 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-03-26 16:59 - 2020-09-15 16:35 - 000003508 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-03-26 16:56 - 2022-11-28 07:28 - 000000000 ____D C:\Program Files\RUXIM
2024-03-13 12:51 - 2018-11-22 12:20 - 000000000 ____D C:\Users\Izoplast\Documents\Ccleaner
2024-03-13 12:45 - 2024-01-08 09:14 - 000002142 _____ C:\Users\Public\Desktop\ALFA plus.lnk
2024-03-13 12:45 - 2019-04-02 16:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KROS
2024-03-13 12:02 - 2020-09-15 16:08 - 000000000 ____D C:\Users\Izoplast
2024-03-13 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2024-03-13 10:20 - 2022-05-13 10:12 - 000000004 _____ C:\WINDOWS\system32\Drivers\etc\hosts.BackupByMalwarebytesPortable
2024-03-13 08:12 - 2018-11-06 14:38 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-03-13 08:05 - 2018-11-06 14:38 - 190470136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-03-13 08:04 - 2018-11-06 10:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-03-12 15:28 - 2018-11-06 14:30 - 000000000 ____D C:\Users\Izoplast\AppData\Roaming\Microsoft\Šablóny
2024-03-12 14:46 - 2019-03-23 19:22 - 000000000 ____D C:\Users\Izoplast\AppData\Local\ElevatedDiagnostics
2024-03-11 13:21 - 2021-06-24 18:06 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2024-03-11 13:21 - 2021-03-23 19:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2024-03-10 10:26 - 2023-05-15 09:17 - 000000000 ____D C:\Users\Izoplast\AppData\Roaming\vlc
2024-03-10 09:36 - 2021-09-07 13:36 - 000000000 ____D C:\Users\Izoplast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2024-03-10 09:36 - 2021-09-07 13:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2024-03-10 09:36 - 2019-01-19 19:22 - 000000000 ____D C:\Program Files (x86)\WinRAR
2024-03-10 09:36 - 2018-11-06 13:38 - 000000000 ____D C:\Program Files\WinRAR
==================== Files in the root of some directories ========
2018-11-24 13:38 - 2020-08-23 17:56 - 000000136 _____ () C:\Users\Izoplast\AppData\Roaming\downloads.json
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25.03.2024
Ran by Izoplast (27-03-2024 13:58:42)
Running from C:\Users\Izoplast\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.3930 (X64) (2020-09-15 15:36:02)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1765005129-1590092598-4036685488-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1765005129-1590092598-4036685488-503 - Limited - Disabled)
Guest (S-1-5-21-1765005129-1590092598-4036685488-501 - Limited - Disabled)
Izoplast (S-1-5-21-1765005129-1590092598-4036685488-1001 - Administrator - Enabled) => C:\Users\Izoplast
WDAGUtilityAccount (S-1-5-21-1765005129-1590092598-4036685488-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 23.01 (x64) (HKLM\...\7-Zip) (Version: 23.01 - Igor Pavlov)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1051-1033-7760-BC15014EA700}) (Version: 23.008.20458 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601053}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
ALFA plus 15.22.00 - C:\Program Files (x86)\KROS\ALFA plus\ (HKLM-x32\...\{17F87645-0DDA-488B-A12A-62589C630BA2}) (Version: 15.22.00 - KROS a.s.)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Asistent pri aktualizácii na Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22589 - Microsoft Corporation)
Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5 (HKLM-x32\...\{E031338C-839D-4EDD-9537-99B653C39D81}) (Version: 6.5.5.24 - Autodesk, Inc.)
AUTOPLAN 2021 RE1 (HKLM-x32\...\AUTOPLAN_is1) (Version: - KROB software s.r.o.)
Balík softvéru eID (HKLM-x32\...\{ea81dcd3-f9f3-4959-8bee-0349fc294ae5}) (Version: 1.0.0.0 - Ministerstvo vnútra Slovenskej republiky) Hidden
Bit4id - miniLector (HKLM-x32\...\Bit4id - miniLector) (Version: 3.7 - Bit4id)
Catalyst Control Center - Branding (HKLM-x32\...\{11087D24-567D-7D88-69C6-D7A08B5F4C47}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 6.11 - Piriform)
CloneCD (HKLM-x32\...\CloneCD) (Version: 5.3.4.0 - SlySoft)
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.3 - Elaborate Bytes)
D.Launcher (x86) (HKLM-x32\...\{0DC85C46-746B-4BC5-B727-D5434DF7E5D0}) (Version: 1.2.0.2 - DITEC, a.s.)
D.Signer/XAdES .NET so zásuvnými modulmi (x86) (HKLM-x32\...\{EDB276CE-A945-4201-A552-2683B13C321F}) (Version: 4.0.24 - DITEC, a.s.)
D.Signer/XAdES .NET Tools (x86) (HKLM-x32\...\{6648F510-5044-4CA9-BC21-494A2A198B3A}) (Version: 4.0.17 - DITEC, a.s.)
D.Suite/eIDAS (x86) (HKLM-x32\...\{8d169eac-87e2-4981-825f-701b32f24d72}) (Version: 1.0.29 - DITEC, a.s.)
D.Viewer .NET (x86) (HKLM-x32\...\{73D635BE-5D6F-43D3-8C1F-63B5CD4D5953}) (Version: 4.0.2033 - DITEC, a.s.)
Disig Web Signer 1.0.7 (HKLM-x32\...\{21859B7E-5E38-4892-A480-FA8B180ADE72}) (Version: 1.1.8 - Disig)
EAC MW klient (HKLM-x32\...\{BC7979F7-EC8D-4BA0-95D5-950630FFB2E9}) (Version: 3.0.0 - Ministerstvo vnútra Slovenskej republiky)
Elcomm (HKLM-x32\...\Elcomm) (Version: - )
Flvto Youtube Downloader (HKLM\...\Flvto Youtube Downloader) (Version: 1.2.1 - Hotger)
GemPcCCID (HKLM\...\{C2C14C20-A217-4FCA-B668-89B6C70B6EFF}) (Version: 2.0.7 - Gemalto)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 123.0.6312.86 - Google LLC)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 10.1.1.500 - Huawei Technologies Co., Ltd.)
HP Dropbox Plugin (HKLM-x32\...\{9646F2DC-B09E-4314-92EC-B3332900A7EE}) (Version: 36.0.191.0 - HP)
HP EmailSMTP Plugin (HKLM-x32\...\{AF9F1F16-F6B4-4A66-B789-9F00B40B08AF}) (Version: 43.0.191.0 - HP)
HP FTP Plugin (HKLM-x32\...\{7DB5EDF6-8009-4E01-AF0D-4F3E02A0287F}) (Version: 43.0.191.0 - HP)
HP Google Drive Plugin (HKLM-x32\...\{07F30E12-A85F-4EA4-A5B3-3728FAB947ED}) (Version: 36.0.191.0 - HP)
HP LaserJet MFP M28-M31 Basic Device Software (HKLM\...\{08644094-D714-4B6E-9CEB-11433F5CBDB7}) (Version: 46.2.2636.18185 - HP Inc.)
HP LaserJet MFP M28-M31 Help (HKLM-x32\...\{0DF6621D-67C2-4E12-A5CF-260E985B8743}) (Version: 0.00.0005 - HP)
HP OneDrive Plugin (HKLM-x32\...\{8ED0A60F-9F44-4B7F-9C88-CC9E0B362628}) (Version: 36.0.191.0 - HP)
HP PC Hardware Diagnostics Windows (HKLM-x32\...\{02E639C2-2C8A-4A55-8DFF-43666B46E8F3}) (Version: 1.5.6.0 - HP Inc.)
HP SFTP Plugin (HKLM-x32\...\{1F0191BF-E339-4192-85D9-C369CA3FE9F1}) (Version: 43.0.191.0 - HP)
HP SharePoint Plugin (HKLM-x32\...\{96DB7179-0B69-45E1-A109-3A3A1F5BBCDF}) (Version: 43.0.191.0 - HP)
I.R.I.S OCR (HKLM-x32\...\{3913CCF7-436B-4A7A-A265-62E9FFDD03D9}) (Version: 15.2.10.1114 - HP Inc.)
MF DachDesigner Demo (HKLM-x32\...\DachDesigner.EXE) (Version: - )
Microsoft Access MUI (Slovak) 2013 (HKLM\...\{90150000-0015-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft DCF MUI (Slovak) 2013 (HKLM\...\{90150000-0090-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 122.0.2365.92 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 122.0.2365.92 - Microsoft Corporation)
Microsoft Excel MUI (Slovak) 2013 (HKLM\...\{90150000-0016-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Groove MUI (Slovak) 2013 (HKLM\...\{90150000-00BA-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (Slovak) 2013 (HKLM\...\{90150000-0044-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Lync MUI (Slovak) 2013 (HKLM\...\{90150000-012B-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Office 2013 Professional Plus (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office 32-bit Components 2013 (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Nyelvi ellenőrző eszközök 2013 – magyar (HKLM\...\{90150000-001F-040E-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Slovak) 2013 (HKLM\...\{90150000-00E1-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Slovak) 2013 (HKLM\...\{90150000-00E2-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Slovak) 2013 (HKLM\...\{90150000-002C-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (Slovak) 2013 (HKLM\...\{90150000-00C1-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Slovak) 2013 (HKLM\...\{90150000-006E-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-1765005129-1590092598-4036685488-1001\...\OneDriveSetup.exe) (Version: 24.045.0303.0003 - Microsoft Corporation)
Microsoft OneNote MUI (Slovak) 2013 (HKLM\...\{90150000-00A1-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Slovak) 2013 (HKLM\...\{90150000-001A-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Slovak) 2013 (HKLM\...\{90150000-0018-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (Slovak) 2013 (HKLM\...\{90150000-0019-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (HKLM\...\{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (HKLM\...\{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (HKLM-x32\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (HKLM-x32\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Word MUI (Slovak) 2013 (HKLM\...\{90150000-001B-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nero 12 (HKLM-x32\...\{560FC78C-A4B2-461D-9B47-820C1EEF87B8}) (Version: 12.0.02000 - Nero AG)
Nero Audio Pack 1 (HKLM-x32\...\{A7A0BF2E-31CC-49E3-9913-52C503EB969D}) (Version: 11.0.11500.110.0 - Nero AG) Hidden
Nero BackItUp (HKLM-x32\...\{0071820F-09B0-4998-8320-F89629DCBC99}) (Version: 12.0.2001 - Nero AG) Hidden
Nero BackItUp Help (CHM) (HKLM-x32\...\{EF0D1292-8FC1-41BE-9740-DBC134F66415}) (Version: 12.0.3000 - Nero AG) Hidden
Nero Blu-ray Player (HKLM-x32\...\{A2FE691E-3F8E-4E30-AA7D-FF17AC77EA87}) (Version: 12.0.14300 - Nero AG) Hidden
Nero Blu-ray Player Help (CHM) (HKLM-x32\...\{5B79E730-D897-4B8F-A1AD-7BB2D1F22B96}) (Version: 12.0.4000 - Nero AG) Hidden
Nero Burning ROM (HKLM-x32\...\{5963F4B4-D138-47CD-ADEF-470E87E185BD}) (Version: 12.0.20000 - Nero AG) Hidden
Nero Burning ROM Help (CHM) (HKLM-x32\...\{2890E324-6F3B-4975-8B95-E7D6D80E0226}) (Version: 12.0.3000 - Nero AG) Hidden
Nero ControlCenter (HKLM-x32\...\{ABC88553-8770-4B97-B43E-5A90647A5B63}) (Version: 11.0.15200 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (HKLM-x32\...\{C994C746-C6D0-4EBA-B09E-DF7B18381B69}) (Version: 12.0.5000 - Nero AG) Hidden
Nero Core Components (HKLM-x32\...\{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}) (Version: 11.0.18100 - Nero AG) Hidden
Nero Disc Menus Basic (HKLM-x32\...\{E17BCB76-9924-4BD5-B6D6-50D3407B4E74}) (Version: 12.0.11500 - Nero AG) Hidden
Nero Effects Basic (HKLM-x32\...\{29F67D84-3A70-456E-806A-52301B02070B}) (Version: 12.0.11500 - Nero AG) Hidden
Nero Express (HKLM-x32\...\{848A7C68-0ADC-4193-8A89-2CEA78E56A0C}) (Version: 12.0.20000 - Nero AG) Hidden
Nero Express Help (CHM) (HKLM-x32\...\{0708FF30-78C0-47B0-81F0-C84604DC769C}) (Version: 12.0.5000 - Nero AG) Hidden
Nero Kwik Media (HKLM-x32\...\{052A1E34-A54B-458C-A4E3-24C3E054754A}) (Version: 1.18.18200 - Nero AG) Hidden
Nero Kwik Media Help (CHM) (HKLM-x32\...\{1F16820E-D0E7-4636-939E-45CBFEFB06E1}) (Version: 12.0.4000 - Nero AG) Hidden
Nero Kwik Themes Basic (HKLM-x32\...\{1B6F5E51-575E-4693-BCA2-7543570D076D}) (Version: 12.0.11500 - Nero AG) Hidden
Nero Launcher (HKLM-x32\...\{0E4630AF-0AB7-440E-A978-1A78FC4F43B9}) (Version: 12.2.2000 - Nero AG) Hidden
Nero PiP Effects Basic (HKLM-x32\...\{ACE49D50-19CD-44A6-B192-46F985283B26}) (Version: 12.0.11500 - Nero AG) Hidden
Nero Recode (HKLM-x32\...\{1943C3BD-4462-4612-92C3-D36DD917C447}) (Version: 12.0.24000 - Nero AG) Hidden
Nero Recode Help (CHM) (HKLM-x32\...\{86847081-B387-4F49-AED1-C9B0A090D66C}) (Version: 12.0.4000 - Nero AG) Hidden
Nero RescueAgent (HKLM-x32\...\{B953732D-B623-4E84-B369-CFFF7B1AE06F}) (Version: 12.0.9000 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (HKLM-x32\...\{0B311221-05A5-4766-8D03-7A6446794156}) (Version: 12.0.3000 - Nero AG) Hidden
Nero SharedVideoCodecs (HKLM-x32\...\{2432E589-6256-4513-B0BF-EFA8E325D5F0}) (Version: 1.0.12100.2.0 - Nero AG) Hidden
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 11.0.11800.31.0 - Nero AG) Hidden
Nero Video (HKLM-x32\...\{83FCCFCD-46E3-43FB-A397-78BFD5A8980A}) (Version: 12.0.3000 - Nero AG) Hidden
Nero Video Help (CHM) (HKLM-x32\...\{B128179D-A5E1-43AC-9422-12A109ECD2A0}) (Version: 12.0.4000 - Nero AG) Hidden
neroxml (HKLM-x32\...\{56C049BE-79E9-4502-BEA7-9754A3E60F9B}) (Version: 1.0.0 - Nero AG) Hidden
Product Improvement Study for HP LaserJet MFP M28-M31 (HKLM\...\{B50C256D-80E2-473E-9546-0410162F44D5}) (Version: 46.2.2636.18185 - HP Inc.)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.52.3 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{B9A7A138-BFD5-4C73-A269-F78CCA28150E}) (Version: 8.94.0.0 - Microsoft Corporation)
USB Video Device (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.54300.120 - Sonix)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.20 - VideoLAN)
Welcome App (Start-up experience) (HKLM-x32\...\{828175FA-7307-4DBF-95AD-9CEE086B6F45}) (Version: 12.0.14000 - Nero AG) Hidden
Windows Kontrola stavu počítača (HKLM\...\{8D6B9DC1-A437-41E0-8DF1-9F37748394AE}) (Version: 3.6.2204.08001 - Microsoft Corporation)
WinRAR 7.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 7.00.0 - win.rar GmbH)
WinRAR 7.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.00.0 - win.rar GmbH)
Packages:
=========
Amazon Rainforest -> C:\Program Files\WindowsApps\Microsoft.AmazonRainforest_1.0.0.0_neutral__8wekyb3d8bbwe [2018-11-09] (Microsoft Corporation)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2722.1.0_x64__kgqvnymyfvs32 [2024-03-11] (king.com)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.20.3368.0_x64__rz1tebttyb220 [2024-03-11] (Dolby Laboratories)
Doplnok mediálneho nástroja pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-08-27] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_152.1.1099.0_x64__v10z8vjag6ke6 [2024-03-11] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-20] (Microsoft Corporation) [MS Ad]
My Photos -> C:\Program Files\WindowsApps\4846UtilitiesTools.MyPhotos_1.1.3.0_x64__b17t1j31etq18 [2019-06-07] (Utilities Tools) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-23] (Netflix, Inc.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.19.1262.0_x64__8wekyb3d8bbwe [2024-03-10] (Microsoft Studios) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-02-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-02-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-02-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-02-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-02-26] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Izoplast\AppData\Local\Microsoft\Edge\User Data\Profile 1\Profil 2 - Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\Izoplast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\KROS Fakturácia.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=noccbdmhngpfbghcheakieamkbkkepgk
ShortcutWithArgument: C:\Users\Izoplast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\Izoplast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\188f5ec9d11ded56\Profil 2 - Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Profile 1"
==================== Loaded Modules (Whitelisted) =============
2024-03-27 11:23 - 2024-03-27 11:23 - 000008704 _____ () [File not signed] C:\Users\Izoplast\AppData\Local\Temp\nsfC3CB.tmp\newadvsplash.dll
2024-03-27 11:23 - 2024-03-27 11:23 - 000025088 _____ () [File not signed] C:\Users\Izoplast\AppData\Local\Temp\nsfC3CB.tmp\Registry.dll
2024-03-27 11:23 - 2024-03-27 11:23 - 000010752 _____ () [File not signed] C:\Users\Izoplast\AppData\Local\Temp\nsfC3CB.tmp\System.dll
2015-11-04 15:40 - 2015-11-04 15:40 - 000004608 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamenu.dll
2018-11-12 20:28 - 2010-04-24 05:00 - 000336896 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMLM9X.DLL
2018-11-07 08:14 - 2012-03-14 05:00 - 000385024 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMLMAA.DLL
2018-11-06 17:31 - 2011-10-11 09:59 - 000007680 _____ (Firebird Project) [File not signed] C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\ib_util.dll
2018-11-06 17:31 - 2011-10-11 09:59 - 000921600 _____ (Firebird Project) [File not signed] C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\intl\fbintl.DLL
2018-11-06 17:31 - 2011-10-11 09:59 - 000434176 _____ (Firebird Project) [File not signed] C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\plugins\fbtrace.dll
2018-11-06 17:31 - 2011-10-11 09:59 - 001568768 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\icudt30.dll
2018-11-06 17:31 - 2011-10-11 09:59 - 000675840 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\icuuc30.dll
2022-07-05 12:58 - 2023-06-20 09:00 - 000101376 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2024-03-27 11:16 - 2024-03-27 12:01 - 000000006 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1765005129-1590092598-4036685488-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet 2: Epfw NDIS LightWeight Filter -> ESET_EpfwLWF (enabled)
Ethernet 3: Epfw NDIS LightWeight Filter -> ESET_EpfwLWF (enabled)
Ethernet 4: Epfw NDIS LightWeight Filter -> ESET_EpfwLWF (enabled)
Ethernet: Epfw NDIS LightWeight Filter -> ESET_EpfwLWF (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "ALFA plus - rýchle spustenie.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Web Signer.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "CanonMyPrinter"
HKLM\...\StartupApproved\Run: => "Realtek Camera Manager"
HKLM\...\StartupApproved\Run32: => "CanonSolutionMenuEx"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "CloneCDTray"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "tsnp2uvc"
HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher"
HKU\S-1-5-21-1765005129-1590092598-4036685488-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1765005129-1590092598-4036685488-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{5FA4DB26-1EC8-43C3-A056-16B9FEB6634F}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{4571C068-720F-49FE-9CE3-9B222A9CDE51}] => (Allow) LPort=5357
FirewallRules: [{782178F6-7D19-4E64-8AA0-CFE41C66E8D2}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{E57AEF23-191E-4EF4-BA6F-AAE9319C0A34}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\bin\DigitalWizards.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{0B3B81BB-6574-4DBA-B606-51FE4CC143E4}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\bin\EWSProxy.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{7FEC1A33-C813-437C-BF5D-3D31BDACCE80}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
FirewallRules: [{BDD477C4-484E-4D5E-8C3C-432B156F140D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
FirewallRules: [{C249D09D-B9A8-4879-B430-03A3CDE52E9C}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe (Nero AG -> Nero AG)
FirewallRules: [{45DA8CB5-C63A-4667-AD75-1405827BC68F}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe (Nero AG -> Nero AG)
FirewallRules: [{9D3EDDCA-923A-4182-9A8A-714C6BEBFB7F}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{07AD04A3-FDAC-43FC-A8FA-5772964982AF}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A3250133-0752-4540-93ED-1288A1FC3F4B}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5745DA3C-18F9-483E-BF01-C407EF8380EE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{83198189-2D21-4112-9C86-DE74470EC39E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E29FD033-7D8C-4754-A3F9-8C8A5F43F517}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{DF3B8380-CBA7-4C5F-A378-24BADA7BED0B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{DF08C95C-112A-4191-A760-5EDF0A7D73CF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{314BCAE1-4F23-4B02-8989-B23621DB6892}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{1AB6F2F0-77E8-4E51-8F2B-65F2C07B16C5}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{117FE7F6-6E5A-41BA-9BB6-559FE1E57609}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1CE86A61-C10F-4C08-A8BF-398EF73EE350}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DE1A5452-7C6E-4E37-8A1A-B2F5C52C7ABF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6D1C2134-CF95-46E2-BF3D-7A4D00B37D8B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EA4113AE-6940-4AF9-B810-FACA006169CC}] => (Allow) LPort=20400
FirewallRules: [{1BB86038-2339-414D-95EE-DB4A462299D0}] => (Allow) LPort=20401
FirewallRules: [{27B5F54B-400D-4AFB-B60C-8EDB20C2016D}] => (Allow) LPort=20402
FirewallRules: [{BB6D04C7-1AFD-4A0E-BC63-FF7117E2671F}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4D41F722-CCF6-4660-BF52-19625408A119}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{3181BC7F-A485-481B-915F-CDBF0B19D3A5}] => (Allow) C:\Program Files\Malwarebytes Anti-Malware Premium 2.2.1.1043 Final Portable (CZ)\App\Malwarebytes\mbam.exe (Malwarebytes Corporation -> Malwarebytes)
FirewallRules: [{0E5F2A2D-FF69-4E5C-B93F-2B9842A28CB4}] => (Allow) C:\Program Files\Malwarebytes Anti-Malware Premium 2.2.1.1043 Final Portable (CZ)\App\Malwarebytes\mbam.exe (Malwarebytes Corporation -> Malwarebytes)
FirewallRules: [{9CCB83D2-A96B-41AD-9E28-2AA5906785DE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{BDE35376-602C-4651-97DB-366E42407055}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{FFDE57A9-33FE-4B78-B4FF-2C9EA4F41090}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{7835BA94-1EFD-4D42-B381-FB2802A1764F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
==================== Restore Points =========================
13-03-2024 08:48:25 Inštalátor modulov systému Windows
13-03-2024 09:33:03 Inštalátor modulov systému Windows
13-03-2024 10:53:09 Inštalátor modulov systému Windows
26-03-2024 17:21:54 Inštalátor modulov systému Windows
27-03-2024 10:04:08 Inštalátor modulov systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (03/27/2024 12:38:17 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v HDD disc (D:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
Error: (03/27/2024 12:38:16 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v Vyhradené systémom (K:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
Error: (03/27/2024 12:38:15 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v Vyhradené systémom, pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
Error: (03/27/2024 12:23:15 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v HDD disc (D:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
Error: (03/27/2024 12:23:14 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v Vyhradené systémom (K:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
Error: (03/27/2024 12:23:13 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v Vyhradené systémom, pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
Error: (03/27/2024 12:14:35 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v HDD disc (D:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
Error: (03/27/2024 12:14:34 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v Vyhradené systémom (K:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
System errors:
=============
Error: (03/27/2024 11:23:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby MBAMScheduler zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.
Error: (03/27/2024 11:23:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby MBAMScheduler zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.
Error: (03/27/2024 11:16:57 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
Error: (03/27/2024 11:07:36 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x8007000d: 2024-03 Kumulatívna aktualizácia pre Windows 10 Version 22H2 pre systémy s procesorom typu x64 (KB5035845).
Error: (03/27/2024 10:48:58 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (03/27/2024 10:42:15 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (03/27/2024 10:42:12 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (03/27/2024 10:42:09 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Windows Defender:
================
Date: 2024-03-27 12:18:16
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-03-27 11:44:20
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-03-13 12:36:59
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-03-13 12:25:45
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-03-13 12:14:48
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]:
Date: 2024-03-27 09:14:17
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.407.391.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.24020.9
Error code: 0x80070020
Error description: The process cannot access the file because it is being used by another process.
Date: 2024-03-27 09:14:17
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.407.391.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.24020.9
Error code: 0x80070020
Error description: The process cannot access the file because it is being used by another process.
Date: 2024-03-27 09:14:17
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.407.391.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.24020.9
Error code: 0x80070020
Error description: The process cannot access the file because it is being used by another process.
Date: 2024-03-27 09:11:52
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.407.391.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.24020.9
Error code: 0x80240016
Error description: Počas vyhľadávania aktualizácií sa vyskytol neočakávaný problém. Informácie o inštalácii aktualizácií a riešení problémov s aktualizáciami nájdete v Pomoci a technickej podpore.
Date: 2024-03-27 09:05:19
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.407.391.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.24020.9
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
CodeIntegrity:
===============
Date: 2023-12-05 08:17:02
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-11-03 10:20:11
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-10-04 13:40:55
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-07-26 11:43:51
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-06-19 07:58:59
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-05-17 09:25:02
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 0501 08/03/2010
Motherboard: ASUSTeK Computer INC. M4N68T-M-LE-V2
Processor: AMD Athlon(tm) II X4 640 Processor
Percentage of memory in use: 79%
Total physical RAM: 4095.22 MB
Available physical RAM: 819.88 MB
Total Virtual: 5055.22 MB
Available Virtual: 1200.74 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:233.57 GB) (Free:144.94 GB) (Model: SAMSUNG HD502HJ SCSI Disk Device) NTFS
Drive d: (HDD disc) (Fixed) (Total:298.09 GB) (Free:217.52 GB) (Model: ST320DM0 00-1BD14C SCSI Disk Device) NTFS
Drive e: (Lokalny disk) (Fixed) (Total:231.29 GB) (Free:226.28 GB) (Model: SAMSUNG HD502HJ SCSI Disk Device) NTFS
Drive k: (Vyhradené systémom) (Fixed) (Total:0.34 GB) (Free:0.33 GB) (Model: SAMSUNG HD320KJ SCSI Disk Device) NTFS
Drive l: (HDD 2 disk) (Fixed) (Total:297.75 GB) (Free:163.41 GB) (Model: SAMSUNG HD320KJ SCSI Disk Device) NTFS
\\?\Volume{5bc53d8b-0000-0000-0000-100000000000}\ (Vyhradené systémom) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{5bc53d8b-0000-0000-0000-a06a3a000000}\ () (Fixed) (Total:0.81 GB) (Free:0.25 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 5BC53D8B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=233.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=826 MB) - (Type=27)
Partition 4: (Not Active) - (Size=231.3 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 0C800C7F)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=297.7 GB) - (Type=07 NTFS)
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: EF498C61)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Re: Spomalený počítač, prosím o kontrolu
Sorry ..až teraz sa ukončil test FRST... aj Addition
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25.03.2024
Ran by Izoplast (administrator) on DESKTOP-IZOPLAS (27-03-2024 14:09:48)
Running from C:\Users\Izoplast\Desktop\FRST64.exe
Loaded Profiles: Izoplast
Platform: Microsoft Windows 10 Pro Version 22H2 19045.3930 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer.exe ->) (TeamViewer Germany GmbH -> ) C:\Program Files (x86)\TeamViewer\crashpad_handler.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(C:\Program Files\Malwarebytes Anti-Malware Premium 2.2.1.1043 Final Portable (CZ)\MalwarebytesPortable.exe ->) (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware Premium 2.2.1.1043 Final Portable (CZ)\App\Malwarebytes\mbam.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <10>
(explorer.exe ->) (Malwarebytes Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes Anti-Malware Premium 2.2.1.1043 Final Portable (CZ)\MalwarebytesPortable.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.363\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.363\GoogleCrashHandler64.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(services.exe ->) (Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(services.exe ->) (Firebird Project) [File not signed] C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\NisSrv.exe
(services.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.123.11012.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.123.11012.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2401.2.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Windows.Media.BackgroundPlayback.exe
(TeamViewer Germany GmbH -> ) C:\Windows\Temp\nse7FA0.tmp\TvUpdateInfo.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\RedFox\CloneCD\CloneCDTray.exe [57344 2016-03-29] (RedFox) [File not signed]
HKLM-x32\...\Run: [tsnp2uvc] => C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe [322560 2012-02-23] (Sonix Technology Co., Ltd.) [File not signed]
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-21-1765005129-1590092598-4036685488-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [40412984 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-1765005129-1590092598-4036685488-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Izoplast\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-1765005129-1590092598-4036685488-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Izoplast\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" [66946080 2024-03-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1765005129-1590092598-4036685488-1001\...\RunOnce: [Uninstall 24.025.0204.0003] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Izoplast\AppData\Local\Microsoft\OneDrive\24.025.0204.0003" [0 2024-03-27] () <==== ATTENTION [zero byte File/Folder]
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP270 series: C:\WINDOWS\system32\CNMLM9X.DLL [336896 2010-04-24] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP280 series: C:\WINDOWS\system32\CNMLMAA.DLL [385024 2012-03-14] (CANON INC.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\123.0.6312.86\Installer\chrmstp.exe [2024-03-27] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ALFA plus - rýchle spustenie.lnk [2024-03-13]
ShortcutTarget: ALFA plus - rýchle spustenie.lnk -> C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe (Kros a.s. -> KROS a.s.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Web Signer.lnk [2019-01-08]
ShortcutTarget: Web Signer.lnk -> C:\Program Files (x86)\Disig\Disig Web Signer 1.0.7\Updater\WebSignerTray.exe (Disig a.s. -> Disig a.s.)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0A40253A-1C39-4716-B770-70651ACC48A5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {C0A37426-E2F8-4B21-B35D-E5FA920BC5CD} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {B18BFAFF-F764-48BF-9DDB-FEB9AA67B2BA} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703544 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "00312e41-2f7e-4c9d-942b-8f98591fba54" --version "6.11.10455" --silent
Task: {E11A0817-4B7B-4074-8FB5-80FD2790D78D} - System32\Tasks\CCleanerSkipUAC - Izoplast => C:\Program Files\CCleaner\CCleaner.exe [34159416 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {3D350203-C18F-4FE7-8B8E-EAF7505E0464} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-06] (Google Inc -> Google Inc.)
Task: {E14DEC4B-4FA6-4C90-8575-619269D7C2AC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-06] (Google Inc -> Google Inc.)
Task: {705E4F27-311B-4F71-81F7-D9031FBAD03B} - System32\Tasks\Hewlett-Packard\HP Diagnostics\HPDIAGS-c8c166e6-9cc6-4662-8b5d-e9ceab535bd7 => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe [61881520 2019-01-29] (HP Inc. -> ) -> C:\Program Files (x86)\HP\HpHwDiag\-runtests=53a826d5-9440-4b66-8cab-bf8a44956a7e,9f8e8ee1-02f7-414f-87e0-24fc8798e6b7,4e9e1ce2-4e01-4cf0-bb65-5ccd4b82edc3,3006e6d6-5ab9-414c-a53b-86e19e9ff4fd,855caf66-b69f-46e8-b9d1-4c1582494d19
Task: {FDA1B184-1A42-4120-AFAA-76926BA5447A} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64464 2024-03-11] (HP Inc. -> HP Inc.)
Task: {BD5F1972-7E7E-4D82-B78F-BABB09B5688B} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64464 2024-03-11] (HP Inc. -> HP Inc.)
Task: {FF1B5F4D-A16E-45E5-A2D6-BC4BC9823AA9} - System32\Tasks\HPCustParticipation HP LaserJet MFP M28-M31 => C:\Program Files\HP\HP LaserJet MFP M28-M31\Bin\HPCustPartic.exe [6662792 2018-07-04] (Hewlett Packard -> HP Inc.)
Task: {1A547BF1-7EF8-4A70-A9C5-A30FED287608} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-IZOPLAS-Izoplast DESKTOP-IZOPLAST => C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE [469640 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {3EA7001E-495B-4CAE-B7E1-92FF4319AAFA} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1642672 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {C17A376D-2DB4-4D49-90FF-D9206014B036} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {7CA36315-9A54-4EF7-9FEB-EAC81CC5B360} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {F18AA1AB-2D73-41C2-A929-390E2C510281} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E5509A68-C0D0-4D9C-BBBC-239932E29873} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5D142B7E-CBF4-4E4C-91C0-437C5ED826BB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A1094C36-1D9E-4DCE-BDFF-24C9BB5DB4DF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {28501DA9-5C76-4929-B67C-89501D491BEF} - System32\Tasks\Opera scheduled Autoupdate 1543062956 => C:\Users\Izoplast\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {CD41BEA6-7DED-4EDA-8063-B421FFFB2828} - System32\Tasks\Opera scheduled Autoupdate 1544693054 => C:\Users\Izoplast\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{4059de78-04cc-4b21-8e44-bafd7c2a750c}: [NameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Profile 1
Edge Profile: C:\Users\Izoplast\AppData\Local\Microsoft\Edge\User Data\Default [2024-03-26]
Edge DownloadDir: Default -> C:\Users\Izoplast\Downloads
Edge Extension: (Dokumenty Google v režime offline) - C:\Users\Izoplast\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-09]
Edge Extension: (Edge relevant text changes) - C:\Users\Izoplast\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-09]
Edge Profile: C:\Users\Izoplast\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2024-03-26]
Edge Extension: (Dokumenty Google v režime offline) - C:\Users\Izoplast\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-12-01]
Edge Extension: (Edge relevant text changes) - C:\Users\Izoplast\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-12-01]
Edge Profile: C:\Users\Izoplast\AppData\Local\Microsoft\Edge\User Data\Profile 2 [2024-03-26]
Edge Extension: (Dokumenty Google v režime offline) - C:\Users\Izoplast\AppData\Local\Microsoft\Edge\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-09]
Edge Extension: (Edge relevant text changes) - C:\Users\Izoplast\AppData\Local\Microsoft\Edge\User Data\Profile 2\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-09]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-01-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-08-10] (Nero AG -> Nero AG)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.14 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: ditec.sk/DAsicFac -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~1.DLL [2021-02-09] (DITEC, a.s. -> Ditec,a.s.)
FF Plugin-x32: ditec.sk/DitecZepDViewerFb -> C:\PROGRA~2\Ditec\DViewer\NPDITE~1.DLL [2021-02-09] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigMessageContainer -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~2.DLL [2021-02-09] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigXadesExtender -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~3.DLL [2021-02-09] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigXadesFb -> C:\PROGRA~2\Ditec\DSIGNE~1.NET\NPDITE~1.DLL [2021-09-06] (DITEC, a.s. -> Ditec,a.s.)
FF Plugin-x32: ditec.sk/XmlDataContainerFb -> C:\PROGRA~2\Ditec\DSIGNE~1.NET\NPDITE~2.DLL [2021-09-06] (DITEC, a.s. -> Ditec,a.s.)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\Izoplast\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-03-26]
CHR Profile: C:\Users\Izoplast\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-03-27]
CHR StartupUrls: Profile 1 -> "hxxps://www.google.sk/?gws_rd=cr,ssl&ei=cyJrVIjnDcHNOLu5gMAD"
CHR Extension: (Prekladač Google) - C:\Users\Izoplast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-08-01]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Izoplast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-03-10]
CHR Extension: (AdBlock - najlepší blokovač reklám) - C:\Users\Izoplast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-03-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Izoplast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-19]
CHR Profile: C:\Users\Izoplast\AppData\Local\Google\Chrome\User Data\System Profile [2024-03-26]
CHR HKLM-x32\...\Chrome\Extension: [odbdbcaekkgabdfaabepfjgiooilmaoe]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R2 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1063736 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 FirebirdServerKROS_20400; C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe [3764224 2011-10-11] (Firebird Project) [File not signed]
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [234968 2024-03-11] (HP Inc. -> HP Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192320 2020-08-17] (Huawei Technologies Co., Ltd. -> ) [File not signed]
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware Premium 2.2.1.1043 Final Portable (CZ)\App\Malwarebytes\mbamservice.exe [1136608 2016-07-21] (Malwarebytes Corporation -> Malwarebytes)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534472 2024-01-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [18575672 2024-03-18] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\NisSrv.exe [3191272 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe [133688 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 MBAMScheduler; "\mbamscheduler.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R3 ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [40872 2014-02-10] (SlySoft, Inc. -> SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40872 2014-02-10] (SlySoft, Inc. -> SlySoft, Inc.)
R1 EpfwLWF; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [44632 2015-03-10] (ESET, spol. s r.o. -> ESET)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2024-03-27] (Malwarebytes Corporation -> Malwarebytes)
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] (ASUSTeK Computer Inc. -> )
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20928 2024-03-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [603416 2024-03-13] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105752 2024-03-13] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-03-27 13:58 - 2024-03-27 14:09 - 000044706 _____ C:\Users\Izoplast\Desktop\Addition.txt
2024-03-27 13:53 - 2024-03-27 14:11 - 000022018 _____ C:\Users\Izoplast\Desktop\FRST.txt
2024-03-27 13:52 - 2024-03-27 14:11 - 000000000 ____D C:\FRST
2024-03-27 13:51 - 2024-03-27 13:51 - 002391552 _____ (Farbar) C:\Users\Izoplast\Desktop\FRST64.exe
2024-03-27 11:23 - 2024-03-27 11:23 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-03-26 17:35 - 2024-03-26 17:35 - 000581358 _____ C:\Users\Izoplast\Documents\Faktura c. 242501.PDF
2024-03-26 16:55 - 2024-03-26 16:55 - 000000000 ___HD C:\$WinREAgent
2024-03-13 12:13 - 2024-03-27 13:48 - 000004144 _____ C:\WINDOWS\system32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-IZOPLAS-Izoplast DESKTOP-IZOPLAST
2024-03-13 12:02 - 2024-03-13 12:02 - 000003062 _____ C:\Users\Izoplast\mbam-log-2024-03-13 (11-29-43).xml
2024-03-13 11:29 - 2024-03-27 11:23 - 000192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2024-03-13 11:27 - 2024-03-13 11:27 - 000001846 _____ C:\Users\Izoplast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MalwarebytesPortable.lnk
2024-03-13 11:26 - 2024-03-13 11:29 - 000000000 ____D C:\Program Files\Malwarebytes Anti-Malware Premium 2.2.1.1043 Final Portable (CZ)
2024-03-13 11:22 - 2024-03-13 11:22 - 000003066 _____ C:\Users\Izoplast\mbam-log-2024-03-13 (10-45-20).xml
2024-03-13 10:20 - 2024-03-13 10:20 - 000003878 _____ C:\Users\Izoplast\mbam-log-2024-03-13 (09-19-45).xml
2024-03-11 12:05 - 2024-03-27 13:54 - 000003386 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1765005129-1590092598-4036685488-1001
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-03-27 13:59 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-03-27 13:54 - 2022-09-25 17:37 - 000002380 _____ C:\Users\Izoplast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-03-27 13:54 - 2021-12-13 08:55 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1765005129-1590092598-4036685488-1001
2024-03-27 13:45 - 2018-11-06 17:37 - 000000000 ____D C:\ProgramData\firebird
2024-03-27 13:44 - 2018-11-06 14:37 - 000000000 ____D C:\Users\Izoplast\Documents\Súbory programu Outlook
2024-03-27 13:43 - 2020-09-15 16:35 - 000003542 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-03-27 13:35 - 2022-01-06 14:11 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-03-27 13:35 - 2018-11-06 17:18 - 000000000 ____D C:\Program Files (x86)\Google
2024-03-27 13:20 - 2018-11-09 10:15 - 000000000 ____D C:\Users\Izoplast\Documents\Bluetooth
2024-03-27 13:11 - 2018-11-06 15:22 - 000000000 ____D C:\Users\Izoplast\AppData\Roaming\Microsoft\Excel
2024-03-27 12:34 - 2020-09-15 16:04 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-03-27 12:18 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2024-03-27 12:18 - 2018-11-07 10:10 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2024-03-27 12:07 - 2018-11-06 14:30 - 000000000 ____D C:\Users\Izoplast\AppData\Roaming\Microsoft\Word
2024-03-27 11:22 - 2018-11-13 09:30 - 000000000 ____D C:\Program Files\CCleaner
2024-03-27 11:18 - 2020-09-15 16:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-03-27 11:18 - 2020-09-15 16:03 - 000008192 ___SH C:\DumpStack.log.tmp
2024-03-27 11:17 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-03-27 11:16 - 2018-11-06 17:51 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-03-27 11:15 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-03-27 09:06 - 2020-09-15 16:35 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-03-26 17:47 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-03-26 17:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-03-26 17:45 - 2020-06-09 08:52 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-03-26 16:59 - 2020-09-15 16:35 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-03-26 16:59 - 2020-09-15 16:35 - 000003508 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-03-26 16:56 - 2022-11-28 07:28 - 000000000 ____D C:\Program Files\RUXIM
2024-03-13 12:51 - 2018-11-22 12:20 - 000000000 ____D C:\Users\Izoplast\Documents\Ccleaner
2024-03-13 12:45 - 2024-01-08 09:14 - 000002142 _____ C:\Users\Public\Desktop\ALFA plus.lnk
2024-03-13 12:45 - 2019-04-02 16:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KROS
2024-03-13 12:02 - 2020-09-15 16:08 - 000000000 ____D C:\Users\Izoplast
2024-03-13 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2024-03-13 10:20 - 2022-05-13 10:12 - 000000004 _____ C:\WINDOWS\system32\Drivers\etc\hosts.BackupByMalwarebytesPortable
2024-03-13 08:12 - 2018-11-06 14:38 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-03-13 08:05 - 2018-11-06 14:38 - 190470136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-03-13 08:04 - 2018-11-06 10:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-03-12 15:28 - 2018-11-06 14:30 - 000000000 ____D C:\Users\Izoplast\AppData\Roaming\Microsoft\Šablóny
2024-03-12 14:46 - 2019-03-23 19:22 - 000000000 ____D C:\Users\Izoplast\AppData\Local\ElevatedDiagnostics
2024-03-11 13:21 - 2021-06-24 18:06 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2024-03-11 13:21 - 2021-03-23 19:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2024-03-10 10:26 - 2023-05-15 09:17 - 000000000 ____D C:\Users\Izoplast\AppData\Roaming\vlc
2024-03-10 09:36 - 2021-09-07 13:36 - 000000000 ____D C:\Users\Izoplast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2024-03-10 09:36 - 2021-09-07 13:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2024-03-10 09:36 - 2019-01-19 19:22 - 000000000 ____D C:\Program Files (x86)\WinRAR
2024-03-10 09:36 - 2018-11-06 13:38 - 000000000 ____D C:\Program Files\WinRAR
==================== Files in the root of some directories ========
2018-11-24 13:38 - 2020-08-23 17:56 - 000000136 _____ () C:\Users\Izoplast\AppData\Roaming\downloads.json
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25.03.2024
Ran by Izoplast (27-03-2024 14:12:42)
Running from C:\Users\Izoplast\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.3930 (X64) (2020-09-15 15:36:02)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1765005129-1590092598-4036685488-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1765005129-1590092598-4036685488-503 - Limited - Disabled)
Guest (S-1-5-21-1765005129-1590092598-4036685488-501 - Limited - Disabled)
Izoplast (S-1-5-21-1765005129-1590092598-4036685488-1001 - Administrator - Enabled) => C:\Users\Izoplast
WDAGUtilityAccount (S-1-5-21-1765005129-1590092598-4036685488-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 23.01 (x64) (HKLM\...\7-Zip) (Version: 23.01 - Igor Pavlov)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1051-1033-7760-BC15014EA700}) (Version: 23.008.20458 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601053}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
ALFA plus 15.22.00 - C:\Program Files (x86)\KROS\ALFA plus\ (HKLM-x32\...\{17F87645-0DDA-488B-A12A-62589C630BA2}) (Version: 15.22.00 - KROS a.s.)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Asistent pri aktualizácii na Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22589 - Microsoft Corporation)
Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5 (HKLM-x32\...\{E031338C-839D-4EDD-9537-99B653C39D81}) (Version: 6.5.5.24 - Autodesk, Inc.)
AUTOPLAN 2021 RE1 (HKLM-x32\...\AUTOPLAN_is1) (Version: - KROB software s.r.o.)
Balík softvéru eID (HKLM-x32\...\{ea81dcd3-f9f3-4959-8bee-0349fc294ae5}) (Version: 1.0.0.0 - Ministerstvo vnútra Slovenskej republiky) Hidden
Bit4id - miniLector (HKLM-x32\...\Bit4id - miniLector) (Version: 3.7 - Bit4id)
Catalyst Control Center - Branding (HKLM-x32\...\{11087D24-567D-7D88-69C6-D7A08B5F4C47}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 6.11 - Piriform)
CloneCD (HKLM-x32\...\CloneCD) (Version: 5.3.4.0 - SlySoft)
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.3 - Elaborate Bytes)
D.Launcher (x86) (HKLM-x32\...\{0DC85C46-746B-4BC5-B727-D5434DF7E5D0}) (Version: 1.2.0.2 - DITEC, a.s.)
D.Signer/XAdES .NET so zásuvnými modulmi (x86) (HKLM-x32\...\{EDB276CE-A945-4201-A552-2683B13C321F}) (Version: 4.0.24 - DITEC, a.s.)
D.Signer/XAdES .NET Tools (x86) (HKLM-x32\...\{6648F510-5044-4CA9-BC21-494A2A198B3A}) (Version: 4.0.17 - DITEC, a.s.)
D.Suite/eIDAS (x86) (HKLM-x32\...\{8d169eac-87e2-4981-825f-701b32f24d72}) (Version: 1.0.29 - DITEC, a.s.)
D.Viewer .NET (x86) (HKLM-x32\...\{73D635BE-5D6F-43D3-8C1F-63B5CD4D5953}) (Version: 4.0.2033 - DITEC, a.s.)
Disig Web Signer 1.0.7 (HKLM-x32\...\{21859B7E-5E38-4892-A480-FA8B180ADE72}) (Version: 1.1.8 - Disig)
EAC MW klient (HKLM-x32\...\{BC7979F7-EC8D-4BA0-95D5-950630FFB2E9}) (Version: 3.0.0 - Ministerstvo vnútra Slovenskej republiky)
Elcomm (HKLM-x32\...\Elcomm) (Version: - )
Flvto Youtube Downloader (HKLM\...\Flvto Youtube Downloader) (Version: 1.2.1 - Hotger)
GemPcCCID (HKLM\...\{C2C14C20-A217-4FCA-B668-89B6C70B6EFF}) (Version: 2.0.7 - Gemalto)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 123.0.6312.86 - Google LLC)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 10.1.1.500 - Huawei Technologies Co., Ltd.)
HP Dropbox Plugin (HKLM-x32\...\{9646F2DC-B09E-4314-92EC-B3332900A7EE}) (Version: 36.0.191.0 - HP)
HP EmailSMTP Plugin (HKLM-x32\...\{AF9F1F16-F6B4-4A66-B789-9F00B40B08AF}) (Version: 43.0.191.0 - HP)
HP FTP Plugin (HKLM-x32\...\{7DB5EDF6-8009-4E01-AF0D-4F3E02A0287F}) (Version: 43.0.191.0 - HP)
HP Google Drive Plugin (HKLM-x32\...\{07F30E12-A85F-4EA4-A5B3-3728FAB947ED}) (Version: 36.0.191.0 - HP)
HP LaserJet MFP M28-M31 Basic Device Software (HKLM\...\{08644094-D714-4B6E-9CEB-11433F5CBDB7}) (Version: 46.2.2636.18185 - HP Inc.)
HP LaserJet MFP M28-M31 Help (HKLM-x32\...\{0DF6621D-67C2-4E12-A5CF-260E985B8743}) (Version: 0.00.0005 - HP)
HP OneDrive Plugin (HKLM-x32\...\{8ED0A60F-9F44-4B7F-9C88-CC9E0B362628}) (Version: 36.0.191.0 - HP)
HP PC Hardware Diagnostics Windows (HKLM-x32\...\{02E639C2-2C8A-4A55-8DFF-43666B46E8F3}) (Version: 1.5.6.0 - HP Inc.)
HP SFTP Plugin (HKLM-x32\...\{1F0191BF-E339-4192-85D9-C369CA3FE9F1}) (Version: 43.0.191.0 - HP)
HP SharePoint Plugin (HKLM-x32\...\{96DB7179-0B69-45E1-A109-3A3A1F5BBCDF}) (Version: 43.0.191.0 - HP)
I.R.I.S OCR (HKLM-x32\...\{3913CCF7-436B-4A7A-A265-62E9FFDD03D9}) (Version: 15.2.10.1114 - HP Inc.)
MF DachDesigner Demo (HKLM-x32\...\DachDesigner.EXE) (Version: - )
Microsoft Access MUI (Slovak) 2013 (HKLM\...\{90150000-0015-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft DCF MUI (Slovak) 2013 (HKLM\...\{90150000-0090-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 122.0.2365.92 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 122.0.2365.92 - Microsoft Corporation)
Microsoft Excel MUI (Slovak) 2013 (HKLM\...\{90150000-0016-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Groove MUI (Slovak) 2013 (HKLM\...\{90150000-00BA-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (Slovak) 2013 (HKLM\...\{90150000-0044-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Lync MUI (Slovak) 2013 (HKLM\...\{90150000-012B-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Office 2013 Professional Plus (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office 32-bit Components 2013 (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Nyelvi ellenőrző eszközök 2013 – magyar (HKLM\...\{90150000-001F-040E-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Slovak) 2013 (HKLM\...\{90150000-00E1-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Slovak) 2013 (HKLM\...\{90150000-00E2-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Slovak) 2013 (HKLM\...\{90150000-002C-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (Slovak) 2013 (HKLM\...\{90150000-00C1-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Slovak) 2013 (HKLM\...\{90150000-006E-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-1765005129-1590092598-4036685488-1001\...\OneDriveSetup.exe) (Version: 24.045.0303.0003 - Microsoft Corporation)
Microsoft OneNote MUI (Slovak) 2013 (HKLM\...\{90150000-00A1-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Slovak) 2013 (HKLM\...\{90150000-001A-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Slovak) 2013 (HKLM\...\{90150000-0018-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (Slovak) 2013 (HKLM\...\{90150000-0019-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (HKLM\...\{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (HKLM\...\{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (HKLM-x32\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (HKLM-x32\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Word MUI (Slovak) 2013 (HKLM\...\{90150000-001B-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nero 12 (HKLM-x32\...\{560FC78C-A4B2-461D-9B47-820C1EEF87B8}) (Version: 12.0.02000 - Nero AG)
Nero Audio Pack 1 (HKLM-x32\...\{A7A0BF2E-31CC-49E3-9913-52C503EB969D}) (Version: 11.0.11500.110.0 - Nero AG) Hidden
Nero BackItUp (HKLM-x32\...\{0071820F-09B0-4998-8320-F89629DCBC99}) (Version: 12.0.2001 - Nero AG) Hidden
Nero BackItUp Help (CHM) (HKLM-x32\...\{EF0D1292-8FC1-41BE-9740-DBC134F66415}) (Version: 12.0.3000 - Nero AG) Hidden
Nero Blu-ray Player (HKLM-x32\...\{A2FE691E-3F8E-4E30-AA7D-FF17AC77EA87}) (Version: 12.0.14300 - Nero AG) Hidden
Nero Blu-ray Player Help (CHM) (HKLM-x32\...\{5B79E730-D897-4B8F-A1AD-7BB2D1F22B96}) (Version: 12.0.4000 - Nero AG) Hidden
Nero Burning ROM (HKLM-x32\...\{5963F4B4-D138-47CD-ADEF-470E87E185BD}) (Version: 12.0.20000 - Nero AG) Hidden
Nero Burning ROM Help (CHM) (HKLM-x32\...\{2890E324-6F3B-4975-8B95-E7D6D80E0226}) (Version: 12.0.3000 - Nero AG) Hidden
Nero ControlCenter (HKLM-x32\...\{ABC88553-8770-4B97-B43E-5A90647A5B63}) (Version: 11.0.15200 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (HKLM-x32\...\{C994C746-C6D0-4EBA-B09E-DF7B18381B69}) (Version: 12.0.5000 - Nero AG) Hidden
Nero Core Components (HKLM-x32\...\{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}) (Version: 11.0.18100 - Nero AG) Hidden
Nero Disc Menus Basic (HKLM-x32\...\{E17BCB76-9924-4BD5-B6D6-50D3407B4E74}) (Version: 12.0.11500 - Nero AG) Hidden
Nero Effects Basic (HKLM-x32\...\{29F67D84-3A70-456E-806A-52301B02070B}) (Version: 12.0.11500 - Nero AG) Hidden
Nero Express (HKLM-x32\...\{848A7C68-0ADC-4193-8A89-2CEA78E56A0C}) (Version: 12.0.20000 - Nero AG) Hidden
Nero Express Help (CHM) (HKLM-x32\...\{0708FF30-78C0-47B0-81F0-C84604DC769C}) (Version: 12.0.5000 - Nero AG) Hidden
Nero Kwik Media (HKLM-x32\...\{052A1E34-A54B-458C-A4E3-24C3E054754A}) (Version: 1.18.18200 - Nero AG) Hidden
Nero Kwik Media Help (CHM) (HKLM-x32\...\{1F16820E-D0E7-4636-939E-45CBFEFB06E1}) (Version: 12.0.4000 - Nero AG) Hidden
Nero Kwik Themes Basic (HKLM-x32\...\{1B6F5E51-575E-4693-BCA2-7543570D076D}) (Version: 12.0.11500 - Nero AG) Hidden
Nero Launcher (HKLM-x32\...\{0E4630AF-0AB7-440E-A978-1A78FC4F43B9}) (Version: 12.2.2000 - Nero AG) Hidden
Nero PiP Effects Basic (HKLM-x32\...\{ACE49D50-19CD-44A6-B192-46F985283B26}) (Version: 12.0.11500 - Nero AG) Hidden
Nero Recode (HKLM-x32\...\{1943C3BD-4462-4612-92C3-D36DD917C447}) (Version: 12.0.24000 - Nero AG) Hidden
Nero Recode Help (CHM) (HKLM-x32\...\{86847081-B387-4F49-AED1-C9B0A090D66C}) (Version: 12.0.4000 - Nero AG) Hidden
Nero RescueAgent (HKLM-x32\...\{B953732D-B623-4E84-B369-CFFF7B1AE06F}) (Version: 12.0.9000 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (HKLM-x32\...\{0B311221-05A5-4766-8D03-7A6446794156}) (Version: 12.0.3000 - Nero AG) Hidden
Nero SharedVideoCodecs (HKLM-x32\...\{2432E589-6256-4513-B0BF-EFA8E325D5F0}) (Version: 1.0.12100.2.0 - Nero AG) Hidden
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 11.0.11800.31.0 - Nero AG) Hidden
Nero Video (HKLM-x32\...\{83FCCFCD-46E3-43FB-A397-78BFD5A8980A}) (Version: 12.0.3000 - Nero AG) Hidden
Nero Video Help (CHM) (HKLM-x32\...\{B128179D-A5E1-43AC-9422-12A109ECD2A0}) (Version: 12.0.4000 - Nero AG) Hidden
neroxml (HKLM-x32\...\{56C049BE-79E9-4502-BEA7-9754A3E60F9B}) (Version: 1.0.0 - Nero AG) Hidden
Product Improvement Study for HP LaserJet MFP M28-M31 (HKLM\...\{B50C256D-80E2-473E-9546-0410162F44D5}) (Version: 46.2.2636.18185 - HP Inc.)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.52.3 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{B9A7A138-BFD5-4C73-A269-F78CCA28150E}) (Version: 8.94.0.0 - Microsoft Corporation)
USB Video Device (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.54300.120 - Sonix)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.20 - VideoLAN)
Welcome App (Start-up experience) (HKLM-x32\...\{828175FA-7307-4DBF-95AD-9CEE086B6F45}) (Version: 12.0.14000 - Nero AG) Hidden
Windows Kontrola stavu počítača (HKLM\...\{8D6B9DC1-A437-41E0-8DF1-9F37748394AE}) (Version: 3.6.2204.08001 - Microsoft Corporation)
WinRAR 7.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 7.00.0 - win.rar GmbH)
WinRAR 7.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.00.0 - win.rar GmbH)
Packages:
=========
Amazon Rainforest -> C:\Program Files\WindowsApps\Microsoft.AmazonRainforest_1.0.0.0_neutral__8wekyb3d8bbwe [2018-11-09] (Microsoft Corporation)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2722.1.0_x64__kgqvnymyfvs32 [2024-03-11] (king.com)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.20.3368.0_x64__rz1tebttyb220 [2024-03-11] (Dolby Laboratories)
Doplnok mediálneho nástroja pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-08-27] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_152.1.1099.0_x64__v10z8vjag6ke6 [2024-03-11] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-20] (Microsoft Corporation) [MS Ad]
My Photos -> C:\Program Files\WindowsApps\4846UtilitiesTools.MyPhotos_1.1.3.0_x64__b17t1j31etq18 [2019-06-07] (Utilities Tools) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-23] (Netflix, Inc.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.19.1262.0_x64__8wekyb3d8bbwe [2024-03-10] (Microsoft Studios) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-02-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-02-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-02-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-02-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-02-26] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Izoplast\AppData\Local\Microsoft\Edge\User Data\Profile 1\Profil 2 - Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\Izoplast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\KROS Fakturácia.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=noccbdmhngpfbghcheakieamkbkkepgk
ShortcutWithArgument: C:\Users\Izoplast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\Izoplast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\188f5ec9d11ded56\Profil 2 - Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Profile 1"
==================== Loaded Modules (Whitelisted) =============
2024-03-27 11:23 - 2024-03-27 11:23 - 000008704 _____ () [File not signed] C:\Users\Izoplast\AppData\Local\Temp\nsfC3CB.tmp\newadvsplash.dll
2024-03-27 11:23 - 2024-03-27 11:23 - 000025088 _____ () [File not signed] C:\Users\Izoplast\AppData\Local\Temp\nsfC3CB.tmp\Registry.dll
2024-03-27 11:23 - 2024-03-27 11:23 - 000010752 _____ () [File not signed] C:\Users\Izoplast\AppData\Local\Temp\nsfC3CB.tmp\System.dll
2015-11-04 15:40 - 2015-11-04 15:40 - 000004608 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamenu.dll
2018-11-12 20:28 - 2010-04-24 05:00 - 000336896 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMLM9X.DLL
2018-11-07 08:14 - 2012-03-14 05:00 - 000385024 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMLMAA.DLL
2018-11-06 17:31 - 2011-10-11 09:59 - 000007680 _____ (Firebird Project) [File not signed] C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\ib_util.dll
2018-11-06 17:31 - 2011-10-11 09:59 - 000921600 _____ (Firebird Project) [File not signed] C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\intl\fbintl.DLL
2018-11-06 17:31 - 2011-10-11 09:59 - 000434176 _____ (Firebird Project) [File not signed] C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\plugins\fbtrace.dll
2018-11-06 17:31 - 2011-10-11 09:59 - 001568768 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\icudt30.dll
2018-11-06 17:31 - 2011-10-11 09:59 - 000675840 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\icuuc30.dll
2022-07-05 12:58 - 2023-06-20 09:00 - 000101376 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2024-03-27 11:16 - 2024-03-27 12:01 - 000000006 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1765005129-1590092598-4036685488-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet 2: Epfw NDIS LightWeight Filter -> ESET_EpfwLWF (enabled)
Ethernet 3: Epfw NDIS LightWeight Filter -> ESET_EpfwLWF (enabled)
Ethernet 4: Epfw NDIS LightWeight Filter -> ESET_EpfwLWF (enabled)
Ethernet: Epfw NDIS LightWeight Filter -> ESET_EpfwLWF (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "ALFA plus - rýchle spustenie.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Web Signer.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "CanonMyPrinter"
HKLM\...\StartupApproved\Run: => "Realtek Camera Manager"
HKLM\...\StartupApproved\Run32: => "CanonSolutionMenuEx"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "CloneCDTray"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "tsnp2uvc"
HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher"
HKU\S-1-5-21-1765005129-1590092598-4036685488-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1765005129-1590092598-4036685488-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{5FA4DB26-1EC8-43C3-A056-16B9FEB6634F}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{4571C068-720F-49FE-9CE3-9B222A9CDE51}] => (Allow) LPort=5357
FirewallRules: [{782178F6-7D19-4E64-8AA0-CFE41C66E8D2}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{E57AEF23-191E-4EF4-BA6F-AAE9319C0A34}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\bin\DigitalWizards.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{0B3B81BB-6574-4DBA-B606-51FE4CC143E4}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\bin\EWSProxy.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{7FEC1A33-C813-437C-BF5D-3D31BDACCE80}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
FirewallRules: [{BDD477C4-484E-4D5E-8C3C-432B156F140D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
FirewallRules: [{C249D09D-B9A8-4879-B430-03A3CDE52E9C}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe (Nero AG -> Nero AG)
FirewallRules: [{45DA8CB5-C63A-4667-AD75-1405827BC68F}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe (Nero AG -> Nero AG)
FirewallRules: [{9D3EDDCA-923A-4182-9A8A-714C6BEBFB7F}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{07AD04A3-FDAC-43FC-A8FA-5772964982AF}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A3250133-0752-4540-93ED-1288A1FC3F4B}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5745DA3C-18F9-483E-BF01-C407EF8380EE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{83198189-2D21-4112-9C86-DE74470EC39E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E29FD033-7D8C-4754-A3F9-8C8A5F43F517}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{DF3B8380-CBA7-4C5F-A378-24BADA7BED0B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{DF08C95C-112A-4191-A760-5EDF0A7D73CF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{314BCAE1-4F23-4B02-8989-B23621DB6892}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{1AB6F2F0-77E8-4E51-8F2B-65F2C07B16C5}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{117FE7F6-6E5A-41BA-9BB6-559FE1E57609}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1CE86A61-C10F-4C08-A8BF-398EF73EE350}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DE1A5452-7C6E-4E37-8A1A-B2F5C52C7ABF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6D1C2134-CF95-46E2-BF3D-7A4D00B37D8B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EA4113AE-6940-4AF9-B810-FACA006169CC}] => (Allow) LPort=20400
FirewallRules: [{1BB86038-2339-414D-95EE-DB4A462299D0}] => (Allow) LPort=20401
FirewallRules: [{27B5F54B-400D-4AFB-B60C-8EDB20C2016D}] => (Allow) LPort=20402
FirewallRules: [{BB6D04C7-1AFD-4A0E-BC63-FF7117E2671F}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4D41F722-CCF6-4660-BF52-19625408A119}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{3181BC7F-A485-481B-915F-CDBF0B19D3A5}] => (Allow) C:\Program Files\Malwarebytes Anti-Malware Premium 2.2.1.1043 Final Portable (CZ)\App\Malwarebytes\mbam.exe (Malwarebytes Corporation -> Malwarebytes)
FirewallRules: [{0E5F2A2D-FF69-4E5C-B93F-2B9842A28CB4}] => (Allow) C:\Program Files\Malwarebytes Anti-Malware Premium 2.2.1.1043 Final Portable (CZ)\App\Malwarebytes\mbam.exe (Malwarebytes Corporation -> Malwarebytes)
FirewallRules: [{9CCB83D2-A96B-41AD-9E28-2AA5906785DE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{BDE35376-602C-4651-97DB-366E42407055}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{FFDE57A9-33FE-4B78-B4FF-2C9EA4F41090}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{7835BA94-1EFD-4D42-B381-FB2802A1764F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
==================== Restore Points =========================
13-03-2024 08:48:25 Inštalátor modulov systému Windows
13-03-2024 09:33:03 Inštalátor modulov systému Windows
13-03-2024 10:53:09 Inštalátor modulov systému Windows
26-03-2024 17:21:54 Inštalátor modulov systému Windows
27-03-2024 10:04:08 Inštalátor modulov systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (03/27/2024 12:38:17 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v HDD disc (D:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
Error: (03/27/2024 12:38:16 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v Vyhradené systémom (K:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
Error: (03/27/2024 12:38:15 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v Vyhradené systémom, pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
Error: (03/27/2024 12:23:15 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v HDD disc (D:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
Error: (03/27/2024 12:23:14 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v Vyhradené systémom (K:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
Error: (03/27/2024 12:23:13 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v Vyhradené systémom, pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
Error: (03/27/2024 12:14:35 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v HDD disc (D:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
Error: (03/27/2024 12:14:34 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v Vyhradené systémom (K:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
System errors:
=============
Error: (03/27/2024 11:23:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby MBAMScheduler zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.
Error: (03/27/2024 11:23:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby MBAMScheduler zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.
Error: (03/27/2024 11:16:57 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
Error: (03/27/2024 11:07:36 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x8007000d: 2024-03 Kumulatívna aktualizácia pre Windows 10 Version 22H2 pre systémy s procesorom typu x64 (KB5035845).
Error: (03/27/2024 10:48:58 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (03/27/2024 10:42:15 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (03/27/2024 10:42:12 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (03/27/2024 10:42:09 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Windows Defender:
================
Date: 2024-03-27 12:18:16
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-03-27 11:44:20
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-03-13 12:36:59
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-03-13 12:25:45
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-03-13 12:14:48
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]:
Date: 2024-03-27 09:14:17
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.407.391.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.24020.9
Error code: 0x80070020
Error description: The process cannot access the file because it is being used by another process.
Date: 2024-03-27 09:14:17
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.407.391.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.24020.9
Error code: 0x80070020
Error description: The process cannot access the file because it is being used by another process.
Date: 2024-03-27 09:14:17
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.407.391.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.24020.9
Error code: 0x80070020
Error description: The process cannot access the file because it is being used by another process.
Date: 2024-03-27 09:11:52
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.407.391.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.24020.9
Error code: 0x80240016
Error description: Počas vyhľadávania aktualizácií sa vyskytol neočakávaný problém. Informácie o inštalácii aktualizácií a riešení problémov s aktualizáciami nájdete v Pomoci a technickej podpore.
Date: 2024-03-27 09:05:19
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.407.391.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.24020.9
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
CodeIntegrity:
===============
Date: 2023-12-05 08:17:02
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-11-03 10:20:11
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-10-04 13:40:55
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-07-26 11:43:51
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-06-19 07:58:59
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-05-17 09:25:02
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 0501 08/03/2010
Motherboard: ASUSTeK Computer INC. M4N68T-M-LE-V2
Processor: AMD Athlon(tm) II X4 640 Processor
Percentage of memory in use: 77%
Total physical RAM: 4095.22 MB
Available physical RAM: 940.22 MB
Total Virtual: 5067.24 MB
Available Virtual: 1204.17 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:233.57 GB) (Free:144.68 GB) (Model: SAMSUNG HD502HJ SCSI Disk Device) NTFS
Drive d: (HDD disc) (Fixed) (Total:298.09 GB) (Free:217.52 GB) (Model: ST320DM0 00-1BD14C SCSI Disk Device) NTFS
Drive e: (Lokalny disk) (Fixed) (Total:231.29 GB) (Free:226.28 GB) (Model: SAMSUNG HD502HJ SCSI Disk Device) NTFS
Drive k: (Vyhradené systémom) (Fixed) (Total:0.34 GB) (Free:0.33 GB) (Model: SAMSUNG HD320KJ SCSI Disk Device) NTFS
Drive l: (HDD 2 disk) (Fixed) (Total:297.75 GB) (Free:163.41 GB) (Model: SAMSUNG HD320KJ SCSI Disk Device) NTFS
\\?\Volume{5bc53d8b-0000-0000-0000-100000000000}\ (Vyhradené systémom) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{5bc53d8b-0000-0000-0000-a06a3a000000}\ () (Fixed) (Total:0.81 GB) (Free:0.25 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 5BC53D8B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=233.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=826 MB) - (Type=27)
Partition 4: (Not Active) - (Size=231.3 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 0C800C7F)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=297.7 GB) - (Type=07 NTFS)
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: EF498C61)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25.03.2024
Ran by Izoplast (administrator) on DESKTOP-IZOPLAS (27-03-2024 14:09:48)
Running from C:\Users\Izoplast\Desktop\FRST64.exe
Loaded Profiles: Izoplast
Platform: Microsoft Windows 10 Pro Version 22H2 19045.3930 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer.exe ->) (TeamViewer Germany GmbH -> ) C:\Program Files (x86)\TeamViewer\crashpad_handler.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(C:\Program Files\Malwarebytes Anti-Malware Premium 2.2.1.1043 Final Portable (CZ)\MalwarebytesPortable.exe ->) (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware Premium 2.2.1.1043 Final Portable (CZ)\App\Malwarebytes\mbam.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <10>
(explorer.exe ->) (Malwarebytes Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes Anti-Malware Premium 2.2.1.1043 Final Portable (CZ)\MalwarebytesPortable.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.363\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.363\GoogleCrashHandler64.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(services.exe ->) (Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(services.exe ->) (Firebird Project) [File not signed] C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\NisSrv.exe
(services.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.123.11012.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.123.11012.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2401.2.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Windows.Media.BackgroundPlayback.exe
(TeamViewer Germany GmbH -> ) C:\Windows\Temp\nse7FA0.tmp\TvUpdateInfo.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\RedFox\CloneCD\CloneCDTray.exe [57344 2016-03-29] (RedFox) [File not signed]
HKLM-x32\...\Run: [tsnp2uvc] => C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe [322560 2012-02-23] (Sonix Technology Co., Ltd.) [File not signed]
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-21-1765005129-1590092598-4036685488-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [40412984 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-1765005129-1590092598-4036685488-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Izoplast\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-1765005129-1590092598-4036685488-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Izoplast\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" [66946080 2024-03-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1765005129-1590092598-4036685488-1001\...\RunOnce: [Uninstall 24.025.0204.0003] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Izoplast\AppData\Local\Microsoft\OneDrive\24.025.0204.0003" [0 2024-03-27] () <==== ATTENTION [zero byte File/Folder]
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP270 series: C:\WINDOWS\system32\CNMLM9X.DLL [336896 2010-04-24] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP280 series: C:\WINDOWS\system32\CNMLMAA.DLL [385024 2012-03-14] (CANON INC.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\123.0.6312.86\Installer\chrmstp.exe [2024-03-27] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ALFA plus - rýchle spustenie.lnk [2024-03-13]
ShortcutTarget: ALFA plus - rýchle spustenie.lnk -> C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe (Kros a.s. -> KROS a.s.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Web Signer.lnk [2019-01-08]
ShortcutTarget: Web Signer.lnk -> C:\Program Files (x86)\Disig\Disig Web Signer 1.0.7\Updater\WebSignerTray.exe (Disig a.s. -> Disig a.s.)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0A40253A-1C39-4716-B770-70651ACC48A5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {C0A37426-E2F8-4B21-B35D-E5FA920BC5CD} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {B18BFAFF-F764-48BF-9DDB-FEB9AA67B2BA} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703544 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "00312e41-2f7e-4c9d-942b-8f98591fba54" --version "6.11.10455" --silent
Task: {E11A0817-4B7B-4074-8FB5-80FD2790D78D} - System32\Tasks\CCleanerSkipUAC - Izoplast => C:\Program Files\CCleaner\CCleaner.exe [34159416 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {3D350203-C18F-4FE7-8B8E-EAF7505E0464} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-06] (Google Inc -> Google Inc.)
Task: {E14DEC4B-4FA6-4C90-8575-619269D7C2AC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-06] (Google Inc -> Google Inc.)
Task: {705E4F27-311B-4F71-81F7-D9031FBAD03B} - System32\Tasks\Hewlett-Packard\HP Diagnostics\HPDIAGS-c8c166e6-9cc6-4662-8b5d-e9ceab535bd7 => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe [61881520 2019-01-29] (HP Inc. -> ) -> C:\Program Files (x86)\HP\HpHwDiag\-runtests=53a826d5-9440-4b66-8cab-bf8a44956a7e,9f8e8ee1-02f7-414f-87e0-24fc8798e6b7,4e9e1ce2-4e01-4cf0-bb65-5ccd4b82edc3,3006e6d6-5ab9-414c-a53b-86e19e9ff4fd,855caf66-b69f-46e8-b9d1-4c1582494d19
Task: {FDA1B184-1A42-4120-AFAA-76926BA5447A} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64464 2024-03-11] (HP Inc. -> HP Inc.)
Task: {BD5F1972-7E7E-4D82-B78F-BABB09B5688B} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64464 2024-03-11] (HP Inc. -> HP Inc.)
Task: {FF1B5F4D-A16E-45E5-A2D6-BC4BC9823AA9} - System32\Tasks\HPCustParticipation HP LaserJet MFP M28-M31 => C:\Program Files\HP\HP LaserJet MFP M28-M31\Bin\HPCustPartic.exe [6662792 2018-07-04] (Hewlett Packard -> HP Inc.)
Task: {1A547BF1-7EF8-4A70-A9C5-A30FED287608} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-IZOPLAS-Izoplast DESKTOP-IZOPLAST => C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE [469640 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {3EA7001E-495B-4CAE-B7E1-92FF4319AAFA} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1642672 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {C17A376D-2DB4-4D49-90FF-D9206014B036} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {7CA36315-9A54-4EF7-9FEB-EAC81CC5B360} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {F18AA1AB-2D73-41C2-A929-390E2C510281} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E5509A68-C0D0-4D9C-BBBC-239932E29873} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5D142B7E-CBF4-4E4C-91C0-437C5ED826BB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A1094C36-1D9E-4DCE-BDFF-24C9BB5DB4DF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {28501DA9-5C76-4929-B67C-89501D491BEF} - System32\Tasks\Opera scheduled Autoupdate 1543062956 => C:\Users\Izoplast\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {CD41BEA6-7DED-4EDA-8063-B421FFFB2828} - System32\Tasks\Opera scheduled Autoupdate 1544693054 => C:\Users\Izoplast\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{4059de78-04cc-4b21-8e44-bafd7c2a750c}: [NameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Profile 1
Edge Profile: C:\Users\Izoplast\AppData\Local\Microsoft\Edge\User Data\Default [2024-03-26]
Edge DownloadDir: Default -> C:\Users\Izoplast\Downloads
Edge Extension: (Dokumenty Google v režime offline) - C:\Users\Izoplast\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-09]
Edge Extension: (Edge relevant text changes) - C:\Users\Izoplast\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-09]
Edge Profile: C:\Users\Izoplast\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2024-03-26]
Edge Extension: (Dokumenty Google v režime offline) - C:\Users\Izoplast\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-12-01]
Edge Extension: (Edge relevant text changes) - C:\Users\Izoplast\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-12-01]
Edge Profile: C:\Users\Izoplast\AppData\Local\Microsoft\Edge\User Data\Profile 2 [2024-03-26]
Edge Extension: (Dokumenty Google v režime offline) - C:\Users\Izoplast\AppData\Local\Microsoft\Edge\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-09]
Edge Extension: (Edge relevant text changes) - C:\Users\Izoplast\AppData\Local\Microsoft\Edge\User Data\Profile 2\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-09]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-01-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-08-10] (Nero AG -> Nero AG)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.14 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: ditec.sk/DAsicFac -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~1.DLL [2021-02-09] (DITEC, a.s. -> Ditec,a.s.)
FF Plugin-x32: ditec.sk/DitecZepDViewerFb -> C:\PROGRA~2\Ditec\DViewer\NPDITE~1.DLL [2021-02-09] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigMessageContainer -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~2.DLL [2021-02-09] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigXadesExtender -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~3.DLL [2021-02-09] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigXadesFb -> C:\PROGRA~2\Ditec\DSIGNE~1.NET\NPDITE~1.DLL [2021-09-06] (DITEC, a.s. -> Ditec,a.s.)
FF Plugin-x32: ditec.sk/XmlDataContainerFb -> C:\PROGRA~2\Ditec\DSIGNE~1.NET\NPDITE~2.DLL [2021-09-06] (DITEC, a.s. -> Ditec,a.s.)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\Izoplast\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-03-26]
CHR Profile: C:\Users\Izoplast\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-03-27]
CHR StartupUrls: Profile 1 -> "hxxps://www.google.sk/?gws_rd=cr,ssl&ei=cyJrVIjnDcHNOLu5gMAD"
CHR Extension: (Prekladač Google) - C:\Users\Izoplast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-08-01]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Izoplast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-03-10]
CHR Extension: (AdBlock - najlepší blokovač reklám) - C:\Users\Izoplast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-03-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Izoplast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-19]
CHR Profile: C:\Users\Izoplast\AppData\Local\Google\Chrome\User Data\System Profile [2024-03-26]
CHR HKLM-x32\...\Chrome\Extension: [odbdbcaekkgabdfaabepfjgiooilmaoe]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R2 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1063736 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 FirebirdServerKROS_20400; C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe [3764224 2011-10-11] (Firebird Project) [File not signed]
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [234968 2024-03-11] (HP Inc. -> HP Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192320 2020-08-17] (Huawei Technologies Co., Ltd. -> ) [File not signed]
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware Premium 2.2.1.1043 Final Portable (CZ)\App\Malwarebytes\mbamservice.exe [1136608 2016-07-21] (Malwarebytes Corporation -> Malwarebytes)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534472 2024-01-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [18575672 2024-03-18] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\NisSrv.exe [3191272 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe [133688 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 MBAMScheduler; "\mbamscheduler.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R3 ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [40872 2014-02-10] (SlySoft, Inc. -> SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40872 2014-02-10] (SlySoft, Inc. -> SlySoft, Inc.)
R1 EpfwLWF; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [44632 2015-03-10] (ESET, spol. s r.o. -> ESET)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2024-03-27] (Malwarebytes Corporation -> Malwarebytes)
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] (ASUSTeK Computer Inc. -> )
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20928 2024-03-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [603416 2024-03-13] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105752 2024-03-13] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-03-27 13:58 - 2024-03-27 14:09 - 000044706 _____ C:\Users\Izoplast\Desktop\Addition.txt
2024-03-27 13:53 - 2024-03-27 14:11 - 000022018 _____ C:\Users\Izoplast\Desktop\FRST.txt
2024-03-27 13:52 - 2024-03-27 14:11 - 000000000 ____D C:\FRST
2024-03-27 13:51 - 2024-03-27 13:51 - 002391552 _____ (Farbar) C:\Users\Izoplast\Desktop\FRST64.exe
2024-03-27 11:23 - 2024-03-27 11:23 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-03-26 17:35 - 2024-03-26 17:35 - 000581358 _____ C:\Users\Izoplast\Documents\Faktura c. 242501.PDF
2024-03-26 16:55 - 2024-03-26 16:55 - 000000000 ___HD C:\$WinREAgent
2024-03-13 12:13 - 2024-03-27 13:48 - 000004144 _____ C:\WINDOWS\system32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-IZOPLAS-Izoplast DESKTOP-IZOPLAST
2024-03-13 12:02 - 2024-03-13 12:02 - 000003062 _____ C:\Users\Izoplast\mbam-log-2024-03-13 (11-29-43).xml
2024-03-13 11:29 - 2024-03-27 11:23 - 000192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2024-03-13 11:27 - 2024-03-13 11:27 - 000001846 _____ C:\Users\Izoplast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MalwarebytesPortable.lnk
2024-03-13 11:26 - 2024-03-13 11:29 - 000000000 ____D C:\Program Files\Malwarebytes Anti-Malware Premium 2.2.1.1043 Final Portable (CZ)
2024-03-13 11:22 - 2024-03-13 11:22 - 000003066 _____ C:\Users\Izoplast\mbam-log-2024-03-13 (10-45-20).xml
2024-03-13 10:20 - 2024-03-13 10:20 - 000003878 _____ C:\Users\Izoplast\mbam-log-2024-03-13 (09-19-45).xml
2024-03-11 12:05 - 2024-03-27 13:54 - 000003386 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1765005129-1590092598-4036685488-1001
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-03-27 13:59 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-03-27 13:54 - 2022-09-25 17:37 - 000002380 _____ C:\Users\Izoplast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-03-27 13:54 - 2021-12-13 08:55 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1765005129-1590092598-4036685488-1001
2024-03-27 13:45 - 2018-11-06 17:37 - 000000000 ____D C:\ProgramData\firebird
2024-03-27 13:44 - 2018-11-06 14:37 - 000000000 ____D C:\Users\Izoplast\Documents\Súbory programu Outlook
2024-03-27 13:43 - 2020-09-15 16:35 - 000003542 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-03-27 13:35 - 2022-01-06 14:11 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-03-27 13:35 - 2018-11-06 17:18 - 000000000 ____D C:\Program Files (x86)\Google
2024-03-27 13:20 - 2018-11-09 10:15 - 000000000 ____D C:\Users\Izoplast\Documents\Bluetooth
2024-03-27 13:11 - 2018-11-06 15:22 - 000000000 ____D C:\Users\Izoplast\AppData\Roaming\Microsoft\Excel
2024-03-27 12:34 - 2020-09-15 16:04 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-03-27 12:18 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2024-03-27 12:18 - 2018-11-07 10:10 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2024-03-27 12:07 - 2018-11-06 14:30 - 000000000 ____D C:\Users\Izoplast\AppData\Roaming\Microsoft\Word
2024-03-27 11:22 - 2018-11-13 09:30 - 000000000 ____D C:\Program Files\CCleaner
2024-03-27 11:18 - 2020-09-15 16:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-03-27 11:18 - 2020-09-15 16:03 - 000008192 ___SH C:\DumpStack.log.tmp
2024-03-27 11:17 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-03-27 11:16 - 2018-11-06 17:51 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-03-27 11:15 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-03-27 09:06 - 2020-09-15 16:35 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-03-26 17:47 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-03-26 17:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-03-26 17:45 - 2020-06-09 08:52 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-03-26 16:59 - 2020-09-15 16:35 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-03-26 16:59 - 2020-09-15 16:35 - 000003508 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-03-26 16:56 - 2022-11-28 07:28 - 000000000 ____D C:\Program Files\RUXIM
2024-03-13 12:51 - 2018-11-22 12:20 - 000000000 ____D C:\Users\Izoplast\Documents\Ccleaner
2024-03-13 12:45 - 2024-01-08 09:14 - 000002142 _____ C:\Users\Public\Desktop\ALFA plus.lnk
2024-03-13 12:45 - 2019-04-02 16:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KROS
2024-03-13 12:02 - 2020-09-15 16:08 - 000000000 ____D C:\Users\Izoplast
2024-03-13 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2024-03-13 10:20 - 2022-05-13 10:12 - 000000004 _____ C:\WINDOWS\system32\Drivers\etc\hosts.BackupByMalwarebytesPortable
2024-03-13 08:12 - 2018-11-06 14:38 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-03-13 08:05 - 2018-11-06 14:38 - 190470136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-03-13 08:04 - 2018-11-06 10:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-03-12 15:28 - 2018-11-06 14:30 - 000000000 ____D C:\Users\Izoplast\AppData\Roaming\Microsoft\Šablóny
2024-03-12 14:46 - 2019-03-23 19:22 - 000000000 ____D C:\Users\Izoplast\AppData\Local\ElevatedDiagnostics
2024-03-11 13:21 - 2021-06-24 18:06 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2024-03-11 13:21 - 2021-03-23 19:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2024-03-10 10:26 - 2023-05-15 09:17 - 000000000 ____D C:\Users\Izoplast\AppData\Roaming\vlc
2024-03-10 09:36 - 2021-09-07 13:36 - 000000000 ____D C:\Users\Izoplast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2024-03-10 09:36 - 2021-09-07 13:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2024-03-10 09:36 - 2019-01-19 19:22 - 000000000 ____D C:\Program Files (x86)\WinRAR
2024-03-10 09:36 - 2018-11-06 13:38 - 000000000 ____D C:\Program Files\WinRAR
==================== Files in the root of some directories ========
2018-11-24 13:38 - 2020-08-23 17:56 - 000000136 _____ () C:\Users\Izoplast\AppData\Roaming\downloads.json
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25.03.2024
Ran by Izoplast (27-03-2024 14:12:42)
Running from C:\Users\Izoplast\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.3930 (X64) (2020-09-15 15:36:02)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1765005129-1590092598-4036685488-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1765005129-1590092598-4036685488-503 - Limited - Disabled)
Guest (S-1-5-21-1765005129-1590092598-4036685488-501 - Limited - Disabled)
Izoplast (S-1-5-21-1765005129-1590092598-4036685488-1001 - Administrator - Enabled) => C:\Users\Izoplast
WDAGUtilityAccount (S-1-5-21-1765005129-1590092598-4036685488-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 23.01 (x64) (HKLM\...\7-Zip) (Version: 23.01 - Igor Pavlov)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1051-1033-7760-BC15014EA700}) (Version: 23.008.20458 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601053}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
ALFA plus 15.22.00 - C:\Program Files (x86)\KROS\ALFA plus\ (HKLM-x32\...\{17F87645-0DDA-488B-A12A-62589C630BA2}) (Version: 15.22.00 - KROS a.s.)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Asistent pri aktualizácii na Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22589 - Microsoft Corporation)
Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5 (HKLM-x32\...\{E031338C-839D-4EDD-9537-99B653C39D81}) (Version: 6.5.5.24 - Autodesk, Inc.)
AUTOPLAN 2021 RE1 (HKLM-x32\...\AUTOPLAN_is1) (Version: - KROB software s.r.o.)
Balík softvéru eID (HKLM-x32\...\{ea81dcd3-f9f3-4959-8bee-0349fc294ae5}) (Version: 1.0.0.0 - Ministerstvo vnútra Slovenskej republiky) Hidden
Bit4id - miniLector (HKLM-x32\...\Bit4id - miniLector) (Version: 3.7 - Bit4id)
Catalyst Control Center - Branding (HKLM-x32\...\{11087D24-567D-7D88-69C6-D7A08B5F4C47}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 6.11 - Piriform)
CloneCD (HKLM-x32\...\CloneCD) (Version: 5.3.4.0 - SlySoft)
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.3 - Elaborate Bytes)
D.Launcher (x86) (HKLM-x32\...\{0DC85C46-746B-4BC5-B727-D5434DF7E5D0}) (Version: 1.2.0.2 - DITEC, a.s.)
D.Signer/XAdES .NET so zásuvnými modulmi (x86) (HKLM-x32\...\{EDB276CE-A945-4201-A552-2683B13C321F}) (Version: 4.0.24 - DITEC, a.s.)
D.Signer/XAdES .NET Tools (x86) (HKLM-x32\...\{6648F510-5044-4CA9-BC21-494A2A198B3A}) (Version: 4.0.17 - DITEC, a.s.)
D.Suite/eIDAS (x86) (HKLM-x32\...\{8d169eac-87e2-4981-825f-701b32f24d72}) (Version: 1.0.29 - DITEC, a.s.)
D.Viewer .NET (x86) (HKLM-x32\...\{73D635BE-5D6F-43D3-8C1F-63B5CD4D5953}) (Version: 4.0.2033 - DITEC, a.s.)
Disig Web Signer 1.0.7 (HKLM-x32\...\{21859B7E-5E38-4892-A480-FA8B180ADE72}) (Version: 1.1.8 - Disig)
EAC MW klient (HKLM-x32\...\{BC7979F7-EC8D-4BA0-95D5-950630FFB2E9}) (Version: 3.0.0 - Ministerstvo vnútra Slovenskej republiky)
Elcomm (HKLM-x32\...\Elcomm) (Version: - )
Flvto Youtube Downloader (HKLM\...\Flvto Youtube Downloader) (Version: 1.2.1 - Hotger)
GemPcCCID (HKLM\...\{C2C14C20-A217-4FCA-B668-89B6C70B6EFF}) (Version: 2.0.7 - Gemalto)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 123.0.6312.86 - Google LLC)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 10.1.1.500 - Huawei Technologies Co., Ltd.)
HP Dropbox Plugin (HKLM-x32\...\{9646F2DC-B09E-4314-92EC-B3332900A7EE}) (Version: 36.0.191.0 - HP)
HP EmailSMTP Plugin (HKLM-x32\...\{AF9F1F16-F6B4-4A66-B789-9F00B40B08AF}) (Version: 43.0.191.0 - HP)
HP FTP Plugin (HKLM-x32\...\{7DB5EDF6-8009-4E01-AF0D-4F3E02A0287F}) (Version: 43.0.191.0 - HP)
HP Google Drive Plugin (HKLM-x32\...\{07F30E12-A85F-4EA4-A5B3-3728FAB947ED}) (Version: 36.0.191.0 - HP)
HP LaserJet MFP M28-M31 Basic Device Software (HKLM\...\{08644094-D714-4B6E-9CEB-11433F5CBDB7}) (Version: 46.2.2636.18185 - HP Inc.)
HP LaserJet MFP M28-M31 Help (HKLM-x32\...\{0DF6621D-67C2-4E12-A5CF-260E985B8743}) (Version: 0.00.0005 - HP)
HP OneDrive Plugin (HKLM-x32\...\{8ED0A60F-9F44-4B7F-9C88-CC9E0B362628}) (Version: 36.0.191.0 - HP)
HP PC Hardware Diagnostics Windows (HKLM-x32\...\{02E639C2-2C8A-4A55-8DFF-43666B46E8F3}) (Version: 1.5.6.0 - HP Inc.)
HP SFTP Plugin (HKLM-x32\...\{1F0191BF-E339-4192-85D9-C369CA3FE9F1}) (Version: 43.0.191.0 - HP)
HP SharePoint Plugin (HKLM-x32\...\{96DB7179-0B69-45E1-A109-3A3A1F5BBCDF}) (Version: 43.0.191.0 - HP)
I.R.I.S OCR (HKLM-x32\...\{3913CCF7-436B-4A7A-A265-62E9FFDD03D9}) (Version: 15.2.10.1114 - HP Inc.)
MF DachDesigner Demo (HKLM-x32\...\DachDesigner.EXE) (Version: - )
Microsoft Access MUI (Slovak) 2013 (HKLM\...\{90150000-0015-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft DCF MUI (Slovak) 2013 (HKLM\...\{90150000-0090-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 122.0.2365.92 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 122.0.2365.92 - Microsoft Corporation)
Microsoft Excel MUI (Slovak) 2013 (HKLM\...\{90150000-0016-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Groove MUI (Slovak) 2013 (HKLM\...\{90150000-00BA-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (Slovak) 2013 (HKLM\...\{90150000-0044-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Lync MUI (Slovak) 2013 (HKLM\...\{90150000-012B-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Office 2013 Professional Plus (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office 32-bit Components 2013 (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Nyelvi ellenőrző eszközök 2013 – magyar (HKLM\...\{90150000-001F-040E-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Slovak) 2013 (HKLM\...\{90150000-00E1-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Slovak) 2013 (HKLM\...\{90150000-00E2-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Slovak) 2013 (HKLM\...\{90150000-002C-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (Slovak) 2013 (HKLM\...\{90150000-00C1-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Slovak) 2013 (HKLM\...\{90150000-006E-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-1765005129-1590092598-4036685488-1001\...\OneDriveSetup.exe) (Version: 24.045.0303.0003 - Microsoft Corporation)
Microsoft OneNote MUI (Slovak) 2013 (HKLM\...\{90150000-00A1-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Slovak) 2013 (HKLM\...\{90150000-001A-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Slovak) 2013 (HKLM\...\{90150000-0018-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (Slovak) 2013 (HKLM\...\{90150000-0019-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (HKLM\...\{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (HKLM\...\{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (HKLM-x32\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (HKLM-x32\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Word MUI (Slovak) 2013 (HKLM\...\{90150000-001B-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nero 12 (HKLM-x32\...\{560FC78C-A4B2-461D-9B47-820C1EEF87B8}) (Version: 12.0.02000 - Nero AG)
Nero Audio Pack 1 (HKLM-x32\...\{A7A0BF2E-31CC-49E3-9913-52C503EB969D}) (Version: 11.0.11500.110.0 - Nero AG) Hidden
Nero BackItUp (HKLM-x32\...\{0071820F-09B0-4998-8320-F89629DCBC99}) (Version: 12.0.2001 - Nero AG) Hidden
Nero BackItUp Help (CHM) (HKLM-x32\...\{EF0D1292-8FC1-41BE-9740-DBC134F66415}) (Version: 12.0.3000 - Nero AG) Hidden
Nero Blu-ray Player (HKLM-x32\...\{A2FE691E-3F8E-4E30-AA7D-FF17AC77EA87}) (Version: 12.0.14300 - Nero AG) Hidden
Nero Blu-ray Player Help (CHM) (HKLM-x32\...\{5B79E730-D897-4B8F-A1AD-7BB2D1F22B96}) (Version: 12.0.4000 - Nero AG) Hidden
Nero Burning ROM (HKLM-x32\...\{5963F4B4-D138-47CD-ADEF-470E87E185BD}) (Version: 12.0.20000 - Nero AG) Hidden
Nero Burning ROM Help (CHM) (HKLM-x32\...\{2890E324-6F3B-4975-8B95-E7D6D80E0226}) (Version: 12.0.3000 - Nero AG) Hidden
Nero ControlCenter (HKLM-x32\...\{ABC88553-8770-4B97-B43E-5A90647A5B63}) (Version: 11.0.15200 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (HKLM-x32\...\{C994C746-C6D0-4EBA-B09E-DF7B18381B69}) (Version: 12.0.5000 - Nero AG) Hidden
Nero Core Components (HKLM-x32\...\{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}) (Version: 11.0.18100 - Nero AG) Hidden
Nero Disc Menus Basic (HKLM-x32\...\{E17BCB76-9924-4BD5-B6D6-50D3407B4E74}) (Version: 12.0.11500 - Nero AG) Hidden
Nero Effects Basic (HKLM-x32\...\{29F67D84-3A70-456E-806A-52301B02070B}) (Version: 12.0.11500 - Nero AG) Hidden
Nero Express (HKLM-x32\...\{848A7C68-0ADC-4193-8A89-2CEA78E56A0C}) (Version: 12.0.20000 - Nero AG) Hidden
Nero Express Help (CHM) (HKLM-x32\...\{0708FF30-78C0-47B0-81F0-C84604DC769C}) (Version: 12.0.5000 - Nero AG) Hidden
Nero Kwik Media (HKLM-x32\...\{052A1E34-A54B-458C-A4E3-24C3E054754A}) (Version: 1.18.18200 - Nero AG) Hidden
Nero Kwik Media Help (CHM) (HKLM-x32\...\{1F16820E-D0E7-4636-939E-45CBFEFB06E1}) (Version: 12.0.4000 - Nero AG) Hidden
Nero Kwik Themes Basic (HKLM-x32\...\{1B6F5E51-575E-4693-BCA2-7543570D076D}) (Version: 12.0.11500 - Nero AG) Hidden
Nero Launcher (HKLM-x32\...\{0E4630AF-0AB7-440E-A978-1A78FC4F43B9}) (Version: 12.2.2000 - Nero AG) Hidden
Nero PiP Effects Basic (HKLM-x32\...\{ACE49D50-19CD-44A6-B192-46F985283B26}) (Version: 12.0.11500 - Nero AG) Hidden
Nero Recode (HKLM-x32\...\{1943C3BD-4462-4612-92C3-D36DD917C447}) (Version: 12.0.24000 - Nero AG) Hidden
Nero Recode Help (CHM) (HKLM-x32\...\{86847081-B387-4F49-AED1-C9B0A090D66C}) (Version: 12.0.4000 - Nero AG) Hidden
Nero RescueAgent (HKLM-x32\...\{B953732D-B623-4E84-B369-CFFF7B1AE06F}) (Version: 12.0.9000 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (HKLM-x32\...\{0B311221-05A5-4766-8D03-7A6446794156}) (Version: 12.0.3000 - Nero AG) Hidden
Nero SharedVideoCodecs (HKLM-x32\...\{2432E589-6256-4513-B0BF-EFA8E325D5F0}) (Version: 1.0.12100.2.0 - Nero AG) Hidden
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 11.0.11800.31.0 - Nero AG) Hidden
Nero Video (HKLM-x32\...\{83FCCFCD-46E3-43FB-A397-78BFD5A8980A}) (Version: 12.0.3000 - Nero AG) Hidden
Nero Video Help (CHM) (HKLM-x32\...\{B128179D-A5E1-43AC-9422-12A109ECD2A0}) (Version: 12.0.4000 - Nero AG) Hidden
neroxml (HKLM-x32\...\{56C049BE-79E9-4502-BEA7-9754A3E60F9B}) (Version: 1.0.0 - Nero AG) Hidden
Product Improvement Study for HP LaserJet MFP M28-M31 (HKLM\...\{B50C256D-80E2-473E-9546-0410162F44D5}) (Version: 46.2.2636.18185 - HP Inc.)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.52.3 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{B9A7A138-BFD5-4C73-A269-F78CCA28150E}) (Version: 8.94.0.0 - Microsoft Corporation)
USB Video Device (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.54300.120 - Sonix)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.20 - VideoLAN)
Welcome App (Start-up experience) (HKLM-x32\...\{828175FA-7307-4DBF-95AD-9CEE086B6F45}) (Version: 12.0.14000 - Nero AG) Hidden
Windows Kontrola stavu počítača (HKLM\...\{8D6B9DC1-A437-41E0-8DF1-9F37748394AE}) (Version: 3.6.2204.08001 - Microsoft Corporation)
WinRAR 7.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 7.00.0 - win.rar GmbH)
WinRAR 7.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.00.0 - win.rar GmbH)
Packages:
=========
Amazon Rainforest -> C:\Program Files\WindowsApps\Microsoft.AmazonRainforest_1.0.0.0_neutral__8wekyb3d8bbwe [2018-11-09] (Microsoft Corporation)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2722.1.0_x64__kgqvnymyfvs32 [2024-03-11] (king.com)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.20.3368.0_x64__rz1tebttyb220 [2024-03-11] (Dolby Laboratories)
Doplnok mediálneho nástroja pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-08-27] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_152.1.1099.0_x64__v10z8vjag6ke6 [2024-03-11] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-20] (Microsoft Corporation) [MS Ad]
My Photos -> C:\Program Files\WindowsApps\4846UtilitiesTools.MyPhotos_1.1.3.0_x64__b17t1j31etq18 [2019-06-07] (Utilities Tools) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-23] (Netflix, Inc.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.19.1262.0_x64__8wekyb3d8bbwe [2024-03-10] (Microsoft Studios) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-02-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-02-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-02-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-02-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-02-26] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Izoplast\AppData\Local\Microsoft\Edge\User Data\Profile 1\Profil 2 - Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\Izoplast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\KROS Fakturácia.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=noccbdmhngpfbghcheakieamkbkkepgk
ShortcutWithArgument: C:\Users\Izoplast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\Izoplast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\188f5ec9d11ded56\Profil 2 - Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Profile 1"
==================== Loaded Modules (Whitelisted) =============
2024-03-27 11:23 - 2024-03-27 11:23 - 000008704 _____ () [File not signed] C:\Users\Izoplast\AppData\Local\Temp\nsfC3CB.tmp\newadvsplash.dll
2024-03-27 11:23 - 2024-03-27 11:23 - 000025088 _____ () [File not signed] C:\Users\Izoplast\AppData\Local\Temp\nsfC3CB.tmp\Registry.dll
2024-03-27 11:23 - 2024-03-27 11:23 - 000010752 _____ () [File not signed] C:\Users\Izoplast\AppData\Local\Temp\nsfC3CB.tmp\System.dll
2015-11-04 15:40 - 2015-11-04 15:40 - 000004608 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamenu.dll
2018-11-12 20:28 - 2010-04-24 05:00 - 000336896 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMLM9X.DLL
2018-11-07 08:14 - 2012-03-14 05:00 - 000385024 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMLMAA.DLL
2018-11-06 17:31 - 2011-10-11 09:59 - 000007680 _____ (Firebird Project) [File not signed] C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\ib_util.dll
2018-11-06 17:31 - 2011-10-11 09:59 - 000921600 _____ (Firebird Project) [File not signed] C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\intl\fbintl.DLL
2018-11-06 17:31 - 2011-10-11 09:59 - 000434176 _____ (Firebird Project) [File not signed] C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\plugins\fbtrace.dll
2018-11-06 17:31 - 2011-10-11 09:59 - 001568768 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\icudt30.dll
2018-11-06 17:31 - 2011-10-11 09:59 - 000675840 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\icuuc30.dll
2022-07-05 12:58 - 2023-06-20 09:00 - 000101376 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2024-03-27 11:16 - 2024-03-27 12:01 - 000000006 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1765005129-1590092598-4036685488-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet 2: Epfw NDIS LightWeight Filter -> ESET_EpfwLWF (enabled)
Ethernet 3: Epfw NDIS LightWeight Filter -> ESET_EpfwLWF (enabled)
Ethernet 4: Epfw NDIS LightWeight Filter -> ESET_EpfwLWF (enabled)
Ethernet: Epfw NDIS LightWeight Filter -> ESET_EpfwLWF (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "ALFA plus - rýchle spustenie.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Web Signer.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "CanonMyPrinter"
HKLM\...\StartupApproved\Run: => "Realtek Camera Manager"
HKLM\...\StartupApproved\Run32: => "CanonSolutionMenuEx"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "CloneCDTray"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "tsnp2uvc"
HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher"
HKU\S-1-5-21-1765005129-1590092598-4036685488-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1765005129-1590092598-4036685488-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{5FA4DB26-1EC8-43C3-A056-16B9FEB6634F}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{4571C068-720F-49FE-9CE3-9B222A9CDE51}] => (Allow) LPort=5357
FirewallRules: [{782178F6-7D19-4E64-8AA0-CFE41C66E8D2}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{E57AEF23-191E-4EF4-BA6F-AAE9319C0A34}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\bin\DigitalWizards.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{0B3B81BB-6574-4DBA-B606-51FE4CC143E4}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\bin\EWSProxy.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{7FEC1A33-C813-437C-BF5D-3D31BDACCE80}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
FirewallRules: [{BDD477C4-484E-4D5E-8C3C-432B156F140D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
FirewallRules: [{C249D09D-B9A8-4879-B430-03A3CDE52E9C}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe (Nero AG -> Nero AG)
FirewallRules: [{45DA8CB5-C63A-4667-AD75-1405827BC68F}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe (Nero AG -> Nero AG)
FirewallRules: [{9D3EDDCA-923A-4182-9A8A-714C6BEBFB7F}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{07AD04A3-FDAC-43FC-A8FA-5772964982AF}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A3250133-0752-4540-93ED-1288A1FC3F4B}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5745DA3C-18F9-483E-BF01-C407EF8380EE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{83198189-2D21-4112-9C86-DE74470EC39E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E29FD033-7D8C-4754-A3F9-8C8A5F43F517}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{DF3B8380-CBA7-4C5F-A378-24BADA7BED0B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{DF08C95C-112A-4191-A760-5EDF0A7D73CF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{314BCAE1-4F23-4B02-8989-B23621DB6892}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{1AB6F2F0-77E8-4E51-8F2B-65F2C07B16C5}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{117FE7F6-6E5A-41BA-9BB6-559FE1E57609}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1CE86A61-C10F-4C08-A8BF-398EF73EE350}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DE1A5452-7C6E-4E37-8A1A-B2F5C52C7ABF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6D1C2134-CF95-46E2-BF3D-7A4D00B37D8B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EA4113AE-6940-4AF9-B810-FACA006169CC}] => (Allow) LPort=20400
FirewallRules: [{1BB86038-2339-414D-95EE-DB4A462299D0}] => (Allow) LPort=20401
FirewallRules: [{27B5F54B-400D-4AFB-B60C-8EDB20C2016D}] => (Allow) LPort=20402
FirewallRules: [{BB6D04C7-1AFD-4A0E-BC63-FF7117E2671F}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4D41F722-CCF6-4660-BF52-19625408A119}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{3181BC7F-A485-481B-915F-CDBF0B19D3A5}] => (Allow) C:\Program Files\Malwarebytes Anti-Malware Premium 2.2.1.1043 Final Portable (CZ)\App\Malwarebytes\mbam.exe (Malwarebytes Corporation -> Malwarebytes)
FirewallRules: [{0E5F2A2D-FF69-4E5C-B93F-2B9842A28CB4}] => (Allow) C:\Program Files\Malwarebytes Anti-Malware Premium 2.2.1.1043 Final Portable (CZ)\App\Malwarebytes\mbam.exe (Malwarebytes Corporation -> Malwarebytes)
FirewallRules: [{9CCB83D2-A96B-41AD-9E28-2AA5906785DE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{BDE35376-602C-4651-97DB-366E42407055}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{FFDE57A9-33FE-4B78-B4FF-2C9EA4F41090}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{7835BA94-1EFD-4D42-B381-FB2802A1764F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
==================== Restore Points =========================
13-03-2024 08:48:25 Inštalátor modulov systému Windows
13-03-2024 09:33:03 Inštalátor modulov systému Windows
13-03-2024 10:53:09 Inštalátor modulov systému Windows
26-03-2024 17:21:54 Inštalátor modulov systému Windows
27-03-2024 10:04:08 Inštalátor modulov systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (03/27/2024 12:38:17 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v HDD disc (D:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
Error: (03/27/2024 12:38:16 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v Vyhradené systémom (K:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
Error: (03/27/2024 12:38:15 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v Vyhradené systémom, pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
Error: (03/27/2024 12:23:15 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v HDD disc (D:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
Error: (03/27/2024 12:23:14 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v Vyhradené systémom (K:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
Error: (03/27/2024 12:23:13 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v Vyhradené systémom, pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
Error: (03/27/2024 12:14:35 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v HDD disc (D:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
Error: (03/27/2024 12:14:34 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v Vyhradené systémom (K:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
System errors:
=============
Error: (03/27/2024 11:23:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby MBAMScheduler zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.
Error: (03/27/2024 11:23:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby MBAMScheduler zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.
Error: (03/27/2024 11:16:57 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
Error: (03/27/2024 11:07:36 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x8007000d: 2024-03 Kumulatívna aktualizácia pre Windows 10 Version 22H2 pre systémy s procesorom typu x64 (KB5035845).
Error: (03/27/2024 10:48:58 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (03/27/2024 10:42:15 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (03/27/2024 10:42:12 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (03/27/2024 10:42:09 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Windows Defender:
================
Date: 2024-03-27 12:18:16
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-03-27 11:44:20
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-03-13 12:36:59
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-03-13 12:25:45
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-03-13 12:14:48
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]:
Date: 2024-03-27 09:14:17
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.407.391.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.24020.9
Error code: 0x80070020
Error description: The process cannot access the file because it is being used by another process.
Date: 2024-03-27 09:14:17
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.407.391.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.24020.9
Error code: 0x80070020
Error description: The process cannot access the file because it is being used by another process.
Date: 2024-03-27 09:14:17
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.407.391.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.24020.9
Error code: 0x80070020
Error description: The process cannot access the file because it is being used by another process.
Date: 2024-03-27 09:11:52
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.407.391.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.24020.9
Error code: 0x80240016
Error description: Počas vyhľadávania aktualizácií sa vyskytol neočakávaný problém. Informácie o inštalácii aktualizácií a riešení problémov s aktualizáciami nájdete v Pomoci a technickej podpore.
Date: 2024-03-27 09:05:19
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.407.391.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.24020.9
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
CodeIntegrity:
===============
Date: 2023-12-05 08:17:02
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-11-03 10:20:11
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-10-04 13:40:55
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-07-26 11:43:51
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-06-19 07:58:59
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-05-17 09:25:02
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 0501 08/03/2010
Motherboard: ASUSTeK Computer INC. M4N68T-M-LE-V2
Processor: AMD Athlon(tm) II X4 640 Processor
Percentage of memory in use: 77%
Total physical RAM: 4095.22 MB
Available physical RAM: 940.22 MB
Total Virtual: 5067.24 MB
Available Virtual: 1204.17 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:233.57 GB) (Free:144.68 GB) (Model: SAMSUNG HD502HJ SCSI Disk Device) NTFS
Drive d: (HDD disc) (Fixed) (Total:298.09 GB) (Free:217.52 GB) (Model: ST320DM0 00-1BD14C SCSI Disk Device) NTFS
Drive e: (Lokalny disk) (Fixed) (Total:231.29 GB) (Free:226.28 GB) (Model: SAMSUNG HD502HJ SCSI Disk Device) NTFS
Drive k: (Vyhradené systémom) (Fixed) (Total:0.34 GB) (Free:0.33 GB) (Model: SAMSUNG HD320KJ SCSI Disk Device) NTFS
Drive l: (HDD 2 disk) (Fixed) (Total:297.75 GB) (Free:163.41 GB) (Model: SAMSUNG HD320KJ SCSI Disk Device) NTFS
\\?\Volume{5bc53d8b-0000-0000-0000-100000000000}\ (Vyhradené systémom) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{5bc53d8b-0000-0000-0000-a06a3a000000}\ () (Fixed) (Total:0.81 GB) (Free:0.25 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 5BC53D8B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=233.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=826 MB) - (Type=27)
Partition 4: (Not Active) - (Size=231.3 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 0C800C7F)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=297.7 GB) - (Type=07 NTFS)
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: EF498C61)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Re: Spomalený počítač, prosím o kontrolu
Ahoj,
The device, \Device\Harddisk0\DR0, has a bad block.
Disk ma problem - skontroluj prikazom chkdsk
Na vadny disk spust chkdsk /r
The device, \Device\Harddisk0\DR0, has a bad block.
Disk ma problem - skontroluj prikazom chkdsk
Na vadny disk spust chkdsk /r
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Spomalený počítač, prosím o kontrolu
Ahoj,
...kam to mam vložiť? The device, \Device\Harddisk0\DR0, has a bad block
do príkazoveho riadku?
nie som v tom doma ...
...kam to mam vložiť? The device, \Device\Harddisk0\DR0, has a bad block
do príkazoveho riadku?
nie som v tom doma ...
Re: Spomalený počítač, prosím o kontrolu
Spustis prikazovy riadok ako spravca
Do cierneho okna zadas:
chkdsk
Ak najde chyby, zadas:
chkdsk /r
Odsuhlasis spustenie pri dalsom starte Ano/Yes
Restart
Pri starte sa chkdsk pokusi opravit poskodene miesta
Do cierneho okna zadas:
chkdsk
Ak najde chyby, zadas:
chkdsk /r
Odsuhlasis spustenie pri dalsom starte Ano/Yes
Restart
Pri starte sa chkdsk pokusi opravit poskodene miesta
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Spomalený počítač, prosím o kontrolu
vysledok po zadaní :chkdsk
Microsoft Windows [Version 10.0.19045.3930]
(c) Microsoft Corporation. Všetky práva vyhradené.
C:\WINDOWS\system32>chkdsk
The type of the file system is NTFS.
WARNING! /F parameter not specified.
Running CHKDSK in read-only mode.
Stage 1: Examining basic file system structure ...
824576 file records processed.
File verification completed.
Phase duration (File record verification): 2.93 minutes.
49314 large file records processed.
Phase duration (Orphan file record recovery): 0.00 milliseconds.
0 bad file records processed.
Phase duration (Bad file record checking): 0.56 milliseconds.
Stage 2: Examining file name linkage ...
75099 reparse records processed.
1256582 index entries processed.
Index verification completed.
Phase duration (Index verification): 9.52 minutes.
0 unindexed files scanned.
Phase duration (Orphan reconnection): 8.41 seconds.
0 unindexed files recovered to lost and found.
Phase duration (Orphan recovery to lost and found): 0.40 milliseconds.
75099 reparse records processed.
Phase duration (Reparse point and Object ID verification): 7.38 seconds.
Stage 3: Examining security descriptors ...
Security descriptor verification completed.
Phase duration (Security descriptor verification): 522.48 milliseconds.
216004 data files processed.
Phase duration (Data attribute verification): 0.48 milliseconds.
CHKDSK is verifying Usn Journal...
35050688 USN bytes processed.
Usn Journal verification completed.
Phase duration (USN journal verification): 2.88 seconds.
Windows has scanned the file system and found no problems.
No further action is required.
244912521 KB total disk space.
94091312 KB in 358045 files.
371348 KB in 216005 indexes.
0 KB in bad sectors.
961085 KB in use by the system.
65536 KB occupied by the log file.
149488776 KB available on disk.
4096 bytes in each allocation unit.
61228130 total allocation units on disk.
37372194 allocation units available on disk.
Total duration: 12.78 minutes (767004 ms).
C:\WINDOWS\system32>
..zdá sa mi že dísk je OK, neviem...
ale cez anti malware som zistil toto: ak by to pomohlo... no po odstránení a reštarte je to tam naspäť..
![Obrázek]()
] ..... neviem tu vložiť obrázok!... tam je komplet cesta k malveru ....
Microsoft Windows [Version 10.0.19045.3930]
(c) Microsoft Corporation. Všetky práva vyhradené.
C:\WINDOWS\system32>chkdsk
The type of the file system is NTFS.
WARNING! /F parameter not specified.
Running CHKDSK in read-only mode.
Stage 1: Examining basic file system structure ...
824576 file records processed.
File verification completed.
Phase duration (File record verification): 2.93 minutes.
49314 large file records processed.
Phase duration (Orphan file record recovery): 0.00 milliseconds.
0 bad file records processed.
Phase duration (Bad file record checking): 0.56 milliseconds.
Stage 2: Examining file name linkage ...
75099 reparse records processed.
1256582 index entries processed.
Index verification completed.
Phase duration (Index verification): 9.52 minutes.
0 unindexed files scanned.
Phase duration (Orphan reconnection): 8.41 seconds.
0 unindexed files recovered to lost and found.
Phase duration (Orphan recovery to lost and found): 0.40 milliseconds.
75099 reparse records processed.
Phase duration (Reparse point and Object ID verification): 7.38 seconds.
Stage 3: Examining security descriptors ...
Security descriptor verification completed.
Phase duration (Security descriptor verification): 522.48 milliseconds.
216004 data files processed.
Phase duration (Data attribute verification): 0.48 milliseconds.
CHKDSK is verifying Usn Journal...
35050688 USN bytes processed.
Usn Journal verification completed.
Phase duration (USN journal verification): 2.88 seconds.
Windows has scanned the file system and found no problems.
No further action is required.
244912521 KB total disk space.
94091312 KB in 358045 files.
371348 KB in 216005 indexes.
0 KB in bad sectors.
961085 KB in use by the system.
65536 KB occupied by the log file.
149488776 KB available on disk.
4096 bytes in each allocation unit.
61228130 total allocation units on disk.
37372194 allocation units available on disk.
Total duration: 12.78 minutes (767004 ms).
C:\WINDOWS\system32>
..zdá sa mi že dísk je OK, neviem...
ale cez anti malware som zistil toto: ak by to pomohlo... no po odstránení a reštarte je to tam naspäť..
Re: Spomalený počítač, prosím o kontrolu
Kontrolovany disk je v poriadku
Skontroluj PC s Adwcleanerom - log vloz
Skontroluj PC s Adwcleanerom - log vloz
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Spomalený počítač, prosím o kontrolu
# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-08-22.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 03-28-2024
# Duration: 00:00:08
# OS: Windows 10 (Build 19045.3930)
# Scanned: 32100
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner[S00].txt - [1249 octets] - [14/11/2018 15:18:46]
AdwCleaner[S01].txt - [1310 octets] - [14/11/2018 15:20:30]
AdwCleaner[S02].txt - [1542 octets] - [03/05/2019 12:27:08]
AdwCleaner[C02].txt - [1670 octets] - [03/05/2019 12:27:29]
AdwCleaner[S03].txt - [1493 octets] - [09/01/2023 10:01:22]
AdwCleaner[S04].txt - [1725 octets] - [28/03/2024 17:28:37]
AdwCleaner[S05].txt - [1786 octets] - [28/03/2024 17:29:49]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S06].txt ##########
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-08-22.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 03-28-2024
# Duration: 00:00:08
# OS: Windows 10 (Build 19045.3930)
# Scanned: 32100
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner[S00].txt - [1249 octets] - [14/11/2018 15:18:46]
AdwCleaner[S01].txt - [1310 octets] - [14/11/2018 15:20:30]
AdwCleaner[S02].txt - [1542 octets] - [03/05/2019 12:27:08]
AdwCleaner[C02].txt - [1670 octets] - [03/05/2019 12:27:29]
AdwCleaner[S03].txt - [1493 octets] - [09/01/2023 10:01:22]
AdwCleaner[S04].txt - [1725 octets] - [28/03/2024 17:28:37]
AdwCleaner[S05].txt - [1786 octets] - [28/03/2024 17:29:49]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S06].txt ##########
Re: Spomalený počítač, prosím o kontrolu
...Len pre zaujímavosť som znovu pustil scan Malwarebytes a znovu mi našlo Malware...ked ho odstranim a reštartujem PC objaví sa znovu...tu je log scanu
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 28. 3. 2024
Čas skenování: 17:35
Protokol: scan Malwarebytes.txt
Správce: Ano
Verze: 2.2.1.1043
Databáze malwaru: v2016.02.16.06
Databáze rootkitů: v2016.02.08.01
Licence: Premium
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 10
CPU: x64
Souborový systém: NTFS
Uživatel: Izoplast
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 326016
Uplynulý čas: 17 min, 0 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 1
Hijack.Host, C:\Windows\System32\drivers\etc\hosts, Dobré: (), Špatné: (0.0.0.0 keystone.mwbsys.com), ,[6cfab8a9e1b862d4d62701134db83dc3]
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 28. 3. 2024
Čas skenování: 17:35
Protokol: scan Malwarebytes.txt
Správce: Ano
Verze: 2.2.1.1043
Databáze malwaru: v2016.02.16.06
Databáze rootkitů: v2016.02.08.01
Licence: Premium
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 10
CPU: x64
Souborový systém: NTFS
Uživatel: Izoplast
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 326016
Uplynulý čas: 17 min, 0 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 1
Hijack.Host, C:\Windows\System32\drivers\etc\hosts, Dobré: (), Špatné: (0.0.0.0 keystone.mwbsys.com), ,[6cfab8a9e1b862d4d62701134db83dc3]
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Re: Spomalený počítač, prosím o kontrolu
Pouzi fixlist.txt s obsahom:
Start
CloseProcesses:
EmptyTemp:
Hosts:
End
Start
CloseProcesses:
EmptyTemp:
Hosts:
End
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Spomalený počítač, prosím o kontrolu
mám vytvoriť fixlist.txt s tým obsahom ? ...a čo s ním dalej? kde ho použiť?
Re: Spomalený počítač, prosím o kontrolu
Pozri pouzitie https://forum.viry.cz/viewtopic.php?p=1552728#p1552728 cas 14:18
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Spomalený počítač, prosím o kontrolu
Myslím že som to zvladol...fixlog je tu:
Fix result of Farbar Recovery Scan Tool (x64) Version: 28.03.2024
Ran by Izoplast (28-03-2024 21:10:36) Run:1
Running from C:\Users\Izoplast\Desktop
Loaded Profiles: Izoplast
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
EmptyTemp:
Hosts:
End
*****************
Processes closed successfully.
Hosts restored successfully.
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 21123325 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 16062719 B
Edge => 0 B
Chrome => 44621538 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 6656 B
NetworkService => 503056070 B
Izoplast => 690877219 B
RecycleBin => 0 B
EmptyTemp: => 1.2 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 21:11:31 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 28.03.2024
Ran by Izoplast (28-03-2024 21:10:36) Run:1
Running from C:\Users\Izoplast\Desktop
Loaded Profiles: Izoplast
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
EmptyTemp:
Hosts:
End
*****************
Processes closed successfully.
Hosts restored successfully.
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 21123325 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 16062719 B
Edge => 0 B
Chrome => 44621538 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 6656 B
NetworkService => 503056070 B
Izoplast => 690877219 B
RecycleBin => 0 B
EmptyTemp: => 1.2 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 21:11:31 ====
Re: Spomalený počítač, prosím o kontrolu
Super 
Aky je stav
Aky je stav
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Přispějete na provoz fóra?