Ahoj, prosím o kontrolu.
ADWCleaner vyčistený, JRT tiež.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-02-2023
Ran by Pedro (administrator) on DESKTOP-NVJD1LG (LENOVO 20344) (28-02-2023 22:58:31)
Running from C:\Users\Pedro\Desktop
Loaded Profiles: Pedro
Platform: Microsoft Windows 10 Home Version 22H2 19045.2604 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCopyAccelerator.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(services.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Remote Desktop\111.0.5563.12\remoting_host.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-11] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-11] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-11] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-11] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [9309936 2015-09-10] (Realtek Semiconductor Corp -> Realtek semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3961528 2016-11-04] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1690368 2022-07-22] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [LogiBolt] => C:\Program Files\Logi\LogiBolt\LogiBolt.exe [22423104 2021-12-14] (Logitech Inc -> Logitech)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\70.0.2.0\GoogleDriveFS.exe [51889432 2023-02-08] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\70.0.2.0\GoogleDriveFS.exe [51889432 2023-02-08] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-622939137-141225199-2558093129-1000\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\66.0.3.0\GoogleDriveFS.exe --startup_mode (No File)
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [1688872 2007-12-13] (Nero AG -> Nero AG)
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\Run: [Unified Remote V3] => C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe [3187384 2017-12-13] (Unified Intents AB -> Unified Intents AB)
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\Run: [Spotify] => C:\Users\Pedro\AppData\Roaming\Spotify\Spotify.exe [20382072 2023-02-26] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\Run: [EPSON Stylus SX400] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIEGE.EXE [221696 2007-12-17] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38966072 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Pedro\AppData\Local\Microsoft\Teams\Update.exe [2454200 2021-07-01] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\70.0.2.0\GoogleDriveFS.exe [51889432 2023-02-08] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\Run: [LogiBolt] => C:\Program Files\Logi\LogiBolt\LogiBolt.exe [22423104 2021-12-14] (Logitech Inc -> Logitech)
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\MountPoints2: {6e9aefb8-7ec3-11ec-b4c0-e8b1fc0cf016} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\MountPoints2: {73ab0995-2b20-11ed-b4d2-e8b1fc0cf016} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\MountPoints2: {ad1453e7-1fba-11eb-b491-e8b1fc0cf016} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\MountPoints2: {b9f1dc0e-3adc-11ea-b469-e8b1fc0cf016} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\70.0.2.0\GoogleDriveFS.exe [51889432 2023-02-08] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\Canon MG4200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDB9.DLL [30208 2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon MP230 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDB5.DLL [30208 2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\sht13cPC: C:\Windows\System32\spool\prtprocs\x64\sht13cpc.dll [101080 2022-01-24] (联想图像(天津)科技有限公司 -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP230 series: C:\WINDOWS\system32\CNMLMB5.DLL [389120 2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HP a111 Status Monitor: C:\WINDOWS\system32\hpinkstsa111LM.dll [331664 2012-06-13] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP AC11 Status Monitor: C:\WINDOWS\system32\hpinkstsAC11LM.dll [331664 2012-06-13] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Photosmart 5510 series): C:\WINDOWS\system32\HPDiscoPMa111.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\sht13c Langmon: C:\WINDOWS\system32\sht13clm.dll [70424 2021-07-30] (联想图像(天津)科技有限公司 -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\110.0.5481.178\Installer\chrmstp.exe [2023-02-27] (Google LLC -> Google LLC)
Startup: C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 2510 series.lnk [2020-11-22]
ShortcutAndArgument: Monitor Ink Alerts - HP Deskjet 2510 series.lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP Deskjet 2510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN2CR3JQFF05TX;CONNECTION=USB;MONITOR=1;
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {09E581F4-6353-48A2-ADA4-95FD2037EDF5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-11] (Google Inc -> Google Inc.)
Task: {33A01DC2-E3D9-4857-A46B-9CE1B8585E95} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {36640D29-E85B-4262-B733-8EBD10BFDB75} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe (No File)
Task: {50C3C8FB-47BB-475C-BAC8-36045F8F020A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {906BD8F2-3D31-459D-A788-5114FADAEDCD} - System32\Tasks\CCleanerSkipUAC - Pedro => C:\Program Files\CCleaner\CCleaner.exe [32631096 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {944E74FD-32B9-492E-B774-93AE6BE3466C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {94A6C6A6-95F7-483A-9571-19FA4D1162C7} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [694176 2023-01-11] (Mozilla Corporation -> Mozilla Foundation)
Task: {9C651596-A1CC-468F-9A98-72D135E959DB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {CB36A6A5-9529-4148-AF4B-3EB1AD6C6E01} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D17FDC10-6084-4D7D-86DC-B4C29A23671E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {DA78985A-2065-465D-944B-55C9144D8ADB} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2023-02-08] (Piriform Software Ltd -> Piriform)
Task: {E8B245CC-08F2-4F0B-B70E-BC418A910793} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-11] (Google Inc -> Google Inc.)
Task: {EB05FDC5-C030-48BC-BA23-0D6AB6D3288E} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3961528 2016-11-04] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {EBB081CF-2192-437E-AE5D-267B4C2D7A6F} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703544 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "4c93b20a-77fc-46b0-b5b1-cab1643b3be6" --version "6.09.10300" --silent
Task: {EC1D9429-82B4-4E93-94C7-FB52319D82BC} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [660896 2023-01-11] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {F067FB99-1CA1-4579-B2B1-B5786FD61F15} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe -autostart (No File)
Task: {FB1C2528-BEA5-4722-B635-B0AD2C91A113} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ac0d6cbe-f5ed-45ea-b2e8-a97d491a4b4e}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Pedro\AppData\Local\Microsoft\Edge\User Data\Default [2023-02-07]
FireFox:
========
FF DefaultProfile: bepvh05g.default-1615563011198
FF ProfilePath: C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\bepvh05g.default-1615563011198 [2023-02-07]
FF HKLM\...\Firefox\Extensions: [FFExtnHTML2PDF@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi
FF Extension: (Foxit PDF Creator) - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi [2017-10-09] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [FFExtnHTML2PDF@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2017-10-18] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2017-10-18] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2017-10-18] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2017-10-18] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @IPC/npmedia3.3.16559.0,version=3.3.16559.0 -> C:\Program Files\webrec\Torch\3.3.16559.0\npmedia3.3.16559.0.dll [2019-09-12] (Zhejiang Dahua Technology CO.,LTD. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.211.2 -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-05-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.211.2 -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-05-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Web Components -> C:\Program Files (x86)\Web Components\npWebVideoPlugin.dll [2013-03-04] (HANGZHOU HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> )
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default [2023-02-28]
CHR Notifications: Default -> hxxps://web.whatsapp.com
CHR HomePage: Default -> hxxp://google.sk/
CHR DefaultSearchKeyword: Default -> google.sk__
CHR Session Restore: Default -> is enabled.
CHR Extension: (Just Black) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2020-08-02]
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2018-12-11]
CHR Extension: (Authenticator) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhghoamapcdpbohphigoooaddinpkbai [2021-11-09]
CHR Extension: (uBlock Origin) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-02-28]
CHR Extension: (Multi Chat - Messenger for WhatsApp) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\dllplfhjknghhdneiblmkolbjappecbe [2021-08-26]
CHR Extension: (I don't care about cookies) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2023-02-28]
CHR Extension: (Web Components) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\filcobblndaenakhejinpjdblekilpgn [2018-12-11]
CHR Extension: (Vzdialená plocha Chrome) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-07-20]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-02-07]
CHR Extension: (AdBlock - najlepší blokovač reklám) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-02-28]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2022-12-13]
CHR Extension: (Video Downloader Pro) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\klkegmdjeiklkjdjjbknjgdpdbaojdkk [2022-07-11]
CHR Extension: (Google Play) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2018-12-11]
CHR Extension: (Save as PDF) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdjmbiefanbdgnkcikhllpmjnnllbbc [2022-09-24]
CHR Extension: (Numerics Calculator & Converter) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\liglcienpnkhdajdfmnpbgmpjglonipe [2018-12-11]
CHR Extension: (Number Search) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\mknlabdjmmionkakcobggbihpiaelbnk [2021-03-06]
CHR Extension: (Whatsapp for PC - Download in Windows/Mac) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnlmidmemdekifapeeajgndjgapgmhph [2022-04-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-03]
CHR Extension: (Psykopaint) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil [2018-12-11]
CHR Profile: C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\System Profile [2023-02-07]
CHR HKLM\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx [2017-10-09]
CHR HKU\S-1-5-21-622939137-141225199-2558093129-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx [2017-10-09]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\111.0.5563.12\remoting_host.exe [74520 2023-02-02] (Google LLC -> Google LLC)
S2 CIJSRegister; C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe [144784 2018-04-18] (Canon Inc. -> CANON INC.)
S3 FoxitPhantomService; C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\FoxitConnectedPDFService.exe [1658944 2017-10-29] (Foxit Software Incorporated -> Foxit Software Inc.)
S2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [288360 2021-05-12] (HP Inc. -> HP Inc.)
S2 NbfcService; C:\Program Files (x86)\NoteBook FanControl\NbfcService.exe [8704 2018-11-03] (StagWare) [File not signed]
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [447784 2007-12-13] (Nero AG -> Nero AG)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
S2 VMSWatchdog; C:\Program Files\Luxriot\Luxriot Monitor\VMSWatchdog.exe [675568 2019-04-23] (A&H Software House Inc -> A&H Software House, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe [3191256 2023-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe [133576 2023-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 ymc; C:\Program Files\Lenovo\YMC\ymc.exe [49032 2016-12-23] (LENOVO -> Lenovo)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 googledrivefs31092; C:\WINDOWS\System32\DRIVERS\googledrivefs31092.sys [384600 2023-02-08] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
S3 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [81688 2018-03-03] (Insecure.Com LLC -> Insecure.Com LLC.)
R2 NPF; C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\npf64.sys [36600 2015-12-16] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 ROCKEYNT; C:\WINDOWS\system32\DRIVERS\Rockey4.sys [36904 2019-10-29] (Feitian Technologies Co., Ltd. -> Feitian Technologies Co., Ltd.)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [44976 2018-06-01] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 usbscan; C:\WINDOWS\system32\DRIVERS\usbscan.sys [49152 2020-11-24] (Microsoft Corporation) [File not signed]
S3 uvhid; C:\WINDOWS\System32\drivers\uvhid.sys [28128 2017-12-13] (Unified Intents AB -> Windows (R) Win 7 DDK provider)
R3 WacHidRouterPro; C:\WINDOWS\System32\drivers\wachidrouter.sys [131288 2021-11-19] (WDKTestCert dant_ppxe9ny,132779414088034662 -> Wacom Technology, Corp.)
R3 wacomrouterfilter; C:\WINDOWS\System32\drivers\wacomrouterfilter.sys [29368 2021-11-19] (WDKTestCert dant_ppxe9ny,132779414088034662 -> Wacom Technology, Corp.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2023-02-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [473336 2023-02-14] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99576 2023-02-14] (Microsoft Windows -> Microsoft Corporation)
R1 WinRing0_1_2_0; C:\Program Files (x86)\NoteBook FanControl\WinRing0x64.sys [14544 2019-02-02] (Noriyuki MIYAZAKI -> OpenLibSys.org)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-02-28 22:58 - 2023-02-28 23:01 - 000026008 _____ C:\Users\Pedro\Desktop\FRST.txt
2023-02-28 22:56 - 2023-02-28 22:56 - 002378752 _____ (Farbar) C:\Users\Pedro\Desktop\FRST64.exe
2023-02-15 16:56 - 2023-02-15 16:56 - 000000000 ___HD C:\$WinREAgent
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-02-28 23:02 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-02-28 23:00 - 2019-01-21 18:38 - 000000000 ____D C:\FRST
2023-02-28 22:51 - 2020-11-24 08:12 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-02-28 22:36 - 2018-12-11 19:59 - 000000000 ____D C:\Program Files (x86)\Google
2023-02-28 22:20 - 2019-01-29 17:03 - 000000000 ____D C:\Users\Pedro\AppData\Roaming\Spotify
2023-02-28 21:15 - 2019-01-11 19:26 - 000000000 ____D C:\Program Files\CCleaner
2023-02-28 21:13 - 2019-01-29 17:05 - 000000000 ____D C:\Users\Pedro\AppData\Local\Spotify
2023-02-28 19:53 - 2018-12-13 21:02 - 000000000 ____D C:\Users\Pedro\AppData\LocalLow\Mozilla
2023-02-27 23:38 - 2018-12-11 19:59 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-02-26 01:26 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-02-26 01:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-02-26 01:25 - 2020-06-08 01:00 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-02-24 00:04 - 2018-12-11 19:23 - 000000000 ____D C:\Users\Pedro\AppData\Local\Packages
2023-02-20 21:27 - 2022-02-08 16:02 - 000000000 ____D C:\Users\Pedro\AppData\Roaming\WTablet
2023-02-16 03:22 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-02-15 18:09 - 2021-11-01 11:48 - 000000000 ____D C:\Users\Pedro\AppData\Local\LogiBolt
2023-02-15 18:09 - 2020-11-24 08:31 - 000923288 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-02-15 18:09 - 2019-04-09 23:11 - 000079644 _____ C:\WINDOWS\system32\perfh01B.dat
2023-02-15 18:09 - 2019-04-09 23:11 - 000020994 _____ C:\WINDOWS\system32\perfc01B.dat
2023-02-15 18:07 - 2019-11-27 21:40 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2023-02-15 18:07 - 2018-12-11 20:27 - 000000000 __SHD C:\Users\Pedro\IntelGraphicsProfiles
2023-02-15 18:03 - 2020-11-24 08:12 - 005036864 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-02-15 18:02 - 2022-10-22 16:54 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-02-15 18:02 - 2020-11-24 08:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-02-15 18:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-02-15 18:01 - 2020-11-24 08:12 - 000008192 ___SH C:\DumpStack.log.tmp
2023-02-15 18:00 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-02-15 17:59 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-02-15 17:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-02-15 17:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-02-15 17:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-02-15 17:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-02-15 17:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-02-15 17:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-02-15 17:40 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-02-15 17:25 - 2020-11-24 08:16 - 003015680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-02-15 16:46 - 2018-12-11 20:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2023-02-15 16:42 - 2018-12-12 00:28 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-02-15 16:19 - 2018-12-12 00:27 - 149955784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-02-14 23:20 - 2018-12-12 06:15 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-02-14 21:15 - 2022-10-22 16:54 - 000003472 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-02-14 21:15 - 2022-09-26 11:12 - 000000000 ____D C:\Users\Pedro\AppData\Local\CrashDumps
2023-02-14 21:15 - 2020-11-24 08:41 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-02-13 11:14 - 2019-02-02 13:06 - 000000000 ____D C:\ProgramData\NbfcService
2023-02-08 17:39 - 2021-08-31 19:53 - 000002017 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2023-02-08 17:39 - 2021-08-31 19:53 - 000001859 _____ C:\Users\Default\Desktop\Google Slides.lnk
2023-02-08 17:39 - 2021-08-31 19:53 - 000001859 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2023-02-08 17:39 - 2021-08-31 19:53 - 000001847 _____ C:\Users\Default\Desktop\Google Docs.lnk
2023-02-07 20:42 - 2021-01-30 22:34 - 000005632 _____ C:\Users\Pedro\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2023-02-07 20:31 - 2018-12-11 20:09 - 000000000 ____D C:\Users\Pedro\AppData\Roaming\vlc
2023-02-07 19:22 - 2018-12-11 21:34 - 000000000 ____D C:\Program Files\Google
2023-02-03 11:18 - 2020-11-24 08:41 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-02-03 11:18 - 2020-11-24 08:41 - 000003508 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-02-01 23:21 - 2021-12-13 11:15 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-622939137-141225199-2558093129-1001
2023-02-01 23:21 - 2020-11-24 08:41 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-622939137-141225199-2558093129-1001
2023-02-01 23:21 - 2020-11-24 08:19 - 000002412 _____ C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
==================== Files in the root of some directories ========
2019-10-01 21:27 - 2019-09-05 09:18 - 011902976 _____ () C:\Program Files\BMC CONFIG.exe
2018-12-21 11:33 - 2018-10-25 17:31 - 011427840 _____ () C:\Program Files\BMC-CONFIG-1.exe
2018-12-12 15:47 - 2022-05-13 16:46 - 000000132 _____ () C:\Users\Pedro\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2020-10-28 15:25 - 2020-10-31 11:25 - 000000014 _____ () C:\Users\Pedro\AppData\Roaming\obs-virtualcam.txt
2021-01-30 22:34 - 2023-02-07 20:42 - 000005632 _____ () C:\Users\Pedro\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-05-03 19:41 - 2019-05-03 19:41 - 000000218 _____ () C:\Users\Pedro\AppData\Local\recently-used.xbel
2018-12-29 23:29 - 2019-02-13 20:22 - 000007603 _____ () C:\Users\Pedro\AppData\Local\Resmon.ResmonCfg
2019-05-03 16:33 - 2019-05-03 16:33 - 000000000 _____ () C:\Users\Pedro\AppData\Local\zenmap.exe.log
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-02-2023
Ran by Pedro (28-02-2023 23:05:42)
Running from C:\Users\Pedro\Desktop
Microsoft Windows 10 Home Version 22H2 19045.2604 (X64) (2020-11-24 07:43:03)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-622939137-141225199-2558093129-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-622939137-141225199-2558093129-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-622939137-141225199-2558093129-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-622939137-141225199-2558093129-501 - Limited - Disabled)
Pedro (S-1-5-21-622939137-141225199-2558093129-1001 - Administrator - Enabled) => C:\Users\Pedro
WDAGUtilityAccount (S-1-5-21-622939137-141225199-2558093129-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\uTorrent) (Version: 3.5.5.46206 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\{A2BCA9F1-566C-4805-97D1-7FDC93386723}) (Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Advanced IP Scanner 2.5 (HKLM-x32\...\{E35BC1CF-235D-4995-A816-59D3615C3B9A}) (Version: 2.5.3850 - Famatech)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.5.0.69 - Canon Inc.)
Canon MG4200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4200_series) (Version: 1.02 - Canon Inc.)
Canon MP230 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP230_series) (Version: 1.04 - Canon Inc.)
CanoScan LiDE 300 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2417S) (Version: 1.00 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.09 - Piriform)
CCleaner Update Helper (HKLM-x32\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1583.3 - Piriform Software) Hidden
ConfigTool 5.001.0000001.0 (HKLM-x32\...\ConfigTool) (Version: 5.001.0000001.0 - )
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
E-CONFIG 3.8.6-SK/SK (HKLM-x32\...\E-CONFIG (SK/SK)_is1) (Version: 3.8.6 - Eaton Elektrotechnika s.r.o.)
Foxit PhantomPDF (HKLM-x32\...\{1668067E-BD47-11E7-B267-000C296BF29B}) (Version: 9.0.0.29935 - Foxit Software Inc.)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 70.0.2.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 110.0.5481.178 - Google LLC)
HP Deskjet 2510 series Basic Device Software (HKLM\...\{293CC68A-32BA-4BA4-84BD-0DCF6583566F}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 2510 series Setup Guide (HKLM-x32\...\{216C7F38-4BBC-4E9A-8392-C9FA21B54386}) (Version: 27.0.0 - Hewlett Packard)
HP Photosmart 5510 series Basic Device Software (HKLM\...\{CFF43B48-42A1-4967-9506-7E341BBD075F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Chrome Remote Desktop Host (HKLM-x32\...\{947DBF18-E228-4F2D-9D2A-6FCA4B5AAE3C}) (Version: 111.0.5563.12 - Google LLC)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
IrfanView 4.51 (64-bit) (HKLM\...\IrfanView64) (Version: 4.51 - Irfan Skiljan)
iSpy (64 bit) (HKLM\...\{BB26C3B0-86F2-4C85-92E0-D998C122BD07}) (Version: 7.2.0.0 - DeveloperInABox)
iSpy package installer (64 bit) (HKLM-x32\...\{570e7cf8-e943-4538-9873-b3bee2c47f11}) (Version: 7.2.0.0 - DeveloperInABox)
iVMS-4200(v2.4.1.3) (HKLM-x32\...\{7697245D-2E00-4B83-AD27-C051DE314D1F}) (Version: 2.4.1.3 - hikvision)
Java 8 Update 211 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11103 - Realtek Semiconductor Corp.)
Lenovo Yoga Mode Control (HKLM\...\{3F2E25D6-49D3-45D5-A7BD-13F5D6F64171}_is1) (Version: 2.0.0.9 - Lenovo)
Lingea Lexicon 2002 (HKLM-x32\...\Lexicon 4.0) (Version: - )
Logi Bolt (HKLM\...\LogiBolt) (Version: 1.2.6024.0 - Logi)
Logitech Options (HKLM\...\LogiOptions) (Version: 9.70.68 - Logitech)
Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
Luxriot x64 Monitor (HKLM\...\{29ECCDB0-2FDF-4441-A8D1-070666430AF8}) (Version: 1.13.0.7258 - A&H Software House Inc) Hidden
Luxriot x64 Monitor (HKLM-x32\...\{a767123e-2682-4296-b9b5-a2f8e203e66c}) (Version: 1.13.0.7258 - A&H Software House Inc)
Microsoft Access database engine 2016 (English) (HKLM\...\{90160000-00D1-0409-1000-0000000FF1CE}) (Version: 16.0.5044.1000 - Microsoft Corporation)
Microsoft Access MUI (Slovak) 2013 (HKLM\...\{90150000-0015-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft DCF MUI (Slovak) 2013 (HKLM\...\{90150000-0090-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 110.0.1587.57 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 110.0.1587.57 - Microsoft Corporation)
Microsoft Excel MUI (Slovak) 2013 (HKLM\...\{90150000-0016-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (Slovak) 2013 (HKLM\...\{90150000-00BA-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (Slovak) 2013 (HKLM\...\{90150000-0044-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (Slovak) 2013 (HKLM\...\{90150000-012B-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 2013 Professional Plus (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office 32-bit Components 2013 (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Nyelvi ellenőrző eszközök 2013 – magyar (HKLM\...\{90150000-001F-040E-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Slovak) 2013 (HKLM\...\{90150000-00E1-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Slovak) 2013 (HKLM\...\{90150000-00E2-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Slovak) 2013 (HKLM\...\{90150000-002C-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (Slovak) 2013 (HKLM\...\{90150000-00C1-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Slovak) 2013 (HKLM\...\{90150000-006E-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-622939137-141225199-2558093129-1000\...\OneDriveSetup.exe) (Version: 18.212.1021.0008 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\OneDriveSetup.exe) (Version: 23.007.0109.0004 - Microsoft Corporation)
Microsoft OneNote MUI (Slovak) 2013 (HKLM\...\{90150000-00A1-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Slovak) 2013 (HKLM\...\{90150000-001A-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Slovak) 2013 (HKLM\...\{90150000-0018-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (Slovak) 2013 (HKLM\...\{90150000-0019-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Teams (HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\Teams) (Version: 1.4.00.16575 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft Visual Basic for Applications 7.1 (x64) (HKLM\...\{90120064-0070-0000-0000-4000000FF1CE}) (Version: 7.1.00.00 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x64) English (HKLM\...\{90F60409-7000-11D3-8CFE-0150048383C9}) (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.23026 (HKLM-x32\...\{BE960C1C-7BAD-3DE6-8B1A-2616FE532845}) (Version: 14.0.23026 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.23026 (HKLM-x32\...\{A2563E55-3BEC-3828-8D67-E5E8B9E8B675}) (Version: 14.0.23026 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29112 (HKLM-x32\...\{0f770e99-3916-4b0c-8f9b-83822826bcbf}) (Version: 14.27.29112.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.27.29112 (HKLM\...\{1B4EDD59-90CE-4BDE-8520-630981088165}) (Version: 14.27.29112 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.27.29112 (HKLM\...\{37BB1766-C587-49AE-B2DB-618FBDEAB88C}) (Version: 14.27.29112 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Word MUI (Slovak) 2013 (HKLM\...\{90150000-001B-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft_VC80_ATL_x86_x64 (HKLM\...\{925D058B-564A-443A-B4B2-7E90C6432E55}) (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (HKLM-x32\...\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}) (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (HKLM\...\{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}) (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (HKLM-x32\...\{D1A19B02-817E-4296-A45B-07853FD74D57}) (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (HKLM\...\{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}) (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (HKLM-x32\...\{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}) (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (HKLM\...\{1E9FC118-651D-4934-97BE-E53CAE5C7D45}) (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (HKLM-x32\...\{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}) (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (HKLM\...\{8557397C-A42D-486F-97B3-A2CBC2372593}) (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (HKLM-x32\...\{08D2E121-7F6A-43EB-97FD-629B44903403}) (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (HKLM\...\{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}) (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (HKLM-x32\...\{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}) (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (HKLM\...\{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}) (Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox (x64 sk) (HKLM\...\Mozilla Firefox 108.0.2 (x64 sk)) (Version: 108.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nero 8 (HKLM-x32\...\{5FCCD531-1B38-4A94-924C-127F722F1051}) (Version: 8.2.89 - Nero AG)
neroxml (HKLM-x32\...\{56C049BE-79E9-4502-BEA7-9754A3E60F9B}) (Version: 1.0.0 - Nero AG) Hidden
Nmap 7.70 (HKLM-x32\...\Nmap) (Version: 7.70 - Nmap Project)
NoteBook FanControl (HKLM-x32\...\{571aa591-06c8-4dc3-938e-06d205a87ce4}) (Version: 1.6.1.0 - Stefan Hirschmann - StagWare)
NoteBook FanControl (HKLM-x32\...\{798653AE-0FC0-4380-AAAF-EF52B1407B79}) (Version: 1.6.1.0 - Stefan Hirschmann - StagWare) Hidden
Npcap 0.99-r2 (HKLM-x32\...\NpcapInst) (Version: 0.99-r2 - Nmap Project)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 26.0.2 - OBS Project)
Odinštalovať tlačiareň EPSON Stylus SX400 Series (HKLM\...\EPSON Stylus SX400 Series) (Version: - SEIKO EPSON Corporation)
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
Radmin Viewer 3.5.2 (HKLM-x32\...\{9F9073EA-5DCE-4B23-8A0C-C7D2C89AEADC}) (Version: 3.52.1.0000 - Famatech)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39053 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7530 - Realtek Semiconductor Corp.)
Redist (HKLM\...\{DD3079E6-48D8-4F2F-AE3F-B89003738390}) (Version: 2.0 - Redist) Hidden
SADPTool (HKLM-x32\...\{7D9B79C2-B1B2-433B-844F-F4299B86F26E}) (Version: 3.0.0.16 - hikvision)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0015-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0016-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0018-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0019-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001A-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001B-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}_Office15.PROPLUSR_{1E8252A7-D489-4BB6-9694-93799FFD33ED}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{DABB9E2A-F054-4F97-9EB2-6992316C6EC7}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{835E4BED-E265-4103-AE14-0B4C70CF3FE8}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-040E-1000-0000000FF1CE}_Office15.PROPLUSR_{0BEA5B9F-ECCB-466F-8AD4-66A0DAD86A56}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{4601BD00-BC9B-4CA2-940C-2552782C7347}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-002C-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{B0E9B602-008E-43F0-8485-08C53F76926B}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0044-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-006E-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{462FD7CD-0F6D-41ED-929F-0AEC8F146E90}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0090-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00A1-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00BA-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{1931508C-C004-4983-81E3-70BE6252904B}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00C1-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{6A703F65-EF3F-45FA-B14F-B74DE1A03B93}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00E1-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00E2-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-012B-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
SolarWinds IP Address Tracker (HKLM-x32\...\InstallShield_{41505E91-CB79-475C-9FC4-8C6A9B613A18}) (Version: 1 - SolarWinds)
Spotify (HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\Spotify) (Version: 1.2.5.1006.g22820f93 - Spotify AB)
SpotiKeep Converter 3.0.10 (HKLM\...\e2855b0a-8583-5741-8c28-e53db40adbe1) (Version: 3.0.10 - SpotiKeep)
StreamFX for OBS Studio version 0.9.2.0 (HKLM\...\{DE56A03A-C8A4-474B-83B0-CFD270262D38}}_is1) (Version: 0.9.2.0 - Xaymars Technology Workshop)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
Unified Remote (HKLM-x32\...\{415B4714-4F8C-49C6-B310-881EAF892CFB}_is1) (Version: 3.6.1 - Unified Intents AB)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
UsbFix Anti-Malware Premium (HKLM-x32\...\Usbfix) (Version: 11.0.2.3 - SOSVirus (SOSVirus.Net))
VCRedistSetup (HKLM-x32\...\{3921A67A-5AB1-4E48-9444-C71814CF3027}) (Version: 1.0.0 - Nero AG) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.45-1 - Wacom Technology Corp.)
Web Components (HKLM-x32\...\{03B13AF8-9625-478A-AF0E-205337B9415A}_is1) (Version: - )
webcamXP 5 Free (HKLM-x32\...\wLite) (Version: 5.9.8.7 - Moonware Studios)
WhatsApp (HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\WhatsApp) (Version: 2.2245.9 - WhatsApp)
Winamp (HKLM-x32\...\Winamp) (Version: 5.8 - Winamp SA)
Windows Kontrola stavu počítača (HKLM\...\{8D6B9DC1-A437-41E0-8DF1-9F37748394AE}) (Version: 3.6.2204.08001 - Microsoft Corporation)
WinRAR archivátor (HKLM\...\WinRAR archiver) (Version: - )
WinRAR archivátor (HKLM-x32\...\WinRAR archiver) (Version: - )
ZWCAD Architecture 2019 English (HKLM\...\{FEC04AC9-A003-1033-A001-BAB53898898A}) (Version: 19.2.2019.0222 - ZWSOFT)
ZWSOFT 2019 Network License Manager(TS) ENU (HKLM\...\{FEC04AC9-2019-0000-A105-BAB53898898A}) (Version: 3.0.0 - ZWSOFT)
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.30.50.0_x64__kgqvnymyfvs32 [2023-02-14] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.237.500.0_x64__kgqvnymyfvs32 [2023-02-24] (king.com)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-02-19] (Canon Inc.)
Car Parking : Real Driver Parking Simulator -> C:\Program Files\WindowsApps\31252IrfanShafi.CarParkingRealDriverParkingSimulat_1.1.0.0_x86__m164m09tj2s82 [2020-08-02] (RLA Secret Solutions) [MS Ad]
Doplnok mediálneho nástroja pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-10-18] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_142.3.139.0_x64__v10z8vjag6ke6 [2023-01-27] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_53.10126.517.0_x64__8wekyb3d8bbwe [2023-02-21] (Microsoft Corporation)
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.19.6301.0_x64__8wekyb3d8bbwe [2023-02-25] (Microsoft Studios)
Musixmatch Lyrics - Sing along Spotify, iTunes, Windows Media Player -> C:\Program Files\WindowsApps\MUSIXMATCH.LYRICS_3.15.15598.0_x86__7gejyv32yt3te [2022-12-26] (Musixmatch) [Startup Task]
Sleep♯ -> C:\Program Files\WindowsApps\40865CJS3.SleepSharp_5.6.0.0_neutral__z61s08h0ks9h4 [2022-12-26] (CJS3) [Startup Task]
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2022-12-09] (Microsoft Studios) [MS Ad]
TreeSize Free (Outdated) -> C:\Program Files\WindowsApps\JAMSoftware.TreeSizeFree_5.0.0.0_x86__37s2tpab2h9zg [2022-11-23] (JAM Software)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x64__8wekyb3d8bbwe [2023-02-24] (Microsoft Corporation)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x86__8wekyb3d8bbwe [2023-02-24] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-622939137-141225199-2558093129-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Pedro\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21063.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\70.0.2.0\drivefsext.dll [2023-02-08] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\70.0.2.0\drivefsext.dll [2023-02-08] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\70.0.2.0\drivefsext.dll [2023-02-08] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\70.0.2.0\drivefsext.dll [2023-02-08] (Google LLC -> Google, Inc.)
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll [2007-12-04] (Nero AG -> Nero AG)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\70.0.2.0\drivefsext.dll [2023-02-08] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2017-10-21] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-02-10] () [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-02-10] () [File not signed]
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\70.0.2.0\drivefsext.dll [2023-02-08] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> No File
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-02-10] () [File not signed]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-02-10] () [File not signed]
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\70.0.2.0\drivefsext.dll [2023-02-08] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-06-12] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2017-10-21] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-02-10] () [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-02-10] () [File not signed]
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Pedro\Desktop\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=efmjfjelnicpmdcmfikempdhlmainjcb
ShortcutWithArgument: C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=efmjfjelnicpmdcmfikempdhlmainjcb
ShortcutWithArgument: C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\Vzdialená plocha Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\Pedro\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\ab54bbbab588e14c\Vzdialená plocha Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\Pedro\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\4dc787a6350dc47a\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=efmjfjelnicpmdcmfikempdhlmainjcb
==================== Loaded Modules (Whitelisted) =============
2018-12-11 20:33 - 2010-02-10 18:10 - 000166400 _____ () [File not signed] C:\Program Files\WinRAR\rarext.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKLM\...\.scr: ZWCAD.SCR.2019 => <==== ATTENTION
==================== Internet Explorer (Whitelisted) ==========
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll => No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\ssv.dll [2019-05-03] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-05-03] (Oracle America, Inc. -> Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2018-03-14] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\localhost -> localhost
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-07-16 12:47 - 2019-01-21 21:12 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\NoteBook FanControl\
HKU\S-1-5-21-622939137-141225199-2558093129-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-622939137-141225199-2558093129-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
Network Binding:
=============
Sieťové pripojenie Bluetooth 2: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Wi-Fi: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "RtHDVBg_LENOVO_DOLBYDRAGON"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "RtHDVBg_Dolby"
HKLM\...\StartupApproved\Run: => "LogiBolt"
HKLM\...\StartupApproved\Run: => "LogiOptions"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "AdobeCS5ServiceManager"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\StartupApproved\Run: => "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\StartupApproved\Run: => "Unified Remote V3"
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\StartupApproved\Run: => "EPSON Stylus SX400"
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{C388B45F-CCF6-4BF4-BEFC-26CC87F09E92}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{2E99B1EB-45F3-466A-8638-C76BE2CA54A4}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{1B7C9459-086B-45BC-839B-8FA7C1553622}C:\program files\obs-studio\bin\64bit\obs64.exe] => (Allow) C:\program files\obs-studio\bin\64bit\obs64.exe (Hugh Bailey -> OBS)
FirewallRules: [TCP Query User{24DA6633-4271-4D34-9973-19236823C09C}C:\program files\obs-studio\bin\64bit\obs64.exe] => (Allow) C:\program files\obs-studio\bin\64bit\obs64.exe (Hugh Bailey -> OBS)
FirewallRules: [UDP Query User{C5FE22E9-7CE3-48B3-9302-7CA89E716661}C:\program files\obs-studio\bin\64bit\obs64.exe] => (Allow) C:\program files\obs-studio\bin\64bit\obs64.exe (Hugh Bailey -> OBS)
FirewallRules: [TCP Query User{2203405E-0F58-4786-AD49-A2821687F7D4}C:\program files\obs-studio\bin\64bit\obs64.exe] => (Allow) C:\program files\obs-studio\bin\64bit\obs64.exe (Hugh Bailey -> OBS)
FirewallRules: [{9271D287-3B03-446A-83CB-9530A05A024B}] => (Allow) C:\Program Files\HP\HP Deskjet 2510 series\Bin\USBSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{0B9605DE-7787-4987-B411-2F1876C02B42}] => (Allow) C:\Users\Pedro\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{2DDE39A1-850E-4706-98AF-E52635C3EDD5}] => (Allow) C:\Users\Pedro\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{C4C0FA74-A80E-472E-8E9C-333FD52D29E0}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{D902211D-9354-4BFE-A06C-26A896976BF0}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [UDP Query User{DEE7462F-B1CE-4F95-B29C-E1A10CCAA945}C:\program files (x86)\sadptool\sadptool.exe] => (Allow) C:\program files (x86)\sadptool\sadptool.exe (HANGZHOU HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> )
FirewallRules: [TCP Query User{E7E5FC45-0E57-41F4-B6E0-16FA99B27206}C:\program files (x86)\sadptool\sadptool.exe] => (Allow) C:\program files (x86)\sadptool\sadptool.exe (HANGZHOU HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> )
FirewallRules: [{46CA0B6B-A7A8-4B4F-94BA-98259D07327E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{497F3415-CA52-44AA-A2AC-1268AFD39677}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{4B72AB8F-20C9-483F-A209-F1D1AF828E67}C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe] => (Allow) C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe (HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> )
FirewallRules: [TCP Query User{D7AFD402-0D73-4241-9E4B-96FC807FFC1E}C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe] => (Allow) C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe (HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> )
FirewallRules: [{5510C1C7-49E0-4511-AC9C-DDBE9FBAA4D2}] => (Allow) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe (Unified Intents AB -> Unified Intents AB)
FirewallRules: [{6480C428-4763-49F2-A368-21E9408CC995}] => (Allow) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe (Unified Intents AB -> Unified Intents AB)
FirewallRules: [TCP Query User{413C9282-9322-4C31-8652-FD0A3DD27DD3}C:\users\pedro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pedro\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{EBC8962A-0A0A-4126-B9CC-2710A822A2F5}C:\users\pedro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pedro\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AAD5C933-D3A9-423E-92A8-5266D5522771}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{DA41A567-E6A4-491E-8D10-D57F70C954FD}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [TCP Query User{831F3986-BE21-4662-BECF-0ADD81D41FEC}C:\users\pedro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pedro\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{502AFB93-29B6-46EC-8671-03896532D7B9}C:\users\pedro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pedro\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{05685123-85C0-4777-A781-AC290F2A5320}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{1335954A-2D6B-4884-A43C-0377DDC054D8}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{8EF246D1-3799-4709-950E-1DF2D3CAF93C}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{AADAE51F-18E5-453D-A09B-2C4EE64F9576}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{F0F8BE16-C3EF-4AAE-8DA8-28FD3D7E6389}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [TCP Query User{4D0E8782-5881-4075-B1ED-93A70CA88E7F}C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe] => (Allow) C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe (HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> )
FirewallRules: [UDP Query User{9FC35E53-68A8-4CC9-AC0B-CA9B20B5FB2F}C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe] => (Allow) C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe (HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> )
FirewallRules: [{8900065F-4283-45C6-BCBC-1E1B1CA8A6EA}] => (Allow) C:\Program Files (x86)\webcamXP5\webcamXP.exe (Steve Niquille -> Moonware Studios)
FirewallRules: [{38EFD0AC-20FA-45CC-B62B-85D929E5BE26}] => (Allow) C:\Program Files (x86)\webcamXP5\webcamXP.exe (Steve Niquille -> Moonware Studios)
FirewallRules: [TCP Query User{C9F451DB-61AC-4584-AABE-6900B1E335F2}C:\program files\ispy\ispy.exe] => (Allow) C:\program files\ispy\ispy.exe (www.ispyconnect.com) [File not signed]
FirewallRules: [UDP Query User{4DC980C1-47DE-4471-B55D-16A7D875384B}C:\program files\ispy\ispy.exe] => (Allow) C:\program files\ispy\ispy.exe (www.ispyconnect.com) [File not signed]
FirewallRules: [TCP Query User{15A8A5D2-2E88-4734-870E-71B45AFDB0B6}C:\program files\ispy\ispy.exe] => (Allow) C:\program files\ispy\ispy.exe (www.ispyconnect.com) [File not signed]
FirewallRules: [UDP Query User{088B0891-220F-42E3-BDCB-769B741751A7}C:\program files\ispy\ispy.exe] => (Allow) C:\program files\ispy\ispy.exe (www.ispyconnect.com) [File not signed]
FirewallRules: [{0010A377-D398-4A97-8477-62168453B890}] => (Block) C:\Program Files\ZWSOFT\ZWCAD Architecture 2019 ENU\ZWCAD.exe (ZWCAD Software Co.,LTD -> ) [File not signed]
FirewallRules: [{09B391FE-B2DD-45E9-B8CE-AEA02835D8DC}] => (Block) C:\Program Files\ZWSOFT\ZWCAD Architecture 2019 ENU\ZWCAD.exe (ZWCAD Software Co.,LTD -> ) [File not signed]
FirewallRules: [{2297F71C-F234-47AC-BF1B-4F086E31397E}] => (Block) C:\Program Files\ZWSOFT\ZWCAD Architecture 2019 ENU\ZwUpdHost.exe (ZWCAD Software Co.,LTD -> )
FirewallRules: [{3B77929C-68BC-4D4C-80A0-D26A32AA91D6}] => (Block) C:\Program Files\ZWSOFT\ZWCAD Architecture 2019 ENU\CrashReportManagement.exe (ZWCAD Software Co.,LTD -> )
FirewallRules: [{A65F403E-AADA-4EE5-BB92-E9E17F40D464}] => (Block) C:\Program Files\ZWSOFT\ZWCAD Architecture 2019 ENU\ZWCAD.exe (ZWCAD Software Co.,LTD -> ) [File not signed]
FirewallRules: [{91D6B42E-8224-4B43-8F64-44DB7B09BA6D}] => (Block) C:\Program Files\ZWSOFT\ZWCAD Architecture 2019 ENU\ZwUpdHost.exe (ZWCAD Software Co.,LTD -> )
FirewallRules: [{98425261-43D4-41AC-8D15-F0DDDC7A0F13}] => (Block) C:\Program Files\ZWSOFT\ZWCAD Architecture 2019 ENU\ZwAuthHost.exe (ZWCAD Software Co.,LTD -> )
FirewallRules: [{FFAFFE88-8026-4E98-8535-74815C7CA262}] => (Block) C:\Program Files\ZWSOFT\ZWCAD Architecture 2019 ENU\ZwAuthHost.exe (ZWCAD Software Co.,LTD -> )
FirewallRules: [{8698031C-4E92-4175-810F-7F0B147FF0E0}] => (Block) C:\Program Files\ZWSOFT\ZWCAD Architecture 2019 ENU\ZWCAD.exe (ZWCAD Software Co.,LTD -> ) [File not signed]
FirewallRules: [{5F894448-A0DF-4403-B664-326DA6715D91}] => (Block) C:\Program Files\ZWSOFT\ZWCAD Architecture 2019 ENU\CrashReportManagement.exe (ZWCAD Software Co.,LTD -> )
FirewallRules: [{C878023A-519A-4610-8D65-EAB63CFE84D4}] => (Block) C:\Program Files\ZWSOFT\ZWCAD Architecture 2019 ENU\ArchZw14\ArchZw.exe (ZWCAD Software Co.,LTD -> )
FirewallRules: [{D10FE3E4-A4AC-4272-B993-C587DA7A46C1}] => (Block) C:\Program Files\ZWSOFT\ZWCAD Architecture 2019 ENU\ArchZw14\ArchZw.exe (ZWCAD Software Co.,LTD -> )
FirewallRules: [{B9F554B2-66DB-443B-96F7-83DBCC1767C5}] => (Block) C:\Program Files\ZWSOFT\ZWCAD Architecture 2019 ENU\ZwUpdHost.exe (ZWCAD Software Co.,LTD -> )
FirewallRules: [{E0D14554-71EC-4D15-A792-3F2610B4BBC7}] => (Block) C:\Program Files\ZWSOFT\ZWCAD Architecture 2019 ENU\ZwUpdHost.exe (ZWCAD Software Co.,LTD -> )
FirewallRules: [TCP Query User{7B3281BF-99CF-42BC-BE09-2D30C5CCDA79}C:\users\pedro\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\pedro\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{66C37EC1-8CE3-4214-829B-B6D95485D6AD}C:\users\pedro\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\pedro\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{7C26A1C5-24E2-4DE0-AB33-CA4B7F5DB5D8}C:\program files\ivms-4200 station\ivms-4200\ivms-4200 storage\nvrstoragesever.exe] => (Block) C:\program files\ivms-4200 station\ivms-4200\ivms-4200 storage\nvrstoragesever.exe (HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> )
FirewallRules: [UDP Query User{7A9CE0B8-0D21-44C5-98DF-9651B3E6ED11}C:\program files\ivms-4200 station\ivms-4200\ivms-4200 storage\nvrstoragesever.exe] => (Block) C:\program files\ivms-4200 station\ivms-4200\ivms-4200 storage\nvrstoragesever.exe (HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> )
FirewallRules: [{8168A9FB-3C3B-4623-A73E-7B0584D72B3E}] => (Allow) C:\Program Files\WindowsApps\MUSIXMATCH.LYRICS_3.15.15598.0_x86__7gejyv32yt3te\app\Musixmatch.exe (Musixmatch) [File not signed]
FirewallRules: [{9F518D6C-CB86-430D-894F-2FD85388E173}] => (Allow) C:\Program Files\WindowsApps\MUSIXMATCH.LYRICS_3.15.15598.0_x86__7gejyv32yt3te\app\Musixmatch.exe (Musixmatch) [File not signed]
FirewallRules: [TCP Query User{7864D477-7AC5-4369-A57A-A431E159EA1E}C:\program files (x86)\configtool\configtool.exe] => (Allow) C:\program files (x86)\configtool\configtool.exe () [File not signed]
FirewallRules: [UDP Query User{73D660F5-1C2A-4795-B3C9-89012BE39A1E}C:\program files (x86)\configtool\configtool.exe] => (Allow) C:\program files (x86)\configtool\configtool.exe () [File not signed]
FirewallRules: [TCP Query User{F0E400AB-62F9-4C39-926A-9A8E5FD2BC38}C:\program files\webrec\torch\3.3.16559.0\webactivex3.3.16559.0.exe] => (Allow) C:\program files\webrec\torch\3.3.16559.0\webactivex3.3.16559.0.exe (Zhejiang Dahua Technology CO.,LTD. -> )
FirewallRules: [UDP Query User{4946C431-229A-45C0-9E77-3A5EB0388CD2}C:\program files\webrec\torch\3.3.16559.0\webactivex3.3.16559.0.exe] => (Allow) C:\program files\webrec\torch\3.3.16559.0\webactivex3.3.16559.0.exe (Zhejiang Dahua Technology CO.,LTD. -> )
FirewallRules: [{3B43F624-4555-4714-890B-8AA1307BBD01}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{D42AD2FE-4EF8-403A-96D7-A28D2D5474E1}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\111.0.5563.12\remoting_host.exe (Google LLC -> Google LLC)
FirewallRules: [{58938B15-698A-405E-A21A-E985A79A384D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3426.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{41CF3399-9279-472C-BC0F-A2581F718FAC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3426.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EA12A41A-035B-4BCC-991F-BF5EA4A541FF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3426.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{59B915E5-2740-4BCC-B521-4B1DD08ACA06}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3426.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{212EDB56-99F0-462D-A6CE-0B75209067CA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{3AD4ECAE-1F9D-46C9-89E2-3BE6F84940CF}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\110.0.1587.57\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
22-02-2023 10:04:53 Scheduled Checkpoint
28-02-2023 22:24:25 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (02/15/2023 06:00:22 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (02/15/2023 06:00:22 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (02/15/2023 06:00:22 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (02/15/2023 06:00:22 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (02/15/2023 06:00:21 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (02/15/2023 06:00:21 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (02/15/2023 06:00:21 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (02/15/2023 06:00:21 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
System errors:
=============
Error: (02/28/2023 10:53:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Vzdialená plocha Chrome sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 60000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
Error: (02/28/2023 10:53:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Wacom Professional Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (02/28/2023 10:53:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Luxriot EVO Server Watchdog sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (02/28/2023 10:53:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Slovak Canon IJ Scan Utility register event sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (02/28/2023 10:53:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SynTPEnh Caller Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (02/28/2023 10:53:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) HD Graphics Control Panel Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (02/28/2023 10:53:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel Bluetooth Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (02/27/2023 10:16:44 AM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 1) (User: NT AUTHORITY)
Description: A fatal hardware error has occurred. A record describing the condition is contained in the data section of this event.
Windows Defender:
================
Date: 2023-02-28 00:02:31
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-02-27 00:02:30
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-02-26 00:02:29
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-02-25 00:02:28
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-02-24 00:02:31
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
CodeIntegrity:
===============
Date: 2023-02-16 00:17:05
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-02-15 18:01:51
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\uvhid.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2023-01-13 06:56:49
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-01-02 22:57:33
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume4\Program Files\Mozilla Firefox\mozavcodec.dll that did not meet the Microsoft signing level requirements.
Date: 2023-01-02 22:57:32
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume4\Program Files\Mozilla Firefox\mozavutil.dll that did not meet the Microsoft signing level requirements.
Date: 2022-11-18 23:24:31
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO 96CN27WW(V1.13) 09/09/2014
Motherboard: LENOVO INVALID
Processor: Intel(R) Core(TM) i3-4030U CPU @ 1.90GHz
Percentage of memory in use: 64%
Total physical RAM: 4016.96 MB
Available physical RAM: 1427.62 MB
Total Virtual: 5885.4 MB
Available Virtual: 2834.61 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:174.44 GB) (Free:68.07 GB) (Model: WDC WD5000M22K-24Z1LT0-SSHD-16GB) NTFS
Drive d: () (Fixed) (Total:289.98 GB) (Free:46.47 GB) (Model: WDC WD5000M22K-24Z1LT0-SSHD-16GB) NTFS
\\?\Volume{c42e0060-dd36-4a0a-b90a-e93a14540c60}\ () (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{3033b16a-2a35-45a7-b950-de364193d5ce}\ () (Fixed) (Total:0.78 GB) (Free:0.29 GB) NTFS
\\?\Volume{b9545704-433d-4fc6-af0d-de40f2ded245}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 2B66F383)
Partition: GPT.
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Spomaleny system
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118241
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomaleny system
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Spomaleny system
OK, tak ešte raz som dal AdwCleaner, ale nenašlo opäť nič:
# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 03-01-2023
# Duration: 00:00:37
# OS: Windows 10 (Build 19045.2604)
# Scanned: 32100
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner[S00].txt - [1902 octets] - [08/01/2019 08:58:57]
AdwCleaner[C00].txt - [1956 octets] - [08/01/2019 08:59:41]
AdwCleaner[S01].txt - [1384 octets] - [12/01/2019 10:27:57]
AdwCleaner[C01].txt - [1550 octets] - [12/01/2019 10:28:34]
AdwCleaner[S02].txt - [1506 octets] - [16/01/2019 17:23:51]
AdwCleaner[C02].txt - [1672 octets] - [16/01/2019 17:25:21]
AdwCleaner[S03].txt - [1628 octets] - [16/01/2019 17:31:07]
AdwCleaner[S04].txt - [1689 octets] - [17/01/2019 22:15:21]
AdwCleaner[C04].txt - [1855 octets] - [17/01/2019 22:15:55]
AdwCleaner[S05].txt - [1811 octets] - [21/01/2019 18:58:25]
AdwCleaner[C05].txt - [1977 octets] - [21/01/2019 18:59:17]
AdwCleaner[S06].txt - [1953 octets] - [18/03/2019 22:20:42]
AdwCleaner[C06].txt - [2096 octets] - [18/03/2019 22:22:08]
AdwCleaner[S07].txt - [2134 octets] - [12/04/2019 08:42:26]
AdwCleaner[C07].txt - [2257 octets] - [12/04/2019 08:43:47]
AdwCleaner[S08].txt - [2197 octets] - [17/04/2019 20:08:49]
AdwCleaner[C08].txt - [2340 octets] - [17/04/2019 20:09:18]
AdwCleaner[S09].txt - [2319 octets] - [27/04/2019 06:16:50]
AdwCleaner[C09].txt - [2462 octets] - [27/04/2019 06:17:49]
AdwCleaner[S10].txt - [2441 octets] - [09/05/2019 00:13:21]
AdwCleaner[C10].txt - [2584 octets] - [09/05/2019 00:14:45]
AdwCleaner[S11].txt - [2563 octets] - [09/05/2019 16:02:04]
AdwCleaner[C11].txt - [2706 octets] - [09/05/2019 16:08:20]
AdwCleaner[S12].txt - [2685 octets] - [10/05/2019 17:53:36]
AdwCleaner[C12].txt - [2828 octets] - [10/05/2019 17:54:01]
AdwCleaner[S13].txt - [2795 octets] - [27/05/2019 19:15:46]
AdwCleaner[C13].txt - [2958 octets] - [27/05/2019 19:17:15]
AdwCleaner[S14].txt - [2917 octets] - [03/06/2019 18:13:33]
AdwCleaner[C14].txt - [3080 octets] - [03/06/2019 18:14:31]
AdwCleaner[S15].txt - [3039 octets] - [06/06/2019 18:29:10]
AdwCleaner[C15].txt - [3202 octets] - [06/06/2019 18:30:47]
AdwCleaner[S16].txt - [3161 octets] - [13/06/2019 09:48:42]
AdwCleaner[C16].txt - [3324 octets] - [13/06/2019 09:49:12]
AdwCleaner[S17].txt - [3283 octets] - [13/06/2019 10:57:01]
AdwCleaner[S18].txt - [3344 octets] - [20/07/2019 08:53:43]
AdwCleaner[C18].txt - [3507 octets] - [20/07/2019 08:54:13]
AdwCleaner[S19].txt - [3466 octets] - [21/07/2019 12:11:40]
AdwCleaner[S20].txt - [3527 octets] - [08/08/2019 13:03:06]
AdwCleaner[C20].txt - [3690 octets] - [08/08/2019 13:04:26]
AdwCleaner_Debug.log - [118586 octets] - [23/09/2019 18:44:18]
AdwCleaner[S21].txt - [3787 octets] - [23/09/2019 18:44:59]
AdwCleaner[C21].txt - [3952 octets] - [23/09/2019 18:48:29]
AdwCleaner[S22].txt - [3921 octets] - [03/10/2019 22:46:40]
AdwCleaner[C22].txt - [4086 octets] - [03/10/2019 22:47:37]
AdwCleaner[S23].txt - [4043 octets] - [13/10/2019 15:03:40]
AdwCleaner[C23].txt - [4208 octets] - [13/10/2019 15:04:44]
AdwCleaner[S24].txt - [4165 octets] - [29/10/2019 05:14:11]
AdwCleaner[C24].txt - [4330 octets] - [29/10/2019 05:18:55]
AdwCleaner[S25].txt - [4287 octets] - [12/11/2019 22:10:13]
AdwCleaner[C25].txt - [4452 octets] - [12/11/2019 22:18:03]
AdwCleaner[S26].txt - [4409 octets] - [14/11/2019 21:42:26]
AdwCleaner[C26].txt - [4574 octets] - [14/11/2019 21:43:27]
AdwCleaner[S27].txt - [4531 octets] - [14/11/2019 22:31:46]
AdwCleaner[C27].txt - [4696 octets] - [14/11/2019 22:34:05]
AdwCleaner[S28].txt - [4653 octets] - [26/11/2019 19:14:32]
AdwCleaner[C28].txt - [4819 octets] - [26/11/2019 19:17:28]
AdwCleaner[S29].txt - [4776 octets] - [28/12/2019 22:59:05]
AdwCleaner[C29].txt - [4941 octets] - [28/12/2019 23:53:47]
AdwCleaner[S30].txt - [4867 octets] - [31/12/2019 11:47:23]
AdwCleaner[S31].txt - [4928 octets] - [08/01/2020 18:17:42]
AdwCleaner[S32].txt - [4989 octets] - [19/01/2020 17:53:51]
AdwCleaner[C32].txt - [5177 octets] - [19/01/2020 17:55:29]
AdwCleaner[S33].txt - [5191 octets] - [31/01/2020 06:32:09]
AdwCleaner[S34].txt - [5252 octets] - [03/02/2020 16:31:42]
AdwCleaner[C34].txt - [5442 octets] - [03/02/2020 16:58:07]
AdwCleaner[S35].txt - [5374 octets] - [04/02/2020 21:43:05]
AdwCleaner[S36].txt - [5435 octets] - [08/02/2020 21:06:26]
AdwCleaner[S37].txt - [5496 octets] - [29/03/2020 11:20:16]
AdwCleaner[C37].txt - [5686 octets] - [29/03/2020 11:22:29]
AdwCleaner[S38].txt - [5618 octets] - [11/04/2020 00:27:29]
AdwCleaner[C38].txt - [5808 octets] - [11/04/2020 00:49:19]
AdwCleaner[S39].txt - [5740 octets] - [21/04/2020 07:11:22]
AdwCleaner[S40].txt - [5801 octets] - [02/05/2020 17:18:00]
AdwCleaner[C40].txt - [5991 octets] - [02/05/2020 17:20:02]
AdwCleaner[S41].txt - [5923 octets] - [24/05/2020 17:14:33]
AdwCleaner[C41].txt - [6113 octets] - [24/05/2020 17:20:04]
AdwCleaner[S42].txt - [6045 octets] - [12/07/2020 08:39:17]
AdwCleaner[C42].txt - [6235 octets] - [12/07/2020 09:06:38]
AdwCleaner[S43].txt - [6167 octets] - [02/08/2020 10:18:51]
AdwCleaner[C43].txt - [6357 octets] - [02/08/2020 10:25:17]
AdwCleaner[S44].txt - [6289 octets] - [14/08/2020 22:12:29]
AdwCleaner[C44].txt - [6479 octets] - [14/08/2020 22:13:07]
AdwCleaner[S45].txt - [6411 octets] - [07/10/2020 19:26:02]
AdwCleaner[S46].txt - [6472 octets] - [18/10/2020 08:34:37]
AdwCleaner[C46].txt - [6662 octets] - [18/10/2020 08:37:53]
AdwCleaner[S47].txt - [6594 octets] - [31/10/2020 12:49:46]
AdwCleaner[C47].txt - [6784 octets] - [31/10/2020 12:50:30]
AdwCleaner[S48].txt - [6716 octets] - [10/11/2020 19:44:06]
AdwCleaner[C48].txt - [6906 octets] - [10/11/2020 19:46:04]
AdwCleaner[S49].txt - [6838 octets] - [22/11/2020 14:50:39]
AdwCleaner[S50].txt - [6899 octets] - [22/11/2020 15:09:21]
AdwCleaner[C50].txt - [7089 octets] - [22/11/2020 15:18:15]
AdwCleaner[S51].txt - [7021 octets] - [22/12/2020 23:52:07]
AdwCleaner[C51].txt - [7211 octets] - [22/12/2020 23:53:42]
AdwCleaner[S52].txt - [7143 octets] - [03/01/2021 00:51:37]
AdwCleaner[C52].txt - [7333 octets] - [03/01/2021 01:01:11]
AdwCleaner[S53].txt - [7264 octets] - [27/02/2021 18:26:40]
AdwCleaner[C53].txt - [7455 octets] - [27/02/2021 18:28:07]
AdwCleaner[S54].txt - [7386 octets] - [13/03/2021 07:57:24]
AdwCleaner[C54].txt - [7577 octets] - [13/03/2021 08:04:23]
AdwCleaner[S55].txt - [7508 octets] - [21/04/2021 09:00:07]
AdwCleaner[C55].txt - [7699 octets] - [21/04/2021 09:00:37]
AdwCleaner[S56].txt - [7631 octets] - [16/05/2021 19:13:04]
AdwCleaner[C56].txt - [7821 octets] - [16/05/2021 19:15:51]
AdwCleaner[S57].txt - [7753 octets] - [16/05/2021 19:17:11]
AdwCleaner[C57].txt - [7943 octets] - [16/05/2021 19:17:21]
AdwCleaner[S58].txt - [7875 octets] - [21/05/2021 08:47:03]
AdwCleaner[C58].txt - [8065 octets] - [21/05/2021 08:49:57]
AdwCleaner[S59].txt - [7997 octets] - [24/05/2021 23:08:06]
AdwCleaner[C59].txt - [8187 octets] - [24/05/2021 23:13:02]
AdwCleaner[S60].txt - [8119 octets] - [24/05/2021 23:13:30]
AdwCleaner[S61].txt - [8180 octets] - [29/05/2021 18:13:07]
AdwCleaner[S62].txt - [8241 octets] - [07/06/2021 21:19:00]
AdwCleaner[S63].txt - [8302 octets] - [07/06/2021 21:23:05]
AdwCleaner[C63].txt - [8492 octets] - [07/06/2021 21:23:29]
AdwCleaner[S64].txt - [8424 octets] - [29/06/2021 09:55:02]
AdwCleaner[C64].txt - [8614 octets] - [29/06/2021 13:02:18]
AdwCleaner[S65].txt - [8546 octets] - [04/07/2021 12:47:51]
AdwCleaner[C65].txt - [8736 octets] - [04/07/2021 12:52:07]
AdwCleaner[S66].txt - [8668 octets] - [09/07/2021 06:01:13]
AdwCleaner[C66].txt - [8858 octets] - [09/07/2021 06:28:42]
AdwCleaner[S67].txt - [8790 octets] - [25/08/2021 19:40:59]
AdwCleaner[C67].txt - [8980 octets] - [25/08/2021 19:41:32]
AdwCleaner[S68].txt - [8912 octets] - [15/09/2021 21:34:13]
AdwCleaner[C68].txt - [9102 octets] - [15/09/2021 21:37:34]
AdwCleaner[S69].txt - [9034 octets] - [09/10/2021 16:18:53]
AdwCleaner[C69].txt - [9224 octets] - [09/10/2021 21:11:47]
AdwCleaner[S70].txt - [9156 octets] - [23/10/2021 11:23:14]
AdwCleaner[S71].txt - [9217 octets] - [31/10/2021 12:04:26]
AdwCleaner[S72].txt - [9278 octets] - [14/11/2021 18:36:58]
AdwCleaner[C72].txt - [9468 octets] - [14/11/2021 21:18:23]
AdwCleaner[S73].txt - [9400 octets] - [06/01/2022 22:33:10]
AdwCleaner[C73].txt - [9590 octets] - [06/01/2022 22:34:09]
AdwCleaner[S74].txt - [9522 octets] - [06/02/2022 14:58:24]
AdwCleaner[S75].txt - [9583 octets] - [02/03/2022 11:41:56]
AdwCleaner[C75].txt - [9773 octets] - [02/03/2022 11:42:42]
AdwCleaner[S76].txt - [9705 octets] - [28/03/2022 15:30:07]
AdwCleaner[S77].txt - [9766 octets] - [09/04/2022 07:52:31]
AdwCleaner[S78].txt - [9827 octets] - [16/04/2022 14:09:20]
AdwCleaner[S79].txt - [9888 octets] - [12/05/2022 09:01:28]
AdwCleaner[C79].txt - [10078 octets] - [12/05/2022 09:01:55]
AdwCleaner[S80].txt - [10011 octets] - [05/06/2022 16:56:40]
AdwCleaner[C80].txt - [10202 octets] - [05/06/2022 16:59:15]
AdwCleaner[S81].txt - [10135 octets] - [25/08/2022 00:09:32]
AdwCleaner[C81].txt - [10326 octets] - [25/08/2022 00:10:52]
AdwCleaner[S82].txt - [10334 octets] - [18/11/2022 19:06:54]
AdwCleaner[C82].txt - [10505 octets] - [18/11/2022 19:07:19]
AdwCleaner[S83].txt - [10397 octets] - [02/01/2023 22:33:49]
AdwCleaner[C83].txt - [10588 octets] - [02/01/2023 22:35:12]
AdwCleaner[S84].txt - [10521 octets] - [07/01/2023 14:56:50]
AdwCleaner[S85].txt - [10583 octets] - [07/02/2023 19:27:48]
AdwCleaner[C85].txt - [10774 octets] - [07/02/2023 19:29:36]
AdwCleaner[S86].txt - [10707 octets] - [28/02/2023 22:23:48]
AdwCleaner[S87].txt - [10769 octets] - [28/02/2023 22:52:45]
AdwCleaner[C87].txt - [10960 octets] - [28/02/2023 22:53:12]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S88].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 03-01-2023
# Duration: 00:00:37
# OS: Windows 10 (Build 19045.2604)
# Scanned: 32100
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner[S00].txt - [1902 octets] - [08/01/2019 08:58:57]
AdwCleaner[C00].txt - [1956 octets] - [08/01/2019 08:59:41]
AdwCleaner[S01].txt - [1384 octets] - [12/01/2019 10:27:57]
AdwCleaner[C01].txt - [1550 octets] - [12/01/2019 10:28:34]
AdwCleaner[S02].txt - [1506 octets] - [16/01/2019 17:23:51]
AdwCleaner[C02].txt - [1672 octets] - [16/01/2019 17:25:21]
AdwCleaner[S03].txt - [1628 octets] - [16/01/2019 17:31:07]
AdwCleaner[S04].txt - [1689 octets] - [17/01/2019 22:15:21]
AdwCleaner[C04].txt - [1855 octets] - [17/01/2019 22:15:55]
AdwCleaner[S05].txt - [1811 octets] - [21/01/2019 18:58:25]
AdwCleaner[C05].txt - [1977 octets] - [21/01/2019 18:59:17]
AdwCleaner[S06].txt - [1953 octets] - [18/03/2019 22:20:42]
AdwCleaner[C06].txt - [2096 octets] - [18/03/2019 22:22:08]
AdwCleaner[S07].txt - [2134 octets] - [12/04/2019 08:42:26]
AdwCleaner[C07].txt - [2257 octets] - [12/04/2019 08:43:47]
AdwCleaner[S08].txt - [2197 octets] - [17/04/2019 20:08:49]
AdwCleaner[C08].txt - [2340 octets] - [17/04/2019 20:09:18]
AdwCleaner[S09].txt - [2319 octets] - [27/04/2019 06:16:50]
AdwCleaner[C09].txt - [2462 octets] - [27/04/2019 06:17:49]
AdwCleaner[S10].txt - [2441 octets] - [09/05/2019 00:13:21]
AdwCleaner[C10].txt - [2584 octets] - [09/05/2019 00:14:45]
AdwCleaner[S11].txt - [2563 octets] - [09/05/2019 16:02:04]
AdwCleaner[C11].txt - [2706 octets] - [09/05/2019 16:08:20]
AdwCleaner[S12].txt - [2685 octets] - [10/05/2019 17:53:36]
AdwCleaner[C12].txt - [2828 octets] - [10/05/2019 17:54:01]
AdwCleaner[S13].txt - [2795 octets] - [27/05/2019 19:15:46]
AdwCleaner[C13].txt - [2958 octets] - [27/05/2019 19:17:15]
AdwCleaner[S14].txt - [2917 octets] - [03/06/2019 18:13:33]
AdwCleaner[C14].txt - [3080 octets] - [03/06/2019 18:14:31]
AdwCleaner[S15].txt - [3039 octets] - [06/06/2019 18:29:10]
AdwCleaner[C15].txt - [3202 octets] - [06/06/2019 18:30:47]
AdwCleaner[S16].txt - [3161 octets] - [13/06/2019 09:48:42]
AdwCleaner[C16].txt - [3324 octets] - [13/06/2019 09:49:12]
AdwCleaner[S17].txt - [3283 octets] - [13/06/2019 10:57:01]
AdwCleaner[S18].txt - [3344 octets] - [20/07/2019 08:53:43]
AdwCleaner[C18].txt - [3507 octets] - [20/07/2019 08:54:13]
AdwCleaner[S19].txt - [3466 octets] - [21/07/2019 12:11:40]
AdwCleaner[S20].txt - [3527 octets] - [08/08/2019 13:03:06]
AdwCleaner[C20].txt - [3690 octets] - [08/08/2019 13:04:26]
AdwCleaner_Debug.log - [118586 octets] - [23/09/2019 18:44:18]
AdwCleaner[S21].txt - [3787 octets] - [23/09/2019 18:44:59]
AdwCleaner[C21].txt - [3952 octets] - [23/09/2019 18:48:29]
AdwCleaner[S22].txt - [3921 octets] - [03/10/2019 22:46:40]
AdwCleaner[C22].txt - [4086 octets] - [03/10/2019 22:47:37]
AdwCleaner[S23].txt - [4043 octets] - [13/10/2019 15:03:40]
AdwCleaner[C23].txt - [4208 octets] - [13/10/2019 15:04:44]
AdwCleaner[S24].txt - [4165 octets] - [29/10/2019 05:14:11]
AdwCleaner[C24].txt - [4330 octets] - [29/10/2019 05:18:55]
AdwCleaner[S25].txt - [4287 octets] - [12/11/2019 22:10:13]
AdwCleaner[C25].txt - [4452 octets] - [12/11/2019 22:18:03]
AdwCleaner[S26].txt - [4409 octets] - [14/11/2019 21:42:26]
AdwCleaner[C26].txt - [4574 octets] - [14/11/2019 21:43:27]
AdwCleaner[S27].txt - [4531 octets] - [14/11/2019 22:31:46]
AdwCleaner[C27].txt - [4696 octets] - [14/11/2019 22:34:05]
AdwCleaner[S28].txt - [4653 octets] - [26/11/2019 19:14:32]
AdwCleaner[C28].txt - [4819 octets] - [26/11/2019 19:17:28]
AdwCleaner[S29].txt - [4776 octets] - [28/12/2019 22:59:05]
AdwCleaner[C29].txt - [4941 octets] - [28/12/2019 23:53:47]
AdwCleaner[S30].txt - [4867 octets] - [31/12/2019 11:47:23]
AdwCleaner[S31].txt - [4928 octets] - [08/01/2020 18:17:42]
AdwCleaner[S32].txt - [4989 octets] - [19/01/2020 17:53:51]
AdwCleaner[C32].txt - [5177 octets] - [19/01/2020 17:55:29]
AdwCleaner[S33].txt - [5191 octets] - [31/01/2020 06:32:09]
AdwCleaner[S34].txt - [5252 octets] - [03/02/2020 16:31:42]
AdwCleaner[C34].txt - [5442 octets] - [03/02/2020 16:58:07]
AdwCleaner[S35].txt - [5374 octets] - [04/02/2020 21:43:05]
AdwCleaner[S36].txt - [5435 octets] - [08/02/2020 21:06:26]
AdwCleaner[S37].txt - [5496 octets] - [29/03/2020 11:20:16]
AdwCleaner[C37].txt - [5686 octets] - [29/03/2020 11:22:29]
AdwCleaner[S38].txt - [5618 octets] - [11/04/2020 00:27:29]
AdwCleaner[C38].txt - [5808 octets] - [11/04/2020 00:49:19]
AdwCleaner[S39].txt - [5740 octets] - [21/04/2020 07:11:22]
AdwCleaner[S40].txt - [5801 octets] - [02/05/2020 17:18:00]
AdwCleaner[C40].txt - [5991 octets] - [02/05/2020 17:20:02]
AdwCleaner[S41].txt - [5923 octets] - [24/05/2020 17:14:33]
AdwCleaner[C41].txt - [6113 octets] - [24/05/2020 17:20:04]
AdwCleaner[S42].txt - [6045 octets] - [12/07/2020 08:39:17]
AdwCleaner[C42].txt - [6235 octets] - [12/07/2020 09:06:38]
AdwCleaner[S43].txt - [6167 octets] - [02/08/2020 10:18:51]
AdwCleaner[C43].txt - [6357 octets] - [02/08/2020 10:25:17]
AdwCleaner[S44].txt - [6289 octets] - [14/08/2020 22:12:29]
AdwCleaner[C44].txt - [6479 octets] - [14/08/2020 22:13:07]
AdwCleaner[S45].txt - [6411 octets] - [07/10/2020 19:26:02]
AdwCleaner[S46].txt - [6472 octets] - [18/10/2020 08:34:37]
AdwCleaner[C46].txt - [6662 octets] - [18/10/2020 08:37:53]
AdwCleaner[S47].txt - [6594 octets] - [31/10/2020 12:49:46]
AdwCleaner[C47].txt - [6784 octets] - [31/10/2020 12:50:30]
AdwCleaner[S48].txt - [6716 octets] - [10/11/2020 19:44:06]
AdwCleaner[C48].txt - [6906 octets] - [10/11/2020 19:46:04]
AdwCleaner[S49].txt - [6838 octets] - [22/11/2020 14:50:39]
AdwCleaner[S50].txt - [6899 octets] - [22/11/2020 15:09:21]
AdwCleaner[C50].txt - [7089 octets] - [22/11/2020 15:18:15]
AdwCleaner[S51].txt - [7021 octets] - [22/12/2020 23:52:07]
AdwCleaner[C51].txt - [7211 octets] - [22/12/2020 23:53:42]
AdwCleaner[S52].txt - [7143 octets] - [03/01/2021 00:51:37]
AdwCleaner[C52].txt - [7333 octets] - [03/01/2021 01:01:11]
AdwCleaner[S53].txt - [7264 octets] - [27/02/2021 18:26:40]
AdwCleaner[C53].txt - [7455 octets] - [27/02/2021 18:28:07]
AdwCleaner[S54].txt - [7386 octets] - [13/03/2021 07:57:24]
AdwCleaner[C54].txt - [7577 octets] - [13/03/2021 08:04:23]
AdwCleaner[S55].txt - [7508 octets] - [21/04/2021 09:00:07]
AdwCleaner[C55].txt - [7699 octets] - [21/04/2021 09:00:37]
AdwCleaner[S56].txt - [7631 octets] - [16/05/2021 19:13:04]
AdwCleaner[C56].txt - [7821 octets] - [16/05/2021 19:15:51]
AdwCleaner[S57].txt - [7753 octets] - [16/05/2021 19:17:11]
AdwCleaner[C57].txt - [7943 octets] - [16/05/2021 19:17:21]
AdwCleaner[S58].txt - [7875 octets] - [21/05/2021 08:47:03]
AdwCleaner[C58].txt - [8065 octets] - [21/05/2021 08:49:57]
AdwCleaner[S59].txt - [7997 octets] - [24/05/2021 23:08:06]
AdwCleaner[C59].txt - [8187 octets] - [24/05/2021 23:13:02]
AdwCleaner[S60].txt - [8119 octets] - [24/05/2021 23:13:30]
AdwCleaner[S61].txt - [8180 octets] - [29/05/2021 18:13:07]
AdwCleaner[S62].txt - [8241 octets] - [07/06/2021 21:19:00]
AdwCleaner[S63].txt - [8302 octets] - [07/06/2021 21:23:05]
AdwCleaner[C63].txt - [8492 octets] - [07/06/2021 21:23:29]
AdwCleaner[S64].txt - [8424 octets] - [29/06/2021 09:55:02]
AdwCleaner[C64].txt - [8614 octets] - [29/06/2021 13:02:18]
AdwCleaner[S65].txt - [8546 octets] - [04/07/2021 12:47:51]
AdwCleaner[C65].txt - [8736 octets] - [04/07/2021 12:52:07]
AdwCleaner[S66].txt - [8668 octets] - [09/07/2021 06:01:13]
AdwCleaner[C66].txt - [8858 octets] - [09/07/2021 06:28:42]
AdwCleaner[S67].txt - [8790 octets] - [25/08/2021 19:40:59]
AdwCleaner[C67].txt - [8980 octets] - [25/08/2021 19:41:32]
AdwCleaner[S68].txt - [8912 octets] - [15/09/2021 21:34:13]
AdwCleaner[C68].txt - [9102 octets] - [15/09/2021 21:37:34]
AdwCleaner[S69].txt - [9034 octets] - [09/10/2021 16:18:53]
AdwCleaner[C69].txt - [9224 octets] - [09/10/2021 21:11:47]
AdwCleaner[S70].txt - [9156 octets] - [23/10/2021 11:23:14]
AdwCleaner[S71].txt - [9217 octets] - [31/10/2021 12:04:26]
AdwCleaner[S72].txt - [9278 octets] - [14/11/2021 18:36:58]
AdwCleaner[C72].txt - [9468 octets] - [14/11/2021 21:18:23]
AdwCleaner[S73].txt - [9400 octets] - [06/01/2022 22:33:10]
AdwCleaner[C73].txt - [9590 octets] - [06/01/2022 22:34:09]
AdwCleaner[S74].txt - [9522 octets] - [06/02/2022 14:58:24]
AdwCleaner[S75].txt - [9583 octets] - [02/03/2022 11:41:56]
AdwCleaner[C75].txt - [9773 octets] - [02/03/2022 11:42:42]
AdwCleaner[S76].txt - [9705 octets] - [28/03/2022 15:30:07]
AdwCleaner[S77].txt - [9766 octets] - [09/04/2022 07:52:31]
AdwCleaner[S78].txt - [9827 octets] - [16/04/2022 14:09:20]
AdwCleaner[S79].txt - [9888 octets] - [12/05/2022 09:01:28]
AdwCleaner[C79].txt - [10078 octets] - [12/05/2022 09:01:55]
AdwCleaner[S80].txt - [10011 octets] - [05/06/2022 16:56:40]
AdwCleaner[C80].txt - [10202 octets] - [05/06/2022 16:59:15]
AdwCleaner[S81].txt - [10135 octets] - [25/08/2022 00:09:32]
AdwCleaner[C81].txt - [10326 octets] - [25/08/2022 00:10:52]
AdwCleaner[S82].txt - [10334 octets] - [18/11/2022 19:06:54]
AdwCleaner[C82].txt - [10505 octets] - [18/11/2022 19:07:19]
AdwCleaner[S83].txt - [10397 octets] - [02/01/2023 22:33:49]
AdwCleaner[C83].txt - [10588 octets] - [02/01/2023 22:35:12]
AdwCleaner[S84].txt - [10521 octets] - [07/01/2023 14:56:50]
AdwCleaner[S85].txt - [10583 octets] - [07/02/2023 19:27:48]
AdwCleaner[C85].txt - [10774 octets] - [07/02/2023 19:29:36]
AdwCleaner[S86].txt - [10707 octets] - [28/02/2023 22:23:48]
AdwCleaner[S87].txt - [10769 octets] - [28/02/2023 22:52:45]
AdwCleaner[C87].txt - [10960 octets] - [28/02/2023 22:53:12]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S88].txt ##########
Re: Spomaleny system
Nový FRST log + Addition:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-02-2023
Ran by Pedro (administrator) on DESKTOP-NVJD1LG (LENOVO 20344) (01-03-2023 15:22:42)
Running from C:\Users\Pedro\Desktop
Loaded Profiles: Pedro
Platform: Microsoft Windows 10 Home Version 22H2 19045.2604 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCopyAccelerator.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <19>
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Remote Desktop\111.0.5563.12\remoting_desktop.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(services.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Remote Desktop\111.0.5563.12\remoting_host.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21344.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21344.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-11] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-11] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-11] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-11] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [9309936 2015-09-10] (Realtek Semiconductor Corp -> Realtek semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3961528 2016-11-04] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1690368 2022-07-22] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [LogiBolt] => C:\Program Files\Logi\LogiBolt\LogiBolt.exe [22423104 2021-12-14] (Logitech Inc -> Logitech)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\70.0.2.0\GoogleDriveFS.exe [51889432 2023-02-08] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\70.0.2.0\GoogleDriveFS.exe [51889432 2023-02-08] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-622939137-141225199-2558093129-1000\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\66.0.3.0\GoogleDriveFS.exe --startup_mode (No File)
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [1688872 2007-12-13] (Nero AG -> Nero AG)
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\Run: [Unified Remote V3] => C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe [3187384 2017-12-13] (Unified Intents AB -> Unified Intents AB)
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\Run: [Spotify] => C:\Users\Pedro\AppData\Roaming\Spotify\Spotify.exe [20382072 2023-02-26] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\Run: [EPSON Stylus SX400] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIEGE.EXE [221696 2007-12-17] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38966072 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Pedro\AppData\Local\Microsoft\Teams\Update.exe [2454200 2021-07-01] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\70.0.2.0\GoogleDriveFS.exe [51889432 2023-02-08] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\Run: [LogiBolt] => C:\Program Files\Logi\LogiBolt\LogiBolt.exe [22423104 2021-12-14] (Logitech Inc -> Logitech)
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\MountPoints2: {6e9aefb8-7ec3-11ec-b4c0-e8b1fc0cf016} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\MountPoints2: {73ab0995-2b20-11ed-b4d2-e8b1fc0cf016} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\MountPoints2: {ad1453e7-1fba-11eb-b491-e8b1fc0cf016} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\MountPoints2: {b9f1dc0e-3adc-11ea-b469-e8b1fc0cf016} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\70.0.2.0\GoogleDriveFS.exe [51889432 2023-02-08] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\Canon MG4200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDB9.DLL [30208 2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon MP230 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDB5.DLL [30208 2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\sht13cPC: C:\Windows\System32\spool\prtprocs\x64\sht13cpc.dll [101080 2022-01-24] (联想图像(天津)科技有限公司 -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP230 series: C:\WINDOWS\system32\CNMLMB5.DLL [389120 2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HP a111 Status Monitor: C:\WINDOWS\system32\hpinkstsa111LM.dll [331664 2012-06-13] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP AC11 Status Monitor: C:\WINDOWS\system32\hpinkstsAC11LM.dll [331664 2012-06-13] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Photosmart 5510 series): C:\WINDOWS\system32\HPDiscoPMa111.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\sht13c Langmon: C:\WINDOWS\system32\sht13clm.dll [70424 2021-07-30] (联想图像(天津)科技有限公司 -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\110.0.5481.178\Installer\chrmstp.exe [2023-02-27] (Google LLC -> Google LLC)
Startup: C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 2510 series.lnk [2020-11-22]
ShortcutAndArgument: Monitor Ink Alerts - HP Deskjet 2510 series.lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP Deskjet 2510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN2CR3JQFF05TX;CONNECTION=USB;MONITOR=1;
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {09E581F4-6353-48A2-ADA4-95FD2037EDF5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-11] (Google Inc -> Google Inc.)
Task: {33A01DC2-E3D9-4857-A46B-9CE1B8585E95} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {36640D29-E85B-4262-B733-8EBD10BFDB75} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe (No File)
Task: {50C3C8FB-47BB-475C-BAC8-36045F8F020A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {906BD8F2-3D31-459D-A788-5114FADAEDCD} - System32\Tasks\CCleanerSkipUAC - Pedro => C:\Program Files\CCleaner\CCleaner.exe [32631096 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {944E74FD-32B9-492E-B774-93AE6BE3466C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {94A6C6A6-95F7-483A-9571-19FA4D1162C7} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [694176 2023-01-11] (Mozilla Corporation -> Mozilla Foundation)
Task: {9C651596-A1CC-468F-9A98-72D135E959DB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {CB36A6A5-9529-4148-AF4B-3EB1AD6C6E01} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D17FDC10-6084-4D7D-86DC-B4C29A23671E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {DA78985A-2065-465D-944B-55C9144D8ADB} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2023-02-08] (Piriform Software Ltd -> Piriform)
Task: {E8B245CC-08F2-4F0B-B70E-BC418A910793} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-11] (Google Inc -> Google Inc.)
Task: {EB05FDC5-C030-48BC-BA23-0D6AB6D3288E} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3961528 2016-11-04] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {EBB081CF-2192-437E-AE5D-267B4C2D7A6F} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703544 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "4c93b20a-77fc-46b0-b5b1-cab1643b3be6" --version "6.09.10300" --silent
Task: {EC1D9429-82B4-4E93-94C7-FB52319D82BC} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [660896 2023-01-11] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {F067FB99-1CA1-4579-B2B1-B5786FD61F15} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe -autostart (No File)
Task: {FB1C2528-BEA5-4722-B635-B0AD2C91A113} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ac0d6cbe-f5ed-45ea-b2e8-a97d491a4b4e}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Pedro\AppData\Local\Microsoft\Edge\User Data\Default [2023-02-07]
FireFox:
========
FF DefaultProfile: bepvh05g.default-1615563011198
FF ProfilePath: C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\bepvh05g.default-1615563011198 [2023-02-07]
FF HKLM\...\Firefox\Extensions: [FFExtnHTML2PDF@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi
FF Extension: (Foxit PDF Creator) - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi [2017-10-09] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [FFExtnHTML2PDF@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2017-10-18] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2017-10-18] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2017-10-18] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2017-10-18] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @IPC/npmedia3.3.16559.0,version=3.3.16559.0 -> C:\Program Files\webrec\Torch\3.3.16559.0\npmedia3.3.16559.0.dll [2019-09-12] (Zhejiang Dahua Technology CO.,LTD. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.211.2 -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-05-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.211.2 -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-05-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Web Components -> C:\Program Files (x86)\Web Components\npWebVideoPlugin.dll [2013-03-04] (HANGZHOU HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> )
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default [2023-03-01]
CHR Notifications: Default -> hxxps://web.whatsapp.com
CHR HomePage: Default -> hxxp://google.sk/
CHR DefaultSearchKeyword: Default -> google.sk__
CHR Session Restore: Default -> is enabled.
CHR Extension: (Just Black) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2020-08-02]
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2018-12-11]
CHR Extension: (Authenticator) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhghoamapcdpbohphigoooaddinpkbai [2021-11-09]
CHR Extension: (uBlock Origin) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-02-28]
CHR Extension: (Multi Chat - Messenger for WhatsApp) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\dllplfhjknghhdneiblmkolbjappecbe [2021-08-26]
CHR Extension: (I don't care about cookies) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2023-02-28]
CHR Extension: (Web Components) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\filcobblndaenakhejinpjdblekilpgn [2018-12-11]
CHR Extension: (Vzdialená plocha Chrome) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-07-20]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-02-07]
CHR Extension: (AdBlock - najlepší blokovač reklám) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-02-28]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2022-12-13]
CHR Extension: (Video Downloader Pro) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\klkegmdjeiklkjdjjbknjgdpdbaojdkk [2022-07-11]
CHR Extension: (Google Play) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2018-12-11]
CHR Extension: (Save as PDF) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdjmbiefanbdgnkcikhllpmjnnllbbc [2022-09-24]
CHR Extension: (Numerics Calculator & Converter) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\liglcienpnkhdajdfmnpbgmpjglonipe [2018-12-11]
CHR Extension: (Number Search) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\mknlabdjmmionkakcobggbihpiaelbnk [2021-03-06]
CHR Extension: (Whatsapp for PC - Download in Windows/Mac) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnlmidmemdekifapeeajgndjgapgmhph [2022-04-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-03]
CHR Extension: (Psykopaint) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil [2018-12-11]
CHR Profile: C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\System Profile [2023-02-07]
CHR HKLM\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx [2017-10-09]
CHR HKU\S-1-5-21-622939137-141225199-2558093129-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx [2017-10-09]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\111.0.5563.12\remoting_host.exe [74520 2023-02-02] (Google LLC -> Google LLC)
S2 CIJSRegister; C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe [144784 2018-04-18] (Canon Inc. -> CANON INC.)
S3 FoxitPhantomService; C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\FoxitConnectedPDFService.exe [1658944 2017-10-29] (Foxit Software Incorporated -> Foxit Software Inc.)
S2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [288360 2021-05-12] (HP Inc. -> HP Inc.)
S2 NbfcService; C:\Program Files (x86)\NoteBook FanControl\NbfcService.exe [8704 2018-11-03] (StagWare) [File not signed]
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [447784 2007-12-13] (Nero AG -> Nero AG)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
S2 VMSWatchdog; C:\Program Files\Luxriot\Luxriot Monitor\VMSWatchdog.exe [675568 2019-04-23] (A&H Software House Inc -> A&H Software House, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe [3191256 2023-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe [133576 2023-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 ymc; C:\Program Files\Lenovo\YMC\ymc.exe [49032 2016-12-23] (LENOVO -> Lenovo)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 googledrivefs31092; C:\WINDOWS\System32\DRIVERS\googledrivefs31092.sys [384600 2023-02-08] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
S3 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [81688 2018-03-03] (Insecure.Com LLC -> Insecure.Com LLC.)
R2 NPF; C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\npf64.sys [36600 2015-12-16] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 ROCKEYNT; C:\WINDOWS\system32\DRIVERS\Rockey4.sys [36904 2019-10-29] (Feitian Technologies Co., Ltd. -> Feitian Technologies Co., Ltd.)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [44976 2018-06-01] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 usbscan; C:\WINDOWS\system32\DRIVERS\usbscan.sys [49152 2020-11-24] (Microsoft Corporation) [File not signed]
S3 uvhid; C:\WINDOWS\System32\drivers\uvhid.sys [28128 2017-12-13] (Unified Intents AB -> Windows (R) Win 7 DDK provider)
R3 WacHidRouterPro; C:\WINDOWS\System32\drivers\wachidrouter.sys [131288 2021-11-19] (WDKTestCert dant_ppxe9ny,132779414088034662 -> Wacom Technology, Corp.)
R3 wacomrouterfilter; C:\WINDOWS\System32\drivers\wacomrouterfilter.sys [29368 2021-11-19] (WDKTestCert dant_ppxe9ny,132779414088034662 -> Wacom Technology, Corp.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2023-02-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [473336 2023-02-14] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99576 2023-02-14] (Microsoft Windows -> Microsoft Corporation)
R1 WinRing0_1_2_0; C:\Program Files (x86)\NoteBook FanControl\WinRing0x64.sys [14544 2019-02-02] (Noriyuki MIYAZAKI -> OpenLibSys.org)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-03-01 15:22 - 2023-03-01 15:25 - 000026671 _____ C:\Users\Pedro\Desktop\FRST.txt
2023-03-01 15:02 - 2023-03-01 15:02 - 008791352 _____ (Malwarebytes) C:\Users\Pedro\Desktop\adwcleaner (1).exe
2023-02-28 22:56 - 2023-02-28 22:56 - 002378752 _____ (Farbar) C:\Users\Pedro\Desktop\FRST64.exe
2023-02-15 16:56 - 2023-02-15 16:56 - 000000000 ___HD C:\$WinREAgent
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-03-01 15:26 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-03-01 15:24 - 2019-01-21 18:38 - 000000000 ____D C:\FRST
2023-03-01 14:56 - 2020-11-24 08:12 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-03-01 14:36 - 2018-12-11 19:59 - 000000000 ____D C:\Program Files (x86)\Google
2023-03-01 10:36 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-03-01 10:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-03-01 09:53 - 2018-12-13 21:02 - 000000000 ____D C:\Users\Pedro\AppData\LocalLow\Mozilla
2023-03-01 09:15 - 2019-01-11 19:26 - 000000000 ____D C:\Program Files\CCleaner
2023-02-28 23:24 - 2020-11-24 08:41 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-02-28 23:24 - 2020-11-24 08:41 - 000003508 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-02-28 23:10 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-02-28 22:20 - 2019-01-29 17:03 - 000000000 ____D C:\Users\Pedro\AppData\Roaming\Spotify
2023-02-28 21:13 - 2019-01-29 17:05 - 000000000 ____D C:\Users\Pedro\AppData\Local\Spotify
2023-02-27 23:38 - 2018-12-11 19:59 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-02-26 01:25 - 2020-06-08 01:00 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-02-24 00:04 - 2018-12-11 19:23 - 000000000 ____D C:\Users\Pedro\AppData\Local\Packages
2023-02-20 21:27 - 2022-02-08 16:02 - 000000000 ____D C:\Users\Pedro\AppData\Roaming\WTablet
2023-02-15 18:09 - 2021-11-01 11:48 - 000000000 ____D C:\Users\Pedro\AppData\Local\LogiBolt
2023-02-15 18:09 - 2020-11-24 08:31 - 000923288 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-02-15 18:09 - 2019-04-09 23:11 - 000079644 _____ C:\WINDOWS\system32\perfh01B.dat
2023-02-15 18:09 - 2019-04-09 23:11 - 000020994 _____ C:\WINDOWS\system32\perfc01B.dat
2023-02-15 18:07 - 2019-11-27 21:40 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2023-02-15 18:07 - 2018-12-11 20:27 - 000000000 __SHD C:\Users\Pedro\IntelGraphicsProfiles
2023-02-15 18:03 - 2020-11-24 08:12 - 005036864 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-02-15 18:02 - 2022-10-22 16:54 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-02-15 18:02 - 2020-11-24 08:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-02-15 18:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-02-15 18:01 - 2020-11-24 08:12 - 000008192 ___SH C:\DumpStack.log.tmp
2023-02-15 18:00 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-02-15 17:59 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-02-15 17:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-02-15 17:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-02-15 17:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-02-15 17:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-02-15 17:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-02-15 17:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-02-15 17:40 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-02-15 17:25 - 2020-11-24 08:16 - 003015680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-02-15 16:46 - 2018-12-11 20:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2023-02-15 16:42 - 2018-12-12 00:28 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-02-15 16:19 - 2018-12-12 00:27 - 149955784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-02-14 23:20 - 2018-12-12 06:15 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-02-14 21:15 - 2022-10-22 16:54 - 000003472 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-02-14 21:15 - 2022-09-26 11:12 - 000000000 ____D C:\Users\Pedro\AppData\Local\CrashDumps
2023-02-14 21:15 - 2020-11-24 08:41 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-02-13 11:14 - 2019-02-02 13:06 - 000000000 ____D C:\ProgramData\NbfcService
2023-02-08 17:39 - 2021-08-31 19:53 - 000002017 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2023-02-08 17:39 - 2021-08-31 19:53 - 000001859 _____ C:\Users\Default\Desktop\Google Slides.lnk
2023-02-08 17:39 - 2021-08-31 19:53 - 000001859 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2023-02-08 17:39 - 2021-08-31 19:53 - 000001847 _____ C:\Users\Default\Desktop\Google Docs.lnk
2023-02-07 20:42 - 2021-01-30 22:34 - 000005632 _____ C:\Users\Pedro\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2023-02-07 20:31 - 2018-12-11 20:09 - 000000000 ____D C:\Users\Pedro\AppData\Roaming\vlc
2023-02-07 19:22 - 2018-12-11 21:34 - 000000000 ____D C:\Program Files\Google
2023-02-01 23:21 - 2021-12-13 11:15 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-622939137-141225199-2558093129-1001
2023-02-01 23:21 - 2020-11-24 08:41 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-622939137-141225199-2558093129-1001
2023-02-01 23:21 - 2020-11-24 08:19 - 000002412 _____ C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
==================== Files in the root of some directories ========
2019-10-01 21:27 - 2019-09-05 09:18 - 011902976 _____ () C:\Program Files\BMC CONFIG.exe
2018-12-21 11:33 - 2018-10-25 17:31 - 011427840 _____ () C:\Program Files\BMC-CONFIG-1.exe
2018-12-12 15:47 - 2022-05-13 16:46 - 000000132 _____ () C:\Users\Pedro\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2020-10-28 15:25 - 2020-10-31 11:25 - 000000014 _____ () C:\Users\Pedro\AppData\Roaming\obs-virtualcam.txt
2021-01-30 22:34 - 2023-02-07 20:42 - 000005632 _____ () C:\Users\Pedro\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-05-03 19:41 - 2019-05-03 19:41 - 000000218 _____ () C:\Users\Pedro\AppData\Local\recently-used.xbel
2018-12-29 23:29 - 2019-02-13 20:22 - 000007603 _____ () C:\Users\Pedro\AppData\Local\Resmon.ResmonCfg
2019-05-03 16:33 - 2019-05-03 16:33 - 000000000 _____ () C:\Users\Pedro\AppData\Local\zenmap.exe.log
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-02-2023
Ran by Pedro (01-03-2023 15:29:41)
Running from C:\Users\Pedro\Desktop
Microsoft Windows 10 Home Version 22H2 19045.2604 (X64) (2020-11-24 07:43:03)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-622939137-141225199-2558093129-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-622939137-141225199-2558093129-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-622939137-141225199-2558093129-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-622939137-141225199-2558093129-501 - Limited - Disabled)
Pedro (S-1-5-21-622939137-141225199-2558093129-1001 - Administrator - Enabled) => C:\Users\Pedro
WDAGUtilityAccount (S-1-5-21-622939137-141225199-2558093129-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\uTorrent) (Version: 3.5.5.46206 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\{A2BCA9F1-566C-4805-97D1-7FDC93386723}) (Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Advanced IP Scanner 2.5 (HKLM-x32\...\{E35BC1CF-235D-4995-A816-59D3615C3B9A}) (Version: 2.5.3850 - Famatech)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.5.0.69 - Canon Inc.)
Canon MG4200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4200_series) (Version: 1.02 - Canon Inc.)
Canon MP230 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP230_series) (Version: 1.04 - Canon Inc.)
CanoScan LiDE 300 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2417S) (Version: 1.00 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.09 - Piriform)
CCleaner Update Helper (HKLM-x32\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1583.3 - Piriform Software) Hidden
ConfigTool 5.001.0000001.0 (HKLM-x32\...\ConfigTool) (Version: 5.001.0000001.0 - )
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
E-CONFIG 3.8.6-SK/SK (HKLM-x32\...\E-CONFIG (SK/SK)_is1) (Version: 3.8.6 - Eaton Elektrotechnika s.r.o.)
Foxit PhantomPDF (HKLM-x32\...\{1668067E-BD47-11E7-B267-000C296BF29B}) (Version: 9.0.0.29935 - Foxit Software Inc.)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 70.0.2.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 110.0.5481.178 - Google LLC)
HP Deskjet 2510 series Basic Device Software (HKLM\...\{293CC68A-32BA-4BA4-84BD-0DCF6583566F}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 2510 series Setup Guide (HKLM-x32\...\{216C7F38-4BBC-4E9A-8392-C9FA21B54386}) (Version: 27.0.0 - Hewlett Packard)
HP Photosmart 5510 series Basic Device Software (HKLM\...\{CFF43B48-42A1-4967-9506-7E341BBD075F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Chrome Remote Desktop Host (HKLM-x32\...\{947DBF18-E228-4F2D-9D2A-6FCA4B5AAE3C}) (Version: 111.0.5563.12 - Google LLC)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
IrfanView 4.51 (64-bit) (HKLM\...\IrfanView64) (Version: 4.51 - Irfan Skiljan)
iSpy (64 bit) (HKLM\...\{BB26C3B0-86F2-4C85-92E0-D998C122BD07}) (Version: 7.2.0.0 - DeveloperInABox)
iSpy package installer (64 bit) (HKLM-x32\...\{570e7cf8-e943-4538-9873-b3bee2c47f11}) (Version: 7.2.0.0 - DeveloperInABox)
iVMS-4200(v2.4.1.3) (HKLM-x32\...\{7697245D-2E00-4B83-AD27-C051DE314D1F}) (Version: 2.4.1.3 - hikvision)
Java 8 Update 211 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11103 - Realtek Semiconductor Corp.)
Lenovo Yoga Mode Control (HKLM\...\{3F2E25D6-49D3-45D5-A7BD-13F5D6F64171}_is1) (Version: 2.0.0.9 - Lenovo)
Lingea Lexicon 2002 (HKLM-x32\...\Lexicon 4.0) (Version: - )
Logi Bolt (HKLM\...\LogiBolt) (Version: 1.2.6024.0 - Logi)
Logitech Options (HKLM\...\LogiOptions) (Version: 9.70.68 - Logitech)
Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
Luxriot x64 Monitor (HKLM\...\{29ECCDB0-2FDF-4441-A8D1-070666430AF8}) (Version: 1.13.0.7258 - A&H Software House Inc) Hidden
Luxriot x64 Monitor (HKLM-x32\...\{a767123e-2682-4296-b9b5-a2f8e203e66c}) (Version: 1.13.0.7258 - A&H Software House Inc)
Microsoft Access database engine 2016 (English) (HKLM\...\{90160000-00D1-0409-1000-0000000FF1CE}) (Version: 16.0.5044.1000 - Microsoft Corporation)
Microsoft Access MUI (Slovak) 2013 (HKLM\...\{90150000-0015-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft DCF MUI (Slovak) 2013 (HKLM\...\{90150000-0090-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 110.0.1587.57 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 110.0.1587.57 - Microsoft Corporation)
Microsoft Excel MUI (Slovak) 2013 (HKLM\...\{90150000-0016-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (Slovak) 2013 (HKLM\...\{90150000-00BA-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (Slovak) 2013 (HKLM\...\{90150000-0044-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (Slovak) 2013 (HKLM\...\{90150000-012B-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 2013 Professional Plus (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office 32-bit Components 2013 (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Nyelvi ellenőrző eszközök 2013 – magyar (HKLM\...\{90150000-001F-040E-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Slovak) 2013 (HKLM\...\{90150000-00E1-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Slovak) 2013 (HKLM\...\{90150000-00E2-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Slovak) 2013 (HKLM\...\{90150000-002C-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (Slovak) 2013 (HKLM\...\{90150000-00C1-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Slovak) 2013 (HKLM\...\{90150000-006E-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-622939137-141225199-2558093129-1000\...\OneDriveSetup.exe) (Version: 18.212.1021.0008 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\OneDriveSetup.exe) (Version: 23.007.0109.0004 - Microsoft Corporation)
Microsoft OneNote MUI (Slovak) 2013 (HKLM\...\{90150000-00A1-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Slovak) 2013 (HKLM\...\{90150000-001A-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Slovak) 2013 (HKLM\...\{90150000-0018-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (Slovak) 2013 (HKLM\...\{90150000-0019-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Teams (HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\Teams) (Version: 1.4.00.16575 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft Visual Basic for Applications 7.1 (x64) (HKLM\...\{90120064-0070-0000-0000-4000000FF1CE}) (Version: 7.1.00.00 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x64) English (HKLM\...\{90F60409-7000-11D3-8CFE-0150048383C9}) (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.23026 (HKLM-x32\...\{BE960C1C-7BAD-3DE6-8B1A-2616FE532845}) (Version: 14.0.23026 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.23026 (HKLM-x32\...\{A2563E55-3BEC-3828-8D67-E5E8B9E8B675}) (Version: 14.0.23026 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29112 (HKLM-x32\...\{0f770e99-3916-4b0c-8f9b-83822826bcbf}) (Version: 14.27.29112.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.27.29112 (HKLM\...\{1B4EDD59-90CE-4BDE-8520-630981088165}) (Version: 14.27.29112 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.27.29112 (HKLM\...\{37BB1766-C587-49AE-B2DB-618FBDEAB88C}) (Version: 14.27.29112 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Word MUI (Slovak) 2013 (HKLM\...\{90150000-001B-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft_VC80_ATL_x86_x64 (HKLM\...\{925D058B-564A-443A-B4B2-7E90C6432E55}) (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (HKLM-x32\...\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}) (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (HKLM\...\{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}) (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (HKLM-x32\...\{D1A19B02-817E-4296-A45B-07853FD74D57}) (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (HKLM\...\{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}) (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (HKLM-x32\...\{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}) (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (HKLM\...\{1E9FC118-651D-4934-97BE-E53CAE5C7D45}) (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (HKLM-x32\...\{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}) (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (HKLM\...\{8557397C-A42D-486F-97B3-A2CBC2372593}) (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (HKLM-x32\...\{08D2E121-7F6A-43EB-97FD-629B44903403}) (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (HKLM\...\{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}) (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (HKLM-x32\...\{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}) (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (HKLM\...\{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}) (Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox (x64 sk) (HKLM\...\Mozilla Firefox 108.0.2 (x64 sk)) (Version: 108.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nero 8 (HKLM-x32\...\{5FCCD531-1B38-4A94-924C-127F722F1051}) (Version: 8.2.89 - Nero AG)
neroxml (HKLM-x32\...\{56C049BE-79E9-4502-BEA7-9754A3E60F9B}) (Version: 1.0.0 - Nero AG) Hidden
Nmap 7.70 (HKLM-x32\...\Nmap) (Version: 7.70 - Nmap Project)
NoteBook FanControl (HKLM-x32\...\{571aa591-06c8-4dc3-938e-06d205a87ce4}) (Version: 1.6.1.0 - Stefan Hirschmann - StagWare)
NoteBook FanControl (HKLM-x32\...\{798653AE-0FC0-4380-AAAF-EF52B1407B79}) (Version: 1.6.1.0 - Stefan Hirschmann - StagWare) Hidden
Npcap 0.99-r2 (HKLM-x32\...\NpcapInst) (Version: 0.99-r2 - Nmap Project)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 26.0.2 - OBS Project)
Odinštalovať tlačiareň EPSON Stylus SX400 Series (HKLM\...\EPSON Stylus SX400 Series) (Version: - SEIKO EPSON Corporation)
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
Radmin Viewer 3.5.2 (HKLM-x32\...\{9F9073EA-5DCE-4B23-8A0C-C7D2C89AEADC}) (Version: 3.52.1.0000 - Famatech)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39053 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7530 - Realtek Semiconductor Corp.)
Redist (HKLM\...\{DD3079E6-48D8-4F2F-AE3F-B89003738390}) (Version: 2.0 - Redist) Hidden
SADPTool (HKLM-x32\...\{7D9B79C2-B1B2-433B-844F-F4299B86F26E}) (Version: 3.0.0.16 - hikvision)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0015-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0016-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0018-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0019-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001A-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001B-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}_Office15.PROPLUSR_{1E8252A7-D489-4BB6-9694-93799FFD33ED}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{DABB9E2A-F054-4F97-9EB2-6992316C6EC7}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{835E4BED-E265-4103-AE14-0B4C70CF3FE8}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-040E-1000-0000000FF1CE}_Office15.PROPLUSR_{0BEA5B9F-ECCB-466F-8AD4-66A0DAD86A56}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{4601BD00-BC9B-4CA2-940C-2552782C7347}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-002C-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{B0E9B602-008E-43F0-8485-08C53F76926B}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0044-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-006E-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{462FD7CD-0F6D-41ED-929F-0AEC8F146E90}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0090-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00A1-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00BA-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{1931508C-C004-4983-81E3-70BE6252904B}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00C1-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{6A703F65-EF3F-45FA-B14F-B74DE1A03B93}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00E1-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00E2-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-012B-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
SolarWinds IP Address Tracker (HKLM-x32\...\InstallShield_{41505E91-CB79-475C-9FC4-8C6A9B613A18}) (Version: 1 - SolarWinds)
Spotify (HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\Spotify) (Version: 1.2.5.1006.g22820f93 - Spotify AB)
SpotiKeep Converter 3.0.10 (HKLM\...\e2855b0a-8583-5741-8c28-e53db40adbe1) (Version: 3.0.10 - SpotiKeep)
StreamFX for OBS Studio version 0.9.2.0 (HKLM\...\{DE56A03A-C8A4-474B-83B0-CFD270262D38}}_is1) (Version: 0.9.2.0 - Xaymars Technology Workshop)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
Unified Remote (HKLM-x32\...\{415B4714-4F8C-49C6-B310-881EAF892CFB}_is1) (Version: 3.6.1 - Unified Intents AB)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
UsbFix Anti-Malware Premium (HKLM-x32\...\Usbfix) (Version: 11.0.2.3 - SOSVirus (SOSVirus.Net))
VCRedistSetup (HKLM-x32\...\{3921A67A-5AB1-4E48-9444-C71814CF3027}) (Version: 1.0.0 - Nero AG) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.45-1 - Wacom Technology Corp.)
Web Components (HKLM-x32\...\{03B13AF8-9625-478A-AF0E-205337B9415A}_is1) (Version: - )
webcamXP 5 Free (HKLM-x32\...\wLite) (Version: 5.9.8.7 - Moonware Studios)
WhatsApp (HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\WhatsApp) (Version: 2.2245.9 - WhatsApp)
Winamp (HKLM-x32\...\Winamp) (Version: 5.8 - Winamp SA)
Windows Kontrola stavu počítača (HKLM\...\{8D6B9DC1-A437-41E0-8DF1-9F37748394AE}) (Version: 3.6.2204.08001 - Microsoft Corporation)
WinRAR archivátor (HKLM\...\WinRAR archiver) (Version: - )
WinRAR archivátor (HKLM-x32\...\WinRAR archiver) (Version: - )
ZWCAD Architecture 2019 English (HKLM\...\{FEC04AC9-A003-1033-A001-BAB53898898A}) (Version: 19.2.2019.0222 - ZWSOFT)
ZWSOFT 2019 Network License Manager(TS) ENU (HKLM\...\{FEC04AC9-2019-0000-A105-BAB53898898A}) (Version: 3.0.0 - ZWSOFT)
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.30.50.0_x64__kgqvnymyfvs32 [2023-02-14] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.237.500.0_x64__kgqvnymyfvs32 [2023-02-24] (king.com)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-02-19] (Canon Inc.)
Car Parking : Real Driver Parking Simulator -> C:\Program Files\WindowsApps\31252IrfanShafi.CarParkingRealDriverParkingSimulat_1.1.0.0_x86__m164m09tj2s82 [2020-08-02] (RLA Secret Solutions) [MS Ad]
Doplnok mediálneho nástroja pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-10-18] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_142.3.139.0_x64__v10z8vjag6ke6 [2023-01-27] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_53.10126.517.0_x64__8wekyb3d8bbwe [2023-02-21] (Microsoft Corporation)
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.19.6301.0_x64__8wekyb3d8bbwe [2023-02-25] (Microsoft Studios)
Musixmatch Lyrics - Sing along Spotify, iTunes, Windows Media Player -> C:\Program Files\WindowsApps\MUSIXMATCH.LYRICS_3.15.15598.0_x86__7gejyv32yt3te [2022-12-26] (Musixmatch) [Startup Task]
Sleep♯ -> C:\Program Files\WindowsApps\40865CJS3.SleepSharp_5.6.0.0_neutral__z61s08h0ks9h4 [2022-12-26] (CJS3) [Startup Task]
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2022-12-09] (Microsoft Studios) [MS Ad]
TreeSize Free (Outdated) -> C:\Program Files\WindowsApps\JAMSoftware.TreeSizeFree_5.0.0.0_x86__37s2tpab2h9zg [2022-11-23] (JAM Software)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x64__8wekyb3d8bbwe [2023-02-24] (Microsoft Corporation)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x86__8wekyb3d8bbwe [2023-02-24] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-622939137-141225199-2558093129-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Pedro\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21063.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\70.0.2.0\drivefsext.dll [2023-02-08] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\70.0.2.0\drivefsext.dll [2023-02-08] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\70.0.2.0\drivefsext.dll [2023-02-08] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\70.0.2.0\drivefsext.dll [2023-02-08] (Google LLC -> Google, Inc.)
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll [2007-12-04] (Nero AG -> Nero AG)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\70.0.2.0\drivefsext.dll [2023-02-08] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2017-10-21] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-02-10] () [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-02-10] () [File not signed]
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\70.0.2.0\drivefsext.dll [2023-02-08] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> No File
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-02-10] () [File not signed]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-02-10] () [File not signed]
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\70.0.2.0\drivefsext.dll [2023-02-08] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-06-12] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2017-10-21] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-02-10] () [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-02-10] () [File not signed]
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Pedro\Desktop\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=efmjfjelnicpmdcmfikempdhlmainjcb
ShortcutWithArgument: C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=efmjfjelnicpmdcmfikempdhlmainjcb
ShortcutWithArgument: C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\Vzdialená plocha Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\Pedro\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\ab54bbbab588e14c\Vzdialená plocha Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\Pedro\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\4dc787a6350dc47a\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=efmjfjelnicpmdcmfikempdhlmainjcb
==================== Loaded Modules (Whitelisted) =============
2018-12-11 20:33 - 2010-02-10 18:10 - 000166400 _____ () [File not signed] C:\Program Files\WinRAR\rarext.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKLM\...\.scr: ZWCAD.SCR.2019 => <==== ATTENTION
==================== Internet Explorer (Whitelisted) ==========
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll => No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\ssv.dll [2019-05-03] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-05-03] (Oracle America, Inc. -> Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2018-03-14] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\localhost -> localhost
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-07-16 12:47 - 2019-01-21 21:12 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\NoteBook FanControl\
HKU\S-1-5-21-622939137-141225199-2558093129-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-622939137-141225199-2558093129-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
Network Binding:
=============
Sieťové pripojenie Bluetooth 2: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Wi-Fi: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "RtHDVBg_LENOVO_DOLBYDRAGON"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "RtHDVBg_Dolby"
HKLM\...\StartupApproved\Run: => "LogiBolt"
HKLM\...\StartupApproved\Run: => "LogiOptions"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "AdobeCS5ServiceManager"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\StartupApproved\Run: => "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\StartupApproved\Run: => "Unified Remote V3"
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\StartupApproved\Run: => "EPSON Stylus SX400"
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{C388B45F-CCF6-4BF4-BEFC-26CC87F09E92}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{2E99B1EB-45F3-466A-8638-C76BE2CA54A4}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{1B7C9459-086B-45BC-839B-8FA7C1553622}C:\program files\obs-studio\bin\64bit\obs64.exe] => (Allow) C:\program files\obs-studio\bin\64bit\obs64.exe (Hugh Bailey -> OBS)
FirewallRules: [TCP Query User{24DA6633-4271-4D34-9973-19236823C09C}C:\program files\obs-studio\bin\64bit\obs64.exe] => (Allow) C:\program files\obs-studio\bin\64bit\obs64.exe (Hugh Bailey -> OBS)
FirewallRules: [UDP Query User{C5FE22E9-7CE3-48B3-9302-7CA89E716661}C:\program files\obs-studio\bin\64bit\obs64.exe] => (Allow) C:\program files\obs-studio\bin\64bit\obs64.exe (Hugh Bailey -> OBS)
FirewallRules: [TCP Query User{2203405E-0F58-4786-AD49-A2821687F7D4}C:\program files\obs-studio\bin\64bit\obs64.exe] => (Allow) C:\program files\obs-studio\bin\64bit\obs64.exe (Hugh Bailey -> OBS)
FirewallRules: [{9271D287-3B03-446A-83CB-9530A05A024B}] => (Allow) C:\Program Files\HP\HP Deskjet 2510 series\Bin\USBSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{0B9605DE-7787-4987-B411-2F1876C02B42}] => (Allow) C:\Users\Pedro\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{2DDE39A1-850E-4706-98AF-E52635C3EDD5}] => (Allow) C:\Users\Pedro\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{C4C0FA74-A80E-472E-8E9C-333FD52D29E0}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{D902211D-9354-4BFE-A06C-26A896976BF0}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [UDP Query User{DEE7462F-B1CE-4F95-B29C-E1A10CCAA945}C:\program files (x86)\sadptool\sadptool.exe] => (Allow) C:\program files (x86)\sadptool\sadptool.exe (HANGZHOU HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> )
FirewallRules: [TCP Query User{E7E5FC45-0E57-41F4-B6E0-16FA99B27206}C:\program files (x86)\sadptool\sadptool.exe] => (Allow) C:\program files (x86)\sadptool\sadptool.exe (HANGZHOU HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> )
FirewallRules: [{46CA0B6B-A7A8-4B4F-94BA-98259D07327E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{497F3415-CA52-44AA-A2AC-1268AFD39677}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{4B72AB8F-20C9-483F-A209-F1D1AF828E67}C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe] => (Allow) C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe (HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> )
FirewallRules: [TCP Query User{D7AFD402-0D73-4241-9E4B-96FC807FFC1E}C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe] => (Allow) C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe (HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> )
FirewallRules: [{5510C1C7-49E0-4511-AC9C-DDBE9FBAA4D2}] => (Allow) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe (Unified Intents AB -> Unified Intents AB)
FirewallRules: [{6480C428-4763-49F2-A368-21E9408CC995}] => (Allow) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe (Unified Intents AB -> Unified Intents AB)
FirewallRules: [TCP Query User{413C9282-9322-4C31-8652-FD0A3DD27DD3}C:\users\pedro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pedro\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{EBC8962A-0A0A-4126-B9CC-2710A822A2F5}C:\users\pedro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pedro\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AAD5C933-D3A9-423E-92A8-5266D5522771}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{DA41A567-E6A4-491E-8D10-D57F70C954FD}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [TCP Query User{831F3986-BE21-4662-BECF-0ADD81D41FEC}C:\users\pedro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pedro\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{502AFB93-29B6-46EC-8671-03896532D7B9}C:\users\pedro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pedro\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{05685123-85C0-4777-A781-AC290F2A5320}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{1335954A-2D6B-4884-A43C-0377DDC054D8}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{8EF246D1-3799-4709-950E-1DF2D3CAF93C}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{AADAE51F-18E5-453D-A09B-2C4EE64F9576}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{F0F8BE16-C3EF-4AAE-8DA8-28FD3D7E6389}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [TCP Query User{4D0E8782-5881-4075-B1ED-93A70CA88E7F}C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe] => (Allow) C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe (HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> )
FirewallRules: [UDP Query User{9FC35E53-68A8-4CC9-AC0B-CA9B20B5FB2F}C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe] => (Allow) C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe (HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> )
FirewallRules: [{8900065F-4283-45C6-BCBC-1E1B1CA8A6EA}] => (Allow) C:\Program Files (x86)\webcamXP5\webcamXP.exe (Steve Niquille -> Moonware Studios)
FirewallRules: [{38EFD0AC-20FA-45CC-B62B-85D929E5BE26}] => (Allow) C:\Program Files (x86)\webcamXP5\webcamXP.exe (Steve Niquille -> Moonware Studios)
FirewallRules: [TCP Query User{C9F451DB-61AC-4584-AABE-6900B1E335F2}C:\program files\ispy\ispy.exe] => (Allow) C:\program files\ispy\ispy.exe (www.ispyconnect.com) [File not signed]
FirewallRules: [UDP Query User{4DC980C1-47DE-4471-B55D-16A7D875384B}C:\program files\ispy\ispy.exe] => (Allow) C:\program files\ispy\ispy.exe (www.ispyconnect.com) [File not signed]
FirewallRules: [TCP Query User{15A8A5D2-2E88-4734-870E-71B45AFDB0B6}C:\program files\ispy\ispy.exe] => (Allow) C:\program files\ispy\ispy.exe (www.ispyconnect.com) [File not signed]
FirewallRules: [UDP Query User{088B0891-220F-42E3-BDCB-769B741751A7}C:\program files\ispy\ispy.exe] => (Allow) C:\program files\ispy\ispy.exe (www.ispyconnect.com) [File not signed]
FirewallRules: [{0010A377-D398-4A97-8477-62168453B890}] => (Block) C:\Program Files\ZWSOFT\ZWCAD Architecture 2019 ENU\ZWCAD.exe (ZWCAD Software Co.,LTD -> ) [File not signed]
FirewallRules: [{09B391FE-B2DD-45E9-B8CE-AEA02835D8DC}] => (Block) C:\Program Files\ZWSOFT\ZWCAD Architecture 2019 ENU\ZWCAD.exe (ZWCAD Software Co.,LTD -> ) [File not signed]
FirewallRules: [{2297F71C-F234-47AC-BF1B-4F086E31397E}] => (Block) C:\Program Files\ZWSOFT\ZWCAD Architecture 2019 ENU\ZwUpdHost.exe (ZWCAD Software Co.,LTD -> )
FirewallRules: [{3B77929C-68BC-4D4C-80A0-D26A32AA91D6}] => (Block) C:\Program Files\ZWSOFT\ZWCAD Architecture 2019 ENU\CrashReportManagement.exe (ZWCAD Software Co.,LTD -> )
FirewallRules: [{A65F403E-AADA-4EE5-BB92-E9E17F40D464}] => (Block) C:\Program Files\ZWSOFT\ZWCAD Architecture 2019 ENU\ZWCAD.exe (ZWCAD Software Co.,LTD -> ) [File not signed]
FirewallRules: [{91D6B42E-8224-4B43-8F64-44DB7B09BA6D}] => (Block) C:\Program Files\ZWSOFT\ZWCAD Architecture 2019 ENU\ZwUpdHost.exe (ZWCAD Software Co.,LTD -> )
FirewallRules: [{98425261-43D4-41AC-8D15-F0DDDC7A0F13}] => (Block) C:\Program Files\ZWSOFT\ZWCAD Architecture 2019 ENU\ZwAuthHost.exe (ZWCAD Software Co.,LTD -> )
FirewallRules: [{FFAFFE88-8026-4E98-8535-74815C7CA262}] => (Block) C:\Program Files\ZWSOFT\ZWCAD Architecture 2019 ENU\ZwAuthHost.exe (ZWCAD Software Co.,LTD -> )
FirewallRules: [{8698031C-4E92-4175-810F-7F0B147FF0E0}] => (Block) C:\Program Files\ZWSOFT\ZWCAD Architecture 2019 ENU\ZWCAD.exe (ZWCAD Software Co.,LTD -> ) [File not signed]
FirewallRules: [{5F894448-A0DF-4403-B664-326DA6715D91}] => (Block) C:\Program Files\ZWSOFT\ZWCAD Architecture 2019 ENU\CrashReportManagement.exe (ZWCAD Software Co.,LTD -> )
FirewallRules: [{C878023A-519A-4610-8D65-EAB63CFE84D4}] => (Block) C:\Program Files\ZWSOFT\ZWCAD Architecture 2019 ENU\ArchZw14\ArchZw.exe (ZWCAD Software Co.,LTD -> )
FirewallRules: [{D10FE3E4-A4AC-4272-B993-C587DA7A46C1}] => (Block) C:\Program Files\ZWSOFT\ZWCAD Architecture 2019 ENU\ArchZw14\ArchZw.exe (ZWCAD Software Co.,LTD -> )
FirewallRules: [{B9F554B2-66DB-443B-96F7-83DBCC1767C5}] => (Block) C:\Program Files\ZWSOFT\ZWCAD Architecture 2019 ENU\ZwUpdHost.exe (ZWCAD Software Co.,LTD -> )
FirewallRules: [{E0D14554-71EC-4D15-A792-3F2610B4BBC7}] => (Block) C:\Program Files\ZWSOFT\ZWCAD Architecture 2019 ENU\ZwUpdHost.exe (ZWCAD Software Co.,LTD -> )
FirewallRules: [TCP Query User{7B3281BF-99CF-42BC-BE09-2D30C5CCDA79}C:\users\pedro\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\pedro\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{66C37EC1-8CE3-4214-829B-B6D95485D6AD}C:\users\pedro\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\pedro\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{7C26A1C5-24E2-4DE0-AB33-CA4B7F5DB5D8}C:\program files\ivms-4200 station\ivms-4200\ivms-4200 storage\nvrstoragesever.exe] => (Block) C:\program files\ivms-4200 station\ivms-4200\ivms-4200 storage\nvrstoragesever.exe (HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> )
FirewallRules: [UDP Query User{7A9CE0B8-0D21-44C5-98DF-9651B3E6ED11}C:\program files\ivms-4200 station\ivms-4200\ivms-4200 storage\nvrstoragesever.exe] => (Block) C:\program files\ivms-4200 station\ivms-4200\ivms-4200 storage\nvrstoragesever.exe (HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> )
FirewallRules: [{8168A9FB-3C3B-4623-A73E-7B0584D72B3E}] => (Allow) C:\Program Files\WindowsApps\MUSIXMATCH.LYRICS_3.15.15598.0_x86__7gejyv32yt3te\app\Musixmatch.exe (Musixmatch) [File not signed]
FirewallRules: [{9F518D6C-CB86-430D-894F-2FD85388E173}] => (Allow) C:\Program Files\WindowsApps\MUSIXMATCH.LYRICS_3.15.15598.0_x86__7gejyv32yt3te\app\Musixmatch.exe (Musixmatch) [File not signed]
FirewallRules: [TCP Query User{7864D477-7AC5-4369-A57A-A431E159EA1E}C:\program files (x86)\configtool\configtool.exe] => (Allow) C:\program files (x86)\configtool\configtool.exe () [File not signed]
FirewallRules: [UDP Query User{73D660F5-1C2A-4795-B3C9-89012BE39A1E}C:\program files (x86)\configtool\configtool.exe] => (Allow) C:\program files (x86)\configtool\configtool.exe () [File not signed]
FirewallRules: [TCP Query User{F0E400AB-62F9-4C39-926A-9A8E5FD2BC38}C:\program files\webrec\torch\3.3.16559.0\webactivex3.3.16559.0.exe] => (Allow) C:\program files\webrec\torch\3.3.16559.0\webactivex3.3.16559.0.exe (Zhejiang Dahua Technology CO.,LTD. -> )
FirewallRules: [UDP Query User{4946C431-229A-45C0-9E77-3A5EB0388CD2}C:\program files\webrec\torch\3.3.16559.0\webactivex3.3.16559.0.exe] => (Allow) C:\program files\webrec\torch\3.3.16559.0\webactivex3.3.16559.0.exe (Zhejiang Dahua Technology CO.,LTD. -> )
FirewallRules: [{3B43F624-4555-4714-890B-8AA1307BBD01}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{D42AD2FE-4EF8-403A-96D7-A28D2D5474E1}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\111.0.5563.12\remoting_host.exe (Google LLC -> Google LLC)
FirewallRules: [{58938B15-698A-405E-A21A-E985A79A384D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3426.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{41CF3399-9279-472C-BC0F-A2581F718FAC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3426.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EA12A41A-035B-4BCC-991F-BF5EA4A541FF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3426.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{59B915E5-2740-4BCC-B521-4B1DD08ACA06}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3426.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{212EDB56-99F0-462D-A6CE-0B75209067CA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{3AD4ECAE-1F9D-46C9-89E2-3BE6F84940CF}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\110.0.1587.57\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
22-02-2023 10:04:53 Scheduled Checkpoint
28-02-2023 22:24:25 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (03/01/2023 02:55:59 PM) (Source: chromoting) (EventID: 3) (User: )
Description: Prístup bol odmietnutý klientskemu programu: kroenen2g@gmail.com/chromoting_ftl_219d7d70-3574-45a3-b5ce-dec7014b6d77.
Error: (03/01/2023 02:55:45 PM) (Source: chromoting) (EventID: 3) (User: )
Description: Prístup bol odmietnutý klientskemu programu: kroenen2g@gmail.com/chromoting_ftl_87de5d8c-8fa7-487f-8e07-7e0ccfd68023.
Error: (02/15/2023 06:00:22 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (02/15/2023 06:00:22 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (02/15/2023 06:00:22 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (02/15/2023 06:00:22 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (02/15/2023 06:00:21 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (02/15/2023 06:00:21 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
System errors:
=============
Error: (03/01/2023 10:36:40 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x80073d02: 9NMPJ99VJBWV-Microsoft.YourPhone.
Error: (02/28/2023 10:53:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Vzdialená plocha Chrome sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 60000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
Error: (02/28/2023 10:53:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Wacom Professional Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (02/28/2023 10:53:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Luxriot EVO Server Watchdog sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (02/28/2023 10:53:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Slovak Canon IJ Scan Utility register event sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (02/28/2023 10:53:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SynTPEnh Caller Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (02/28/2023 10:53:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) HD Graphics Control Panel Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (02/28/2023 10:53:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel Bluetooth Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Windows Defender:
================
Date: 2023-03-01 00:02:31
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-02-28 00:02:31
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-02-27 00:02:30
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-02-26 00:02:29
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-02-25 00:02:28
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
CodeIntegrity:
===============
Date: 2023-02-16 00:17:05
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-02-15 18:01:51
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\uvhid.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2023-01-13 06:56:49
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-01-02 22:57:33
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume4\Program Files\Mozilla Firefox\mozavcodec.dll that did not meet the Microsoft signing level requirements.
Date: 2023-01-02 22:57:32
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume4\Program Files\Mozilla Firefox\mozavutil.dll that did not meet the Microsoft signing level requirements.
Date: 2022-11-18 23:24:31
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO 96CN27WW(V1.13) 09/09/2014
Motherboard: LENOVO INVALID
Processor: Intel(R) Core(TM) i3-4030U CPU @ 1.90GHz
Percentage of memory in use: 81%
Total physical RAM: 4016.96 MB
Available physical RAM: 729.99 MB
Total Virtual: 5885.4 MB
Available Virtual: 1795.95 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:174.44 GB) (Free:67.29 GB) (Model: WDC WD5000M22K-24Z1LT0-SSHD-16GB) NTFS
Drive d: () (Fixed) (Total:289.98 GB) (Free:46.47 GB) (Model: WDC WD5000M22K-24Z1LT0-SSHD-16GB) NTFS
\\?\Volume{c42e0060-dd36-4a0a-b90a-e93a14540c60}\ () (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{3033b16a-2a35-45a7-b950-de364193d5ce}\ () (Fixed) (Total:0.78 GB) (Free:0.29 GB) NTFS
\\?\Volume{b9545704-433d-4fc6-af0d-de40f2ded245}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 2B66F383)
Partition: GPT.
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-02-2023
Ran by Pedro (administrator) on DESKTOP-NVJD1LG (LENOVO 20344) (01-03-2023 15:22:42)
Running from C:\Users\Pedro\Desktop
Loaded Profiles: Pedro
Platform: Microsoft Windows 10 Home Version 22H2 19045.2604 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCopyAccelerator.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <19>
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Remote Desktop\111.0.5563.12\remoting_desktop.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(services.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Remote Desktop\111.0.5563.12\remoting_host.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21344.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21344.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-11] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-11] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-11] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-11] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [9309936 2015-09-10] (Realtek Semiconductor Corp -> Realtek semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3961528 2016-11-04] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1690368 2022-07-22] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [LogiBolt] => C:\Program Files\Logi\LogiBolt\LogiBolt.exe [22423104 2021-12-14] (Logitech Inc -> Logitech)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\70.0.2.0\GoogleDriveFS.exe [51889432 2023-02-08] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\70.0.2.0\GoogleDriveFS.exe [51889432 2023-02-08] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-622939137-141225199-2558093129-1000\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\66.0.3.0\GoogleDriveFS.exe --startup_mode (No File)
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [1688872 2007-12-13] (Nero AG -> Nero AG)
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\Run: [Unified Remote V3] => C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe [3187384 2017-12-13] (Unified Intents AB -> Unified Intents AB)
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\Run: [Spotify] => C:\Users\Pedro\AppData\Roaming\Spotify\Spotify.exe [20382072 2023-02-26] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\Run: [EPSON Stylus SX400] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIEGE.EXE [221696 2007-12-17] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38966072 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Pedro\AppData\Local\Microsoft\Teams\Update.exe [2454200 2021-07-01] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\70.0.2.0\GoogleDriveFS.exe [51889432 2023-02-08] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\Run: [LogiBolt] => C:\Program Files\Logi\LogiBolt\LogiBolt.exe [22423104 2021-12-14] (Logitech Inc -> Logitech)
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\MountPoints2: {6e9aefb8-7ec3-11ec-b4c0-e8b1fc0cf016} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\MountPoints2: {73ab0995-2b20-11ed-b4d2-e8b1fc0cf016} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\MountPoints2: {ad1453e7-1fba-11eb-b491-e8b1fc0cf016} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\MountPoints2: {b9f1dc0e-3adc-11ea-b469-e8b1fc0cf016} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\70.0.2.0\GoogleDriveFS.exe [51889432 2023-02-08] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\Canon MG4200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDB9.DLL [30208 2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon MP230 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDB5.DLL [30208 2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\sht13cPC: C:\Windows\System32\spool\prtprocs\x64\sht13cpc.dll [101080 2022-01-24] (联想图像(天津)科技有限公司 -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP230 series: C:\WINDOWS\system32\CNMLMB5.DLL [389120 2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HP a111 Status Monitor: C:\WINDOWS\system32\hpinkstsa111LM.dll [331664 2012-06-13] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP AC11 Status Monitor: C:\WINDOWS\system32\hpinkstsAC11LM.dll [331664 2012-06-13] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Photosmart 5510 series): C:\WINDOWS\system32\HPDiscoPMa111.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\sht13c Langmon: C:\WINDOWS\system32\sht13clm.dll [70424 2021-07-30] (联想图像(天津)科技有限公司 -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\110.0.5481.178\Installer\chrmstp.exe [2023-02-27] (Google LLC -> Google LLC)
Startup: C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 2510 series.lnk [2020-11-22]
ShortcutAndArgument: Monitor Ink Alerts - HP Deskjet 2510 series.lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP Deskjet 2510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN2CR3JQFF05TX;CONNECTION=USB;MONITOR=1;
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {09E581F4-6353-48A2-ADA4-95FD2037EDF5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-11] (Google Inc -> Google Inc.)
Task: {33A01DC2-E3D9-4857-A46B-9CE1B8585E95} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {36640D29-E85B-4262-B733-8EBD10BFDB75} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe (No File)
Task: {50C3C8FB-47BB-475C-BAC8-36045F8F020A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {906BD8F2-3D31-459D-A788-5114FADAEDCD} - System32\Tasks\CCleanerSkipUAC - Pedro => C:\Program Files\CCleaner\CCleaner.exe [32631096 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {944E74FD-32B9-492E-B774-93AE6BE3466C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {94A6C6A6-95F7-483A-9571-19FA4D1162C7} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [694176 2023-01-11] (Mozilla Corporation -> Mozilla Foundation)
Task: {9C651596-A1CC-468F-9A98-72D135E959DB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {CB36A6A5-9529-4148-AF4B-3EB1AD6C6E01} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D17FDC10-6084-4D7D-86DC-B4C29A23671E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {DA78985A-2065-465D-944B-55C9144D8ADB} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2023-02-08] (Piriform Software Ltd -> Piriform)
Task: {E8B245CC-08F2-4F0B-B70E-BC418A910793} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-11] (Google Inc -> Google Inc.)
Task: {EB05FDC5-C030-48BC-BA23-0D6AB6D3288E} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3961528 2016-11-04] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {EBB081CF-2192-437E-AE5D-267B4C2D7A6F} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703544 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "4c93b20a-77fc-46b0-b5b1-cab1643b3be6" --version "6.09.10300" --silent
Task: {EC1D9429-82B4-4E93-94C7-FB52319D82BC} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [660896 2023-01-11] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {F067FB99-1CA1-4579-B2B1-B5786FD61F15} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe -autostart (No File)
Task: {FB1C2528-BEA5-4722-B635-B0AD2C91A113} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ac0d6cbe-f5ed-45ea-b2e8-a97d491a4b4e}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Pedro\AppData\Local\Microsoft\Edge\User Data\Default [2023-02-07]
FireFox:
========
FF DefaultProfile: bepvh05g.default-1615563011198
FF ProfilePath: C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\bepvh05g.default-1615563011198 [2023-02-07]
FF HKLM\...\Firefox\Extensions: [FFExtnHTML2PDF@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi
FF Extension: (Foxit PDF Creator) - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi [2017-10-09] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [FFExtnHTML2PDF@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2017-10-18] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2017-10-18] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2017-10-18] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2017-10-18] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @IPC/npmedia3.3.16559.0,version=3.3.16559.0 -> C:\Program Files\webrec\Torch\3.3.16559.0\npmedia3.3.16559.0.dll [2019-09-12] (Zhejiang Dahua Technology CO.,LTD. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.211.2 -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-05-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.211.2 -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-05-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Web Components -> C:\Program Files (x86)\Web Components\npWebVideoPlugin.dll [2013-03-04] (HANGZHOU HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> )
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default [2023-03-01]
CHR Notifications: Default -> hxxps://web.whatsapp.com
CHR HomePage: Default -> hxxp://google.sk/
CHR DefaultSearchKeyword: Default -> google.sk__
CHR Session Restore: Default -> is enabled.
CHR Extension: (Just Black) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2020-08-02]
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2018-12-11]
CHR Extension: (Authenticator) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhghoamapcdpbohphigoooaddinpkbai [2021-11-09]
CHR Extension: (uBlock Origin) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-02-28]
CHR Extension: (Multi Chat - Messenger for WhatsApp) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\dllplfhjknghhdneiblmkolbjappecbe [2021-08-26]
CHR Extension: (I don't care about cookies) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2023-02-28]
CHR Extension: (Web Components) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\filcobblndaenakhejinpjdblekilpgn [2018-12-11]
CHR Extension: (Vzdialená plocha Chrome) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-07-20]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-02-07]
CHR Extension: (AdBlock - najlepší blokovač reklám) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-02-28]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2022-12-13]
CHR Extension: (Video Downloader Pro) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\klkegmdjeiklkjdjjbknjgdpdbaojdkk [2022-07-11]
CHR Extension: (Google Play) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2018-12-11]
CHR Extension: (Save as PDF) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdjmbiefanbdgnkcikhllpmjnnllbbc [2022-09-24]
CHR Extension: (Numerics Calculator & Converter) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\liglcienpnkhdajdfmnpbgmpjglonipe [2018-12-11]
CHR Extension: (Number Search) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\mknlabdjmmionkakcobggbihpiaelbnk [2021-03-06]
CHR Extension: (Whatsapp for PC - Download in Windows/Mac) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnlmidmemdekifapeeajgndjgapgmhph [2022-04-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-03]
CHR Extension: (Psykopaint) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil [2018-12-11]
CHR Profile: C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\System Profile [2023-02-07]
CHR HKLM\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx [2017-10-09]
CHR HKU\S-1-5-21-622939137-141225199-2558093129-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx [2017-10-09]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\111.0.5563.12\remoting_host.exe [74520 2023-02-02] (Google LLC -> Google LLC)
S2 CIJSRegister; C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe [144784 2018-04-18] (Canon Inc. -> CANON INC.)
S3 FoxitPhantomService; C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\FoxitConnectedPDFService.exe [1658944 2017-10-29] (Foxit Software Incorporated -> Foxit Software Inc.)
S2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [288360 2021-05-12] (HP Inc. -> HP Inc.)
S2 NbfcService; C:\Program Files (x86)\NoteBook FanControl\NbfcService.exe [8704 2018-11-03] (StagWare) [File not signed]
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [447784 2007-12-13] (Nero AG -> Nero AG)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
S2 VMSWatchdog; C:\Program Files\Luxriot\Luxriot Monitor\VMSWatchdog.exe [675568 2019-04-23] (A&H Software House Inc -> A&H Software House, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe [3191256 2023-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe [133576 2023-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 ymc; C:\Program Files\Lenovo\YMC\ymc.exe [49032 2016-12-23] (LENOVO -> Lenovo)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 googledrivefs31092; C:\WINDOWS\System32\DRIVERS\googledrivefs31092.sys [384600 2023-02-08] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
S3 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [81688 2018-03-03] (Insecure.Com LLC -> Insecure.Com LLC.)
R2 NPF; C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\npf64.sys [36600 2015-12-16] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 ROCKEYNT; C:\WINDOWS\system32\DRIVERS\Rockey4.sys [36904 2019-10-29] (Feitian Technologies Co., Ltd. -> Feitian Technologies Co., Ltd.)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [44976 2018-06-01] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 usbscan; C:\WINDOWS\system32\DRIVERS\usbscan.sys [49152 2020-11-24] (Microsoft Corporation) [File not signed]
S3 uvhid; C:\WINDOWS\System32\drivers\uvhid.sys [28128 2017-12-13] (Unified Intents AB -> Windows (R) Win 7 DDK provider)
R3 WacHidRouterPro; C:\WINDOWS\System32\drivers\wachidrouter.sys [131288 2021-11-19] (WDKTestCert dant_ppxe9ny,132779414088034662 -> Wacom Technology, Corp.)
R3 wacomrouterfilter; C:\WINDOWS\System32\drivers\wacomrouterfilter.sys [29368 2021-11-19] (WDKTestCert dant_ppxe9ny,132779414088034662 -> Wacom Technology, Corp.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2023-02-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [473336 2023-02-14] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99576 2023-02-14] (Microsoft Windows -> Microsoft Corporation)
R1 WinRing0_1_2_0; C:\Program Files (x86)\NoteBook FanControl\WinRing0x64.sys [14544 2019-02-02] (Noriyuki MIYAZAKI -> OpenLibSys.org)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-03-01 15:22 - 2023-03-01 15:25 - 000026671 _____ C:\Users\Pedro\Desktop\FRST.txt
2023-03-01 15:02 - 2023-03-01 15:02 - 008791352 _____ (Malwarebytes) C:\Users\Pedro\Desktop\adwcleaner (1).exe
2023-02-28 22:56 - 2023-02-28 22:56 - 002378752 _____ (Farbar) C:\Users\Pedro\Desktop\FRST64.exe
2023-02-15 16:56 - 2023-02-15 16:56 - 000000000 ___HD C:\$WinREAgent
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-03-01 15:26 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-03-01 15:24 - 2019-01-21 18:38 - 000000000 ____D C:\FRST
2023-03-01 14:56 - 2020-11-24 08:12 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-03-01 14:36 - 2018-12-11 19:59 - 000000000 ____D C:\Program Files (x86)\Google
2023-03-01 10:36 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-03-01 10:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-03-01 09:53 - 2018-12-13 21:02 - 000000000 ____D C:\Users\Pedro\AppData\LocalLow\Mozilla
2023-03-01 09:15 - 2019-01-11 19:26 - 000000000 ____D C:\Program Files\CCleaner
2023-02-28 23:24 - 2020-11-24 08:41 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-02-28 23:24 - 2020-11-24 08:41 - 000003508 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-02-28 23:10 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-02-28 22:20 - 2019-01-29 17:03 - 000000000 ____D C:\Users\Pedro\AppData\Roaming\Spotify
2023-02-28 21:13 - 2019-01-29 17:05 - 000000000 ____D C:\Users\Pedro\AppData\Local\Spotify
2023-02-27 23:38 - 2018-12-11 19:59 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-02-26 01:25 - 2020-06-08 01:00 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-02-24 00:04 - 2018-12-11 19:23 - 000000000 ____D C:\Users\Pedro\AppData\Local\Packages
2023-02-20 21:27 - 2022-02-08 16:02 - 000000000 ____D C:\Users\Pedro\AppData\Roaming\WTablet
2023-02-15 18:09 - 2021-11-01 11:48 - 000000000 ____D C:\Users\Pedro\AppData\Local\LogiBolt
2023-02-15 18:09 - 2020-11-24 08:31 - 000923288 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-02-15 18:09 - 2019-04-09 23:11 - 000079644 _____ C:\WINDOWS\system32\perfh01B.dat
2023-02-15 18:09 - 2019-04-09 23:11 - 000020994 _____ C:\WINDOWS\system32\perfc01B.dat
2023-02-15 18:07 - 2019-11-27 21:40 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2023-02-15 18:07 - 2018-12-11 20:27 - 000000000 __SHD C:\Users\Pedro\IntelGraphicsProfiles
2023-02-15 18:03 - 2020-11-24 08:12 - 005036864 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-02-15 18:02 - 2022-10-22 16:54 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-02-15 18:02 - 2020-11-24 08:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-02-15 18:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-02-15 18:01 - 2020-11-24 08:12 - 000008192 ___SH C:\DumpStack.log.tmp
2023-02-15 18:00 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-02-15 17:59 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-02-15 17:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-02-15 17:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-02-15 17:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-02-15 17:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-02-15 17:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-02-15 17:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-02-15 17:40 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-02-15 17:25 - 2020-11-24 08:16 - 003015680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-02-15 16:46 - 2018-12-11 20:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2023-02-15 16:42 - 2018-12-12 00:28 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-02-15 16:19 - 2018-12-12 00:27 - 149955784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-02-14 23:20 - 2018-12-12 06:15 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-02-14 21:15 - 2022-10-22 16:54 - 000003472 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-02-14 21:15 - 2022-09-26 11:12 - 000000000 ____D C:\Users\Pedro\AppData\Local\CrashDumps
2023-02-14 21:15 - 2020-11-24 08:41 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-02-13 11:14 - 2019-02-02 13:06 - 000000000 ____D C:\ProgramData\NbfcService
2023-02-08 17:39 - 2021-08-31 19:53 - 000002017 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2023-02-08 17:39 - 2021-08-31 19:53 - 000001859 _____ C:\Users\Default\Desktop\Google Slides.lnk
2023-02-08 17:39 - 2021-08-31 19:53 - 000001859 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2023-02-08 17:39 - 2021-08-31 19:53 - 000001847 _____ C:\Users\Default\Desktop\Google Docs.lnk
2023-02-07 20:42 - 2021-01-30 22:34 - 000005632 _____ C:\Users\Pedro\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2023-02-07 20:31 - 2018-12-11 20:09 - 000000000 ____D C:\Users\Pedro\AppData\Roaming\vlc
2023-02-07 19:22 - 2018-12-11 21:34 - 000000000 ____D C:\Program Files\Google
2023-02-01 23:21 - 2021-12-13 11:15 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-622939137-141225199-2558093129-1001
2023-02-01 23:21 - 2020-11-24 08:41 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-622939137-141225199-2558093129-1001
2023-02-01 23:21 - 2020-11-24 08:19 - 000002412 _____ C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
==================== Files in the root of some directories ========
2019-10-01 21:27 - 2019-09-05 09:18 - 011902976 _____ () C:\Program Files\BMC CONFIG.exe
2018-12-21 11:33 - 2018-10-25 17:31 - 011427840 _____ () C:\Program Files\BMC-CONFIG-1.exe
2018-12-12 15:47 - 2022-05-13 16:46 - 000000132 _____ () C:\Users\Pedro\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2020-10-28 15:25 - 2020-10-31 11:25 - 000000014 _____ () C:\Users\Pedro\AppData\Roaming\obs-virtualcam.txt
2021-01-30 22:34 - 2023-02-07 20:42 - 000005632 _____ () C:\Users\Pedro\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-05-03 19:41 - 2019-05-03 19:41 - 000000218 _____ () C:\Users\Pedro\AppData\Local\recently-used.xbel
2018-12-29 23:29 - 2019-02-13 20:22 - 000007603 _____ () C:\Users\Pedro\AppData\Local\Resmon.ResmonCfg
2019-05-03 16:33 - 2019-05-03 16:33 - 000000000 _____ () C:\Users\Pedro\AppData\Local\zenmap.exe.log
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-02-2023
Ran by Pedro (01-03-2023 15:29:41)
Running from C:\Users\Pedro\Desktop
Microsoft Windows 10 Home Version 22H2 19045.2604 (X64) (2020-11-24 07:43:03)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-622939137-141225199-2558093129-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-622939137-141225199-2558093129-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-622939137-141225199-2558093129-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-622939137-141225199-2558093129-501 - Limited - Disabled)
Pedro (S-1-5-21-622939137-141225199-2558093129-1001 - Administrator - Enabled) => C:\Users\Pedro
WDAGUtilityAccount (S-1-5-21-622939137-141225199-2558093129-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\uTorrent) (Version: 3.5.5.46206 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\{A2BCA9F1-566C-4805-97D1-7FDC93386723}) (Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Advanced IP Scanner 2.5 (HKLM-x32\...\{E35BC1CF-235D-4995-A816-59D3615C3B9A}) (Version: 2.5.3850 - Famatech)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.5.0.69 - Canon Inc.)
Canon MG4200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4200_series) (Version: 1.02 - Canon Inc.)
Canon MP230 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP230_series) (Version: 1.04 - Canon Inc.)
CanoScan LiDE 300 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2417S) (Version: 1.00 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.09 - Piriform)
CCleaner Update Helper (HKLM-x32\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1583.3 - Piriform Software) Hidden
ConfigTool 5.001.0000001.0 (HKLM-x32\...\ConfigTool) (Version: 5.001.0000001.0 - )
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
E-CONFIG 3.8.6-SK/SK (HKLM-x32\...\E-CONFIG (SK/SK)_is1) (Version: 3.8.6 - Eaton Elektrotechnika s.r.o.)
Foxit PhantomPDF (HKLM-x32\...\{1668067E-BD47-11E7-B267-000C296BF29B}) (Version: 9.0.0.29935 - Foxit Software Inc.)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 70.0.2.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 110.0.5481.178 - Google LLC)
HP Deskjet 2510 series Basic Device Software (HKLM\...\{293CC68A-32BA-4BA4-84BD-0DCF6583566F}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 2510 series Setup Guide (HKLM-x32\...\{216C7F38-4BBC-4E9A-8392-C9FA21B54386}) (Version: 27.0.0 - Hewlett Packard)
HP Photosmart 5510 series Basic Device Software (HKLM\...\{CFF43B48-42A1-4967-9506-7E341BBD075F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Chrome Remote Desktop Host (HKLM-x32\...\{947DBF18-E228-4F2D-9D2A-6FCA4B5AAE3C}) (Version: 111.0.5563.12 - Google LLC)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
IrfanView 4.51 (64-bit) (HKLM\...\IrfanView64) (Version: 4.51 - Irfan Skiljan)
iSpy (64 bit) (HKLM\...\{BB26C3B0-86F2-4C85-92E0-D998C122BD07}) (Version: 7.2.0.0 - DeveloperInABox)
iSpy package installer (64 bit) (HKLM-x32\...\{570e7cf8-e943-4538-9873-b3bee2c47f11}) (Version: 7.2.0.0 - DeveloperInABox)
iVMS-4200(v2.4.1.3) (HKLM-x32\...\{7697245D-2E00-4B83-AD27-C051DE314D1F}) (Version: 2.4.1.3 - hikvision)
Java 8 Update 211 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11103 - Realtek Semiconductor Corp.)
Lenovo Yoga Mode Control (HKLM\...\{3F2E25D6-49D3-45D5-A7BD-13F5D6F64171}_is1) (Version: 2.0.0.9 - Lenovo)
Lingea Lexicon 2002 (HKLM-x32\...\Lexicon 4.0) (Version: - )
Logi Bolt (HKLM\...\LogiBolt) (Version: 1.2.6024.0 - Logi)
Logitech Options (HKLM\...\LogiOptions) (Version: 9.70.68 - Logitech)
Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
Luxriot x64 Monitor (HKLM\...\{29ECCDB0-2FDF-4441-A8D1-070666430AF8}) (Version: 1.13.0.7258 - A&H Software House Inc) Hidden
Luxriot x64 Monitor (HKLM-x32\...\{a767123e-2682-4296-b9b5-a2f8e203e66c}) (Version: 1.13.0.7258 - A&H Software House Inc)
Microsoft Access database engine 2016 (English) (HKLM\...\{90160000-00D1-0409-1000-0000000FF1CE}) (Version: 16.0.5044.1000 - Microsoft Corporation)
Microsoft Access MUI (Slovak) 2013 (HKLM\...\{90150000-0015-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft DCF MUI (Slovak) 2013 (HKLM\...\{90150000-0090-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 110.0.1587.57 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 110.0.1587.57 - Microsoft Corporation)
Microsoft Excel MUI (Slovak) 2013 (HKLM\...\{90150000-0016-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (Slovak) 2013 (HKLM\...\{90150000-00BA-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (Slovak) 2013 (HKLM\...\{90150000-0044-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (Slovak) 2013 (HKLM\...\{90150000-012B-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 2013 Professional Plus (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office 32-bit Components 2013 (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Nyelvi ellenőrző eszközök 2013 – magyar (HKLM\...\{90150000-001F-040E-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Slovak) 2013 (HKLM\...\{90150000-00E1-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Slovak) 2013 (HKLM\...\{90150000-00E2-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Slovak) 2013 (HKLM\...\{90150000-002C-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (Slovak) 2013 (HKLM\...\{90150000-00C1-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Slovak) 2013 (HKLM\...\{90150000-006E-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-622939137-141225199-2558093129-1000\...\OneDriveSetup.exe) (Version: 18.212.1021.0008 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\OneDriveSetup.exe) (Version: 23.007.0109.0004 - Microsoft Corporation)
Microsoft OneNote MUI (Slovak) 2013 (HKLM\...\{90150000-00A1-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Slovak) 2013 (HKLM\...\{90150000-001A-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Slovak) 2013 (HKLM\...\{90150000-0018-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (Slovak) 2013 (HKLM\...\{90150000-0019-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Teams (HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\Teams) (Version: 1.4.00.16575 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft Visual Basic for Applications 7.1 (x64) (HKLM\...\{90120064-0070-0000-0000-4000000FF1CE}) (Version: 7.1.00.00 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x64) English (HKLM\...\{90F60409-7000-11D3-8CFE-0150048383C9}) (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.23026 (HKLM-x32\...\{BE960C1C-7BAD-3DE6-8B1A-2616FE532845}) (Version: 14.0.23026 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.23026 (HKLM-x32\...\{A2563E55-3BEC-3828-8D67-E5E8B9E8B675}) (Version: 14.0.23026 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29112 (HKLM-x32\...\{0f770e99-3916-4b0c-8f9b-83822826bcbf}) (Version: 14.27.29112.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.27.29112 (HKLM\...\{1B4EDD59-90CE-4BDE-8520-630981088165}) (Version: 14.27.29112 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.27.29112 (HKLM\...\{37BB1766-C587-49AE-B2DB-618FBDEAB88C}) (Version: 14.27.29112 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Word MUI (Slovak) 2013 (HKLM\...\{90150000-001B-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft_VC80_ATL_x86_x64 (HKLM\...\{925D058B-564A-443A-B4B2-7E90C6432E55}) (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (HKLM-x32\...\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}) (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (HKLM\...\{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}) (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (HKLM-x32\...\{D1A19B02-817E-4296-A45B-07853FD74D57}) (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (HKLM\...\{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}) (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (HKLM-x32\...\{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}) (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (HKLM\...\{1E9FC118-651D-4934-97BE-E53CAE5C7D45}) (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (HKLM-x32\...\{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}) (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (HKLM\...\{8557397C-A42D-486F-97B3-A2CBC2372593}) (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (HKLM-x32\...\{08D2E121-7F6A-43EB-97FD-629B44903403}) (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (HKLM\...\{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}) (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (HKLM-x32\...\{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}) (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (HKLM\...\{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}) (Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox (x64 sk) (HKLM\...\Mozilla Firefox 108.0.2 (x64 sk)) (Version: 108.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nero 8 (HKLM-x32\...\{5FCCD531-1B38-4A94-924C-127F722F1051}) (Version: 8.2.89 - Nero AG)
neroxml (HKLM-x32\...\{56C049BE-79E9-4502-BEA7-9754A3E60F9B}) (Version: 1.0.0 - Nero AG) Hidden
Nmap 7.70 (HKLM-x32\...\Nmap) (Version: 7.70 - Nmap Project)
NoteBook FanControl (HKLM-x32\...\{571aa591-06c8-4dc3-938e-06d205a87ce4}) (Version: 1.6.1.0 - Stefan Hirschmann - StagWare)
NoteBook FanControl (HKLM-x32\...\{798653AE-0FC0-4380-AAAF-EF52B1407B79}) (Version: 1.6.1.0 - Stefan Hirschmann - StagWare) Hidden
Npcap 0.99-r2 (HKLM-x32\...\NpcapInst) (Version: 0.99-r2 - Nmap Project)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 26.0.2 - OBS Project)
Odinštalovať tlačiareň EPSON Stylus SX400 Series (HKLM\...\EPSON Stylus SX400 Series) (Version: - SEIKO EPSON Corporation)
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
Radmin Viewer 3.5.2 (HKLM-x32\...\{9F9073EA-5DCE-4B23-8A0C-C7D2C89AEADC}) (Version: 3.52.1.0000 - Famatech)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39053 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7530 - Realtek Semiconductor Corp.)
Redist (HKLM\...\{DD3079E6-48D8-4F2F-AE3F-B89003738390}) (Version: 2.0 - Redist) Hidden
SADPTool (HKLM-x32\...\{7D9B79C2-B1B2-433B-844F-F4299B86F26E}) (Version: 3.0.0.16 - hikvision)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0015-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0016-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0018-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0019-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001A-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001B-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}_Office15.PROPLUSR_{1E8252A7-D489-4BB6-9694-93799FFD33ED}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{DABB9E2A-F054-4F97-9EB2-6992316C6EC7}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{835E4BED-E265-4103-AE14-0B4C70CF3FE8}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-040E-1000-0000000FF1CE}_Office15.PROPLUSR_{0BEA5B9F-ECCB-466F-8AD4-66A0DAD86A56}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{4601BD00-BC9B-4CA2-940C-2552782C7347}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-002C-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{B0E9B602-008E-43F0-8485-08C53F76926B}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0044-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-006E-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{462FD7CD-0F6D-41ED-929F-0AEC8F146E90}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0090-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00A1-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00BA-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{1931508C-C004-4983-81E3-70BE6252904B}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00C1-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{6A703F65-EF3F-45FA-B14F-B74DE1A03B93}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00E1-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00E2-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-012B-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
SolarWinds IP Address Tracker (HKLM-x32\...\InstallShield_{41505E91-CB79-475C-9FC4-8C6A9B613A18}) (Version: 1 - SolarWinds)
Spotify (HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\Spotify) (Version: 1.2.5.1006.g22820f93 - Spotify AB)
SpotiKeep Converter 3.0.10 (HKLM\...\e2855b0a-8583-5741-8c28-e53db40adbe1) (Version: 3.0.10 - SpotiKeep)
StreamFX for OBS Studio version 0.9.2.0 (HKLM\...\{DE56A03A-C8A4-474B-83B0-CFD270262D38}}_is1) (Version: 0.9.2.0 - Xaymars Technology Workshop)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
Unified Remote (HKLM-x32\...\{415B4714-4F8C-49C6-B310-881EAF892CFB}_is1) (Version: 3.6.1 - Unified Intents AB)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
UsbFix Anti-Malware Premium (HKLM-x32\...\Usbfix) (Version: 11.0.2.3 - SOSVirus (SOSVirus.Net))
VCRedistSetup (HKLM-x32\...\{3921A67A-5AB1-4E48-9444-C71814CF3027}) (Version: 1.0.0 - Nero AG) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.45-1 - Wacom Technology Corp.)
Web Components (HKLM-x32\...\{03B13AF8-9625-478A-AF0E-205337B9415A}_is1) (Version: - )
webcamXP 5 Free (HKLM-x32\...\wLite) (Version: 5.9.8.7 - Moonware Studios)
WhatsApp (HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\WhatsApp) (Version: 2.2245.9 - WhatsApp)
Winamp (HKLM-x32\...\Winamp) (Version: 5.8 - Winamp SA)
Windows Kontrola stavu počítača (HKLM\...\{8D6B9DC1-A437-41E0-8DF1-9F37748394AE}) (Version: 3.6.2204.08001 - Microsoft Corporation)
WinRAR archivátor (HKLM\...\WinRAR archiver) (Version: - )
WinRAR archivátor (HKLM-x32\...\WinRAR archiver) (Version: - )
ZWCAD Architecture 2019 English (HKLM\...\{FEC04AC9-A003-1033-A001-BAB53898898A}) (Version: 19.2.2019.0222 - ZWSOFT)
ZWSOFT 2019 Network License Manager(TS) ENU (HKLM\...\{FEC04AC9-2019-0000-A105-BAB53898898A}) (Version: 3.0.0 - ZWSOFT)
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.30.50.0_x64__kgqvnymyfvs32 [2023-02-14] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.237.500.0_x64__kgqvnymyfvs32 [2023-02-24] (king.com)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-02-19] (Canon Inc.)
Car Parking : Real Driver Parking Simulator -> C:\Program Files\WindowsApps\31252IrfanShafi.CarParkingRealDriverParkingSimulat_1.1.0.0_x86__m164m09tj2s82 [2020-08-02] (RLA Secret Solutions) [MS Ad]
Doplnok mediálneho nástroja pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-10-18] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_142.3.139.0_x64__v10z8vjag6ke6 [2023-01-27] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_53.10126.517.0_x64__8wekyb3d8bbwe [2023-02-21] (Microsoft Corporation)
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.19.6301.0_x64__8wekyb3d8bbwe [2023-02-25] (Microsoft Studios)
Musixmatch Lyrics - Sing along Spotify, iTunes, Windows Media Player -> C:\Program Files\WindowsApps\MUSIXMATCH.LYRICS_3.15.15598.0_x86__7gejyv32yt3te [2022-12-26] (Musixmatch) [Startup Task]
Sleep♯ -> C:\Program Files\WindowsApps\40865CJS3.SleepSharp_5.6.0.0_neutral__z61s08h0ks9h4 [2022-12-26] (CJS3) [Startup Task]
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2022-12-09] (Microsoft Studios) [MS Ad]
TreeSize Free (Outdated) -> C:\Program Files\WindowsApps\JAMSoftware.TreeSizeFree_5.0.0.0_x86__37s2tpab2h9zg [2022-11-23] (JAM Software)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x64__8wekyb3d8bbwe [2023-02-24] (Microsoft Corporation)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x86__8wekyb3d8bbwe [2023-02-24] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-622939137-141225199-2558093129-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Pedro\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21063.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\70.0.2.0\drivefsext.dll [2023-02-08] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\70.0.2.0\drivefsext.dll [2023-02-08] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\70.0.2.0\drivefsext.dll [2023-02-08] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\70.0.2.0\drivefsext.dll [2023-02-08] (Google LLC -> Google, Inc.)
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll [2007-12-04] (Nero AG -> Nero AG)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\70.0.2.0\drivefsext.dll [2023-02-08] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2017-10-21] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-02-10] () [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-02-10] () [File not signed]
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\70.0.2.0\drivefsext.dll [2023-02-08] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> No File
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-02-10] () [File not signed]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-02-10] () [File not signed]
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\70.0.2.0\drivefsext.dll [2023-02-08] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-06-12] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2017-10-21] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-02-10] () [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-02-10] () [File not signed]
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Pedro\Desktop\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=efmjfjelnicpmdcmfikempdhlmainjcb
ShortcutWithArgument: C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=efmjfjelnicpmdcmfikempdhlmainjcb
ShortcutWithArgument: C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\Vzdialená plocha Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\Pedro\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\ab54bbbab588e14c\Vzdialená plocha Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\Pedro\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\4dc787a6350dc47a\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=efmjfjelnicpmdcmfikempdhlmainjcb
==================== Loaded Modules (Whitelisted) =============
2018-12-11 20:33 - 2010-02-10 18:10 - 000166400 _____ () [File not signed] C:\Program Files\WinRAR\rarext.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKLM\...\.scr: ZWCAD.SCR.2019 => <==== ATTENTION
==================== Internet Explorer (Whitelisted) ==========
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll => No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\ssv.dll [2019-05-03] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-05-03] (Oracle America, Inc. -> Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2018-03-14] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\localhost -> localhost
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-07-16 12:47 - 2019-01-21 21:12 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\NoteBook FanControl\
HKU\S-1-5-21-622939137-141225199-2558093129-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-622939137-141225199-2558093129-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
Network Binding:
=============
Sieťové pripojenie Bluetooth 2: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Wi-Fi: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "RtHDVBg_LENOVO_DOLBYDRAGON"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "RtHDVBg_Dolby"
HKLM\...\StartupApproved\Run: => "LogiBolt"
HKLM\...\StartupApproved\Run: => "LogiOptions"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "AdobeCS5ServiceManager"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\StartupApproved\Run: => "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\StartupApproved\Run: => "Unified Remote V3"
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\StartupApproved\Run: => "EPSON Stylus SX400"
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{C388B45F-CCF6-4BF4-BEFC-26CC87F09E92}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{2E99B1EB-45F3-466A-8638-C76BE2CA54A4}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{1B7C9459-086B-45BC-839B-8FA7C1553622}C:\program files\obs-studio\bin\64bit\obs64.exe] => (Allow) C:\program files\obs-studio\bin\64bit\obs64.exe (Hugh Bailey -> OBS)
FirewallRules: [TCP Query User{24DA6633-4271-4D34-9973-19236823C09C}C:\program files\obs-studio\bin\64bit\obs64.exe] => (Allow) C:\program files\obs-studio\bin\64bit\obs64.exe (Hugh Bailey -> OBS)
FirewallRules: [UDP Query User{C5FE22E9-7CE3-48B3-9302-7CA89E716661}C:\program files\obs-studio\bin\64bit\obs64.exe] => (Allow) C:\program files\obs-studio\bin\64bit\obs64.exe (Hugh Bailey -> OBS)
FirewallRules: [TCP Query User{2203405E-0F58-4786-AD49-A2821687F7D4}C:\program files\obs-studio\bin\64bit\obs64.exe] => (Allow) C:\program files\obs-studio\bin\64bit\obs64.exe (Hugh Bailey -> OBS)
FirewallRules: [{9271D287-3B03-446A-83CB-9530A05A024B}] => (Allow) C:\Program Files\HP\HP Deskjet 2510 series\Bin\USBSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{0B9605DE-7787-4987-B411-2F1876C02B42}] => (Allow) C:\Users\Pedro\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{2DDE39A1-850E-4706-98AF-E52635C3EDD5}] => (Allow) C:\Users\Pedro\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{C4C0FA74-A80E-472E-8E9C-333FD52D29E0}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{D902211D-9354-4BFE-A06C-26A896976BF0}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [UDP Query User{DEE7462F-B1CE-4F95-B29C-E1A10CCAA945}C:\program files (x86)\sadptool\sadptool.exe] => (Allow) C:\program files (x86)\sadptool\sadptool.exe (HANGZHOU HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> )
FirewallRules: [TCP Query User{E7E5FC45-0E57-41F4-B6E0-16FA99B27206}C:\program files (x86)\sadptool\sadptool.exe] => (Allow) C:\program files (x86)\sadptool\sadptool.exe (HANGZHOU HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> )
FirewallRules: [{46CA0B6B-A7A8-4B4F-94BA-98259D07327E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{497F3415-CA52-44AA-A2AC-1268AFD39677}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{4B72AB8F-20C9-483F-A209-F1D1AF828E67}C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe] => (Allow) C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe (HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> )
FirewallRules: [TCP Query User{D7AFD402-0D73-4241-9E4B-96FC807FFC1E}C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe] => (Allow) C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe (HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> )
FirewallRules: [{5510C1C7-49E0-4511-AC9C-DDBE9FBAA4D2}] => (Allow) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe (Unified Intents AB -> Unified Intents AB)
FirewallRules: [{6480C428-4763-49F2-A368-21E9408CC995}] => (Allow) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe (Unified Intents AB -> Unified Intents AB)
FirewallRules: [TCP Query User{413C9282-9322-4C31-8652-FD0A3DD27DD3}C:\users\pedro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pedro\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{EBC8962A-0A0A-4126-B9CC-2710A822A2F5}C:\users\pedro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pedro\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AAD5C933-D3A9-423E-92A8-5266D5522771}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{DA41A567-E6A4-491E-8D10-D57F70C954FD}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [TCP Query User{831F3986-BE21-4662-BECF-0ADD81D41FEC}C:\users\pedro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pedro\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{502AFB93-29B6-46EC-8671-03896532D7B9}C:\users\pedro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pedro\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{05685123-85C0-4777-A781-AC290F2A5320}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{1335954A-2D6B-4884-A43C-0377DDC054D8}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{8EF246D1-3799-4709-950E-1DF2D3CAF93C}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{AADAE51F-18E5-453D-A09B-2C4EE64F9576}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{F0F8BE16-C3EF-4AAE-8DA8-28FD3D7E6389}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [TCP Query User{4D0E8782-5881-4075-B1ED-93A70CA88E7F}C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe] => (Allow) C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe (HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> )
FirewallRules: [UDP Query User{9FC35E53-68A8-4CC9-AC0B-CA9B20B5FB2F}C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe] => (Allow) C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe (HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> )
FirewallRules: [{8900065F-4283-45C6-BCBC-1E1B1CA8A6EA}] => (Allow) C:\Program Files (x86)\webcamXP5\webcamXP.exe (Steve Niquille -> Moonware Studios)
FirewallRules: [{38EFD0AC-20FA-45CC-B62B-85D929E5BE26}] => (Allow) C:\Program Files (x86)\webcamXP5\webcamXP.exe (Steve Niquille -> Moonware Studios)
FirewallRules: [TCP Query User{C9F451DB-61AC-4584-AABE-6900B1E335F2}C:\program files\ispy\ispy.exe] => (Allow) C:\program files\ispy\ispy.exe (www.ispyconnect.com) [File not signed]
FirewallRules: [UDP Query User{4DC980C1-47DE-4471-B55D-16A7D875384B}C:\program files\ispy\ispy.exe] => (Allow) C:\program files\ispy\ispy.exe (www.ispyconnect.com) [File not signed]
FirewallRules: [TCP Query User{15A8A5D2-2E88-4734-870E-71B45AFDB0B6}C:\program files\ispy\ispy.exe] => (Allow) C:\program files\ispy\ispy.exe (www.ispyconnect.com) [File not signed]
FirewallRules: [UDP Query User{088B0891-220F-42E3-BDCB-769B741751A7}C:\program files\ispy\ispy.exe] => (Allow) C:\program files\ispy\ispy.exe (www.ispyconnect.com) [File not signed]
FirewallRules: [{0010A377-D398-4A97-8477-62168453B890}] => (Block) C:\Program Files\ZWSOFT\ZWCAD Architecture 2019 ENU\ZWCAD.exe (ZWCAD Software Co.,LTD -> ) [File not signed]
FirewallRules: [{09B391FE-B2DD-45E9-B8CE-AEA02835D8DC}] => (Block) C:\Program Files\ZWSOFT\ZWCAD Architecture 2019 ENU\ZWCAD.exe (ZWCAD Software Co.,LTD -> ) [File not signed]
FirewallRules: [{2297F71C-F234-47AC-BF1B-4F086E31397E}] => (Block) C:\Program Files\ZWSOFT\ZWCAD Architecture 2019 ENU\ZwUpdHost.exe (ZWCAD Software Co.,LTD -> )
FirewallRules: [{3B77929C-68BC-4D4C-80A0-D26A32AA91D6}] => (Block) C:\Program Files\ZWSOFT\ZWCAD Architecture 2019 ENU\CrashReportManagement.exe (ZWCAD Software Co.,LTD -> )
FirewallRules: [{A65F403E-AADA-4EE5-BB92-E9E17F40D464}] => (Block) C:\Program Files\ZWSOFT\ZWCAD Architecture 2019 ENU\ZWCAD.exe (ZWCAD Software Co.,LTD -> ) [File not signed]
FirewallRules: [{91D6B42E-8224-4B43-8F64-44DB7B09BA6D}] => (Block) C:\Program Files\ZWSOFT\ZWCAD Architecture 2019 ENU\ZwUpdHost.exe (ZWCAD Software Co.,LTD -> )
FirewallRules: [{98425261-43D4-41AC-8D15-F0DDDC7A0F13}] => (Block) C:\Program Files\ZWSOFT\ZWCAD Architecture 2019 ENU\ZwAuthHost.exe (ZWCAD Software Co.,LTD -> )
FirewallRules: [{FFAFFE88-8026-4E98-8535-74815C7CA262}] => (Block) C:\Program Files\ZWSOFT\ZWCAD Architecture 2019 ENU\ZwAuthHost.exe (ZWCAD Software Co.,LTD -> )
FirewallRules: [{8698031C-4E92-4175-810F-7F0B147FF0E0}] => (Block) C:\Program Files\ZWSOFT\ZWCAD Architecture 2019 ENU\ZWCAD.exe (ZWCAD Software Co.,LTD -> ) [File not signed]
FirewallRules: [{5F894448-A0DF-4403-B664-326DA6715D91}] => (Block) C:\Program Files\ZWSOFT\ZWCAD Architecture 2019 ENU\CrashReportManagement.exe (ZWCAD Software Co.,LTD -> )
FirewallRules: [{C878023A-519A-4610-8D65-EAB63CFE84D4}] => (Block) C:\Program Files\ZWSOFT\ZWCAD Architecture 2019 ENU\ArchZw14\ArchZw.exe (ZWCAD Software Co.,LTD -> )
FirewallRules: [{D10FE3E4-A4AC-4272-B993-C587DA7A46C1}] => (Block) C:\Program Files\ZWSOFT\ZWCAD Architecture 2019 ENU\ArchZw14\ArchZw.exe (ZWCAD Software Co.,LTD -> )
FirewallRules: [{B9F554B2-66DB-443B-96F7-83DBCC1767C5}] => (Block) C:\Program Files\ZWSOFT\ZWCAD Architecture 2019 ENU\ZwUpdHost.exe (ZWCAD Software Co.,LTD -> )
FirewallRules: [{E0D14554-71EC-4D15-A792-3F2610B4BBC7}] => (Block) C:\Program Files\ZWSOFT\ZWCAD Architecture 2019 ENU\ZwUpdHost.exe (ZWCAD Software Co.,LTD -> )
FirewallRules: [TCP Query User{7B3281BF-99CF-42BC-BE09-2D30C5CCDA79}C:\users\pedro\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\pedro\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{66C37EC1-8CE3-4214-829B-B6D95485D6AD}C:\users\pedro\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\pedro\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{7C26A1C5-24E2-4DE0-AB33-CA4B7F5DB5D8}C:\program files\ivms-4200 station\ivms-4200\ivms-4200 storage\nvrstoragesever.exe] => (Block) C:\program files\ivms-4200 station\ivms-4200\ivms-4200 storage\nvrstoragesever.exe (HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> )
FirewallRules: [UDP Query User{7A9CE0B8-0D21-44C5-98DF-9651B3E6ED11}C:\program files\ivms-4200 station\ivms-4200\ivms-4200 storage\nvrstoragesever.exe] => (Block) C:\program files\ivms-4200 station\ivms-4200\ivms-4200 storage\nvrstoragesever.exe (HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> )
FirewallRules: [{8168A9FB-3C3B-4623-A73E-7B0584D72B3E}] => (Allow) C:\Program Files\WindowsApps\MUSIXMATCH.LYRICS_3.15.15598.0_x86__7gejyv32yt3te\app\Musixmatch.exe (Musixmatch) [File not signed]
FirewallRules: [{9F518D6C-CB86-430D-894F-2FD85388E173}] => (Allow) C:\Program Files\WindowsApps\MUSIXMATCH.LYRICS_3.15.15598.0_x86__7gejyv32yt3te\app\Musixmatch.exe (Musixmatch) [File not signed]
FirewallRules: [TCP Query User{7864D477-7AC5-4369-A57A-A431E159EA1E}C:\program files (x86)\configtool\configtool.exe] => (Allow) C:\program files (x86)\configtool\configtool.exe () [File not signed]
FirewallRules: [UDP Query User{73D660F5-1C2A-4795-B3C9-89012BE39A1E}C:\program files (x86)\configtool\configtool.exe] => (Allow) C:\program files (x86)\configtool\configtool.exe () [File not signed]
FirewallRules: [TCP Query User{F0E400AB-62F9-4C39-926A-9A8E5FD2BC38}C:\program files\webrec\torch\3.3.16559.0\webactivex3.3.16559.0.exe] => (Allow) C:\program files\webrec\torch\3.3.16559.0\webactivex3.3.16559.0.exe (Zhejiang Dahua Technology CO.,LTD. -> )
FirewallRules: [UDP Query User{4946C431-229A-45C0-9E77-3A5EB0388CD2}C:\program files\webrec\torch\3.3.16559.0\webactivex3.3.16559.0.exe] => (Allow) C:\program files\webrec\torch\3.3.16559.0\webactivex3.3.16559.0.exe (Zhejiang Dahua Technology CO.,LTD. -> )
FirewallRules: [{3B43F624-4555-4714-890B-8AA1307BBD01}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{D42AD2FE-4EF8-403A-96D7-A28D2D5474E1}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\111.0.5563.12\remoting_host.exe (Google LLC -> Google LLC)
FirewallRules: [{58938B15-698A-405E-A21A-E985A79A384D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3426.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{41CF3399-9279-472C-BC0F-A2581F718FAC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3426.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EA12A41A-035B-4BCC-991F-BF5EA4A541FF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3426.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{59B915E5-2740-4BCC-B521-4B1DD08ACA06}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3426.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{212EDB56-99F0-462D-A6CE-0B75209067CA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{3AD4ECAE-1F9D-46C9-89E2-3BE6F84940CF}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\110.0.1587.57\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
22-02-2023 10:04:53 Scheduled Checkpoint
28-02-2023 22:24:25 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (03/01/2023 02:55:59 PM) (Source: chromoting) (EventID: 3) (User: )
Description: Prístup bol odmietnutý klientskemu programu: kroenen2g@gmail.com/chromoting_ftl_219d7d70-3574-45a3-b5ce-dec7014b6d77.
Error: (03/01/2023 02:55:45 PM) (Source: chromoting) (EventID: 3) (User: )
Description: Prístup bol odmietnutý klientskemu programu: kroenen2g@gmail.com/chromoting_ftl_87de5d8c-8fa7-487f-8e07-7e0ccfd68023.
Error: (02/15/2023 06:00:22 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (02/15/2023 06:00:22 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (02/15/2023 06:00:22 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (02/15/2023 06:00:22 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (02/15/2023 06:00:21 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (02/15/2023 06:00:21 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
System errors:
=============
Error: (03/01/2023 10:36:40 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x80073d02: 9NMPJ99VJBWV-Microsoft.YourPhone.
Error: (02/28/2023 10:53:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Vzdialená plocha Chrome sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 60000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
Error: (02/28/2023 10:53:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Wacom Professional Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (02/28/2023 10:53:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Luxriot EVO Server Watchdog sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (02/28/2023 10:53:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Slovak Canon IJ Scan Utility register event sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (02/28/2023 10:53:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SynTPEnh Caller Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (02/28/2023 10:53:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) HD Graphics Control Panel Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (02/28/2023 10:53:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel Bluetooth Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Windows Defender:
================
Date: 2023-03-01 00:02:31
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-02-28 00:02:31
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-02-27 00:02:30
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-02-26 00:02:29
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-02-25 00:02:28
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
CodeIntegrity:
===============
Date: 2023-02-16 00:17:05
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-02-15 18:01:51
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\uvhid.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2023-01-13 06:56:49
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-01-02 22:57:33
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume4\Program Files\Mozilla Firefox\mozavcodec.dll that did not meet the Microsoft signing level requirements.
Date: 2023-01-02 22:57:32
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume4\Program Files\Mozilla Firefox\mozavutil.dll that did not meet the Microsoft signing level requirements.
Date: 2022-11-18 23:24:31
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO 96CN27WW(V1.13) 09/09/2014
Motherboard: LENOVO INVALID
Processor: Intel(R) Core(TM) i3-4030U CPU @ 1.90GHz
Percentage of memory in use: 81%
Total physical RAM: 4016.96 MB
Available physical RAM: 729.99 MB
Total Virtual: 5885.4 MB
Available Virtual: 1795.95 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:174.44 GB) (Free:67.29 GB) (Model: WDC WD5000M22K-24Z1LT0-SSHD-16GB) NTFS
Drive d: () (Fixed) (Total:289.98 GB) (Free:46.47 GB) (Model: WDC WD5000M22K-24Z1LT0-SSHD-16GB) NTFS
\\?\Volume{c42e0060-dd36-4a0a-b90a-e93a14540c60}\ () (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{3033b16a-2a35-45a7-b950-de364193d5ce}\ () (Fixed) (Total:0.78 GB) (Free:0.29 GB) NTFS
\\?\Volume{b9545704-433d-4fc6-af0d-de40f2ded245}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 2B66F383)
Partition: GPT.
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 118241
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomaleny system
ADW nic nbenaše, nové logy nebyly třeba. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKU\S-1-5-21-622939137-141225199-2558093129-1000\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\66.0.3.0\GoogleDriveFS.exe --startup_mode (No File)
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\MountPoints2: {6e9aefb8-7ec3-11ec-b4c0-e8b1fc0cf016} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\MountPoints2: {73ab0995-2b20-11ed-b4d2-e8b1fc0cf016} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\MountPoints2: {ad1453e7-1fba-11eb-b491-e8b1fc0cf016} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\MountPoints2: {b9f1dc0e-3adc-11ea-b469-e8b1fc0cf016} - "E:\HiSuiteDownLoader.exe"
HKLM\...\Print\Monitors\sht13c Langmon: C:\WINDOWS\system32\sht13clm.dll [70424 2021-07-30] (联想图像(天津)科技有限公司 -> )
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {09E581F4-6353-48A2-ADA4-95FD2037EDF5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-11] (Google Inc -> Google Inc.)
Task: {36640D29-E85B-4262-B733-8EBD10BFDB75} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe (No File)
Task: {E8B245CC-08F2-4F0B-B70E-BC418A910793} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-11] (Google Inc -> Google Inc.)
Task: {F067FB99-1CA1-4579-B2B1-B5786FD61F15} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe -autostart (No File)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\DumpStack.log.tmp
C:\Users\Pedro\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> No File
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> No File
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll => No File
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Spomaleny system
Fix result of Farbar Recovery Scan Tool (x64) Version: 05-03-2023
Ran by Pedro (05-03-2023 20:16:36) Run:4
Running from C:\Users\Pedro\Desktop
Loaded Profiles: defaultuser0 & Pedro
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-622939137-141225199-2558093129-1000\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\66.0.3.0\GoogleDriveFS.exe --startup_mode (No File)
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\MountPoints2: {6e9aefb8-7ec3-11ec-b4c0-e8b1fc0cf016} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\MountPoints2: {73ab0995-2b20-11ed-b4d2-e8b1fc0cf016} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\MountPoints2: {ad1453e7-1fba-11eb-b491-e8b1fc0cf016} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\MountPoints2: {b9f1dc0e-3adc-11ea-b469-e8b1fc0cf016} - "E:\HiSuiteDownLoader.exe"
HKLM\...\Print\Monitors\sht13c Langmon: C:\WINDOWS\system32\sht13clm.dll [70424 2021-07-30] (联想图像(天津)科技有限公司 -> )
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {09E581F4-6353-48A2-ADA4-95FD2037EDF5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-11] (Google Inc -> Google Inc.)
Task: {36640D29-E85B-4262-B733-8EBD10BFDB75} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe (No File)
Task: {E8B245CC-08F2-4F0B-B70E-BC418A910793} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-11] (Google Inc -> Google Inc.)
Task: {F067FB99-1CA1-4579-B2B1-B5786FD61F15} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe -autostart (No File)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\DumpStack.log.tmp
C:\Users\Pedro\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> No File
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> No File
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll => No File
EmptyTemp:
End
*****************
Processes closed successfully.
"HKU\S-1-5-21-622939137-141225199-2558093129-1000\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleDriveFS" => removed successfully
HKU\S-1-5-21-622939137-141225199-2558093129-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6e9aefb8-7ec3-11ec-b4c0-e8b1fc0cf016} => removed successfully
HKU\S-1-5-21-622939137-141225199-2558093129-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{73ab0995-2b20-11ed-b4d2-e8b1fc0cf016} => removed successfully
HKU\S-1-5-21-622939137-141225199-2558093129-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ad1453e7-1fba-11eb-b491-e8b1fc0cf016} => removed successfully
HKU\S-1-5-21-622939137-141225199-2558093129-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b9f1dc0e-3adc-11ea-b469-e8b1fc0cf016} => removed successfully
HKLM\System\CurrentControlSet\Control\Print\Monitors\sht13c Langmon => removed successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{09E581F4-6353-48A2-ADA4-95FD2037EDF5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09E581F4-6353-48A2-ADA4-95FD2037EDF5}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{36640D29-E85B-4262-B733-8EBD10BFDB75}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{36640D29-E85B-4262-B733-8EBD10BFDB75}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Setup\EOSNotify => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\EOSNotify" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E8B245CC-08F2-4F0B-B70E-BC418A910793}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E8B245CC-08F2-4F0B-B70E-BC418A910793}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F067FB99-1CA1-4579-B2B1-B5786FD61F15}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F067FB99-1CA1-4579-B2B1-B5786FD61F15}" => removed successfully
C:\WINDOWS\System32\Tasks\DolbySelectorTask => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DolbySelectorTask" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
C:\Users\Pedro\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\IObitUnstaler => removed successfully
HKLM\Software\Classes\CLSID\{836AB26C-2DE4-41D3-AC24-4C6C2699B960} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\IObitUnstaler => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\IObitUnstaler => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814} => removed successfully
HKLM\Software\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814} => removed successfully
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 2359296 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 55032605 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 31977998 B
Edge => 29184 B
Chrome => 132628407 B
Firefox => 17750170 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 43946978 B
defaultuser0 => 43946978 B
Pedro => 52716892 B
RecycleBin => 9059748 B
EmptyTemp: => 371.4 MB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 05-03-2023 20:26:52)
C:\DumpStack.log.tmp => Could not move
==== End of Fixlog 20:26:52 ====
Ran by Pedro (05-03-2023 20:16:36) Run:4
Running from C:\Users\Pedro\Desktop
Loaded Profiles: defaultuser0 & Pedro
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-622939137-141225199-2558093129-1000\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\66.0.3.0\GoogleDriveFS.exe --startup_mode (No File)
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\MountPoints2: {6e9aefb8-7ec3-11ec-b4c0-e8b1fc0cf016} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\MountPoints2: {73ab0995-2b20-11ed-b4d2-e8b1fc0cf016} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\MountPoints2: {ad1453e7-1fba-11eb-b491-e8b1fc0cf016} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\MountPoints2: {b9f1dc0e-3adc-11ea-b469-e8b1fc0cf016} - "E:\HiSuiteDownLoader.exe"
HKLM\...\Print\Monitors\sht13c Langmon: C:\WINDOWS\system32\sht13clm.dll [70424 2021-07-30] (联想图像(天津)科技有限公司 -> )
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {09E581F4-6353-48A2-ADA4-95FD2037EDF5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-11] (Google Inc -> Google Inc.)
Task: {36640D29-E85B-4262-B733-8EBD10BFDB75} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe (No File)
Task: {E8B245CC-08F2-4F0B-B70E-BC418A910793} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-11] (Google Inc -> Google Inc.)
Task: {F067FB99-1CA1-4579-B2B1-B5786FD61F15} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe -autostart (No File)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\DumpStack.log.tmp
C:\Users\Pedro\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> No File
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> No File
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll => No File
EmptyTemp:
End
*****************
Processes closed successfully.
"HKU\S-1-5-21-622939137-141225199-2558093129-1000\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleDriveFS" => removed successfully
HKU\S-1-5-21-622939137-141225199-2558093129-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6e9aefb8-7ec3-11ec-b4c0-e8b1fc0cf016} => removed successfully
HKU\S-1-5-21-622939137-141225199-2558093129-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{73ab0995-2b20-11ed-b4d2-e8b1fc0cf016} => removed successfully
HKU\S-1-5-21-622939137-141225199-2558093129-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ad1453e7-1fba-11eb-b491-e8b1fc0cf016} => removed successfully
HKU\S-1-5-21-622939137-141225199-2558093129-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b9f1dc0e-3adc-11ea-b469-e8b1fc0cf016} => removed successfully
HKLM\System\CurrentControlSet\Control\Print\Monitors\sht13c Langmon => removed successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{09E581F4-6353-48A2-ADA4-95FD2037EDF5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09E581F4-6353-48A2-ADA4-95FD2037EDF5}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{36640D29-E85B-4262-B733-8EBD10BFDB75}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{36640D29-E85B-4262-B733-8EBD10BFDB75}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Setup\EOSNotify => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\EOSNotify" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E8B245CC-08F2-4F0B-B70E-BC418A910793}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E8B245CC-08F2-4F0B-B70E-BC418A910793}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F067FB99-1CA1-4579-B2B1-B5786FD61F15}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F067FB99-1CA1-4579-B2B1-B5786FD61F15}" => removed successfully
C:\WINDOWS\System32\Tasks\DolbySelectorTask => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DolbySelectorTask" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
C:\Users\Pedro\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\IObitUnstaler => removed successfully
HKLM\Software\Classes\CLSID\{836AB26C-2DE4-41D3-AC24-4C6C2699B960} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\IObitUnstaler => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\IObitUnstaler => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814} => removed successfully
HKLM\Software\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814} => removed successfully
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 2359296 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 55032605 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 31977998 B
Edge => 29184 B
Chrome => 132628407 B
Firefox => 17750170 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 43946978 B
defaultuser0 => 43946978 B
Pedro => 52716892 B
RecycleBin => 9059748 B
EmptyTemp: => 371.4 MB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 05-03-2023 20:26:52)
C:\DumpStack.log.tmp => Could not move
==== End of Fixlog 20:26:52 ====
-
Rudy
- Site Admin
- Příspěvky: 118241
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomaleny system
Snazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Spomaleny system
Celkom fajn, asi vybaveno 
Ďakujem
Ďakujem
-
Rudy
- Site Admin
- Příspěvky: 118241
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomaleny system
Nemáte zač! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?