hacknuty mail asi aj pocitac, Windows 10 SK
Napsal: 24 kvě 2022 12:06
ahoj, v pondelok sa mi ozval spravca domeny, kde mam aj mail, ze mi zablokovali smtp pristup, lebo z mojho mailu chodi vela spamov. Mne samotnemu prislo v ten den mailom vela hlaseni z e-mail adries, ktore nepoznam, o neuspesnom doruceni e-mailu / mailer daemon/ dnes v noci mi z mojej adresy prisiel mail, kde mi oznamili ze mam hacnkuty pocitac trojskym konom, ze ma dlhsie sleduju a poslali mi spravny pristup k mojej, pracovnej e-mail adrese aj so spravnym heslom. Ziadaju odo mna 400 US dolarov. Neviem ako sa to mohlo stat, lebo absolutne nechodim na ziadne hackerske, ani ine, zavadne , porno stranky, nezname maily, hned cez webove rozhranie mailu mazem.
Nechal som teraz scanovat cely pocitac programom Eset Security, . Prosim ako dalej postupovat?
FRST log:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-05-2022
Ran by janos (administrator) on DESKTOP-LQJATP4 (LENOVO 7745) (24-05-2022 12:52:05)
Running from C:\Users\janos\Downloads
Loaded Profiles: janos
Platform: Microsoft Windows 10 Home Version 21H2 19044.1706 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe <2>
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <2>
(C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\egui.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1510.7.114.0_x64__8xx8rvfyw5nnt\app\Messenger.exe ->) (Meta) C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1510.7.114.0_x64__8xx8rvfyw5nnt\app\CrashpadHandlerWindows.exe
(C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22032.179.0_x64__8wekyb3d8bbwe\YourPhoneServer\YourPhoneServer.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22032.179.0_x64__8wekyb3d8bbwe\YourPhoneAppProxy\YourPhoneAppProxy.exe
(Disig a.s. -> Disig a.s.) C:\Program Files (x86)\Disig\Web Signer\WebSignerTray.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <68>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office16\OUTLOOK.EXE
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mspaint.exe <8>
(Meta) C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1510.7.114.0_x64__8xx8rvfyw5nnt\app\Messenger.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office16\WINWORD.EXE <2>
(Ministerstvo vnútra Slovenskej republiky -> Ministerstvo vnútra Slovenskej republiky) C:\Program Files (x86)\EAC MW klient\EAC_MW_klient.exe
(Open Source Developer, Noriyuki Miyazaki -> Crystal Dew World) F:\instalacky programov\utility na disk safrankova\CrystalDiskInfo8_13_2\DiskInfo64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (DITEC, a.s. -> ) C:\Program Files (x86)\Ditec\DLauncher\dLauncherLoopback.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (philandro Software GmbH -> AnyDesk Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <2>
(services.exe ->) (Siber Systems -> ) C:\Program Files\Siber Systems\GoodSync\gs-server.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe
(Siber Systems -> Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\janos\AppData\Local\Microsoft\OneDrive\22.089.0426.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\HelpPane.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1704_none_7de951067ca990f6\TiWorker.exe
(WhatsApp, Inc -> WhatsApp) C:\Users\janos\AppData\Local\WhatsApp\app-2.2216.8\WhatsApp.exe <7>
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\MobileGo\MobileGoService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3427104 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [168064 2022-03-15] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [37232 2008-06-12] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5819672 2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [EAC_MW_klient] => C:\Program Files (x86)\EAC MW klient\EAC_MW_klient.exe [11819664 2021-07-20] (Ministerstvo vnútra Slovenskej republiky -> Ministerstvo vnútra Slovenskej republiky)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [850208 2022-05-13] (Adobe Inc. -> Adobe Inc.)
HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\Run: [Viber] => C:\Users\janos\AppData\Local\Viber\Viber.exe [45429776 2020-12-03] (Viber Media S.à r.l. -> Viber Media S.Ã r.l.)
HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [107000 2020-04-01] (Siber Systems -> Siber Systems)
HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\Run: [com.squirrel.WhatsApp.WhatsApp] => C:\Users\janos\AppData\Local\WhatsApp\Update.exe [2253568 2022-05-18] (WhatsApp, Inc -> )
HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\Run: [Disig Web Signer] => C:\Program Files (x86)\Disig\Web Signer\WebSignerTray.exe [254080 2021-02-04] (Disig a.s. -> Disig a.s.)
HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5412632 2022-04-07] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5412632 2022-04-07] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\janos\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\janos\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\RunOnce: [Uninstall 22.077.0410.0007] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\janos\AppData\Local\Microsoft\OneDrive\22.077.0410.0007" (No File)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [203936 2022-04-07] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP DeskJet 5820 series): C:\WINDOWS\system32\HPDiscoPMEE11.dll [807056 2016-08-04] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\101.0.4951.67\Installer\chrmstp.exe [2022-05-18] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2022-02-07]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MobileGo Service.lnk [2020-10-12]
ShortcutTarget: MobileGo Service.lnk -> C:\Program Files (x86)\Wondershare\MobileGo\MobileGoService.exe (Wondershare Technology Co.,Ltd -> Wondershare)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0040B8D6-C748-42EC-A4F3-2F3DF7522727} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2069952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {117348C6-FC83-4767-8FC1-D6CA7D026B21} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [107000 2020-04-01] (Siber Systems -> Siber Systems)
Task: {1E1596A4-6184-46F7-B540-66D7FD9E1052} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {20248C13-0266-4AA5-89EC-D170C7628DEA} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [757184 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {38B13106-1942-427A-A676-1E5B9E7158B2} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {3BD7A1A2-1DFF-4A20-8205-EE24E966A707} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [510912 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {40B21E26-6C46-48AE-B71E-D7C5068E099D} - System32\Tasks\Open URL by RoboForm => C:\WINDOWS\system32\rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/test-pass.html?aaa=KIC ... JNDJCMMIEJ"
Task: {40F7DC8B-D514-41BB-9DE8-92602C30F7DB} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {56527AA4-AFBB-43B3-9120-59EE55A845AF} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3427104 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {6D9FCD78-8BA0-4E28-AEC6-B805FA3CA723} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {6EE8ED60-DFD0-450A-A731-39EB7AA21D27} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [42144 2022-04-29] (HP Inc. -> HP Inc.)
Task: {78B260B3-CFB9-481E-BABF-D678675E7A08} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-01] (Google LLC -> Google LLC)
Task: {9203648D-8F2B-4D8C-9DBD-65D173BE4504} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files (x86)\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {98B7BBDE-5101-4F2B-9EA5-8EEA33DECE40} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [976832 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A2893D3A-6D55-4F47-9462-6471765AC59D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {AEA581CD-913C-4E68-BD20-2D4C6F9C0D9E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {B4B3D474-E811-449A-8BC4-9E6F0601C24E} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {B6B8F442-A1BB-461C-8C18-A0AB0AD6C58A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {C3B6052A-3898-4F36-BA36-C9229EF124F1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DF77FFF6-3C55-431B-A287-5285AACC7689} - System32\Tasks\CrystalDiskInfo => F:\instalacky programov\utility na disk safrankova\CrystalDiskInfo8_13_2\DiskInfo64.exe [2802720 2022-03-18] (Open Source Developer, Noriyuki Miyazaki -> Crystal Dew World)
Task: {E3032937-05E4-42A8-B058-867E01766723} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-01] (Google LLC -> Google LLC)
Task: {F63D921D-8BB1-4030-A36F-5E6E5749D6D1} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [42144 2022-04-29] (HP Inc. -> HP Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.2 10.0.0.1
Tcpip\..\Interfaces\{190ec8a3-ed5f-46a3-8da8-5b04379db2dc}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1f03db79-0c49-4692-a547-51243528b303}: [DhcpNameServer] 10.0.0.2 10.0.0.1
Tcpip\..\Interfaces\{51c19704-2799-4c6e-8ab8-d05a1bbcf5df}: [DhcpNameServer] 10.0.0.2 10.0.0.1
Edge:
=======
DownloadDir: C:\Users\janos\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\janos\AppData\Local\Microsoft\Edge\User Data\Default [2022-05-24]
Edge HomePage: Default -> hxxp://www.google.sk/
Edge Extension: (Notifier for Gmail™) - C:\Users\janos\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dcjichoefijpinlfnjghokpkojhlhkgl [2021-10-04]
Edge Extension: (iCloud Záložky) - C:\Users\janos\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2022-05-19]
Edge Extension: (Adblock Plus - free ad blocker) - C:\Users\janos\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2022-05-23]
Edge Extension: (IE Tab) - C:\Users\janos\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2022-05-18]
Edge Extension: (RoboForm Password Manager) - C:\Users\janos\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ljfpcifpgbbchoddpjefaipoiigpdmag [2022-04-20]
Edge Extension: (uBlock Origin) - C:\Users\janos\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2022-05-06]
Edge Extension: (Send Link by Email or Gmail) - C:\Users\janos\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\plcgkgghkdfgfhiidfjkhmainebgmklf [2020-07-12]
FireFox:
========
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2022-04-07]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2022-05-13] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2022-05-13] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: ditec.sk/DAsicFac -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~1.DLL [2021-02-09] (DITEC, a.s. -> Ditec,a.s.)
FF Plugin-x32: ditec.sk/DitecZepDViewerFb -> C:\PROGRA~2\Ditec\DViewer\NPDITE~1.DLL [2021-02-09] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigMessageContainer -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~2.DLL [2021-02-09] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigXadesExtender -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~3.DLL [2021-02-09] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigXadesFb -> C:\PROGRA~2\Ditec\DSIGNE~1.NET\NPDITE~1.DLL [2021-09-06] (DITEC, a.s. -> Ditec,a.s.)
FF Plugin-x32: ditec.sk/XmlDataContainerFb -> C:\PROGRA~2\Ditec\DSIGNE~1.NET\NPDITE~2.DLL [2021-09-06] (DITEC, a.s. -> Ditec,a.s.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default [2022-05-24]
CHR Notifications: Default -> hxxps://alimebot.aliexpress.com; hxxps://calendar.google.com; hxxps://email.forpsi.com; hxxps://findmedia.biz; hxxps://mail.google.com; hxxps://watch-video.net; hxxps://www.alibaba.com; hxxps://www.comco.sk; hxxps://www.messenger.com; hxxps://www.pocasie.sk
CHR HomePage: Default -> hxxp://www.google.sk/
CHR StartupUrls: Default -> "hxxps://www.google.sk/"
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-05-13]
CHR Extension: (uBlock Origin) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-04-08]
CHR Extension: (Notifier for Gmail™) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcjichoefijpinlfnjghokpkojhlhkgl [2021-09-27]
CHR Extension: (Adobe Acrobat: nástroje na upravovanie, prevádzanie a podpisovanie súborov PDF) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-04-29]
CHR Extension: (iCloud Záložky) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2022-05-19]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-14]
CHR Extension: (IE Tab) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2022-05-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (DigitalPersona) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkdnjfgdoolnmiacpdamadcneoblphbj [2021-10-06]
CHR Extension: (Send Link by Email or Gmail) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\plcgkgghkdfgfhiidfjkhmainebgmklf [2020-04-01]
CHR Extension: (RoboForm Password Manager) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2022-05-24]
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-05-23]
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-05-05]
CHR Extension: (YouTube) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-08-03]
CHR Extension: (Adobe Acrobat: nástroje na upravovanie, prevádzanie a podpisovanie súborov PDF) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-05-05]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-05-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-10]
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 2 [2022-04-27]
CHR Extension: (YouTube) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-08-04]
CHR Extension: (Adobe Acrobat: nástroje na upravovanie, prevádzanie a podpisovanie súborov PDF) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-04-27]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-27]
CHR Extension: (AdBlock - najlepší blokovač reklám) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-04-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-04-27]
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 3 [2022-05-10]
CHR Extension: (Adobe Acrobat: nástroje na upravovanie, prevádzanie a podpisovanie súborov PDF) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-05-09]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-05-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-03]
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4 [2022-03-23]
CHR Extension: (Prezentácie) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-11-09]
CHR Extension: (Dokumenty) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2020-11-09]
CHR Extension: (Disk Google) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-09]
CHR Extension: (YouTube) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-11-09]
CHR Extension: (Tabuľky) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-11-09]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-03-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-18]
CHR Extension: (Gmail) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-09]
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 5 [2022-04-19]
CHR Extension: (YouTube) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-11-21]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-09]
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6 [2022-04-08]
CHR Extension: (Prezentácie) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-08-23]
CHR Extension: (Dokumenty) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aohghmighlieiainnegkcijnfilokake [2021-08-23]
CHR Extension: (Disk Google) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-08-23]
CHR Extension: (YouTube) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-08-23]
CHR Extension: (Tabuľky) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-08-23]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-23]
CHR Extension: (Gmail) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-08-23]
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\System Profile [2022-05-23]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [919328 2022-04-27] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3815712 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3580200 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3803376 2022-02-07] (philandro Software GmbH -> AnyDesk Software GmbH)
R2 dLauncherLoopback; C:\Program Files (x86)\Ditec\DLauncher\dLauncherLoopback.exe [154960 2019-08-02] (DITEC, a.s. -> )
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3210720 2022-03-15] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3210720 2022-03-15] (ESET, spol. s r.o. -> ESET)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2020-04-01] (Macrovision Corporation -> Macrovision Europe Ltd.) [File not signed]
R2 GsServer; C:\Program Files\Siber Systems\GoodSync\gs-server.exe [12976384 2022-05-13] (Siber Systems -> )
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [223904 2022-04-29] (HP Inc. -> HP Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182392 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13269992 2022-04-15] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe [473312 2017-03-20] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\MobileGo\DriverInstall.exe [101152 2017-06-01] (Wondershare Technology Co.,Ltd -> Wondershare)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AVerPola; C:\WINDOWS\system32\DRIVERS\AVerPola.sys [871056 2015-05-21] (Microsoft Windows Hardware Compatibility Publisher -> AVerMedia TECHNOLOGIES, Inc.)
R3 AVPolDIR; C:\WINDOWS\System32\drivers\AVPolDIR.sys [15896 2015-05-21] (Microsoft Windows Hardware Compatibility Publisher -> AVerMedia TECHNOLOGIES, Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [183888 2022-03-15] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [107944 2022-03-15] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15824 2022-03-11] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [226264 2022-03-15] (ESET, spol. s r.o. -> ESET)
S2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [44968 2022-03-15] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [70776 2022-03-15] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [111624 2022-03-15] (ESET, spol. s r.o. -> ESET)
S3 GemCCID; C:\WINDOWS\System32\drivers\GemCCID.sys [137712 2016-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Gemalto)
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2019-12-07] (Microsoft Windows -> Realtek Semiconductor Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43640 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49600 2022-04-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [443664 2022-04-08] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-08] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-05-24 12:52 - 2022-05-24 12:54 - 000038225 _____ C:\Users\janos\Downloads\FRST.txt
2022-05-24 12:49 - 2022-05-24 12:49 - 002367488 _____ (Farbar) C:\Users\janos\Downloads\FRST64.exe
2022-05-24 10:10 - 2022-05-24 10:10 - 000000000 ____D C:\Users\janos\AppData\Local\ESET
2022-05-24 10:09 - 2022-05-24 10:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2022-05-24 10:09 - 2022-05-24 10:09 - 000000000 ____D C:\ProgramData\ESET
2022-05-24 10:09 - 2022-05-24 10:09 - 000000000 ____D C:\Program Files\ESET
2022-05-24 10:04 - 2022-05-24 10:05 - 000000000 ____D C:\Users\janos\OneDrive\Dokumenty\dobraci docasne
2022-05-24 10:01 - 2022-05-24 10:01 - 008500384 _____ (ESET) C:\Users\janos\Downloads\eset_internet_security_live_installer.exe
2022-05-19 14:55 - 2022-05-19 14:55 - 000150946 _____ C:\Users\janos\Downloads\1652964818719.JPEG
2022-05-19 13:51 - 2022-05-19 14:08 - 000257685 _____ C:\Users\janos\Downloads\zmluva Kovanice Mercedes 811 D.pdf
2022-05-19 10:17 - 2022-05-19 10:17 - 000151780 _____ C:\Users\janos\Downloads\SK6409000000000010309466_8675093912.pdf
2022-05-18 17:55 - 2022-05-18 17:55 - 000042605 _____ C:\Users\janos\Downloads\agrotec uhrada Dobraci.pdf
2022-05-13 22:13 - 2022-05-13 22:13 - 001380537 _____ C:\Users\janos\Downloads\Kópia - EIK3_zoznam_v3.xlsx
2022-05-13 21:52 - 2022-05-13 21:52 - 000000000 ____D C:\Users\janos\Tracing
2022-05-13 08:50 - 2022-05-13 08:50 - 000011799 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-05-13 08:49 - 2022-05-13 08:49 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-05-13 08:49 - 2022-05-13 08:49 - 000093696 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2022-05-13 08:18 - 2022-05-13 08:18 - 000001382 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2022-05-13 08:17 - 2022-05-13 08:17 - 000218337 _____ C:\Users\janos\Downloads\Dobráci s.r.o. zmluva na podpis.pdf
2022-05-13 08:12 - 2022-05-13 08:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GoodSync
2022-05-11 15:07 - 2022-05-11 15:07 - 000000000 ___HD C:\$WinREAgent
2022-05-10 16:37 - 2022-05-10 16:37 - 000850760 _____ C:\Users\janos\Downloads\EPH279923883_adresne_stitky_a4.pdf
2022-05-09 17:42 - 2022-05-09 17:42 - 000034675 _____ C:\Users\janos\Downloads\uznanie-dlhu.pdf
2022-05-09 14:45 - 2022-05-09 14:45 - 000850795 _____ C:\Users\janos\Downloads\EPH279728195_adresne_stitky_a4.pdf
2022-05-09 11:09 - 2022-05-09 11:09 - 000134775 _____ C:\Users\janos\Downloads\dobraci objednavka prepravnych cisiel.pdf
2022-05-06 10:17 - 2022-05-06 10:17 - 000038944 _____ C:\Users\janos\Downloads\dok (2).pdf
2022-05-05 15:44 - 2022-05-05 15:44 - 003621262 _____ C:\Users\janos\Downloads\WhatsApp Video 2022-05-05 at 15.05.19.mp4
2022-05-05 15:25 - 2022-05-05 15:25 - 000249044 _____ C:\Users\janos\Downloads\Doplňujúce údaje k žiadosti vratenie DPH CZ prenajom.pdf
2022-05-04 11:02 - 2022-05-04 11:02 - 000045565 _____ C:\Users\janos\Downloads\Safetech platba 052022.pdf
2022-05-04 11:02 - 2022-05-04 11:02 - 000040950 _____ C:\Users\janos\Downloads\dok (1).pdf
2022-05-04 10:49 - 2022-05-04 10:49 - 000355046 _____ C:\Users\janos\Downloads\V_1257777004_4_20220429_C1_P0.pdf
2022-05-04 09:43 - 2022-05-04 09:43 - 000501440 _____ C:\Users\janos\Downloads\ZSE_poistka.pdf
2022-05-04 09:43 - 2022-05-04 09:43 - 000499631 _____ C:\Users\janos\Downloads\1EKZB_Suhrn_ZE_AS-_VZOR.pdf
2022-05-04 09:17 - 2022-05-04 09:17 - 000258256 _____ C:\Users\janos\Downloads\doklad.pdf
2022-05-04 09:12 - 2022-05-04 09:12 - 000138221 _____ C:\Users\janos\Downloads\Dobraci_Object20220502104452398_1.pdf
2022-05-04 09:10 - 2022-05-04 09:10 - 000136868 _____ C:\Users\janos\Downloads\Object20220502104452398_1.pdf
2022-05-04 09:08 - 2022-05-04 09:08 - 000137688 _____ C:\Users\janos\Downloads\Dobraci_Object20220414120458543_1.pdf
2022-05-04 09:05 - 2022-05-04 09:05 - 000136295 _____ C:\Users\janos\Downloads\Object20220414120458543_1.pdf
2022-05-04 08:48 - 2022-05-04 08:48 - 000511626 _____ C:\Users\janos\Downloads\5301051603.pdf
2022-05-01 18:24 - 2022-05-01 18:24 - 000029476 _____ C:\Users\janos\Downloads\Faktúra Dobráci s.r.o. 2204130473853593.pdf
2022-05-01 18:20 - 2022-05-01 18:20 - 002092382 _____ C:\Users\janos\Downloads\janosova_injury.pdf
2022-04-29 10:19 - 2022-04-29 10:19 - 000808344 _____ C:\Users\janos\Downloads\eustream upomienka 1.pdf
2022-04-29 10:16 - 2022-04-29 10:16 - 000042573 _____ C:\Users\janos\Downloads\eustream_upomienka.pdf
2022-04-29 09:16 - 2022-04-29 09:16 - 000041376 _____ C:\Users\janos\Downloads\calvados_dobraci.pdf
2022-04-27 17:34 - 2022-04-27 17:34 - 000038542 _____ C:\Users\janos\Downloads\Facture-1316414.pdf
2022-04-27 16:13 - 2022-04-27 16:13 - 000000000 ____D C:\Users\janos\AppData\Local\SolidDocuments
2022-04-27 13:38 - 2022-05-09 08:26 - 000000000 ___HD C:\adobeTemp
2022-04-27 13:31 - 2022-04-27 13:31 - 000000040 ____H C:\04EC72786C80
2022-04-27 13:31 - 2022-04-27 13:31 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2022-04-27 13:27 - 2022-04-27 13:27 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2022-04-27 13:27 - 2022-04-27 13:27 - 000002103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-04-27 13:12 - 2022-05-18 10:56 - 000000000 ___RD C:\Users\janos\Creative Cloud Files
2022-04-27 13:09 - 2022-05-19 14:15 - 000003522 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2022-04-27 09:35 - 2022-04-27 09:35 - 000000298 _____ C:\Users\janos\Downloads\Agorastore.txt
2022-04-26 19:39 - 2022-04-26 19:39 - 000000000 ____D C:\Program Files\PCHealthCheck
2022-04-26 14:54 - 2022-04-26 14:54 - 000038348 _____ C:\Users\janos\Downloads\Facture-1316414 (2).pdf
2022-04-26 14:54 - 2022-04-26 14:54 - 000038348 _____ C:\Users\janos\Downloads\Facture-1316414 (1).pdf
2022-04-25 15:15 - 2022-04-25 15:15 - 000069632 _____ C:\Users\janos\Downloads\ca66912b-3605-4187-857f-b2db72a2a7c5.xls
2022-04-25 14:57 - 2022-04-25 14:57 - 000043480 _____ C:\Users\janos\Downloads\holomy_dobraci.pdf
2022-04-25 12:03 - 2022-04-25 12:06 - 230475667 _____ C:\Users\janos\Downloads\2 Blondinki Hot _ PornWex_ Original.mp4
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-05-24 12:53 - 2020-04-01 18:09 - 000000000 ____D C:\Program Files (x86)\Google
2022-05-24 12:53 - 2014-04-23 12:13 - 000000000 ____D C:\FRST
2022-05-24 12:51 - 2020-04-03 13:01 - 000000000 ____D C:\Users\janos\AppData\Roaming\WhatsApp
2022-05-24 12:43 - 2022-02-18 18:57 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-05-24 12:25 - 2020-03-31 09:59 - 000000000 ____D C:\ProgramData\NVIDIA
2022-05-24 10:10 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-05-24 10:10 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-05-24 10:05 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-05-24 10:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-05-24 10:00 - 2022-02-07 12:00 - 000000000 ____D C:\ProgramData\AnyDesk
2022-05-24 10:00 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-05-24 09:58 - 2020-04-01 17:49 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-05-23 18:18 - 2020-07-12 12:17 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-05-23 17:58 - 2020-06-25 10:43 - 000000000 ____D C:\ProgramData\GoodSync
2022-05-19 14:36 - 2020-04-02 12:29 - 000000000 ____D C:\Users\janos\OneDrive\Dokumenty\Adobe
2022-05-18 11:06 - 2020-04-01 18:11 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-05-18 11:03 - 2021-11-03 15:29 - 000000000 ____D C:\Users\janos\AppData\Local\WhatsApp
2022-05-18 11:00 - 2022-02-18 19:26 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3755753306-3900577581-898390862-1004
2022-05-18 11:00 - 2022-02-18 19:26 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3755753306-3900577581-898390862-1004
2022-05-18 11:00 - 2022-02-18 19:03 - 000002367 _____ C:\Users\janos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-05-18 11:00 - 2020-03-31 10:15 - 000000000 ___RD C:\Users\janos\OneDrive
2022-05-18 10:55 - 2020-04-01 17:26 - 000000000 ____D C:\Users\janos\AppData\Roaming\ViberPC
2022-05-18 10:52 - 2022-02-07 11:59 - 000000000 ____D C:\Users\janos\AppData\Roaming\AnyDesk
2022-05-13 22:26 - 2022-02-18 19:03 - 000000000 ____D C:\Users\janos
2022-05-13 21:54 - 2020-03-31 10:12 - 000000000 ____D C:\Users\janos\AppData\Local\Packages
2022-05-13 21:46 - 2022-02-18 19:15 - 000902246 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-05-13 21:46 - 2020-04-01 23:56 - 000062354 _____ C:\WINDOWS\system32\perfh01B.dat
2022-05-13 21:46 - 2020-04-01 23:56 - 000016154 _____ C:\WINDOWS\system32\perfc01B.dat
2022-05-13 21:41 - 2022-02-18 19:26 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-05-13 21:41 - 2022-02-18 18:56 - 000008192 ___SH C:\DumpStack.log.tmp
2022-05-13 21:38 - 2022-02-18 18:57 - 000470712 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-05-13 21:36 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-05-13 21:35 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-05-13 21:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-05-13 21:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-05-13 21:34 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-05-13 21:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-05-13 21:34 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-05-13 09:34 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-05-13 08:18 - 2021-11-18 13:09 - 000000000 ____D C:\Program Files\Common Files\Adobe
2022-05-13 08:18 - 2021-11-18 12:18 - 000000000 ____D C:\Program Files\Adobe
2022-05-13 08:18 - 2020-04-01 19:01 - 000000000 ____D C:\Program Files (x86)\Adobe
2022-05-13 08:12 - 2020-06-25 10:43 - 000000000 ____D C:\Program Files\Siber Systems
2022-05-11 15:01 - 2020-04-01 23:57 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-05-11 14:55 - 2020-04-01 23:56 - 145501456 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-05-10 12:11 - 2020-11-02 09:20 - 000000000 ____D C:\Users\janos\AppData\Roaming\vlc
2022-05-10 09:38 - 2022-03-10 09:57 - 000003538 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d824ea5caa01c6
2022-05-10 09:38 - 2022-02-18 19:26 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-05-06 15:16 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-05-06 11:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-05-06 10:18 - 2022-03-21 09:30 - 000043035 _____ C:\Users\janos\Downloads\jinan_dobraci.pdf
2022-04-29 09:02 - 2022-02-18 19:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2022-04-29 09:02 - 2021-05-13 08:47 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2022-04-28 12:00 - 2020-04-01 18:20 - 000000000 ____D C:\Users\janos\AppData\Local\D3DSCache
2022-04-27 15:55 - 2020-03-31 10:15 - 000000000 ____D C:\ProgramData\Packages
2022-04-27 15:06 - 2020-03-31 10:12 - 000000000 ____D C:\Users\janos\AppData\Roaming\Adobe
2022-04-27 13:37 - 2020-04-01 19:02 - 000000000 ____D C:\Users\janos\AppData\Local\Adobe
2022-04-27 13:31 - 2022-02-18 19:26 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-04-27 13:07 - 2020-04-01 19:01 - 000000000 ____D C:\ProgramData\Adobe
2022-04-26 19:39 - 2022-02-18 21:35 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
==================== Files in the root of some directories ========
2020-07-13 13:03 - 2020-08-26 11:43 - 000005120 _____ () C:\Users\janos\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2022-04-27 16:18 - 2022-04-27 16:18 - 000000000 _____ () C:\Users\janos\AppData\Local\oobelibMkey.log
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Nechal som teraz scanovat cely pocitac programom Eset Security, . Prosim ako dalej postupovat?
FRST log:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-05-2022
Ran by janos (administrator) on DESKTOP-LQJATP4 (LENOVO 7745) (24-05-2022 12:52:05)
Running from C:\Users\janos\Downloads
Loaded Profiles: janos
Platform: Microsoft Windows 10 Home Version 21H2 19044.1706 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe <2>
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <2>
(C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\egui.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1510.7.114.0_x64__8xx8rvfyw5nnt\app\Messenger.exe ->) (Meta) C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1510.7.114.0_x64__8xx8rvfyw5nnt\app\CrashpadHandlerWindows.exe
(C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22032.179.0_x64__8wekyb3d8bbwe\YourPhoneServer\YourPhoneServer.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22032.179.0_x64__8wekyb3d8bbwe\YourPhoneAppProxy\YourPhoneAppProxy.exe
(Disig a.s. -> Disig a.s.) C:\Program Files (x86)\Disig\Web Signer\WebSignerTray.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <68>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office16\OUTLOOK.EXE
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mspaint.exe <8>
(Meta) C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1510.7.114.0_x64__8xx8rvfyw5nnt\app\Messenger.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office16\WINWORD.EXE <2>
(Ministerstvo vnútra Slovenskej republiky -> Ministerstvo vnútra Slovenskej republiky) C:\Program Files (x86)\EAC MW klient\EAC_MW_klient.exe
(Open Source Developer, Noriyuki Miyazaki -> Crystal Dew World) F:\instalacky programov\utility na disk safrankova\CrystalDiskInfo8_13_2\DiskInfo64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (DITEC, a.s. -> ) C:\Program Files (x86)\Ditec\DLauncher\dLauncherLoopback.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (philandro Software GmbH -> AnyDesk Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <2>
(services.exe ->) (Siber Systems -> ) C:\Program Files\Siber Systems\GoodSync\gs-server.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe
(Siber Systems -> Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\janos\AppData\Local\Microsoft\OneDrive\22.089.0426.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\HelpPane.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1704_none_7de951067ca990f6\TiWorker.exe
(WhatsApp, Inc -> WhatsApp) C:\Users\janos\AppData\Local\WhatsApp\app-2.2216.8\WhatsApp.exe <7>
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\MobileGo\MobileGoService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3427104 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [168064 2022-03-15] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [37232 2008-06-12] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5819672 2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [EAC_MW_klient] => C:\Program Files (x86)\EAC MW klient\EAC_MW_klient.exe [11819664 2021-07-20] (Ministerstvo vnútra Slovenskej republiky -> Ministerstvo vnútra Slovenskej republiky)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [850208 2022-05-13] (Adobe Inc. -> Adobe Inc.)
HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\Run: [Viber] => C:\Users\janos\AppData\Local\Viber\Viber.exe [45429776 2020-12-03] (Viber Media S.à r.l. -> Viber Media S.Ã r.l.)
HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [107000 2020-04-01] (Siber Systems -> Siber Systems)
HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\Run: [com.squirrel.WhatsApp.WhatsApp] => C:\Users\janos\AppData\Local\WhatsApp\Update.exe [2253568 2022-05-18] (WhatsApp, Inc -> )
HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\Run: [Disig Web Signer] => C:\Program Files (x86)\Disig\Web Signer\WebSignerTray.exe [254080 2021-02-04] (Disig a.s. -> Disig a.s.)
HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5412632 2022-04-07] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5412632 2022-04-07] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\janos\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\janos\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3755753306-3900577581-898390862-1004\...\RunOnce: [Uninstall 22.077.0410.0007] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\janos\AppData\Local\Microsoft\OneDrive\22.077.0410.0007" (No File)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [203936 2022-04-07] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP DeskJet 5820 series): C:\WINDOWS\system32\HPDiscoPMEE11.dll [807056 2016-08-04] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\101.0.4951.67\Installer\chrmstp.exe [2022-05-18] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2022-02-07]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MobileGo Service.lnk [2020-10-12]
ShortcutTarget: MobileGo Service.lnk -> C:\Program Files (x86)\Wondershare\MobileGo\MobileGoService.exe (Wondershare Technology Co.,Ltd -> Wondershare)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0040B8D6-C748-42EC-A4F3-2F3DF7522727} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2069952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {117348C6-FC83-4767-8FC1-D6CA7D026B21} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [107000 2020-04-01] (Siber Systems -> Siber Systems)
Task: {1E1596A4-6184-46F7-B540-66D7FD9E1052} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {20248C13-0266-4AA5-89EC-D170C7628DEA} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [757184 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {38B13106-1942-427A-A676-1E5B9E7158B2} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {3BD7A1A2-1DFF-4A20-8205-EE24E966A707} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [510912 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {40B21E26-6C46-48AE-B71E-D7C5068E099D} - System32\Tasks\Open URL by RoboForm => C:\WINDOWS\system32\rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/test-pass.html?aaa=KIC ... JNDJCMMIEJ"
Task: {40F7DC8B-D514-41BB-9DE8-92602C30F7DB} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {56527AA4-AFBB-43B3-9120-59EE55A845AF} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3427104 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {6D9FCD78-8BA0-4E28-AEC6-B805FA3CA723} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {6EE8ED60-DFD0-450A-A731-39EB7AA21D27} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [42144 2022-04-29] (HP Inc. -> HP Inc.)
Task: {78B260B3-CFB9-481E-BABF-D678675E7A08} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-01] (Google LLC -> Google LLC)
Task: {9203648D-8F2B-4D8C-9DBD-65D173BE4504} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files (x86)\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {98B7BBDE-5101-4F2B-9EA5-8EEA33DECE40} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [976832 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A2893D3A-6D55-4F47-9462-6471765AC59D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {AEA581CD-913C-4E68-BD20-2D4C6F9C0D9E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {B4B3D474-E811-449A-8BC4-9E6F0601C24E} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {B6B8F442-A1BB-461C-8C18-A0AB0AD6C58A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {C3B6052A-3898-4F36-BA36-C9229EF124F1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DF77FFF6-3C55-431B-A287-5285AACC7689} - System32\Tasks\CrystalDiskInfo => F:\instalacky programov\utility na disk safrankova\CrystalDiskInfo8_13_2\DiskInfo64.exe [2802720 2022-03-18] (Open Source Developer, Noriyuki Miyazaki -> Crystal Dew World)
Task: {E3032937-05E4-42A8-B058-867E01766723} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-01] (Google LLC -> Google LLC)
Task: {F63D921D-8BB1-4030-A36F-5E6E5749D6D1} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [42144 2022-04-29] (HP Inc. -> HP Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.2 10.0.0.1
Tcpip\..\Interfaces\{190ec8a3-ed5f-46a3-8da8-5b04379db2dc}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1f03db79-0c49-4692-a547-51243528b303}: [DhcpNameServer] 10.0.0.2 10.0.0.1
Tcpip\..\Interfaces\{51c19704-2799-4c6e-8ab8-d05a1bbcf5df}: [DhcpNameServer] 10.0.0.2 10.0.0.1
Edge:
=======
DownloadDir: C:\Users\janos\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\janos\AppData\Local\Microsoft\Edge\User Data\Default [2022-05-24]
Edge HomePage: Default -> hxxp://www.google.sk/
Edge Extension: (Notifier for Gmail™) - C:\Users\janos\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dcjichoefijpinlfnjghokpkojhlhkgl [2021-10-04]
Edge Extension: (iCloud Záložky) - C:\Users\janos\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2022-05-19]
Edge Extension: (Adblock Plus - free ad blocker) - C:\Users\janos\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2022-05-23]
Edge Extension: (IE Tab) - C:\Users\janos\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2022-05-18]
Edge Extension: (RoboForm Password Manager) - C:\Users\janos\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ljfpcifpgbbchoddpjefaipoiigpdmag [2022-04-20]
Edge Extension: (uBlock Origin) - C:\Users\janos\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2022-05-06]
Edge Extension: (Send Link by Email or Gmail) - C:\Users\janos\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\plcgkgghkdfgfhiidfjkhmainebgmklf [2020-07-12]
FireFox:
========
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2022-04-07]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2022-05-13] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2022-05-13] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: ditec.sk/DAsicFac -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~1.DLL [2021-02-09] (DITEC, a.s. -> Ditec,a.s.)
FF Plugin-x32: ditec.sk/DitecZepDViewerFb -> C:\PROGRA~2\Ditec\DViewer\NPDITE~1.DLL [2021-02-09] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigMessageContainer -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~2.DLL [2021-02-09] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigXadesExtender -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~3.DLL [2021-02-09] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigXadesFb -> C:\PROGRA~2\Ditec\DSIGNE~1.NET\NPDITE~1.DLL [2021-09-06] (DITEC, a.s. -> Ditec,a.s.)
FF Plugin-x32: ditec.sk/XmlDataContainerFb -> C:\PROGRA~2\Ditec\DSIGNE~1.NET\NPDITE~2.DLL [2021-09-06] (DITEC, a.s. -> Ditec,a.s.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default [2022-05-24]
CHR Notifications: Default -> hxxps://alimebot.aliexpress.com; hxxps://calendar.google.com; hxxps://email.forpsi.com; hxxps://findmedia.biz; hxxps://mail.google.com; hxxps://watch-video.net; hxxps://www.alibaba.com; hxxps://www.comco.sk; hxxps://www.messenger.com; hxxps://www.pocasie.sk
CHR HomePage: Default -> hxxp://www.google.sk/
CHR StartupUrls: Default -> "hxxps://www.google.sk/"
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-05-13]
CHR Extension: (uBlock Origin) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-04-08]
CHR Extension: (Notifier for Gmail™) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcjichoefijpinlfnjghokpkojhlhkgl [2021-09-27]
CHR Extension: (Adobe Acrobat: nástroje na upravovanie, prevádzanie a podpisovanie súborov PDF) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-04-29]
CHR Extension: (iCloud Záložky) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2022-05-19]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-14]
CHR Extension: (IE Tab) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2022-05-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (DigitalPersona) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkdnjfgdoolnmiacpdamadcneoblphbj [2021-10-06]
CHR Extension: (Send Link by Email or Gmail) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\plcgkgghkdfgfhiidfjkhmainebgmklf [2020-04-01]
CHR Extension: (RoboForm Password Manager) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2022-05-24]
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-05-23]
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-05-05]
CHR Extension: (YouTube) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-08-03]
CHR Extension: (Adobe Acrobat: nástroje na upravovanie, prevádzanie a podpisovanie súborov PDF) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-05-05]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-05-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-10]
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 2 [2022-04-27]
CHR Extension: (YouTube) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-08-04]
CHR Extension: (Adobe Acrobat: nástroje na upravovanie, prevádzanie a podpisovanie súborov PDF) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-04-27]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-27]
CHR Extension: (AdBlock - najlepší blokovač reklám) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-04-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-04-27]
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 3 [2022-05-10]
CHR Extension: (Adobe Acrobat: nástroje na upravovanie, prevádzanie a podpisovanie súborov PDF) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-05-09]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-05-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-03]
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4 [2022-03-23]
CHR Extension: (Prezentácie) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-11-09]
CHR Extension: (Dokumenty) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2020-11-09]
CHR Extension: (Disk Google) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-09]
CHR Extension: (YouTube) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-11-09]
CHR Extension: (Tabuľky) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-11-09]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-03-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-18]
CHR Extension: (Gmail) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-09]
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 5 [2022-04-19]
CHR Extension: (YouTube) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-11-21]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-09]
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6 [2022-04-08]
CHR Extension: (Prezentácie) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-08-23]
CHR Extension: (Dokumenty) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aohghmighlieiainnegkcijnfilokake [2021-08-23]
CHR Extension: (Disk Google) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-08-23]
CHR Extension: (YouTube) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-08-23]
CHR Extension: (Tabuľky) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-08-23]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-23]
CHR Extension: (Gmail) - C:\Users\janos\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-08-23]
CHR Profile: C:\Users\janos\AppData\Local\Google\Chrome\User Data\System Profile [2022-05-23]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [919328 2022-04-27] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3815712 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3580200 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3803376 2022-02-07] (philandro Software GmbH -> AnyDesk Software GmbH)
R2 dLauncherLoopback; C:\Program Files (x86)\Ditec\DLauncher\dLauncherLoopback.exe [154960 2019-08-02] (DITEC, a.s. -> )
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3210720 2022-03-15] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3210720 2022-03-15] (ESET, spol. s r.o. -> ESET)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2020-04-01] (Macrovision Corporation -> Macrovision Europe Ltd.) [File not signed]
R2 GsServer; C:\Program Files\Siber Systems\GoodSync\gs-server.exe [12976384 2022-05-13] (Siber Systems -> )
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [223904 2022-04-29] (HP Inc. -> HP Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182392 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13269992 2022-04-15] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe [473312 2017-03-20] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\MobileGo\DriverInstall.exe [101152 2017-06-01] (Wondershare Technology Co.,Ltd -> Wondershare)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AVerPola; C:\WINDOWS\system32\DRIVERS\AVerPola.sys [871056 2015-05-21] (Microsoft Windows Hardware Compatibility Publisher -> AVerMedia TECHNOLOGIES, Inc.)
R3 AVPolDIR; C:\WINDOWS\System32\drivers\AVPolDIR.sys [15896 2015-05-21] (Microsoft Windows Hardware Compatibility Publisher -> AVerMedia TECHNOLOGIES, Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [183888 2022-03-15] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [107944 2022-03-15] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15824 2022-03-11] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [226264 2022-03-15] (ESET, spol. s r.o. -> ESET)
S2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [44968 2022-03-15] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [70776 2022-03-15] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [111624 2022-03-15] (ESET, spol. s r.o. -> ESET)
S3 GemCCID; C:\WINDOWS\System32\drivers\GemCCID.sys [137712 2016-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Gemalto)
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2019-12-07] (Microsoft Windows -> Realtek Semiconductor Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43640 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49600 2022-04-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [443664 2022-04-08] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-08] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-05-24 12:52 - 2022-05-24 12:54 - 000038225 _____ C:\Users\janos\Downloads\FRST.txt
2022-05-24 12:49 - 2022-05-24 12:49 - 002367488 _____ (Farbar) C:\Users\janos\Downloads\FRST64.exe
2022-05-24 10:10 - 2022-05-24 10:10 - 000000000 ____D C:\Users\janos\AppData\Local\ESET
2022-05-24 10:09 - 2022-05-24 10:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2022-05-24 10:09 - 2022-05-24 10:09 - 000000000 ____D C:\ProgramData\ESET
2022-05-24 10:09 - 2022-05-24 10:09 - 000000000 ____D C:\Program Files\ESET
2022-05-24 10:04 - 2022-05-24 10:05 - 000000000 ____D C:\Users\janos\OneDrive\Dokumenty\dobraci docasne
2022-05-24 10:01 - 2022-05-24 10:01 - 008500384 _____ (ESET) C:\Users\janos\Downloads\eset_internet_security_live_installer.exe
2022-05-19 14:55 - 2022-05-19 14:55 - 000150946 _____ C:\Users\janos\Downloads\1652964818719.JPEG
2022-05-19 13:51 - 2022-05-19 14:08 - 000257685 _____ C:\Users\janos\Downloads\zmluva Kovanice Mercedes 811 D.pdf
2022-05-19 10:17 - 2022-05-19 10:17 - 000151780 _____ C:\Users\janos\Downloads\SK6409000000000010309466_8675093912.pdf
2022-05-18 17:55 - 2022-05-18 17:55 - 000042605 _____ C:\Users\janos\Downloads\agrotec uhrada Dobraci.pdf
2022-05-13 22:13 - 2022-05-13 22:13 - 001380537 _____ C:\Users\janos\Downloads\Kópia - EIK3_zoznam_v3.xlsx
2022-05-13 21:52 - 2022-05-13 21:52 - 000000000 ____D C:\Users\janos\Tracing
2022-05-13 08:50 - 2022-05-13 08:50 - 000011799 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-05-13 08:49 - 2022-05-13 08:49 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-05-13 08:49 - 2022-05-13 08:49 - 000093696 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2022-05-13 08:18 - 2022-05-13 08:18 - 000001382 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2022-05-13 08:17 - 2022-05-13 08:17 - 000218337 _____ C:\Users\janos\Downloads\Dobráci s.r.o. zmluva na podpis.pdf
2022-05-13 08:12 - 2022-05-13 08:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GoodSync
2022-05-11 15:07 - 2022-05-11 15:07 - 000000000 ___HD C:\$WinREAgent
2022-05-10 16:37 - 2022-05-10 16:37 - 000850760 _____ C:\Users\janos\Downloads\EPH279923883_adresne_stitky_a4.pdf
2022-05-09 17:42 - 2022-05-09 17:42 - 000034675 _____ C:\Users\janos\Downloads\uznanie-dlhu.pdf
2022-05-09 14:45 - 2022-05-09 14:45 - 000850795 _____ C:\Users\janos\Downloads\EPH279728195_adresne_stitky_a4.pdf
2022-05-09 11:09 - 2022-05-09 11:09 - 000134775 _____ C:\Users\janos\Downloads\dobraci objednavka prepravnych cisiel.pdf
2022-05-06 10:17 - 2022-05-06 10:17 - 000038944 _____ C:\Users\janos\Downloads\dok (2).pdf
2022-05-05 15:44 - 2022-05-05 15:44 - 003621262 _____ C:\Users\janos\Downloads\WhatsApp Video 2022-05-05 at 15.05.19.mp4
2022-05-05 15:25 - 2022-05-05 15:25 - 000249044 _____ C:\Users\janos\Downloads\Doplňujúce údaje k žiadosti vratenie DPH CZ prenajom.pdf
2022-05-04 11:02 - 2022-05-04 11:02 - 000045565 _____ C:\Users\janos\Downloads\Safetech platba 052022.pdf
2022-05-04 11:02 - 2022-05-04 11:02 - 000040950 _____ C:\Users\janos\Downloads\dok (1).pdf
2022-05-04 10:49 - 2022-05-04 10:49 - 000355046 _____ C:\Users\janos\Downloads\V_1257777004_4_20220429_C1_P0.pdf
2022-05-04 09:43 - 2022-05-04 09:43 - 000501440 _____ C:\Users\janos\Downloads\ZSE_poistka.pdf
2022-05-04 09:43 - 2022-05-04 09:43 - 000499631 _____ C:\Users\janos\Downloads\1EKZB_Suhrn_ZE_AS-_VZOR.pdf
2022-05-04 09:17 - 2022-05-04 09:17 - 000258256 _____ C:\Users\janos\Downloads\doklad.pdf
2022-05-04 09:12 - 2022-05-04 09:12 - 000138221 _____ C:\Users\janos\Downloads\Dobraci_Object20220502104452398_1.pdf
2022-05-04 09:10 - 2022-05-04 09:10 - 000136868 _____ C:\Users\janos\Downloads\Object20220502104452398_1.pdf
2022-05-04 09:08 - 2022-05-04 09:08 - 000137688 _____ C:\Users\janos\Downloads\Dobraci_Object20220414120458543_1.pdf
2022-05-04 09:05 - 2022-05-04 09:05 - 000136295 _____ C:\Users\janos\Downloads\Object20220414120458543_1.pdf
2022-05-04 08:48 - 2022-05-04 08:48 - 000511626 _____ C:\Users\janos\Downloads\5301051603.pdf
2022-05-01 18:24 - 2022-05-01 18:24 - 000029476 _____ C:\Users\janos\Downloads\Faktúra Dobráci s.r.o. 2204130473853593.pdf
2022-05-01 18:20 - 2022-05-01 18:20 - 002092382 _____ C:\Users\janos\Downloads\janosova_injury.pdf
2022-04-29 10:19 - 2022-04-29 10:19 - 000808344 _____ C:\Users\janos\Downloads\eustream upomienka 1.pdf
2022-04-29 10:16 - 2022-04-29 10:16 - 000042573 _____ C:\Users\janos\Downloads\eustream_upomienka.pdf
2022-04-29 09:16 - 2022-04-29 09:16 - 000041376 _____ C:\Users\janos\Downloads\calvados_dobraci.pdf
2022-04-27 17:34 - 2022-04-27 17:34 - 000038542 _____ C:\Users\janos\Downloads\Facture-1316414.pdf
2022-04-27 16:13 - 2022-04-27 16:13 - 000000000 ____D C:\Users\janos\AppData\Local\SolidDocuments
2022-04-27 13:38 - 2022-05-09 08:26 - 000000000 ___HD C:\adobeTemp
2022-04-27 13:31 - 2022-04-27 13:31 - 000000040 ____H C:\04EC72786C80
2022-04-27 13:31 - 2022-04-27 13:31 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2022-04-27 13:27 - 2022-04-27 13:27 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2022-04-27 13:27 - 2022-04-27 13:27 - 000002103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-04-27 13:12 - 2022-05-18 10:56 - 000000000 ___RD C:\Users\janos\Creative Cloud Files
2022-04-27 13:09 - 2022-05-19 14:15 - 000003522 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2022-04-27 09:35 - 2022-04-27 09:35 - 000000298 _____ C:\Users\janos\Downloads\Agorastore.txt
2022-04-26 19:39 - 2022-04-26 19:39 - 000000000 ____D C:\Program Files\PCHealthCheck
2022-04-26 14:54 - 2022-04-26 14:54 - 000038348 _____ C:\Users\janos\Downloads\Facture-1316414 (2).pdf
2022-04-26 14:54 - 2022-04-26 14:54 - 000038348 _____ C:\Users\janos\Downloads\Facture-1316414 (1).pdf
2022-04-25 15:15 - 2022-04-25 15:15 - 000069632 _____ C:\Users\janos\Downloads\ca66912b-3605-4187-857f-b2db72a2a7c5.xls
2022-04-25 14:57 - 2022-04-25 14:57 - 000043480 _____ C:\Users\janos\Downloads\holomy_dobraci.pdf
2022-04-25 12:03 - 2022-04-25 12:06 - 230475667 _____ C:\Users\janos\Downloads\2 Blondinki Hot _ PornWex_ Original.mp4
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-05-24 12:53 - 2020-04-01 18:09 - 000000000 ____D C:\Program Files (x86)\Google
2022-05-24 12:53 - 2014-04-23 12:13 - 000000000 ____D C:\FRST
2022-05-24 12:51 - 2020-04-03 13:01 - 000000000 ____D C:\Users\janos\AppData\Roaming\WhatsApp
2022-05-24 12:43 - 2022-02-18 18:57 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-05-24 12:25 - 2020-03-31 09:59 - 000000000 ____D C:\ProgramData\NVIDIA
2022-05-24 10:10 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-05-24 10:10 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-05-24 10:05 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-05-24 10:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-05-24 10:00 - 2022-02-07 12:00 - 000000000 ____D C:\ProgramData\AnyDesk
2022-05-24 10:00 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-05-24 09:58 - 2020-04-01 17:49 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-05-23 18:18 - 2020-07-12 12:17 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-05-23 17:58 - 2020-06-25 10:43 - 000000000 ____D C:\ProgramData\GoodSync
2022-05-19 14:36 - 2020-04-02 12:29 - 000000000 ____D C:\Users\janos\OneDrive\Dokumenty\Adobe
2022-05-18 11:06 - 2020-04-01 18:11 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-05-18 11:03 - 2021-11-03 15:29 - 000000000 ____D C:\Users\janos\AppData\Local\WhatsApp
2022-05-18 11:00 - 2022-02-18 19:26 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3755753306-3900577581-898390862-1004
2022-05-18 11:00 - 2022-02-18 19:26 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3755753306-3900577581-898390862-1004
2022-05-18 11:00 - 2022-02-18 19:03 - 000002367 _____ C:\Users\janos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-05-18 11:00 - 2020-03-31 10:15 - 000000000 ___RD C:\Users\janos\OneDrive
2022-05-18 10:55 - 2020-04-01 17:26 - 000000000 ____D C:\Users\janos\AppData\Roaming\ViberPC
2022-05-18 10:52 - 2022-02-07 11:59 - 000000000 ____D C:\Users\janos\AppData\Roaming\AnyDesk
2022-05-13 22:26 - 2022-02-18 19:03 - 000000000 ____D C:\Users\janos
2022-05-13 21:54 - 2020-03-31 10:12 - 000000000 ____D C:\Users\janos\AppData\Local\Packages
2022-05-13 21:46 - 2022-02-18 19:15 - 000902246 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-05-13 21:46 - 2020-04-01 23:56 - 000062354 _____ C:\WINDOWS\system32\perfh01B.dat
2022-05-13 21:46 - 2020-04-01 23:56 - 000016154 _____ C:\WINDOWS\system32\perfc01B.dat
2022-05-13 21:41 - 2022-02-18 19:26 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-05-13 21:41 - 2022-02-18 18:56 - 000008192 ___SH C:\DumpStack.log.tmp
2022-05-13 21:38 - 2022-02-18 18:57 - 000470712 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-05-13 21:36 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-05-13 21:35 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-05-13 21:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-05-13 21:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-05-13 21:34 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-05-13 21:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-05-13 21:34 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-05-13 09:34 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-05-13 08:18 - 2021-11-18 13:09 - 000000000 ____D C:\Program Files\Common Files\Adobe
2022-05-13 08:18 - 2021-11-18 12:18 - 000000000 ____D C:\Program Files\Adobe
2022-05-13 08:18 - 2020-04-01 19:01 - 000000000 ____D C:\Program Files (x86)\Adobe
2022-05-13 08:12 - 2020-06-25 10:43 - 000000000 ____D C:\Program Files\Siber Systems
2022-05-11 15:01 - 2020-04-01 23:57 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-05-11 14:55 - 2020-04-01 23:56 - 145501456 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-05-10 12:11 - 2020-11-02 09:20 - 000000000 ____D C:\Users\janos\AppData\Roaming\vlc
2022-05-10 09:38 - 2022-03-10 09:57 - 000003538 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d824ea5caa01c6
2022-05-10 09:38 - 2022-02-18 19:26 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-05-06 15:16 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-05-06 11:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-05-06 10:18 - 2022-03-21 09:30 - 000043035 _____ C:\Users\janos\Downloads\jinan_dobraci.pdf
2022-04-29 09:02 - 2022-02-18 19:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2022-04-29 09:02 - 2021-05-13 08:47 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2022-04-28 12:00 - 2020-04-01 18:20 - 000000000 ____D C:\Users\janos\AppData\Local\D3DSCache
2022-04-27 15:55 - 2020-03-31 10:15 - 000000000 ____D C:\ProgramData\Packages
2022-04-27 15:06 - 2020-03-31 10:12 - 000000000 ____D C:\Users\janos\AppData\Roaming\Adobe
2022-04-27 13:37 - 2020-04-01 19:02 - 000000000 ____D C:\Users\janos\AppData\Local\Adobe
2022-04-27 13:31 - 2022-02-18 19:26 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-04-27 13:07 - 2020-04-01 19:01 - 000000000 ____D C:\ProgramData\Adobe
2022-04-26 19:39 - 2022-02-18 21:35 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
==================== Files in the root of some directories ========
2020-07-13 13:03 - 2020-08-26 11:43 - 000005120 _____ () C:\Users\janos\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2022-04-27 16:18 - 2022-04-27 16:18 - 000000000 _____ () C:\Users\janos\AppData\Local\oobelibMkey.log
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================