Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu Defender hlásí Trojan:HTML/Pish!pz

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
plk
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 17 úno 2010 20:18

Prosím o kontrolu Defender hlásí Trojan:HTML/Pish!pz

#1 Příspěvek od plk »

Dobrý den, prosím o kontrolu Defender mi hlásí Trojan:HTML/Pish!pz, už dvakrát, ale v daném umístění nikdy nic nenajdu ani v nouzovém režimu.
Přikládám log z FRST64 a předem děkuji.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27.01.2024 01
Ran by lukas (administrator) on DESKTOP-1QVPE6T (Hewlett-Packard HP ProBook 470 G2) (29-01-2024 10:28:42)
Running from D:\OneDrive\Plocha\FRST64.exe
Loaded Profiles: lukas
Platform: Microsoft Windows 10 Pro Version 22H2 19045.3930 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe
(C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPUF.exe
(C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessServiceHost.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) C:\ProgramData\Autodesk\ADPSDK\bin\ADPClientService.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(DriverStore\FileRepository\c0382934.inf_amd64_2ed1b7932d1f78d4\B381983\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0382934.inf_amd64_2ed1b7932d1f78d4\B381983\atieclxx.exe
(explorer.exe ->) (Intel(R) Smart Connect software -> Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(explorer.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2311.21001.0_x64__8wekyb3d8bbwe\MicrosoftSecurityApp\MicrosoftSecurityApp.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileCoAuth.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <15>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0382934.inf_amd64_2ed1b7932d1f78d4\B381983\atiesrxx.exe
(services.exe ->) (Allplan GmbH -> ALLPLAN GmbH) C:\Program Files\Allplan\AllplanUpdateLauncher 2019\AllplanUpdateLauncher.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessServiceHost.exe
(services.exe ->) (Autodesk, Inc.) [File not signed] C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(services.exe ->) (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel(R) Smart Connect software -> ) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\fpCSEvtSvc.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(services.exe ->) (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(services.exe ->) (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe
(spoolsv.exe ->) (CANON INC. -> CANON INC.) C:\Windows\System32\CNAB4RPD.EXE
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2401.4.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2311.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8811776 2016-05-12] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtsCM] => C:\Windows\RTSCM64.EXE [225248 2017-10-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-09-27] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [Autodesk Access] => C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessCore.exe [20678944 2024-01-10] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [750680 2023-12-19] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1435680546-1721906594-1447614293-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2595344 2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1435680546-1721906594-1447614293-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2189592 2023-11-18] (Wargaming Group Limited -> Wargaming.net)
HKU\S-1-5-21-1435680546-1721906594-1447614293-1001\...\Run: [EPSDNMON] => "C:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNMON.EXE" (No File)
HKU\S-1-5-21-1435680546-1721906594-1447614293-1001\...\Run: [MicrosoftEdgeAutoLaunch_4673EA686870A11B2CD74C228BB15D2C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3788224 2024-01-25] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1435680546-1721906594-1447614293-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc -> Autodesk, Inc.)
HKU\S-1-5-21-1435680546-1721906594-1447614293-1001\...\Run: [DVDFab VDrive] => C:\Program Files\DVDFab\ExplorerFab\vdrive.exe [15596360 2023-06-05] (DVDFab Software Inc. -> DVDFab Software Inc.)
HKU\S-1-5-21-1435680546-1721906594-1447614293-1001\...\Run: [3cca1bb530f30c1edd994819dca34c2c] => C:\Program Files\DVDFab\ExplorerFab\liveUpdate.exe [7369032 2023-06-05] (DVDFab Software Inc. -> )
HKU\S-1-5-21-1435680546-1721906594-1447614293-1001\...\Policies\Explorer: []
HKU\S-1-5-21-1435680546-1721906594-1447614293-1001\...\MountPoints2: {0bff3993-940b-11ee-96c9-9cad974fad61} - "F:\RunGame.exe"
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc -> Autodesk, Inc.)
HKLM\...\Windows x64\Print Processors\Canon MP280 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAA.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\XRXS1PC: C:\Windows\System32\spool\prtprocs\x64\xrxs1pc.dll [33792 2010-02-16] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Server 2003 DDK provider)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP280 series: C:\Windows\system32\CNMLMAA.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\CNAB4 Monitor: C:\Windows\system32\CNAB4LMD.DLL [58880 2012-10-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [196096 2023-08-09] (pdfforge GmbH) [File not signed]
HKLM\...\Print\Monitors\XRXS1 Langmon: C:\Windows\system32\xrxs1l6.dll [34304 2012-11-09] (Microsoft Windows Hardware Compatibility Publisher -> )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Canon LBP2900 Status Window.lnk [2023-06-29]
ShortcutTarget: Canon LBP2900 Status Window.lnk -> C:\Windows\System32\spool\drivers\x64\3\CNAB4LAD.EXE (CANON INC. -> CANON INC.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2023-07-17]
ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk [2023-06-29]
ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel(R) Smart Connect software -> Intel Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {6A894FEA-7E54-43FA-A372-98BFC89D1D39} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1708512 2022-08-02] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {A39CD29E-9461-4DBE-8F4F-39EA74DAD4F8} - System32\Tasks\AutoUpdate Allplan 2019 => C:\Program Files\Allplan\Allplan 2019\Prg\NemDownloadHandler.exe [40840 2018-10-01] (Allplan GmbH -> ALLPLAN GmbH) -> /f "C:\Data\Allplan\Allplan 2019\Std\AllplanUpdate.inf"
Task: {5E28A321-9185-4A61-BA62-59A2EF1F1E9B} - System32\Tasks\Meta\Messenger-WSP-Helper-S-1-5-21-1435680546-1721906594-1447614293-1001 => C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_2030.8.396.0_x64__8xx8rvfyw5nnt\app\MessengerHelper.exe [2250488 2024-01-22] (6E08453F-9BA7-4311-999C-D22FBA2FB1B8 -> Meta Platforms, Inc.)
Task: {3D01096B-2DA9-49E9-BCA3-789A300B278A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28425192 2024-01-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {0202591F-B548-42DB-B43B-5B105C0B1C9F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28425192 2024-01-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {8AE226D9-75FA-4A74-8565-F2D55D30D98E} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305744 2024-01-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {39872FEB-8085-48E4-8284-3E77E2708F09} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305744 2024-01-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {63984297-B778-4D0D-9E2C-7E75EBCD4D11} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170048 2024-01-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {C281D2FD-DA63-43F2-A3A9-C9113E8D8814} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {32411D57-C7DB-4634-A5D7-94AE42464AB2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {58AED180-F99C-43A8-8836-858B743D3CE9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {49C383DC-EC76-4042-A451-8A598868DF5B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4C9DD6B3-3012-4875-92DC-24374F861601} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1708512 2022-08-02] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {289E1E8D-4E25-495B-B5EF-CD896E54FD21} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34720 2024-01-25] (Mozilla Corporation -> Mozilla Foundation)
Task: {9657DB78-3541-4647-92EF-A1052B2FD1B3} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130736 2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {D2396169-06D0-4277-9848-41826F1341B7} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1435680546-1721906594-1447614293-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130736 2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {3C23A385-14F3-4F3F-B57E-281381FB8633} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [57312 2022-08-02] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {96A3E24C-AB8F-4F4B-BCF2-6A62979F1935} - System32\Tasks\StartCNBM => C:\Program Files\AMD\CNext\CNext\cncmd.exe [57312 2022-08-02] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {96B2DCF7-539F-41B3-AC39-09EB335F6E5A} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [263136 2022-08-02] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.31.1
Tcpip\..\Interfaces\{5bbdfd95-5892-444a-b9fb-f74633a8c77b}: [DhcpNameServer] 192.168.31.1
Tcpip\..\Interfaces\{5bbdfd95-5892-444a-b9fb-f74633a8c77b}\34344565: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5bbdfd95-5892-444a-b9fb-f74633a8c77b}\35452533335707F523E243: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{78426d2f-a9dc-4bde-9b6a-40fe0d470c2b}: [DhcpNameServer] 192.168.31.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\lukas\AppData\Local\Microsoft\Edge\User Data\Default [2024-01-29]
Edge StartupUrls: Default -> "hxxp://seznam.cz/"
Edge Extension: (Dokumenty Google offline) - C:\Users\lukas\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-25]
Edge Extension: (Edge relevant text changes) - C:\Users\lukas\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-25]

FireFox:
========
FF DefaultProfile: 2rud96ev.default
FF ProfilePath: C:\Users\lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2rud96ev.default [2023-08-09]
FF ProfilePath: C:\Users\lukas\AppData\Roaming\Mozilla\Firefox\Profiles\niv94x9u.default-release [2024-01-29]
FF Homepage: Mozilla\Firefox\Profiles\niv94x9u.default-release -> www.google.com
FF Session Restore: Mozilla\Firefox\Profiles\niv94x9u.default-release -> is enabled.
FF Extension: (AdBlocker Ultimate) - C:\Users\lukas\AppData\Roaming\Mozilla\Firefox\Profiles\niv94x9u.default-release\Extensions\adblockultimate@adblockultimate.net.xpi [2023-11-29]
FF Extension: (Česká kontrola pravopisu (bez diakritiky)) - C:\Users\lukas\AppData\Roaming\Mozilla\Firefox\Profiles\niv94x9u.default-release\Extensions\cs2@dictionaries.addons.mozilla.org.xpi [2023-09-05]
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\lukas\AppData\Roaming\Mozilla\Firefox\Profiles\niv94x9u.default-release\Extensions\cs@dictionaries.addons.mozilla.org.xpi [2023-09-05]
FF Extension: (Easy Screenshot) - C:\Users\lukas\AppData\Roaming\Mozilla\Firefox\Profiles\niv94x9u.default-release\Extensions\easyscreenshot@mozillaonline.com.xpi [2023-06-29]
FF Extension: (Language: Čeština (Czech)) - C:\Users\lukas\AppData\Roaming\Mozilla\Firefox\Profiles\niv94x9u.default-release\Extensions\langpack-cs@firefox.mozilla.org.xpi [2024-01-26]
FF Extension: (Undo Close Tab Button) - C:\Users\lukas\AppData\Roaming\Mozilla\Firefox\Profiles\niv94x9u.default-release\Extensions\undo-close-tab-buttons-single@codefisher.org.xpi [2023-06-29]
FF Extension: (Search on Google Lens) - C:\Users\lukas\AppData\Roaming\Mozilla\Firefox\Profiles\niv94x9u.default-release\Extensions\{56b8308e-566b-4dc0-9957-f6341ceb8552}.xpi [2023-12-03]
FF Extension: (ImTranslator: Překladač, Slovník, Hlas) - C:\Users\lukas\AppData\Roaming\Mozilla\Firefox\Profiles\niv94x9u.default-release\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2024-01-02]
FF Extension: (Hlídač Shopů) - C:\Users\lukas\AppData\Roaming\Mozilla\Firefox\Profiles\niv94x9u.default-release\Extensions\{d6f0f975-91a3-4d78-96f7-5f1859ad18b6}.xpi [2023-11-15]
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\PDF-Xchange\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.401.2 -> C:\Program Files\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-12-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.401.2 -> C:\Program Files\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-12-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-12-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\PDF-Xchange\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\PDF-Xchange\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-12-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\PDF-Xchange\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: Web Components -> C:\Program Files (x86)\Web Components\npWebVideoPlugin.dll [2018-12-26] (HANGZHOU HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> )
FF Plugin HKU\S-1-5-21-1435680546-1721906594-1447614293-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\PDF-Xchange\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AllplanUpdateLauncher 2019; C:\Program Files\Allplan\AllplanUpdateLauncher 2019\AllplanUpdateLauncher.exe [15752 2018-10-01] (Allplan GmbH -> ALLPLAN GmbH)
R2 AUEPLauncher; C:\Program Files\AMD\CIM\..\Performance Profile Client\AUEPLauncher.exe [55264 ] (Advanced Micro Devices Inc. -> AMD)
R2 Autodesk Access Service Host; C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessServiceHost.exe [11630368 2023-12-12] (Autodesk, Inc. -> Autodesk, Inc.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13777080 2024-01-05] (Microsoft Corporation -> Microsoft Corporation)
R2 CmWebAdmin.exe; C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe [9206680 2018-05-11] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [206304 2022-06-28] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncHelper.exe [3514384 2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
R2 fpCsEvtSvc; C:\Windows\System32\fpCSEvtSvc.exe [22424 2019-05-05] (Microsoft Windows Hardware Compatibility Publisher -> )
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-09-06] (Intel(R) Smart Connect software -> )
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.246.1127.0002\OneDriveUpdaterService.exe [3851280 2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534472 2023-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 valWBFPolicyService; C:\Windows\System32\valWBFPolicyService.exe [91032 2019-05-05] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AMDSAFD; C:\Windows\System32\DriverStore\FileRepository\amdsafd.inf_amd64_8e2568524f674315\amdsafd.sys [100768 2021-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 AMDXE; C:\Windows\System32\drivers\amdxe.sys [63096 2022-02-22] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 dvdfabio; C:\Windows\system32\drivers\dvdfabio.sys [12704 2023-06-05] (Fengtao Software Inc. -> DVDFab Software)
R3 vdrive; C:\Windows\system32\DRIVERS\vdrive.sys [44960 2023-06-05] (Fengtao Software Inc. -> DVDFab Software)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [55856 2023-12-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [594304 2023-12-08] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-08] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP)
S3 amdkmdap; \SystemRoot\System32\DriverStore\FileRepository\c0333148.inf_amd64_6714569004b0131a\B333163\atikmpag.sys [X]
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-01-29 10:28 - 2024-01-29 10:29 - 000000000 ____D C:\FRST
2024-01-29 10:25 - 2024-01-29 10:25 - 000000004 ____H C:\ProgramData\cm-lock
2024-01-29 10:01 - 2024-01-29 10:21 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2024-01-29 09:56 - 2024-01-29 10:17 - 000000000 ____D C:\Windows\pss
2024-01-26 11:00 - 2024-01-26 11:27 - 000000000 ____D C:\Users\lukas\AppData\Roaming\Microsoft\Teams
2024-01-26 11:00 - 2024-01-26 11:01 - 000000000 ____D C:\Users\lukas\AppData\Local\SquirrelTemp
2024-01-25 20:19 - 2024-01-25 20:19 - 000000000 ____D C:\Users\lukas\AppData\Roaming\Sun
2024-01-25 20:19 - 2024-01-25 20:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2024-01-25 20:19 - 2023-12-19 13:01 - 000200320 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2024-01-25 20:18 - 2024-01-25 20:18 - 000000000 ____D C:\Program Files\Java
2024-01-25 19:38 - 2024-01-25 19:38 - 000000000 ____D C:\Users\lukas\AppData\Roaming\IsolatedStorage
2024-01-25 19:38 - 2024-01-25 19:38 - 000000000 ____D C:\Users\lukas\AppData\Local\Solvusoft_Corporation
2024-01-25 19:38 - 2024-01-25 19:38 - 000000000 ____D C:\ProgramData\IsolatedStorage
2024-01-25 18:57 - 2024-01-29 09:55 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-01-16 07:13 - 2024-01-16 07:13 - 002881824 _____ (Autodesk, Inc.) C:\Windows\system32\styleman.cpl
2024-01-16 07:13 - 2024-01-16 07:13 - 002881824 _____ (Autodesk, Inc.) C:\Windows\system32\plotman.cpl
2024-01-16 07:13 - 2024-01-16 07:13 - 000001219 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DWG TrueView 2024 - English.lnk
2024-01-16 07:02 - 2024-01-16 07:12 - 000000000 ____D C:\Autodesk
2024-01-16 07:02 - 2024-01-16 07:03 - 000000000 ____D C:\Users\lukas\Downloads\Autodesk
2024-01-15 22:10 - 2024-01-15 22:14 - 000000000 ____D C:\Users\lukas\AppData\Local\GoPro
2024-01-15 22:10 - 2024-01-15 22:10 - 000000000 ____D C:\Users\lukas\.QtWebEngineProcess
2024-01-15 22:10 - 2024-01-15 22:10 - 000000000 ____D C:\Users\lukas\.GoPro
2024-01-11 18:27 - 2024-01-11 18:27 - 001013358 _____ C:\Users\lukas\Downloads\Situační výkres ČEZd - 0102064654.pdf
2024-01-11 18:26 - 2024-01-11 18:26 - 000371310 _____ C:\Users\lukas\Downloads\Situační výkres ICT - 0700791196.pdf
2024-01-11 18:26 - 2024-01-11 18:26 - 000110680 _____ C:\Users\lukas\Downloads\Sdělení ICT - 0700791196.pdf
2024-01-11 18:26 - 2024-01-11 18:26 - 000110634 _____ C:\Users\lukas\Downloads\Sdělení TELIN - 1100065405.pdf
2024-01-11 18:25 - 2024-01-11 18:25 - 000371466 _____ C:\Users\lukas\Downloads\Situační výkres TELIN - 1100065405.pdf
2024-01-11 14:05 - 2024-01-11 14:05 - 000685184 _____ C:\Users\lukas\Downloads\zakon-c-183-2006-sb-o-uzemnim-planovani-a-stavebnim-radu-stavebni-zakon.pdf
2024-01-11 14:04 - 2024-01-11 14:04 - 002279724 _____ C:\Users\lukas\Downloads\Zákon č. 134-2016 Sb., o zadávání veřejných zakázek.pdf
2024-01-11 14:03 - 2024-01-11 14:03 - 001350270 _____ C:\Users\lukas\Downloads\sb0051-2016-134-2016.pdf
2024-01-11 13:03 - 2024-01-11 13:03 - 000052913 _____ C:\Users\lukas\Downloads\D11-01 - technická zpráva.pdf
2024-01-11 13:02 - 2024-01-11 13:02 - 000097066 _____ C:\Users\lukas\Downloads\D.1.2.01.pdf
2024-01-11 13:01 - 2024-01-11 13:01 - 000338051 _____ C:\Users\lukas\Downloads\D.1.1.a TZ.pdf
2024-01-11 13:00 - 2024-01-11 13:00 - 000144277 _____ C:\Users\lukas\Downloads\D11 TECHNICKÁ ZPRÁVA OAKAD.pdf
2024-01-11 13:00 - 2024-01-11 13:00 - 000064260 _____ C:\Users\lukas\Downloads\D35_ST_M_01_TZ_SO_442.pdf
2024-01-11 09:35 - 2024-01-11 09:35 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-01-10 14:12 - 2024-01-10 14:12 - 000000000 ___HD C:\$WinREAgent
2024-01-10 14:02 - 2024-01-10 14:02 - 002549267 _____ C:\Users\lukas\Downloads\1694682284_2023-09_ModF-HOUSEnerg-NZÚ-RD_Standardní-výzva.pdf
2024-01-08 11:14 - 2024-01-08 11:14 - 000351015 _____ C:\Users\lukas\Downloads\0640_16_04_OTO_smlouva_registr.pdf.pdf
2024-01-08 10:24 - 2024-01-08 10:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CZ.NIC
2024-01-08 10:24 - 2024-01-08 10:24 - 000000000 ____D C:\Program Files\CZ.NIC
2024-01-06 18:54 - 2024-01-06 18:54 - 000322436 _____ C:\Users\lukas\Downloads\ing10271._pavlik_ok10271.pdf
2024-01-04 08:06 - 2024-01-04 08:32 - 000000000 ____D C:\Users\lukas\AppData\Roaming\BSplayer
2024-01-04 08:06 - 2024-01-04 08:06 - 000001214 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BS.Player FREE.lnk
2024-01-04 08:06 - 2024-01-04 08:06 - 000000000 ____D C:\Users\lukas\AppData\Roaming\BSplayer Pro
2024-01-04 08:06 - 2024-01-04 08:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BS.Player
2024-01-04 08:06 - 2024-01-04 08:06 - 000000000 ____D C:\Program Files (x86)\Webteh
2024-01-04 08:01 - 2024-01-04 08:06 - 000000000 ____D C:\Program Files (x86)\BSPlayer

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-01-29 10:29 - 2023-06-29 08:07 - 001697562 _____ C:\Windows\system32\PerfStringBackup.INI
2024-01-29 10:29 - 2019-12-07 15:43 - 000719300 _____ C:\Windows\system32\perfh005.dat
2024-01-29 10:29 - 2019-12-07 15:43 - 000145940 _____ C:\Windows\system32\perfc005.dat
2024-01-29 10:29 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2024-01-29 10:26 - 2023-06-29 08:48 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-01-29 10:25 - 2023-07-21 07:17 - 000000068 __RSH C:\Windows\system32\Drivers\wof.winsecurity
2024-01-29 10:25 - 2023-07-21 07:17 - 000000068 __RSH C:\Windows\system32\Drivers\wimmount.winsecurity
2024-01-29 10:25 - 2023-07-19 19:32 - 000003126 _____ C:\Windows\system32\Tasks\AMDInstallLauncher
2024-01-29 10:25 - 2023-07-17 16:24 - 000000068 __RSH C:\Windows\system32\Drivers\xboxgip.winsecurity
2024-01-29 10:25 - 2023-07-17 16:24 - 000000068 __RSH C:\Windows\system32\Drivers\wmilib.winsecurity
2024-01-29 10:25 - 2023-06-29 11:25 - 000000000 ____D C:\ProgramData\Synaptics
2024-01-29 10:25 - 2023-06-29 08:30 - 000000000 __SHD C:\Users\lukas\IntelGraphicsProfiles
2024-01-29 10:25 - 2023-06-29 08:15 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2024-01-29 10:25 - 2023-06-29 08:01 - 000008192 ___SH C:\DumpStack.log.tmp
2024-01-29 10:25 - 2023-06-29 08:01 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-01-29 10:25 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-01-29 10:24 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2024-01-29 10:07 - 2023-06-29 08:30 - 000000000 ____D C:\Users\lukas\AppData\Local\D3DSCache
2024-01-29 10:04 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-01-29 10:04 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2024-01-29 10:01 - 2023-06-29 08:01 - 000556584 _____ C:\Windows\system32\FNTCACHE.DAT
2024-01-29 09:55 - 2023-06-29 08:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-01-29 09:53 - 2023-08-09 12:57 - 000000132 _____ C:\Users\lukas\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2024-01-29 09:20 - 2023-06-29 08:48 - 000000000 ____D C:\Users\lukas\AppData\Roaming\Mozilla
2024-01-29 09:17 - 2023-06-29 08:01 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-01-28 14:07 - 2023-06-29 11:01 - 000000000 ____D C:\Users\lukas\AppData\Roaming\Thunderbird
2024-01-28 10:39 - 2023-06-29 08:01 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-01-28 10:36 - 2023-05-05 13:28 - 000000000 ____D C:\Windows\SystemTemp
2024-01-27 21:37 - 2023-07-21 06:37 - 000000000 ____D C:\Windows\Minidump
2024-01-27 21:37 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\LiveKernelReports
2024-01-26 16:11 - 2023-06-29 09:15 - 000000000 ____D C:\Users\lukas\AppData\Roaming\Microsoft\Excel
2024-01-26 14:34 - 2023-06-29 09:05 - 000000000 ____D C:\Users\lukas\AppData\Roaming\Microsoft\Word
2024-01-26 10:59 - 2023-06-29 08:48 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-01-17 17:55 - 2023-07-26 18:35 - 000000000 ____D C:\ProgramData\boost_interprocess
2024-01-16 18:27 - 2023-06-29 10:57 - 000000000 ____D C:\Users\lukas\AppData\Local\CrashDumps
2024-01-16 15:10 - 2023-07-21 09:31 - 000000000 ____D C:\Users\lukas\AppData\Roaming\.dsgui
2024-01-16 15:09 - 2023-07-17 12:01 - 000000000 ____D C:\Users\lukas\AppData\Local\cache
2024-01-16 07:14 - 2023-07-26 18:33 - 000000000 ____D C:\Users\lukas\AppData\Roaming\UI Launcher
2024-01-16 07:12 - 2023-07-26 18:36 - 000000000 ____D C:\Program Files\Common Files\Autodesk Shared
2024-01-16 07:12 - 2023-07-26 18:34 - 000000000 ____D C:\Program Files\Autodesk
2024-01-16 07:12 - 2023-07-26 18:31 - 000000000 ____D C:\ProgramData\Autodesk
2024-01-16 07:12 - 2023-07-26 18:20 - 000000000 ____D C:\Users\lukas\AppData\Roaming\Autodesk
2024-01-16 07:12 - 2023-07-26 18:20 - 000000000 ____D C:\Users\lukas\AppData\Local\Autodesk
2024-01-16 07:12 - 2023-06-29 10:27 - 000000000 ____D C:\ProgramData\Package Cache
2024-01-16 07:10 - 2023-07-26 18:35 - 000000000 ____D C:\Program Files\dotnet
2024-01-15 22:10 - 2023-06-29 08:28 - 000000000 ____D C:\Users\lukas
2024-01-15 18:09 - 2023-07-17 12:12 - 000000000 ____D C:\Users\lukas\AppData\Roaming\vlc
2024-01-15 16:30 - 2023-07-07 21:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2024-01-15 16:30 - 2023-07-07 21:58 - 000000000 ____D C:\Program Files (x86)\Blackmagic Design
2024-01-15 16:17 - 2023-07-18 17:22 - 000000000 ____D C:\Users\lukas\AppData\Roaming\VEGAS
2024-01-15 15:50 - 2023-07-19 19:02 - 000000000 ____D C:\Users\lukas\AppData\Local\AMD_Common
2024-01-15 14:53 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2024-01-15 14:52 - 2019-12-07 15:45 - 000000000 ____D C:\Windows\OCR
2024-01-15 14:50 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2024-01-15 14:50 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-01-15 14:50 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2024-01-15 14:50 - 2019-12-07 15:43 - 000000000 ____D C:\Windows\SysWOW64\winrm
2024-01-15 14:50 - 2019-12-07 15:43 - 000000000 ____D C:\Windows\SysWOW64\WCN
2024-01-15 14:50 - 2019-12-07 15:43 - 000000000 ____D C:\Windows\SysWOW64\slmgr
2024-01-15 14:50 - 2019-12-07 15:43 - 000000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2024-01-15 14:50 - 2019-12-07 15:43 - 000000000 ____D C:\Windows\system32\winrm
2024-01-15 14:50 - 2019-12-07 15:43 - 000000000 ____D C:\Windows\system32\WCN
2024-01-15 14:50 - 2019-12-07 15:43 - 000000000 ____D C:\Windows\system32\slmgr
2024-01-15 14:50 - 2019-12-07 15:43 - 000000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2024-01-15 14:50 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\SysWOW64\F12
2024-01-15 14:50 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2024-01-15 14:50 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\F12
2024-01-15 14:50 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2024-01-15 14:50 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-01-15 14:50 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2024-01-15 14:50 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2024-01-15 14:50 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2024-01-15 14:50 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2024-01-15 14:50 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2024-01-15 14:50 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\servicing
2024-01-15 14:48 - 2023-06-29 08:34 - 000000000 ____D C:\Users\lukas\AppData\Roaming\Microsoft\Spelling
2024-01-15 14:47 - 2023-06-29 08:30 - 000000000 ____D C:\Users\lukas\AppData\Local\Packages
2024-01-15 14:46 - 2023-06-29 08:32 - 000000000 ____D C:\Users\lukas\AppData\Local\PlaceholderTileLogoFolder
2024-01-14 20:46 - 2023-07-20 20:45 - 000001391 _____ C:\Users\lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2024-01-12 08:28 - 2023-06-29 10:33 - 000918944 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2024-01-11 09:49 - 2023-07-07 19:25 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-01-11 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2024-01-11 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2024-01-11 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2024-01-11 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellExperiences
2024-01-11 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2024-01-11 09:34 - 2023-06-29 08:44 - 000000000 ____D C:\Program Files\Microsoft Office
2024-01-10 11:38 - 2023-06-29 10:58 - 000000000 ____D C:\Windows\system32\MRT
2024-01-10 11:34 - 2023-06-29 10:58 - 189718008 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-01-08 10:24 - 2023-07-21 07:18 - 000000000 ____D C:\Program Files\Datovka
2024-01-08 07:35 - 2023-07-07 19:40 - 000000000 ____D C:\Users\lukas\AppData\Roaming\PrusaSlicer
2024-01-05 14:22 - 2023-06-29 08:53 - 000000000 ____D C:\Users\lukas\AppData\Roaming\Microsoft\Office

==================== Files in the root of some directories ========

2023-08-09 12:57 - 2024-01-29 09:53 - 000000132 _____ () C:\Users\lukas\AppData\Roaming\Adobe Formát PNG CS5 – předvolby

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27.01.2024 01
Ran by lukas (29-01-2024 10:30:42)
Running from D:\OneDrive\Plocha
Microsoft Windows 10 Pro Version 22H2 19045.3930 (X64) (2023-06-29 07:04:00)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1435680546-1721906594-1447614293-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1435680546-1721906594-1447614293-503 - Limited - Disabled)
Guest (S-1-5-21-1435680546-1721906594-1447614293-501 - Limited - Disabled)
lukas (S-1-5-21-1435680546-1721906594-1447614293-1001 - Administrator - Enabled) => C:\Users\lukas
WDAGUtilityAccount (S-1-5-21-1435680546-1721906594-1447614293-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Allplan 2019 (HKLM-x32\...\{7EDCDF32-64F2-44FF-A48D-DD51A0978D9C}) (Version: 2019.0 - Allplan GmbH)
AMD Accelerated Video Transcoding (HKLM\...\{DF3B96FD-408F-C2D0-A3D9-B995765E8980}) (Version: 13.30.100.40406 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{5E40C3AD-A3D5-B349-1B9F-EBAC0F9EE510}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 22.6.1 - Advanced Micro Devices, Inc.)
AutoCAD 2014 – Čeština (Czech) (HKLM\...\{5783F2D7-D001-0000-0102-0060B0CE6BBA}) (Version: 19.1.18.0 - Autodesk) Hidden
Autodesk 360 (HKLM\...\{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}) (Version: 4.0.27.1 - Autodesk)
Autodesk App Manager 2016 (HKLM-x32\...\{4ECF9E00-2978-46AF-BD80-455EFEAB7A93}) (Version: 2.0.0 - Autodesk)
Autodesk AutoCAD 2014 – Čeština (Czech) (HKLM\...\AutoCAD 2014 – Čeština (Czech)) (Version: 19.1.18.0 - Autodesk)
Autodesk CAD Manager Tools (HKLM\...\{5783F2D7-0111-0409-0110-0060B0CE6BBA}) (Version: 16.0.0.65 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk)
Autodesk Content Service Language Pack (HKLM-x32\...\{62F029AB-85F2-0001-866A-9FC0DD99DDBC}) (Version: 3.1.3.0 - Autodesk) Hidden
Autodesk DWG TrueView 2023 - English (HKLM\...\{530BA89C-90A7-30BF-A36E-DFD00B7311E7}) (Version: 24.2.153.0 - Autodesk, Inc.)
Autodesk DWG TrueView 2024 - English (HKLM\...\{86F23C4C-1B4F-32E9-BF1C-0ABF7F9E97A5}) (Version: 24.3.119.0 - Autodesk, Inc.)
Autodesk Identity Manager (HKLM\...\Autodesk Identity Manager) (Version: 1.10.4.0 - Autodesk)
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk)
Blackmagic RAW Common Components (HKLM\...\{BF73F11D-8A70-438B-A357-38E1F1A62164}) (Version: 2.8 - Blackmagic Design)
Branding64 (HKLM\...\{0DB6E0DC-607A-42C1-A3CE-7567A9F85AF4}) (Version: 1.00.0008 - Advanced Micro Devices, Inc.) Hidden
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.78.1094 - AB Team, d.o.o.)
Canon LBP2900 (HKLM\...\Canon LBP2900) (Version: - )
Canon MP280 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series) (Version: - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Catalyst Control Center - Branding (HKLM-x32\...\{1864A681-59BE-47D6-B426-B394375D185C}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
CodeMeter Runtime Kit v6.60b (HKLM\...\{E772892F-DA96-45BB-9463-BEAAA337F806}) (Version: 6.60.2884.502 - WIBU-SYSTEMS AG)
Datovka (HKLM-x32\...\Datovka) (Version: 4.23.3 - CZ.NIC, z. s. p. o.)
eObčanka (HKLM\...\{ED161D20-FDCF-4C7C-A84E-45B7E05B9BC1}) (Version: 3.3.1.22411 - MONET+, a.s. pro Ministerstvo vnitra České republiky)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
ExplorerFab (x64) (06/05/2023) (HKLM-x32\...\ExplorerFab (x64)) (Version: 3.0.1.9 - DVDFab Software Inc.)
Fairlight Audio Accelerator Utility (HKLM\...\FairlightAudioAccelerator_is1) (Version: 1.0.13 - Blackmagic Design)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
FastStone Image Viewer 7.8 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.8 - FastStone Corporation)
General Runtime Files for Allplan 2019-0-0 (HKLM-x32\...\{D2833F45-BBE0-9C1A-49C2-E06FAB2F55E0}) (Version: 1.13.0.0 - ALLPLAN Deutschland GmbH) Hidden
General Runtime Files for Allplan 2019-0-0 x64 (HKLM\...\{E8DB7087-150D-D1FD-B715-CF262F2040B2}) (Version: 1.9.0.0 - ALLPLAN Deutschland GmbH) Hidden
GO Contact Sync Mod (HKLM-x32\...\{C3FCBE40-773A-4A92-A997-EA41CD5AEE4C}) (Version: 4.1.33 - WebGear Ltd, New Zealand + Create Software + Stru.be + saller.NET + Big-R + obelix30)
HP 3D DriveGuard (HKLM-x32\...\{13133E99-B0D5-4143-B832-AAD55C62A41C}) (Version: 6.0.19.1 - Hewlett-Packard Company)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{AA67D612-0BE5-44D6-9A91-592958F754A1}) (Version: 13.0.198 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5126 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.6.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{6879B3DC-9DEF-4D60-BFF0-C96F2588685D}) (Version: 12.8.6.1000 - Intel Corporation) Hidden
Intel(R) Smart Connect Technology (HKLM\...\{15F82737-E833-418C-B364-BC87AD19B3B8}) (Version: 4.2.41.2499 - Intel Corporation)
Java 8 Update 401 (64-bit) (HKLM\...\{71024AE4-039E-4CA4-87B4-2F64180401F0}) (Version: 8.0.4010.10 - Oracle Corporation)
Microsoft .NET Core Host - 3.1.10 (x64) (HKLM\...\{52B42932-15C1-45D4-8904-FC3117EEE69B}) (Version: 24.104.29419 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.10 (x64) (HKLM\...\{752B4412-A129-4CB2-AD96-B6D97EAD3090}) (Version: 24.104.29419 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.10 (x64) (HKLM\...\{396D7BC8-E3C8-4B3E-8C60-D50D94FDF09D}) (Version: 24.104.29419 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.10 (x64) (HKLM-x32\...\{4714dd0a-ebab-4f59-a708-f8d7a793b3f5}) (Version: 3.1.10.29419 - Microsoft Corporation)
Microsoft .NET Host - 6.0.8 (x64) (HKLM\...\{6950FA03-8B88-4675-B685-FB21CA1762CC}) (Version: 48.35.45462 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.8 (x64) (HKLM\...\{3C3CA326-3F1D-43B7-B0AD-CBC06B2DED5A}) (Version: 48.35.45462 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.8 (x64) (HKLM\...\{7CEA3ABF-FE24-42AF-ADE6-B4A3EE346743}) (Version: 48.35.45462 - Microsoft Corporation) Hidden
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.17126.20132 - Microsoft Corporation)
Microsoft ASP.NET Core 3.1.10 - Shared Framework (HKLM-x32\...\{6efe3294-03d8-4977-9c67-9f57ab075130}) (Version: 3.1.10.20520 - Microsoft Corporation)
Microsoft ASP.NET Core 3.1.10 Shared Framework (x64) (HKLM\...\{7BEAA207-E3EB-3948-BBB3-336B04D8A2F1}) (Version: 3.1.10.20520 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.8 - Shared Framework (x64) (HKLM-x32\...\{1182f806-658a-4241-9202-d43e13bf2719}) (Version: 6.0.8.22363 - Microsoft Corporation)
Microsoft ASP.NET Core 6.0.8 Shared Framework (x64) (HKLM\...\{FA97D589-B37E-3B49-A8D2-4764029773FE}) (Version: 6.0.8.22363 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 121.0.2277.83 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 120.0.2210.144 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.246.1127.0002 - Microsoft Corporation)
Microsoft Report Viewer 2012 Runtime (HKLM-x32\...\{A047101C-A3AE-4FAD-802F-01C965079F66}) (Version: 11.1.3010.3 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{99AC7F47-A4E0-4706-9C65-8948775C2652}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{56F27690-F6EA-3356-980A-02BA379506EE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31931 (HKLM-x32\...\{d4cecf3b-b68f-4995-8840-52ea0fab646e}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.34.31931 (HKLM-x32\...\{6ba9fb5e-8366-4cc4-bf65-25fe9819b2fc}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31931 (HKLM\...\{EAE242B1-0A26-485A-BFEB-0292EE9F03CB}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31931 (HKLM\...\{CF4C347D-954E-4543-88D2-EC17F07F466F}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.34.31931 (HKLM-x32\...\{C2662EFF-06E6-4FD1-9D6D-FDCA91025757}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.34.31931 (HKLM-x32\...\{AB1BDF73-7393-42CE-812D-9A90918814D5}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.8 (x64) (HKLM\...\{EB3983F9-3D60-456D-A11A-C1366C79AD3E}) (Version: 48.35.45540 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.8 (x64) (HKLM-x32\...\{ca35acb3-b442-44fb-924c-4448120bf689}) (Version: 6.0.8.31518 - Microsoft Corporation)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 122.0 (x64 en-US)) (Version: 122.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 114.0.2 - Mozilla)
Mozilla Thunderbird (x86 cs) (HKU\S-1-5-21-1435680546-1721906594-1447614293-1001\...\Mozilla Thunderbird 115.6.1 (x86 cs)) (Version: 115.6.1 - Mozilla)
Need for Speed Underground 2 (HKLM-x32\...\{909F8EBC-EC7F-48FF-0085-475D818F0F31}) (Version: - )
OEM Application Profile (HKLM-x32\...\{FA2905FA-6EB6-F61A-D565-30634F5F673E}) (Version: 1.00.0000 - Název společnosti:)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17126.20132 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17126.20132 - Microsoft Corporation) Hidden
PDFCreator (HKLM\...\{11CB1028-C327-45E0-8FB9-FC973B4AB941}) (Version: 5.1.1 - Avanquest pdfforge GmbH)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.308.2 - Tracker Software Products Ltd)
PrusaSlicer 2.6.0 (HKLM\...\{D6310383-F2B7-4DEB-89B5-8C7448FAE3A6}) (Version: 2.6.0 - Prusa Research) Hidden
PrusaSlicer 2.6.0 (HKU\S-1-5-21-1435680546-1721906594-1447614293-1001\...\PrusaSlicer 2.6.0 2.6.0) (Version: 2.6.0 - Prusa Research)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.43 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.30.328.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7818 - Realtek Semiconductor Corp.)
SADP (HKLM-x32\...\{7D9B79C2-B1B2-433B-844F-F4299B86F26E}) (Version: 3.1.1.4 - Hangzhou Hikvision Digital Technology Co., Ltd.)
SketchUp Import for AutoCAD 2014 (HKLM-x32\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.63 - Synaptics Incorporated)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 11.02 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
Wargaming.net Game Center (HKU\S-1-5-21-1435680546-1721906594-1447614293-1001\...\Wargaming.net Game Center) (Version: 23.6.0.4252 - Wargaming.net)
Web Components (HKLM-x32\...\{03B13AF8-9625-478A-AF0E-205337B9415A}_is1) (Version: 3.0.7.1 - )
World of Tanks EU (HKU\S-1-5-21-1435680546-1721906594-1447614293-1001\...\2314027414) (Version: - Wargaming.net)
Xerox Phaser 3117 (HKLM-x32\...\Xerox Phaser 3117) (Version: - )

Packages:
=========
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_2030.8.396.0_x64__8xx8rvfyw5nnt [2024-01-28] (Meta) [Startup Task]
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2311.21001.0_x64__8wekyb3d8bbwe [2024-01-05] (Microsoft Corporation) [Startup Task]
Rozšíření pro video HEVC -> C:\Program Files\WindowsApps\Microsoft.HEVCVideoExtensions_2.0.61933.0_x64__8wekyb3d8bbwe [2023-08-09] (Microsoft Corporation)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.18.11020.0_x64__8wekyb3d8bbwe [2023-11-08] (Microsoft Studios) [MS Ad]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2401.4.0_x64__cv1g1gvanyjgm [2024-01-29] (WhatsApp Inc.) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1435680546-1721906594-1447614293-1001_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-1435680546-1721906594-1447614293-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-1435680546-1721906594-1447614293-1001_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2023 - English\dwgviewr.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1435680546-1721906594-1447614293-1001_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2023 - English\en-US\dwgviewrficn.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1435680546-1721906594-1447614293-1001_Classes\CLSID\{5370C727-1451-4700-A960-77630950AF6D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-1435680546-1721906594-1447614293-1001_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1435680546-1721906594-1447614293-1001_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1435680546-1721906594-1447614293-1001_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1435680546-1721906594-1447614293-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2014\cs-CZ\acadficn.dll (Autodesk Development Sarl -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2022-09-15] (Autodesk, Inc. -> Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [0-ExplorerFab] -> {DB0CE773-FFDC-4DC7-811E-5582040DF1D0} => C:\Program Files\DVDFab\ExplorerFab\ExplorerFabShellExtension.dll [2023-06-05] (DVDFab Software Inc. -> Igor Pavlov)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2024-01-16] (Autodesk, Inc. -> Autodesk)
ContextMenuHandlers1: [DVDFABVirtualDrive] -> {71343FFB-3ECB-4FA7-BAAC-8DB614DE3C05} => C:\Program Files\DVDFab\ExplorerFab\vdrive.dll [2023-06-05] (Fengtao Software Inc. -> DVDFab Software)
ContextMenuHandlers1-x32: [DVDFABVirtualDrive32] -> {71343FFB-3ECB-4FA7-BAAC-8DB614DE3C04} => C:\Program Files\DVDFab\ExplorerFab\vdrive32.dll [2023-06-05] (Fengtao Software Inc. -> DVDFab Software)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2022-10-04] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers2: [DVDFABVirtualDrive] -> {71343FFB-3ECB-4FA7-BAAC-8DB614DE3C05} => C:\Program Files\DVDFab\ExplorerFab\vdrive.dll [2023-06-05] (Fengtao Software Inc. -> DVDFab Software)
ContextMenuHandlers2-x32: [DVDFABVirtualDrive32] -> {71343FFB-3ECB-4FA7-BAAC-8DB614DE3C04} => C:\Program Files\DVDFab\ExplorerFab\vdrive32.dll [2023-06-05] (Fengtao Software Inc. -> DVDFab Software)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [0-ExplorerFab] -> {DB0CE773-FFDC-4DC7-811E-5582040DF1D0} => C:\Program Files\DVDFab\ExplorerFab\ExplorerFabShellExtension.dll [2023-06-05] (DVDFab Software Inc. -> Igor Pavlov)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Windows\System32\atiacm64.dll [2022-08-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2020-06-04] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [0-ExplorerFab] -> {DB0CE773-FFDC-4DC7-811E-5582040DF1D0} => C:\Program Files\DVDFab\ExplorerFab\ExplorerFabShellExtension.dll [2023-06-05] (DVDFab Software Inc. -> Igor Pavlov)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-03-09 18:48 - 2021-03-09 18:48 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2022-07-15 08:57 - 2022-07-15 08:57 - 000912896 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-core.dll
2022-07-15 08:57 - 2022-07-15 08:57 - 003109888 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-s3.dll
2022-08-02 09:34 - 2022-08-02 09:34 - 000817152 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\Device.dll
2022-08-02 09:33 - 2022-08-02 09:33 - 003650560 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\Platform.dll
2013-09-27 09:45 - 2013-09-27 09:45 - 000286720 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2013-09-27 09:45 - 2013-09-27 09:45 - 000499200 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2023-08-09 12:31 - 2023-08-09 12:31 - 000196096 _____ (pdfforge GmbH) [File not signed] C:\Windows\System32\pdfcmon.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 001189888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 006184448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 006867456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000735232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Multimedia.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 001104896 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 003668480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000517120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlModels.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 004228608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000480256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5RemoteObjects.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000205824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000390656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 095598080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000127488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 005587968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000462848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000188928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 002878464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows:CM_cdfdf49505024624d2decf3e9557d51162be6aba9545d69de4a936f7ba6139f4 [74]
AlternateDataStreams: C:\Windows:CM_d1cca5b43b23e7a102fa897d892102fdacb2faaf6f5875efce3bd0a2c56874f8 [74]
AlternateDataStreams: C:\Windows:CM_ddc327b64f685355a51c706651d661157d9c56a567b08d951c0a21f802879420 [74]
AlternateDataStreams: C:\Windows:CM_ff0bb62cece0c757632923a1bae7321ad617e4b7332ae4476b623929db52258c [74]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-1435680546-1721906594-1447614293-1001\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer (Whitelisted) ==========

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre-1.8\bin\ssv.dll [2023-12-19] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-1.8\bin\jp2ssv.dll [2023-12-19] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-01-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-10] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%INTEL_DEV_REDIST%redist\intel64\compiler;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\dotnet\
HKU\S-1-5-21-1435680546-1721906594-1447614293-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.31.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "Autodesk Access"
HKU\S-1-5-21-1435680546-1721906594-1447614293-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1435680546-1721906594-1447614293-1001\...\StartupApproved\Run: => "Wargaming.net Game Center"
HKU\S-1-5-21-1435680546-1721906594-1447614293-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_4673EA686870A11B2CD74C228BB15D2C"
HKU\S-1-5-21-1435680546-1721906594-1447614293-1001\...\StartupApproved\Run: => "EPSDNMON"
HKU\S-1-5-21-1435680546-1721906594-1447614293-1001\...\StartupApproved\Run: => "Autodesk Sync"
HKU\S-1-5-21-1435680546-1721906594-1447614293-1001\...\StartupApproved\Run: => "DVDFab VDrive"
HKU\S-1-5-21-1435680546-1721906594-1447614293-1001\...\StartupApproved\Run: => "3cca1bb530f30c1edd994819dca34c2c"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{340B681E-6CED-4A43-9AF9-81587C98153D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0CC784EC-3BCD-4ACC-B844-AB8D1886FC07}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9D0266D5-56B3-440D-B5AE-BCA912E1952F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{CB8CA4FD-2641-4748-89CE-7AF465929D15}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [UDP Query User{0972C0B8-3BBF-405A-8246-7CE71408E5F4}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [TCP Query User{D1BB7D8B-B7F4-46B1-99F4-86730FCF9A18}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{27469A67-543F-40A7-B367-19D7DF08B703}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{1C4E2874-AF7E-4516-A661-4A883AB1EED7}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
FirewallRules: [{526248D9-A8DE-49FB-A643-556153024B32}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
FirewallRules: [TCP Query User{B4EE40C6-8BF4-44F0-B923-541519C0CC3C}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe => No File
FirewallRules: [UDP Query User{ABFAAF09-F725-4995-8202-0F3C647E6442}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe => No File
FirewallRules: [TCP Query User{4E5C95D9-FA5F-42EA-9154-1DC690F8FF06}C:\program files (x86)\sadp\sadp\sadptool.exe] => (Allow) C:\program files (x86)\sadp\sadp\sadptool.exe (Hangzhou Hikvision Digital Tech.Co.,Ltd -> )
FirewallRules: [UDP Query User{851C9D15-5FC6-4751-B20B-2200698EF55F}C:\program files (x86)\sadp\sadp\sadptool.exe] => (Allow) C:\program files (x86)\sadp\sadp\sadptool.exe (Hangzhou Hikvision Digital Tech.Co.,Ltd -> )
FirewallRules: [TCP Query User{904A0745-BAF3-425A-A71E-3FD585DC0C72}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{86A694CC-23D6-4639-9EDC-37D6334D50A5}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{EE2B0C2C-E047-4AF6-9376-70D912F969CC}C:\games\warcraft iii\war3.exe] => (Allow) C:\games\warcraft iii\war3.exe (Blizzard Entertainment) [File not signed]
FirewallRules: [UDP Query User{FAAA2D08-527D-4570-85BA-F6F821BFD8C2}C:\games\warcraft iii\war3.exe] => (Allow) C:\games\warcraft iii\war3.exe (Blizzard Entertainment) [File not signed]
FirewallRules: [{6C8F3166-7E7B-45B2-A3A2-103F1921E531}] => (Allow) LPort=50248
FirewallRules: [TCP Query User{619B7959-6510-4DC2-A05B-BBD5AD36162E}C:\program files\java\jre-1.8\bin\javaw.exe] => (Allow) C:\program files\java\jre-1.8\bin\javaw.exe
FirewallRules: [UDP Query User{8639AA36-4852-4B3F-83C6-F8BDD57FE6C7}C:\program files\java\jre-1.8\bin\javaw.exe] => (Allow) C:\program files\java\jre-1.8\bin\javaw.exe
FirewallRules: [TCP Query User{F87633DB-8270-470F-A808-D3DFB29BCBA9}C:\users\lukas\appdata\local\temp\5e917feb-81a8-4897-959b-90bea0e55128_netscanner.zip.128\netscanner64.exe] => (Allow) C:\users\lukas\appdata\local\temp\5e917feb-81a8-4897-959b-90bea0e55128_netscanner.zip.128\netscanner64.exe => No File
FirewallRules: [UDP Query User{E033A1EB-A149-4726-840B-61A34ECAD7CF}C:\users\lukas\appdata\local\temp\5e917feb-81a8-4897-959b-90bea0e55128_netscanner.zip.128\netscanner64.exe] => (Allow) C:\users\lukas\appdata\local\temp\5e917feb-81a8-4897-959b-90bea0e55128_netscanner.zip.128\netscanner64.exe => No File
FirewallRules: [TCP Query User{EA6A56BA-01B0-4776-A630-7BE4BA189E4E}E:\programy\utorrent\utorrent.exe] => (Allow) E:\programy\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{76657167-6489-4FF4-971B-F32C85E9D800}E:\programy\utorrent\utorrent.exe] => (Allow) E:\programy\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{33B38A59-929D-45D1-97AE-3BCA4CBF2004}C:\program files\davinci resolve\resolve.exe] => (Allow) C:\program files\davinci resolve\resolve.exe => No File
FirewallRules: [UDP Query User{7BCDBD2C-C861-4128-B900-AF2B62194303}C:\program files\davinci resolve\resolve.exe] => (Allow) C:\program files\davinci resolve\resolve.exe => No File
FirewallRules: [{F6A524A1-7C44-4556-BB7B-B7A44DCEEF8C}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.144\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{998EA575-9B75-422F-B190-B9B28D173D01}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.111.3607.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B6A1360C-8BF8-4342-8E09-4E4D98F5C264}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.111.3607.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D9ECAB83-D5C0-4E98-B036-DBBD3C2D60FE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.111.3607.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4C280132-380D-4733-BD4B-D0CB28216F4A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.111.3607.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{56D46D17-E2AE-4FAF-BDD2-5F6330067B58}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{E9F84E2E-C572-458A-8EF0-3474ED2E4107}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server

==================== Restore Points =========================

29-01-2024 09:20:29 Windows Zálohování

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/29/2024 10:18:17 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]

Error: (01/29/2024 10:09:45 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..

Error: (01/29/2024 10:09:45 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]

Error: (01/29/2024 10:09:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: atieclxx.exe, verze: 27.20.20913.2000, časové razítko: 0x62e929c6
Název chybujícího modulu: atieclxx.exe, verze: 27.20.20913.2000, časové razítko: 0x62e929c6
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000359c6
ID chybujícího procesu: 0xaa4
Čas spuštění chybující aplikace: 0x01da5292296449af
Cesta k chybující aplikaci: C:\Windows\System32\DriverStore\FileRepository\c0382934.inf_amd64_2ed1b7932d1f78d4\B381983\atieclxx.exe
Cesta k chybujícímu modulu: C:\Windows\System32\DriverStore\FileRepository\c0382934.inf_amd64_2ed1b7932d1f78d4\B381983\atieclxx.exe
ID zprávy: 7832915e-b346-43e0-a555-e1f27bdafc21
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/29/2024 09:54:06 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..

Error: (01/29/2024 09:54:06 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]

Error: (01/29/2024 09:53:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: atieclxx.exe, verze: 27.20.20913.2000, časové razítko: 0x62e929c6
Název chybujícího modulu: atieclxx.exe, verze: 27.20.20913.2000, časové razítko: 0x62e929c6
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000359c6
ID chybujícího procesu: 0x1bc4
Čas spuštění chybující aplikace: 0x01da446b1dd07022
Cesta k chybující aplikaci: C:\Windows\System32\DriverStore\FileRepository\c0382934.inf_amd64_2ed1b7932d1f78d4\B381983\atieclxx.exe
Cesta k chybujícímu modulu: C:\Windows\System32\DriverStore\FileRepository\c0382934.inf_amd64_2ed1b7932d1f78d4\B381983\atieclxx.exe
ID zprávy: e9875b5b-8cda-4dde-b11b-78a0fe97f333
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/29/2024 09:42:20 AM) (Source: COM) (EventID: 10031) (User: )
Description: Při zrušení zařazení vlastního zařazeného objektu byla provedena kontrola zásad zrušení zařazení a třída {BE88F957-42CC-4DA7-92CF-9BC35C5D5EE2} byla odmítnuta.


System errors:
=============
Error: (01/29/2024 10:25:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba DgiVecp neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (01/29/2024 10:24:32 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-1QVPE6T)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (01/29/2024 10:24:29 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-1QVPE6T)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby camsvc s argumenty Není k dispozici za účelem spuštění serveru:
Windows.Internal.CapabilityAccess.CapabilityAccess

Error: (01/29/2024 10:23:53 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby WSearch s argumenty Není k dispozici za účelem spuštění serveru:
{9E175B68-F52A-11D8-B9A5-505054503030}

Error: (01/29/2024 10:21:49 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-1QVPE6T)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (01/29/2024 10:21:37 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-1QVPE6T)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby WSearch s argumenty Není k dispozici za účelem spuštění serveru:
{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (01/29/2024 10:21:37 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-1QVPE6T)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby WSearch s argumenty Není k dispozici za účelem spuštění serveru:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (01/29/2024 10:21:33 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-1QVPE6T)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru:
{DD522ACC-F821-461A-A407-50B198B896DC}


Windows Defender:
================
Date: 2024-01-29 09:42:07
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:HTML/Phish!pz
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_\Device\HarddiskVolumeShadowCopy11\Users\lukas\AppData\Local\Mozilla\Firefox\Profiles\niv94x9u.default-release\cache2\entries\01A7CAB71879AC69708F246381DEA26CAD724FC7
Původ detekce: Neznámý
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\System32\svchost.exe
Verze bezpečnostních informací: AV: 1.403.2876.0, AS: 1.403.2876.0, NIS: 1.403.2876.0
Verze modulu: AM: 1.1.23110.2, NIS: 1.1.23110.2

Date: 2024-01-15 10:39:49
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {49110108-6C99-423C-9029-444889A632C2}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-01-15 10:34:35
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUA:Win32/Presenoker
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_E:\Záloha HP ProBook - po nastavení disku smaž\PDFCreator-2_0_0-setup.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-1QVPE6T\lukas
Název procesu: C:\Users\lukas\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
Verze bezpečnostních informací: AV: 1.403.2172.0, AS: 1.403.2172.0, NIS: 1.403.2172.0
Verze modulu: AM: 1.1.23110.2, NIS: 1.1.23110.2

Date: 2024-01-15 10:19:00
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Keygen
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_E:\Programy\AutoCAD 2014 Czech 64bit\xf-adsk64.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-1QVPE6T\lukas
Název procesu: C:\Users\lukas\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
Verze bezpečnostních informací: AV: 1.403.2172.0, AS: 1.403.2172.0, NIS: 1.403.2172.0
Verze modulu: AM: 1.1.23110.2, NIS: 1.1.23110.2

Date: 2024-01-15 10:13:04
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Keygen
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_E:\ISO\Counter-Strike\Counter-Strike-Steam CD Key Generator.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-1QVPE6T\lukas
Název procesu: C:\Users\lukas\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
Verze bezpečnostních informací: AV: 1.403.2172.0, AS: 1.403.2172.0, NIS: 1.403.2172.0
Verze modulu: AM: 1.1.23110.2, NIS: 1.1.23110.2
Event[0]:

Date: 2024-01-29 10:21:15
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.

Date: 2024-01-29 10:01:48
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.

Date: 2023-11-25 09:11:31
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.401.1093.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23100.2009
Kód chyby: 0x800b0109
Popis chyby: Certifikační řetěz byl zpracován, ale byl ukončen v kořenovém certifikátu, který nemá důvěru zprostředkovatele důvěryhodnosti.

Date: 2023-11-25 07:50:50
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.401.1093.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23100.2009
Kód chyby: 0x800b0109
Popis chyby: Certifikační řetěz byl zpracován, ale byl ukončen v kořenovém certifikátu, který nemá důvěru zprostředkovatele důvěryhodnosti.

Date: 2023-07-23 08:08:55
Description:
Antivirová ochrana v programu Microsoft Defender narazil na kritickou chybu při provádění akce s malwarem nebo jiným potenciálně nežádoucím softwarem.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUADlManager:Win32/Seznam
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_D:\$RECYCLE.BIN\S-1-5-21-1435680546-1721906594-1447614293-1001\$RS7IHL4.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-1QVPE6T\lukas
Název procesu: C:\Windows\explorer.exe
Akce: Neznámý
Stav akce: No additional actions required
Kód chyby: 0x80508033
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Verze bezpečnostních informací: AV: 1.393.1157.0, AS: 1.393.1157.0, NIS: 1.393.1157.0
Verze modulu: AM: 1.1.23060.1005, NIS: 1.1.23060.1005

CodeIntegrity:
===============
Date: 2023-11-15 17:11:45
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-11-05 02:21:11
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-10-04 18:09:15
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-08-16 22:50:12
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: Hewlett-Packard M74 Ver. 01.44 07/13/2017
Motherboard: Hewlett-Packard 2249
Processor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 30%
Total physical RAM: 16256.11 MB
Available physical RAM: 11229.05 MB
Total Virtual: 18688.11 MB
Available Virtual: 12498.26 MB

==================== Drives ================================

Drive c: (Windows10) (Fixed) (Total:145.92 GB) (Free:15.42 GB) (Model: Samsung SSD 870 QVO 1TB) NTFS
Drive d: (OneDrive) (Fixed) (Total:785.03 GB) (Free:74.9 GB) (Model: Samsung SSD 870 QVO 1TB) NTFS
Drive e: (DATA750) (Fixed) (Total:698.14 GB) (Free:21.73 GB) (Model: HGST HTS541075A9E680) NTFS

\\?\Volume{39850014-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.05 GB) (Free:0.02 GB) NTFS
\\?\Volume{39850014-0000-0000-0000-407e24000000}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 39850014)
Partition 1: (Active) - (Size=50 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=145.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=523 MB) - (Type=27)
Partition 4: (Not Active) - (Size=785 GB) - (Type=0F Extended)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: A5703559)
Partition 1: (Active) - (Size=698.1 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu Defender hlásí Trojan:HTML/Pish!pz

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
plk
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 17 úno 2010 20:18

Re: Prosím o kontrolu Defender hlásí Trojan:HTML/Pish!pz

#3 Příspěvek od plk »

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-29-2024
# Duration: 00:00:00
# OS: Windows 10 (Build 19045.3930)
# Cleaned: 3
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Conduit
Deleted HKLM\Software\Wow6432Node\Conduit

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.HPCoolSense Folder C:\Users\lukas\AppData\Local\HEWLETT-PACKARD\HP COOLSENSE


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1567 octets] - [29/01/2024 15:47:38]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu Defender hlásí Trojan:HTML/Pish!pz

#4 Příspěvek od Rudy »

Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
plk
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 17 úno 2010 20:18

Re: Prosím o kontrolu Defender hlásí Trojan:HTML/Pish!pz

#5 Příspěvek od plk »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27.01.2024 01
Ran by lukas (administrator) on DESKTOP-1QVPE6T (Hewlett-Packard HP ProBook 470 G2) (29-01-2024 16:39:54)
Running from D:\OneDrive\Plocha\FRST64.exe
Loaded Profiles: lukas
Platform: Microsoft Windows 10 Pro Version 22H2 19045.3930 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(C:\Program Files\totalcmd\TOTALCMD64.EXE ->) (Jan Fiala -> Jan Fiala) D:\OneDrive\World Wide Web\.PSPad\PSPad.exe
(explorer.exe ->) (Ghisler Software GmbH -> Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <15>
(services.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessServiceHost.exe
(services.exe ->) (Autodesk, Inc.) [File not signed] C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(services.exe ->) (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel(R) Smart Connect software -> ) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(spoolsv.exe ->) (CANON INC. -> CANON INC.) C:\Windows\System32\CNAB4RPD.EXE
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2401.4.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2311.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8811776 2016-05-12] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtsCM] => C:\Windows\RTSCM64.EXE [225248 2017-10-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-09-27] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [Autodesk Access] => C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessCore.exe [20678944 2024-01-10] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [750680 2023-12-19] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1435680546-1721906594-1447614293-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2595344 2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1435680546-1721906594-1447614293-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2189592 2023-11-18] (Wargaming Group Limited -> Wargaming.net)
HKU\S-1-5-21-1435680546-1721906594-1447614293-1001\...\Run: [EPSDNMON] => "C:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNMON.EXE" (No File)
HKU\S-1-5-21-1435680546-1721906594-1447614293-1001\...\Run: [MicrosoftEdgeAutoLaunch_4673EA686870A11B2CD74C228BB15D2C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3788224 2024-01-25] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1435680546-1721906594-1447614293-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc -> Autodesk, Inc.)
HKU\S-1-5-21-1435680546-1721906594-1447614293-1001\...\Run: [DVDFab VDrive] => C:\Program Files\DVDFab\ExplorerFab\vdrive.exe [15596360 2023-06-05] (DVDFab Software Inc. -> DVDFab Software Inc.)
HKU\S-1-5-21-1435680546-1721906594-1447614293-1001\...\Run: [3cca1bb530f30c1edd994819dca34c2c] => C:\Program Files\DVDFab\ExplorerFab\liveUpdate.exe [7369032 2023-06-05] (DVDFab Software Inc. -> )
HKU\S-1-5-21-1435680546-1721906594-1447614293-1001\...\Policies\Explorer: []
HKU\S-1-5-21-1435680546-1721906594-1447614293-1001\...\MountPoints2: {0bff3993-940b-11ee-96c9-9cad974fad61} - "F:\RunGame.exe"
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc -> Autodesk, Inc.)
HKLM\...\Windows x64\Print Processors\Canon MP280 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAA.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\XRXS1PC: C:\Windows\System32\spool\prtprocs\x64\xrxs1pc.dll [33792 2010-02-16] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Server 2003 DDK provider)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP280 series: C:\Windows\system32\CNMLMAA.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\CNAB4 Monitor: C:\Windows\system32\CNAB4LMD.DLL [58880 2012-10-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [196096 2023-08-09] (pdfforge GmbH) [File not signed]
HKLM\...\Print\Monitors\XRXS1 Langmon: C:\Windows\system32\xrxs1l6.dll [34304 2012-11-09] (Microsoft Windows Hardware Compatibility Publisher -> )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Canon LBP2900 Status Window.lnk [2023-06-29]
ShortcutTarget: Canon LBP2900 Status Window.lnk -> C:\Windows\System32\spool\drivers\x64\3\CNAB4LAD.EXE (CANON INC. -> CANON INC.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2023-07-17]
ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk [2023-06-29]
ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel(R) Smart Connect software -> Intel Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {8399D447-D694-4EAA-A3B2-DF3FCD4C3811} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1708512 2022-08-02] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {A39CD29E-9461-4DBE-8F4F-39EA74DAD4F8} - System32\Tasks\AutoUpdate Allplan 2019 => C:\Program Files\Allplan\Allplan 2019\Prg\NemDownloadHandler.exe [40840 2018-10-01] (Allplan GmbH -> ALLPLAN GmbH) -> /f "C:\Data\Allplan\Allplan 2019\Std\AllplanUpdate.inf"
Task: {5E28A321-9185-4A61-BA62-59A2EF1F1E9B} - System32\Tasks\Meta\Messenger-WSP-Helper-S-1-5-21-1435680546-1721906594-1447614293-1001 => C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_2030.8.396.0_x64__8xx8rvfyw5nnt\app\MessengerHelper.exe [2250488 2024-01-22] (6E08453F-9BA7-4311-999C-D22FBA2FB1B8 -> Meta Platforms, Inc.)
Task: {3D01096B-2DA9-49E9-BCA3-789A300B278A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28425192 2024-01-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {0202591F-B548-42DB-B43B-5B105C0B1C9F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28425192 2024-01-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {8AE226D9-75FA-4A74-8565-F2D55D30D98E} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305744 2024-01-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {39872FEB-8085-48E4-8284-3E77E2708F09} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305744 2024-01-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {63984297-B778-4D0D-9E2C-7E75EBCD4D11} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170048 2024-01-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {C281D2FD-DA63-43F2-A3A9-C9113E8D8814} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {32411D57-C7DB-4634-A5D7-94AE42464AB2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {58AED180-F99C-43A8-8836-858B743D3CE9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {49C383DC-EC76-4042-A451-8A598868DF5B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4C9DD6B3-3012-4875-92DC-24374F861601} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1708512 2022-08-02] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {289E1E8D-4E25-495B-B5EF-CD896E54FD21} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34720 2024-01-25] (Mozilla Corporation -> Mozilla Foundation)
Task: {9657DB78-3541-4647-92EF-A1052B2FD1B3} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130736 2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {D2396169-06D0-4277-9848-41826F1341B7} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1435680546-1721906594-1447614293-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130736 2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {3C23A385-14F3-4F3F-B57E-281381FB8633} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [57312 2022-08-02] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {96A3E24C-AB8F-4F4B-BCF2-6A62979F1935} - System32\Tasks\StartCNBM => C:\Program Files\AMD\CNext\CNext\cncmd.exe [57312 2022-08-02] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {96B2DCF7-539F-41B3-AC39-09EB335F6E5A} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [263136 2022-08-02] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.31.1
Tcpip\..\Interfaces\{5bbdfd95-5892-444a-b9fb-f74633a8c77b}: [DhcpNameServer] 192.168.31.1
Tcpip\..\Interfaces\{5bbdfd95-5892-444a-b9fb-f74633a8c77b}\34344565: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5bbdfd95-5892-444a-b9fb-f74633a8c77b}\35452533335707F523E243: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{78426d2f-a9dc-4bde-9b6a-40fe0d470c2b}: [DhcpNameServer] 192.168.31.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\lukas\AppData\Local\Microsoft\Edge\User Data\Default [2024-01-29]
Edge StartupUrls: Default -> "hxxp://seznam.cz/"
Edge Extension: (Dokumenty Google offline) - C:\Users\lukas\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-25]
Edge Extension: (Edge relevant text changes) - C:\Users\lukas\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-25]

FireFox:
========
FF DefaultProfile: 2rud96ev.default
FF ProfilePath: C:\Users\lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2rud96ev.default [2023-08-09]
FF ProfilePath: C:\Users\lukas\AppData\Roaming\Mozilla\Firefox\Profiles\niv94x9u.default-release [2024-01-29]
FF Homepage: Mozilla\Firefox\Profiles\niv94x9u.default-release -> www.google.com
FF Session Restore: Mozilla\Firefox\Profiles\niv94x9u.default-release -> is enabled.
FF Extension: (AdBlocker Ultimate) - C:\Users\lukas\AppData\Roaming\Mozilla\Firefox\Profiles\niv94x9u.default-release\Extensions\adblockultimate@adblockultimate.net.xpi [2023-11-29]
FF Extension: (Česká kontrola pravopisu (bez diakritiky)) - C:\Users\lukas\AppData\Roaming\Mozilla\Firefox\Profiles\niv94x9u.default-release\Extensions\cs2@dictionaries.addons.mozilla.org.xpi [2023-09-05]
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\lukas\AppData\Roaming\Mozilla\Firefox\Profiles\niv94x9u.default-release\Extensions\cs@dictionaries.addons.mozilla.org.xpi [2023-09-05]
FF Extension: (Easy Screenshot) - C:\Users\lukas\AppData\Roaming\Mozilla\Firefox\Profiles\niv94x9u.default-release\Extensions\easyscreenshot@mozillaonline.com.xpi [2023-06-29]
FF Extension: (Language: Čeština (Czech)) - C:\Users\lukas\AppData\Roaming\Mozilla\Firefox\Profiles\niv94x9u.default-release\Extensions\langpack-cs@firefox.mozilla.org.xpi [2024-01-26]
FF Extension: (Undo Close Tab Button) - C:\Users\lukas\AppData\Roaming\Mozilla\Firefox\Profiles\niv94x9u.default-release\Extensions\undo-close-tab-buttons-single@codefisher.org.xpi [2023-06-29]
FF Extension: (Search on Google Lens) - C:\Users\lukas\AppData\Roaming\Mozilla\Firefox\Profiles\niv94x9u.default-release\Extensions\{56b8308e-566b-4dc0-9957-f6341ceb8552}.xpi [2023-12-03]
FF Extension: (ImTranslator: Překladač, Slovník, Hlas) - C:\Users\lukas\AppData\Roaming\Mozilla\Firefox\Profiles\niv94x9u.default-release\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2024-01-02]
FF Extension: (Hlídač Shopů) - C:\Users\lukas\AppData\Roaming\Mozilla\Firefox\Profiles\niv94x9u.default-release\Extensions\{d6f0f975-91a3-4d78-96f7-5f1859ad18b6}.xpi [2023-11-15]
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\PDF-Xchange\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.401.2 -> C:\Program Files\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-12-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.401.2 -> C:\Program Files\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-12-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-12-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\PDF-Xchange\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\PDF-Xchange\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-12-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\PDF-Xchange\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: Web Components -> C:\Program Files (x86)\Web Components\npWebVideoPlugin.dll [2018-12-26] (HANGZHOU HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> )
FF Plugin HKU\S-1-5-21-1435680546-1721906594-1447614293-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\PDF-Xchange\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AllplanUpdateLauncher 2019; C:\Program Files\Allplan\AllplanUpdateLauncher 2019\AllplanUpdateLauncher.exe [15752 2018-10-01] (Allplan GmbH -> ALLPLAN GmbH)
S2 AUEPLauncher; C:\Program Files\AMD\CIM\..\Performance Profile Client\AUEPLauncher.exe [55264 ] (Advanced Micro Devices Inc. -> AMD)
R2 Autodesk Access Service Host; C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessServiceHost.exe [11630368 2023-12-12] (Autodesk, Inc. -> Autodesk, Inc.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13777080 2024-01-05] (Microsoft Corporation -> Microsoft Corporation)
S2 CmWebAdmin.exe; C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe [9206680 2018-05-11] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
S2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [206304 2022-06-28] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncHelper.exe [3514384 2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
S2 fpCsEvtSvc; C:\Windows\System32\fpCSEvtSvc.exe [22424 2019-05-05] (Microsoft Windows Hardware Compatibility Publisher -> )
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-09-06] (Intel(R) Smart Connect software -> )
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.246.1127.0002\OneDriveUpdaterService.exe [3851280 2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534472 2023-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 valWBFPolicyService; C:\Windows\System32\valWBFPolicyService.exe [91032 2019-05-05] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AMDSAFD; C:\Windows\System32\DriverStore\FileRepository\amdsafd.inf_amd64_8e2568524f674315\amdsafd.sys [100768 2021-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 AMDXE; C:\Windows\System32\drivers\amdxe.sys [63096 2022-02-22] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 dvdfabio; C:\Windows\system32\drivers\dvdfabio.sys [12704 2023-06-05] (Fengtao Software Inc. -> DVDFab Software)
R3 vdrive; C:\Windows\system32\DRIVERS\vdrive.sys [44960 2023-06-05] (Fengtao Software Inc. -> DVDFab Software)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [55856 2023-12-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [594304 2023-12-08] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-08] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP)
S3 amdkmdap; \SystemRoot\System32\DriverStore\FileRepository\c0333148.inf_amd64_6714569004b0131a\B333163\atikmpag.sys [X]
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-01-29 15:45 - 2024-01-29 15:48 - 000000000 ____D C:\AdwCleaner
2024-01-29 11:08 - 2024-01-29 11:08 - 000000000 ____D C:\Users\lukas\AppData\Local\Thunderbird
2024-01-29 10:28 - 2024-01-29 16:40 - 000000000 ____D C:\FRST
2024-01-29 10:01 - 2024-01-29 10:21 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2024-01-29 09:56 - 2024-01-29 10:17 - 000000000 ____D C:\Windows\pss
2024-01-26 11:00 - 2024-01-26 11:27 - 000000000 ____D C:\Users\lukas\AppData\Roaming\Microsoft\Teams
2024-01-26 11:00 - 2024-01-26 11:01 - 000000000 ____D C:\Users\lukas\AppData\Local\SquirrelTemp
2024-01-25 20:19 - 2024-01-25 20:19 - 000000000 ____D C:\Users\lukas\AppData\Roaming\Sun
2024-01-25 20:19 - 2024-01-25 20:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2024-01-25 20:19 - 2023-12-19 13:01 - 000200320 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2024-01-25 20:18 - 2024-01-25 20:18 - 000000000 ____D C:\Program Files\Java
2024-01-25 19:38 - 2024-01-25 19:38 - 000000000 ____D C:\Users\lukas\AppData\Roaming\IsolatedStorage
2024-01-25 19:38 - 2024-01-25 19:38 - 000000000 ____D C:\Users\lukas\AppData\Local\Solvusoft_Corporation
2024-01-25 19:38 - 2024-01-25 19:38 - 000000000 ____D C:\ProgramData\IsolatedStorage
2024-01-25 18:57 - 2024-01-29 09:55 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-01-16 07:13 - 2024-01-16 07:13 - 002881824 _____ (Autodesk, Inc.) C:\Windows\system32\styleman.cpl
2024-01-16 07:13 - 2024-01-16 07:13 - 002881824 _____ (Autodesk, Inc.) C:\Windows\system32\plotman.cpl
2024-01-16 07:13 - 2024-01-16 07:13 - 000001219 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DWG TrueView 2024 - English.lnk
2024-01-16 07:02 - 2024-01-16 07:12 - 000000000 ____D C:\Autodesk
2024-01-16 07:02 - 2024-01-16 07:03 - 000000000 ____D C:\Users\lukas\Downloads\Autodesk
2024-01-15 22:10 - 2024-01-15 22:14 - 000000000 ____D C:\Users\lukas\AppData\Local\GoPro
2024-01-15 22:10 - 2024-01-15 22:10 - 000000000 ____D C:\Users\lukas\.QtWebEngineProcess
2024-01-15 22:10 - 2024-01-15 22:10 - 000000000 ____D C:\Users\lukas\.GoPro
2024-01-11 18:27 - 2024-01-11 18:27 - 001013358 _____ C:\Users\lukas\Downloads\Situační výkres ČEZd - 0102064654.pdf
2024-01-11 18:26 - 2024-01-11 18:26 - 000371310 _____ C:\Users\lukas\Downloads\Situační výkres ICT - 0700791196.pdf
2024-01-11 18:26 - 2024-01-11 18:26 - 000110680 _____ C:\Users\lukas\Downloads\Sdělení ICT - 0700791196.pdf
2024-01-11 18:26 - 2024-01-11 18:26 - 000110634 _____ C:\Users\lukas\Downloads\Sdělení TELIN - 1100065405.pdf
2024-01-11 18:25 - 2024-01-11 18:25 - 000371466 _____ C:\Users\lukas\Downloads\Situační výkres TELIN - 1100065405.pdf
2024-01-11 14:05 - 2024-01-11 14:05 - 000685184 _____ C:\Users\lukas\Downloads\zakon-c-183-2006-sb-o-uzemnim-planovani-a-stavebnim-radu-stavebni-zakon.pdf
2024-01-11 14:04 - 2024-01-11 14:04 - 002279724 _____ C:\Users\lukas\Downloads\Zákon č. 134-2016 Sb., o zadávání veřejných zakázek.pdf
2024-01-11 14:03 - 2024-01-11 14:03 - 001350270 _____ C:\Users\lukas\Downloads\sb0051-2016-134-2016.pdf
2024-01-11 13:03 - 2024-01-11 13:03 - 000052913 _____ C:\Users\lukas\Downloads\D11-01 - technická zpráva.pdf
2024-01-11 13:02 - 2024-01-11 13:02 - 000097066 _____ C:\Users\lukas\Downloads\D.1.2.01.pdf
2024-01-11 13:01 - 2024-01-11 13:01 - 000338051 _____ C:\Users\lukas\Downloads\D.1.1.a TZ.pdf
2024-01-11 13:00 - 2024-01-11 13:00 - 000144277 _____ C:\Users\lukas\Downloads\D11 TECHNICKÁ ZPRÁVA OAKAD.pdf
2024-01-11 13:00 - 2024-01-11 13:00 - 000064260 _____ C:\Users\lukas\Downloads\D35_ST_M_01_TZ_SO_442.pdf
2024-01-11 09:35 - 2024-01-11 09:35 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-01-10 14:12 - 2024-01-10 14:12 - 000000000 ___HD C:\$WinREAgent
2024-01-10 14:02 - 2024-01-10 14:02 - 002549267 _____ C:\Users\lukas\Downloads\1694682284_2023-09_ModF-HOUSEnerg-NZÚ-RD_Standardní-výzva.pdf
2024-01-08 11:14 - 2024-01-08 11:14 - 000351015 _____ C:\Users\lukas\Downloads\0640_16_04_OTO_smlouva_registr.pdf.pdf
2024-01-08 10:24 - 2024-01-08 10:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CZ.NIC
2024-01-08 10:24 - 2024-01-08 10:24 - 000000000 ____D C:\Program Files\CZ.NIC
2024-01-06 18:54 - 2024-01-06 18:54 - 000322436 _____ C:\Users\lukas\Downloads\ing10271._pavlik_ok10271.pdf
2024-01-04 08:06 - 2024-01-04 08:32 - 000000000 ____D C:\Users\lukas\AppData\Roaming\BSplayer
2024-01-04 08:06 - 2024-01-04 08:06 - 000001214 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BS.Player FREE.lnk
2024-01-04 08:06 - 2024-01-04 08:06 - 000000000 ____D C:\Users\lukas\AppData\Roaming\BSplayer Pro
2024-01-04 08:06 - 2024-01-04 08:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BS.Player
2024-01-04 08:06 - 2024-01-04 08:06 - 000000000 ____D C:\Program Files (x86)\Webteh
2024-01-04 08:01 - 2024-01-04 08:06 - 000000000 ____D C:\Program Files (x86)\BSPlayer

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-01-29 16:09 - 2023-06-29 08:48 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-01-29 16:08 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-01-29 15:53 - 2023-07-20 20:45 - 000001391 _____ C:\Users\lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2024-01-29 15:48 - 2023-09-19 16:06 - 000000000 ____D C:\Users\lukas\AppData\Local\Hewlett-Packard
2024-01-29 15:45 - 2023-06-29 09:15 - 000000000 ____D C:\Users\lukas\AppData\Roaming\Microsoft\Excel
2024-01-29 15:45 - 2023-06-29 09:05 - 000000000 ____D C:\Users\lukas\AppData\Roaming\Microsoft\Word
2024-01-29 15:40 - 2023-07-21 07:17 - 000000068 __RSH C:\Windows\system32\Drivers\wof.winsecurity
2024-01-29 15:40 - 2023-07-21 07:17 - 000000068 __RSH C:\Windows\system32\Drivers\wimmount.winsecurity
2024-01-29 15:40 - 2023-07-19 19:32 - 000003126 _____ C:\Windows\system32\Tasks\AMDInstallLauncher
2024-01-29 15:40 - 2023-07-17 16:24 - 000000068 __RSH C:\Windows\system32\Drivers\xboxgip.winsecurity
2024-01-29 15:40 - 2023-07-17 16:24 - 000000068 __RSH C:\Windows\system32\Drivers\wmilib.winsecurity
2024-01-29 15:40 - 2023-06-29 08:01 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-01-29 11:30 - 2023-06-29 08:30 - 000000000 ____D C:\Users\lukas\AppData\Local\D3DSCache
2024-01-29 11:08 - 2023-06-29 11:01 - 000000000 ____D C:\Users\lukas\AppData\Roaming\Thunderbird
2024-01-29 11:08 - 2023-06-29 08:48 - 000000000 ____D C:\Users\lukas\AppData\Roaming\Mozilla
2024-01-29 10:29 - 2023-06-29 08:07 - 001697562 _____ C:\Windows\system32\PerfStringBackup.INI
2024-01-29 10:29 - 2019-12-07 15:43 - 000719300 _____ C:\Windows\system32\perfh005.dat
2024-01-29 10:29 - 2019-12-07 15:43 - 000145940 _____ C:\Windows\system32\perfc005.dat
2024-01-29 10:29 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2024-01-29 10:25 - 2023-06-29 11:25 - 000000000 ____D C:\ProgramData\Synaptics
2024-01-29 10:25 - 2023-06-29 08:30 - 000000000 __SHD C:\Users\lukas\IntelGraphicsProfiles
2024-01-29 10:25 - 2023-06-29 08:15 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2024-01-29 10:25 - 2023-06-29 08:01 - 000008192 ___SH C:\DumpStack.log.tmp
2024-01-29 10:25 - 2023-06-29 08:01 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-01-29 10:24 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2024-01-29 10:04 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-01-29 10:04 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2024-01-29 10:01 - 2023-06-29 08:01 - 000556584 _____ C:\Windows\system32\FNTCACHE.DAT
2024-01-29 09:55 - 2023-06-29 08:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-01-29 09:53 - 2023-08-09 12:57 - 000000132 _____ C:\Users\lukas\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2024-01-28 10:39 - 2023-06-29 08:01 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-01-28 10:36 - 2023-05-05 13:28 - 000000000 ____D C:\Windows\SystemTemp
2024-01-27 21:37 - 2023-07-21 06:37 - 000000000 ____D C:\Windows\Minidump
2024-01-27 21:37 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\LiveKernelReports
2024-01-26 10:59 - 2023-06-29 08:48 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-01-17 17:55 - 2023-07-26 18:35 - 000000000 ____D C:\ProgramData\boost_interprocess
2024-01-16 18:27 - 2023-06-29 10:57 - 000000000 ____D C:\Users\lukas\AppData\Local\CrashDumps
2024-01-16 15:10 - 2023-07-21 09:31 - 000000000 ____D C:\Users\lukas\AppData\Roaming\.dsgui
2024-01-16 15:09 - 2023-07-17 12:01 - 000000000 ____D C:\Users\lukas\AppData\Local\cache
2024-01-16 07:14 - 2023-07-26 18:33 - 000000000 ____D C:\Users\lukas\AppData\Roaming\UI Launcher
2024-01-16 07:12 - 2023-07-26 18:36 - 000000000 ____D C:\Program Files\Common Files\Autodesk Shared
2024-01-16 07:12 - 2023-07-26 18:34 - 000000000 ____D C:\Program Files\Autodesk
2024-01-16 07:12 - 2023-07-26 18:31 - 000000000 ____D C:\ProgramData\Autodesk
2024-01-16 07:12 - 2023-07-26 18:20 - 000000000 ____D C:\Users\lukas\AppData\Roaming\Autodesk
2024-01-16 07:12 - 2023-07-26 18:20 - 000000000 ____D C:\Users\lukas\AppData\Local\Autodesk
2024-01-16 07:12 - 2023-06-29 10:27 - 000000000 ____D C:\ProgramData\Package Cache
2024-01-16 07:10 - 2023-07-26 18:35 - 000000000 ____D C:\Program Files\dotnet
2024-01-15 22:10 - 2023-06-29 08:28 - 000000000 ____D C:\Users\lukas
2024-01-15 18:09 - 2023-07-17 12:12 - 000000000 ____D C:\Users\lukas\AppData\Roaming\vlc
2024-01-15 16:30 - 2023-07-07 21:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2024-01-15 16:30 - 2023-07-07 21:58 - 000000000 ____D C:\Program Files (x86)\Blackmagic Design
2024-01-15 16:17 - 2023-07-18 17:22 - 000000000 ____D C:\Users\lukas\AppData\Roaming\VEGAS
2024-01-15 15:50 - 2023-07-19 19:02 - 000000000 ____D C:\Users\lukas\AppData\Local\AMD_Common
2024-01-15 14:53 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2024-01-15 14:52 - 2019-12-07 15:45 - 000000000 ____D C:\Windows\OCR
2024-01-15 14:50 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2024-01-15 14:50 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-01-15 14:50 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2024-01-15 14:50 - 2019-12-07 15:43 - 000000000 ____D C:\Windows\SysWOW64\winrm
2024-01-15 14:50 - 2019-12-07 15:43 - 000000000 ____D C:\Windows\SysWOW64\WCN
2024-01-15 14:50 - 2019-12-07 15:43 - 000000000 ____D C:\Windows\SysWOW64\slmgr
2024-01-15 14:50 - 2019-12-07 15:43 - 000000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2024-01-15 14:50 - 2019-12-07 15:43 - 000000000 ____D C:\Windows\system32\winrm
2024-01-15 14:50 - 2019-12-07 15:43 - 000000000 ____D C:\Windows\system32\WCN
2024-01-15 14:50 - 2019-12-07 15:43 - 000000000 ____D C:\Windows\system32\slmgr
2024-01-15 14:50 - 2019-12-07 15:43 - 000000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2024-01-15 14:50 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\SysWOW64\F12
2024-01-15 14:50 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2024-01-15 14:50 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\F12
2024-01-15 14:50 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2024-01-15 14:50 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-01-15 14:50 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2024-01-15 14:50 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2024-01-15 14:50 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2024-01-15 14:50 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2024-01-15 14:50 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2024-01-15 14:50 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\servicing
2024-01-15 14:48 - 2023-06-29 08:34 - 000000000 ____D C:\Users\lukas\AppData\Roaming\Microsoft\Spelling
2024-01-15 14:47 - 2023-06-29 08:30 - 000000000 ____D C:\Users\lukas\AppData\Local\Packages
2024-01-15 14:46 - 2023-06-29 08:32 - 000000000 ____D C:\Users\lukas\AppData\Local\PlaceholderTileLogoFolder
2024-01-12 08:28 - 2023-06-29 10:33 - 000918944 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2024-01-11 09:49 - 2023-07-07 19:25 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-01-11 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2024-01-11 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2024-01-11 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2024-01-11 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellExperiences
2024-01-11 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2024-01-11 09:34 - 2023-06-29 08:44 - 000000000 ____D C:\Program Files\Microsoft Office
2024-01-10 11:38 - 2023-06-29 10:58 - 000000000 ____D C:\Windows\system32\MRT
2024-01-10 11:34 - 2023-06-29 10:58 - 189718008 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-01-08 10:24 - 2023-07-21 07:18 - 000000000 ____D C:\Program Files\Datovka
2024-01-08 07:35 - 2023-07-07 19:40 - 000000000 ____D C:\Users\lukas\AppData\Roaming\PrusaSlicer
2024-01-05 14:22 - 2023-06-29 08:53 - 000000000 ____D C:\Users\lukas\AppData\Roaming\Microsoft\Office

==================== Files in the root of some directories ========

2023-08-09 12:57 - 2024-01-29 09:53 - 000000132 _____ () C:\Users\lukas\AppData\Roaming\Adobe Formát PNG CS5 – předvolby

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================







Addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27.01.2024 01
Ran by lukas (29-01-2024 16:41:39)
Running from D:\OneDrive\Plocha
Microsoft Windows 10 Pro Version 22H2 19045.3930 (X64) (2023-06-29 07:04:00)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1435680546-1721906594-1447614293-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1435680546-1721906594-1447614293-503 - Limited - Disabled)
Guest (S-1-5-21-1435680546-1721906594-1447614293-501 - Limited - Disabled)
lukas (S-1-5-21-1435680546-1721906594-1447614293-1001 - Administrator - Enabled) => C:\Users\lukas
WDAGUtilityAccount (S-1-5-21-1435680546-1721906594-1447614293-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Allplan 2019 (HKLM-x32\...\{7EDCDF32-64F2-44FF-A48D-DD51A0978D9C}) (Version: 2019.0 - Allplan GmbH)
AMD Accelerated Video Transcoding (HKLM\...\{DF3B96FD-408F-C2D0-A3D9-B995765E8980}) (Version: 13.30.100.40406 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{5E40C3AD-A3D5-B349-1B9F-EBAC0F9EE510}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 22.6.1 - Advanced Micro Devices, Inc.)
AutoCAD 2014 – Čeština (Czech) (HKLM\...\{5783F2D7-D001-0000-0102-0060B0CE6BBA}) (Version: 19.1.18.0 - Autodesk) Hidden
Autodesk 360 (HKLM\...\{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}) (Version: 4.0.27.1 - Autodesk)
Autodesk App Manager 2016 (HKLM-x32\...\{4ECF9E00-2978-46AF-BD80-455EFEAB7A93}) (Version: 2.0.0 - Autodesk)
Autodesk AutoCAD 2014 – Čeština (Czech) (HKLM\...\AutoCAD 2014 – Čeština (Czech)) (Version: 19.1.18.0 - Autodesk)
Autodesk CAD Manager Tools (HKLM\...\{5783F2D7-0111-0409-0110-0060B0CE6BBA}) (Version: 16.0.0.65 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk)
Autodesk Content Service Language Pack (HKLM-x32\...\{62F029AB-85F2-0001-866A-9FC0DD99DDBC}) (Version: 3.1.3.0 - Autodesk) Hidden
Autodesk DWG TrueView 2023 - English (HKLM\...\{530BA89C-90A7-30BF-A36E-DFD00B7311E7}) (Version: 24.2.153.0 - Autodesk, Inc.)
Autodesk DWG TrueView 2024 - English (HKLM\...\{86F23C4C-1B4F-32E9-BF1C-0ABF7F9E97A5}) (Version: 24.3.119.0 - Autodesk, Inc.)
Autodesk Identity Manager (HKLM\...\Autodesk Identity Manager) (Version: 1.10.4.0 - Autodesk)
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk)
Blackmagic RAW Common Components (HKLM\...\{BF73F11D-8A70-438B-A357-38E1F1A62164}) (Version: 2.8 - Blackmagic Design)
Branding64 (HKLM\...\{0DB6E0DC-607A-42C1-A3CE-7567A9F85AF4}) (Version: 1.00.0008 - Advanced Micro Devices, Inc.) Hidden
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.78.1094 - AB Team, d.o.o.)
Canon LBP2900 (HKLM\...\Canon LBP2900) (Version: - )
Canon MP280 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series) (Version: - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Catalyst Control Center - Branding (HKLM-x32\...\{1864A681-59BE-47D6-B426-B394375D185C}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
CodeMeter Runtime Kit v6.60b (HKLM\...\{E772892F-DA96-45BB-9463-BEAAA337F806}) (Version: 6.60.2884.502 - WIBU-SYSTEMS AG)
Datovka (HKLM-x32\...\Datovka) (Version: 4.23.3 - CZ.NIC, z. s. p. o.)
eObčanka (HKLM\...\{ED161D20-FDCF-4C7C-A84E-45B7E05B9BC1}) (Version: 3.3.1.22411 - MONET+, a.s. pro Ministerstvo vnitra České republiky)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
ExplorerFab (x64) (06/05/2023) (HKLM-x32\...\ExplorerFab (x64)) (Version: 3.0.1.9 - DVDFab Software Inc.)
Fairlight Audio Accelerator Utility (HKLM\...\FairlightAudioAccelerator_is1) (Version: 1.0.13 - Blackmagic Design)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
FastStone Image Viewer 7.8 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.8 - FastStone Corporation)
General Runtime Files for Allplan 2019-0-0 (HKLM-x32\...\{D2833F45-BBE0-9C1A-49C2-E06FAB2F55E0}) (Version: 1.13.0.0 - ALLPLAN Deutschland GmbH) Hidden
General Runtime Files for Allplan 2019-0-0 x64 (HKLM\...\{E8DB7087-150D-D1FD-B715-CF262F2040B2}) (Version: 1.9.0.0 - ALLPLAN Deutschland GmbH) Hidden
GO Contact Sync Mod (HKLM-x32\...\{C3FCBE40-773A-4A92-A997-EA41CD5AEE4C}) (Version: 4.1.33 - WebGear Ltd, New Zealand + Create Software + Stru.be + saller.NET + Big-R + obelix30)
HP 3D DriveGuard (HKLM-x32\...\{13133E99-B0D5-4143-B832-AAD55C62A41C}) (Version: 6.0.19.1 - Hewlett-Packard Company)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{AA67D612-0BE5-44D6-9A91-592958F754A1}) (Version: 13.0.198 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5126 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.6.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{6879B3DC-9DEF-4D60-BFF0-C96F2588685D}) (Version: 12.8.6.1000 - Intel Corporation) Hidden
Intel(R) Smart Connect Technology (HKLM\...\{15F82737-E833-418C-B364-BC87AD19B3B8}) (Version: 4.2.41.2499 - Intel Corporation)
Java 8 Update 401 (64-bit) (HKLM\...\{71024AE4-039E-4CA4-87B4-2F64180401F0}) (Version: 8.0.4010.10 - Oracle Corporation)
Microsoft .NET Core Host - 3.1.10 (x64) (HKLM\...\{52B42932-15C1-45D4-8904-FC3117EEE69B}) (Version: 24.104.29419 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.10 (x64) (HKLM\...\{752B4412-A129-4CB2-AD96-B6D97EAD3090}) (Version: 24.104.29419 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.10 (x64) (HKLM\...\{396D7BC8-E3C8-4B3E-8C60-D50D94FDF09D}) (Version: 24.104.29419 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.10 (x64) (HKLM-x32\...\{4714dd0a-ebab-4f59-a708-f8d7a793b3f5}) (Version: 3.1.10.29419 - Microsoft Corporation)
Microsoft .NET Host - 6.0.8 (x64) (HKLM\...\{6950FA03-8B88-4675-B685-FB21CA1762CC}) (Version: 48.35.45462 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.8 (x64) (HKLM\...\{3C3CA326-3F1D-43B7-B0AD-CBC06B2DED5A}) (Version: 48.35.45462 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.8 (x64) (HKLM\...\{7CEA3ABF-FE24-42AF-ADE6-B4A3EE346743}) (Version: 48.35.45462 - Microsoft Corporation) Hidden
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.17126.20132 - Microsoft Corporation)
Microsoft ASP.NET Core 3.1.10 - Shared Framework (HKLM-x32\...\{6efe3294-03d8-4977-9c67-9f57ab075130}) (Version: 3.1.10.20520 - Microsoft Corporation)
Microsoft ASP.NET Core 3.1.10 Shared Framework (x64) (HKLM\...\{7BEAA207-E3EB-3948-BBB3-336B04D8A2F1}) (Version: 3.1.10.20520 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.8 - Shared Framework (x64) (HKLM-x32\...\{1182f806-658a-4241-9202-d43e13bf2719}) (Version: 6.0.8.22363 - Microsoft Corporation)
Microsoft ASP.NET Core 6.0.8 Shared Framework (x64) (HKLM\...\{FA97D589-B37E-3B49-A8D2-4764029773FE}) (Version: 6.0.8.22363 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 121.0.2277.83 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 120.0.2210.144 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.246.1127.0002 - Microsoft Corporation)
Microsoft Report Viewer 2012 Runtime (HKLM-x32\...\{A047101C-A3AE-4FAD-802F-01C965079F66}) (Version: 11.1.3010.3 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{99AC7F47-A4E0-4706-9C65-8948775C2652}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{56F27690-F6EA-3356-980A-02BA379506EE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31931 (HKLM-x32\...\{d4cecf3b-b68f-4995-8840-52ea0fab646e}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.34.31931 (HKLM-x32\...\{6ba9fb5e-8366-4cc4-bf65-25fe9819b2fc}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31931 (HKLM\...\{EAE242B1-0A26-485A-BFEB-0292EE9F03CB}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31931 (HKLM\...\{CF4C347D-954E-4543-88D2-EC17F07F466F}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.34.31931 (HKLM-x32\...\{C2662EFF-06E6-4FD1-9D6D-FDCA91025757}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.34.31931 (HKLM-x32\...\{AB1BDF73-7393-42CE-812D-9A90918814D5}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.8 (x64) (HKLM\...\{EB3983F9-3D60-456D-A11A-C1366C79AD3E}) (Version: 48.35.45540 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.8 (x64) (HKLM-x32\...\{ca35acb3-b442-44fb-924c-4448120bf689}) (Version: 6.0.8.31518 - Microsoft Corporation)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 122.0 (x64 en-US)) (Version: 122.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 114.0.2 - Mozilla)
Mozilla Thunderbird (x86 cs) (HKU\S-1-5-21-1435680546-1721906594-1447614293-1001\...\Mozilla Thunderbird 115.7.0 (x86 cs)) (Version: 115.7.0 - Mozilla)
Need for Speed Underground 2 (HKLM-x32\...\{909F8EBC-EC7F-48FF-0085-475D818F0F31}) (Version: - )
OEM Application Profile (HKLM-x32\...\{FA2905FA-6EB6-F61A-D565-30634F5F673E}) (Version: 1.00.0000 - Název společnosti:)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17126.20132 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17126.20132 - Microsoft Corporation) Hidden
PDFCreator (HKLM\...\{11CB1028-C327-45E0-8FB9-FC973B4AB941}) (Version: 5.1.1 - Avanquest pdfforge GmbH)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.308.2 - Tracker Software Products Ltd)
PrusaSlicer 2.6.0 (HKLM\...\{D6310383-F2B7-4DEB-89B5-8C7448FAE3A6}) (Version: 2.6.0 - Prusa Research) Hidden
PrusaSlicer 2.6.0 (HKU\S-1-5-21-1435680546-1721906594-1447614293-1001\...\PrusaSlicer 2.6.0 2.6.0) (Version: 2.6.0 - Prusa Research)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.43 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.30.328.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7818 - Realtek Semiconductor Corp.)
SADP (HKLM-x32\...\{7D9B79C2-B1B2-433B-844F-F4299B86F26E}) (Version: 3.1.1.4 - Hangzhou Hikvision Digital Technology Co., Ltd.)
SketchUp Import for AutoCAD 2014 (HKLM-x32\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.63 - Synaptics Incorporated)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 11.02 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
Wargaming.net Game Center (HKU\S-1-5-21-1435680546-1721906594-1447614293-1001\...\Wargaming.net Game Center) (Version: 23.6.0.4252 - Wargaming.net)
Web Components (HKLM-x32\...\{03B13AF8-9625-478A-AF0E-205337B9415A}_is1) (Version: 3.0.7.1 - )
World of Tanks EU (HKU\S-1-5-21-1435680546-1721906594-1447614293-1001\...\2314027414) (Version: - Wargaming.net)
Xerox Phaser 3117 (HKLM-x32\...\Xerox Phaser 3117) (Version: - )

Packages:
=========
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_2030.8.396.0_x64__8xx8rvfyw5nnt [2024-01-28] (Meta) [Startup Task]
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2311.21001.0_x64__8wekyb3d8bbwe [2024-01-05] (Microsoft Corporation) [Startup Task]
Rozšíření pro video HEVC -> C:\Program Files\WindowsApps\Microsoft.HEVCVideoExtensions_2.0.61933.0_x64__8wekyb3d8bbwe [2023-08-09] (Microsoft Corporation)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.18.11020.0_x64__8wekyb3d8bbwe [2023-11-08] (Microsoft Studios) [MS Ad]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2401.4.0_x64__cv1g1gvanyjgm [2024-01-29] (WhatsApp Inc.) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1435680546-1721906594-1447614293-1001_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-1435680546-1721906594-1447614293-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-1435680546-1721906594-1447614293-1001_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2023 - English\dwgviewr.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1435680546-1721906594-1447614293-1001_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2023 - English\en-US\dwgviewrficn.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1435680546-1721906594-1447614293-1001_Classes\CLSID\{5370C727-1451-4700-A960-77630950AF6D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-1435680546-1721906594-1447614293-1001_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1435680546-1721906594-1447614293-1001_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1435680546-1721906594-1447614293-1001_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1435680546-1721906594-1447614293-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2014\cs-CZ\acadficn.dll (Autodesk Development Sarl -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2022-09-15] (Autodesk, Inc. -> Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [0-ExplorerFab] -> {DB0CE773-FFDC-4DC7-811E-5582040DF1D0} => C:\Program Files\DVDFab\ExplorerFab\ExplorerFabShellExtension.dll [2023-06-05] (DVDFab Software Inc. -> Igor Pavlov)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2024-01-16] (Autodesk, Inc. -> Autodesk)
ContextMenuHandlers1: [DVDFABVirtualDrive] -> {71343FFB-3ECB-4FA7-BAAC-8DB614DE3C05} => C:\Program Files\DVDFab\ExplorerFab\vdrive.dll [2023-06-05] (Fengtao Software Inc. -> DVDFab Software)
ContextMenuHandlers1-x32: [DVDFABVirtualDrive32] -> {71343FFB-3ECB-4FA7-BAAC-8DB614DE3C04} => C:\Program Files\DVDFab\ExplorerFab\vdrive32.dll [2023-06-05] (Fengtao Software Inc. -> DVDFab Software)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2022-10-04] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers2: [DVDFABVirtualDrive] -> {71343FFB-3ECB-4FA7-BAAC-8DB614DE3C05} => C:\Program Files\DVDFab\ExplorerFab\vdrive.dll [2023-06-05] (Fengtao Software Inc. -> DVDFab Software)
ContextMenuHandlers2-x32: [DVDFABVirtualDrive32] -> {71343FFB-3ECB-4FA7-BAAC-8DB614DE3C04} => C:\Program Files\DVDFab\ExplorerFab\vdrive32.dll [2023-06-05] (Fengtao Software Inc. -> DVDFab Software)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [0-ExplorerFab] -> {DB0CE773-FFDC-4DC7-811E-5582040DF1D0} => C:\Program Files\DVDFab\ExplorerFab\ExplorerFabShellExtension.dll [2023-06-05] (DVDFab Software Inc. -> Igor Pavlov)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Windows\System32\atiacm64.dll [2022-08-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2020-06-04] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [0-ExplorerFab] -> {DB0CE773-FFDC-4DC7-811E-5582040DF1D0} => C:\Program Files\DVDFab\ExplorerFab\ExplorerFabShellExtension.dll [2023-06-05] (DVDFab Software Inc. -> Igor Pavlov)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-03-09 18:48 - 2021-03-09 18:48 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2013-09-27 09:45 - 2013-09-27 09:45 - 000286720 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2013-09-27 09:45 - 2013-09-27 09:45 - 000499200 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2023-06-29 08:48 - 2023-06-29 08:48 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Client\AppVIsvSubsystems64.dll
2023-06-29 08:48 - 2023-06-29 08:48 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2023-06-29 08:48 - 2023-06-29 08:48 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2023-06-29 08:48 - 2023-06-29 08:48 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\c2r64.dll
2023-08-09 12:31 - 2023-08-09 12:31 - 000196096 _____ (pdfforge GmbH) [File not signed] C:\Windows\System32\pdfcmon.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000414720 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000024576 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000532992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 001441792 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 001189888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000134656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 006184448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 006867456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000735232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Multimedia.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000120832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5MultimediaQuick.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 001104896 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 003668480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000517120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlModels.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000051712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlWorkerScript.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 004228608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 001085440 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000480256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5RemoteObjects.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000205824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000390656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 095598080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000127488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 005587968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000462848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000188928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 002878464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000055808 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000262144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtMultimedia\declarative_multimedia.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQml\qmlplugin.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000284160 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000333824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000136704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000090112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000091648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows:CM_cdfdf49505024624d2decf3e9557d51162be6aba9545d69de4a936f7ba6139f4 [74]
AlternateDataStreams: C:\Windows:CM_d1cca5b43b23e7a102fa897d892102fdacb2faaf6f5875efce3bd0a2c56874f8 [74]
AlternateDataStreams: C:\Windows:CM_ddc327b64f685355a51c706651d661157d9c56a567b08d951c0a21f802879420 [74]
AlternateDataStreams: C:\Windows:CM_ff0bb62cece0c757632923a1bae7321ad617e4b7332ae4476b623929db52258c [74]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-1435680546-1721906594-1447614293-1001\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer (Whitelisted) ==========

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre-1.8\bin\ssv.dll [2023-12-19] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-1.8\bin\jp2ssv.dll [2023-12-19] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-01-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-10] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%INTEL_DEV_REDIST%redist\intel64\compiler;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\dotnet\
HKU\S-1-5-21-1435680546-1721906594-1447614293-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.31.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "Autodesk Access"
HKU\S-1-5-21-1435680546-1721906594-1447614293-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1435680546-1721906594-1447614293-1001\...\StartupApproved\Run: => "Wargaming.net Game Center"
HKU\S-1-5-21-1435680546-1721906594-1447614293-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_4673EA686870A11B2CD74C228BB15D2C"
HKU\S-1-5-21-1435680546-1721906594-1447614293-1001\...\StartupApproved\Run: => "EPSDNMON"
HKU\S-1-5-21-1435680546-1721906594-1447614293-1001\...\StartupApproved\Run: => "Autodesk Sync"
HKU\S-1-5-21-1435680546-1721906594-1447614293-1001\...\StartupApproved\Run: => "DVDFab VDrive"
HKU\S-1-5-21-1435680546-1721906594-1447614293-1001\...\StartupApproved\Run: => "3cca1bb530f30c1edd994819dca34c2c"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{340B681E-6CED-4A43-9AF9-81587C98153D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0CC784EC-3BCD-4ACC-B844-AB8D1886FC07}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9D0266D5-56B3-440D-B5AE-BCA912E1952F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{CB8CA4FD-2641-4748-89CE-7AF465929D15}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [UDP Query User{0972C0B8-3BBF-405A-8246-7CE71408E5F4}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [TCP Query User{D1BB7D8B-B7F4-46B1-99F4-86730FCF9A18}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{27469A67-543F-40A7-B367-19D7DF08B703}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{1C4E2874-AF7E-4516-A661-4A883AB1EED7}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
FirewallRules: [{526248D9-A8DE-49FB-A643-556153024B32}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
FirewallRules: [TCP Query User{B4EE40C6-8BF4-44F0-B923-541519C0CC3C}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe => No File
FirewallRules: [UDP Query User{ABFAAF09-F725-4995-8202-0F3C647E6442}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe => No File
FirewallRules: [TCP Query User{4E5C95D9-FA5F-42EA-9154-1DC690F8FF06}C:\program files (x86)\sadp\sadp\sadptool.exe] => (Allow) C:\program files (x86)\sadp\sadp\sadptool.exe (Hangzhou Hikvision Digital Tech.Co.,Ltd -> )
FirewallRules: [UDP Query User{851C9D15-5FC6-4751-B20B-2200698EF55F}C:\program files (x86)\sadp\sadp\sadptool.exe] => (Allow) C:\program files (x86)\sadp\sadp\sadptool.exe (Hangzhou Hikvision Digital Tech.Co.,Ltd -> )
FirewallRules: [TCP Query User{904A0745-BAF3-425A-A71E-3FD585DC0C72}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{86A694CC-23D6-4639-9EDC-37D6334D50A5}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{EE2B0C2C-E047-4AF6-9376-70D912F969CC}C:\games\warcraft iii\war3.exe] => (Allow) C:\games\warcraft iii\war3.exe (Blizzard Entertainment) [File not signed]
FirewallRules: [UDP Query User{FAAA2D08-527D-4570-85BA-F6F821BFD8C2}C:\games\warcraft iii\war3.exe] => (Allow) C:\games\warcraft iii\war3.exe (Blizzard Entertainment) [File not signed]
FirewallRules: [{6C8F3166-7E7B-45B2-A3A2-103F1921E531}] => (Allow) LPort=50248
FirewallRules: [TCP Query User{619B7959-6510-4DC2-A05B-BBD5AD36162E}C:\program files\java\jre-1.8\bin\javaw.exe] => (Allow) C:\program files\java\jre-1.8\bin\javaw.exe
FirewallRules: [UDP Query User{8639AA36-4852-4B3F-83C6-F8BDD57FE6C7}C:\program files\java\jre-1.8\bin\javaw.exe] => (Allow) C:\program files\java\jre-1.8\bin\javaw.exe
FirewallRules: [TCP Query User{F87633DB-8270-470F-A808-D3DFB29BCBA9}C:\users\lukas\appdata\local\temp\5e917feb-81a8-4897-959b-90bea0e55128_netscanner.zip.128\netscanner64.exe] => (Allow) C:\users\lukas\appdata\local\temp\5e917feb-81a8-4897-959b-90bea0e55128_netscanner.zip.128\netscanner64.exe => No File
FirewallRules: [UDP Query User{E033A1EB-A149-4726-840B-61A34ECAD7CF}C:\users\lukas\appdata\local\temp\5e917feb-81a8-4897-959b-90bea0e55128_netscanner.zip.128\netscanner64.exe] => (Allow) C:\users\lukas\appdata\local\temp\5e917feb-81a8-4897-959b-90bea0e55128_netscanner.zip.128\netscanner64.exe => No File
FirewallRules: [TCP Query User{EA6A56BA-01B0-4776-A630-7BE4BA189E4E}E:\programy\utorrent\utorrent.exe] => (Allow) E:\programy\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{76657167-6489-4FF4-971B-F32C85E9D800}E:\programy\utorrent\utorrent.exe] => (Allow) E:\programy\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{33B38A59-929D-45D1-97AE-3BCA4CBF2004}C:\program files\davinci resolve\resolve.exe] => (Allow) C:\program files\davinci resolve\resolve.exe => No File
FirewallRules: [UDP Query User{7BCDBD2C-C861-4128-B900-AF2B62194303}C:\program files\davinci resolve\resolve.exe] => (Allow) C:\program files\davinci resolve\resolve.exe => No File
FirewallRules: [{F6A524A1-7C44-4556-BB7B-B7A44DCEEF8C}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.144\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{998EA575-9B75-422F-B190-B9B28D173D01}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.111.3607.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B6A1360C-8BF8-4342-8E09-4E4D98F5C264}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.111.3607.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D9ECAB83-D5C0-4E98-B036-DBBD3C2D60FE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.111.3607.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4C280132-380D-4733-BD4B-D0CB28216F4A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.111.3607.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{56D46D17-E2AE-4FAF-BDD2-5F6330067B58}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{E9F84E2E-C572-458A-8EF0-3474ED2E4107}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server

==================== Restore Points =========================

29-01-2024 12:12:34 Naplánovaný kontrolní bod
29-01-2024 15:48:30 AdwCleaner_BeforeCleaning_29/01/2024_15:48:30

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/29/2024 03:40:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program svchost.exe verze 10.0.19041.3636 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: d28

Čas spuštění: 01da529513a9d52e

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\System32\svchost.exe

ID hlášení: 0b7595f3-a495-40b5-b9bc-5063513d78fd

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (01/29/2024 11:30:34 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na DATA750 (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (01/29/2024 11:26:09 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na DATA750 (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (01/29/2024 10:18:17 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]

Error: (01/29/2024 10:09:45 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..

Error: (01/29/2024 10:09:45 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]

Error: (01/29/2024 10:09:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: atieclxx.exe, verze: 27.20.20913.2000, časové razítko: 0x62e929c6
Název chybujícího modulu: atieclxx.exe, verze: 27.20.20913.2000, časové razítko: 0x62e929c6
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000359c6
ID chybujícího procesu: 0xaa4
Čas spuštění chybující aplikace: 0x01da5292296449af
Cesta k chybující aplikaci: C:\Windows\System32\DriverStore\FileRepository\c0382934.inf_amd64_2ed1b7932d1f78d4\B381983\atieclxx.exe
Cesta k chybujícímu modulu: C:\Windows\System32\DriverStore\FileRepository\c0382934.inf_amd64_2ed1b7932d1f78d4\B381983\atieclxx.exe
ID zprávy: 7832915e-b346-43e0-a555-e1f27bdafc21
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/29/2024 09:54:06 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..


System errors:
=============
Error: (01/29/2024 03:54:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (01/29/2024 03:54:36 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\lukas\AppData\Local\Temp\ehdrv.sys

Error: (01/29/2024 03:54:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (01/29/2024 03:54:36 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\lukas\AppData\Local\Temp\ehdrv.sys

Error: (01/29/2024 03:54:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (01/29/2024 03:54:36 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\lukas\AppData\Local\Temp\ehdrv.sys

Error: (01/29/2024 03:54:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (01/29/2024 03:54:36 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\lukas\AppData\Local\Temp\ehdrv.sys


Windows Defender:
================
Date: 2024-01-29 11:26:25
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {4F657791-7F99-4BC6-96BA-973D34BEC985}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-01-29 10:57:46
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {B5E7CC02-ECDE-4B56-81D4-359E80DDCD7D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-01-29 09:42:07
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:HTML/Phish!pz
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_\Device\HarddiskVolumeShadowCopy11\Users\lukas\AppData\Local\Mozilla\Firefox\Profiles\niv94x9u.default-release\cache2\entries\01A7CAB71879AC69708F246381DEA26CAD724FC7
Původ detekce: Neznámý
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\System32\svchost.exe
Verze bezpečnostních informací: AV: 1.403.2876.0, AS: 1.403.2876.0, NIS: 1.403.2876.0
Verze modulu: AM: 1.1.23110.2, NIS: 1.1.23110.2

Date: 2024-01-15 10:39:49
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {49110108-6C99-423C-9029-444889A632C2}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-01-15 10:34:35
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUA:Win32/Presenoker
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_E:\Záloha HP ProBook - po nastavení disku smaž\PDFCreator-2_0_0-setup.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-1QVPE6T\lukas
Název procesu: C:\Users\lukas\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
Verze bezpečnostních informací: AV: 1.403.2172.0, AS: 1.403.2172.0, NIS: 1.403.2172.0
Verze modulu: AM: 1.1.23110.2, NIS: 1.1.23110.2
Event[0]:

Date: 2024-01-29 10:21:15
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.

Date: 2024-01-29 10:01:48
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.

Date: 2023-11-25 09:11:31
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.401.1093.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23100.2009
Kód chyby: 0x800b0109
Popis chyby: Certifikační řetěz byl zpracován, ale byl ukončen v kořenovém certifikátu, který nemá důvěru zprostředkovatele důvěryhodnosti.

Date: 2023-11-25 07:50:50
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.401.1093.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23100.2009
Kód chyby: 0x800b0109
Popis chyby: Certifikační řetěz byl zpracován, ale byl ukončen v kořenovém certifikátu, který nemá důvěru zprostředkovatele důvěryhodnosti.

Date: 2023-07-23 08:08:55
Description:
Antivirová ochrana v programu Microsoft Defender narazil na kritickou chybu při provádění akce s malwarem nebo jiným potenciálně nežádoucím softwarem.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUADlManager:Win32/Seznam
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_D:\$RECYCLE.BIN\S-1-5-21-1435680546-1721906594-1447614293-1001\$RS7IHL4.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-1QVPE6T\lukas
Název procesu: C:\Windows\explorer.exe
Akce: Neznámý
Stav akce: No additional actions required
Kód chyby: 0x80508033
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Verze bezpečnostních informací: AV: 1.393.1157.0, AS: 1.393.1157.0, NIS: 1.393.1157.0
Verze modulu: AM: 1.1.23060.1005, NIS: 1.1.23060.1005

CodeIntegrity:
===============
Date: 2023-11-15 17:11:45
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-11-05 02:21:11
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-10-04 18:09:15
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-08-16 22:50:12
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: Hewlett-Packard M74 Ver. 01.44 07/13/2017
Motherboard: Hewlett-Packard 2249
Processor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 31%
Total physical RAM: 16256.11 MB
Available physical RAM: 11080.91 MB
Total Virtual: 18688.11 MB
Available Virtual: 12063.03 MB

==================== Drives ================================

Drive c: (Windows10) (Fixed) (Total:145.92 GB) (Free:21.04 GB) (Model: Samsung SSD 870 QVO 1TB) NTFS
Drive d: (OneDrive) (Fixed) (Total:785.03 GB) (Free:75.11 GB) (Model: Samsung SSD 870 QVO 1TB) NTFS
Drive e: (DATA750) (Fixed) (Total:698.14 GB) (Free:21.73 GB) (Model: HGST HTS541075A9E680) NTFS

\\?\Volume{39850014-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.05 GB) (Free:0.02 GB) NTFS
\\?\Volume{39850014-0000-0000-0000-407e24000000}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 39850014)
Partition 1: (Active) - (Size=50 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=145.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=523 MB) - (Type=27)
Partition 4: (Not Active) - (Size=785 GB) - (Type=0F Extended)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: A5703559)
Partition 1: (Active) - (Size=698.1 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu Defender hlásí Trojan:HTML/Pish!pz

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [750680 2023-12-19] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1435680546-1721906594-1447614293-1001\...\Policies\Explorer: []
HKU\S-1-5-21-1435680546-1721906594-1447614293-1001\...\MountPoints2: {0bff3993-940b-11ee-96c9-9cad974fad61} - "F:\RunGame.exe"
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
CustomCLSID: HKU\S-1-5-21-1435680546-1721906594-1447614293-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-1435680546-1721906594-1447614293-1001_Classes\CLSID\{5370C727-1451-4700-A960-77630950AF6D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe /Automation => No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\Windows:CM_cdfdf49505024624d2decf3e9557d51162be6aba9545d69de4a936f7ba6139f4 [74]
AlternateDataStreams: C:\Windows:CM_d1cca5b43b23e7a102fa897d892102fdacb2faaf6f5875efce3bd0a2c56874f8 [74]
AlternateDataStreams: C:\Windows:CM_ddc327b64f685355a51c706651d661157d9c56a567b08d951c0a21f802879420 [74]
AlternateDataStreams: C:\Windows:CM_ff0bb62cece0c757632923a1bae7321ad617e4b7332ae4476b623929db52258c [74]
FirewallRules: [TCP Query User{B4EE40C6-8BF4-44F0-B923-541519C0CC3C}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe => No File
FirewallRules: [UDP Query User{ABFAAF09-F725-4995-8202-0F3C647E6442}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe => No File
FirewallRules: [TCP Query User{F87633DB-8270-470F-A808-D3DFB29BCBA9}C:\users\lukas\appdata\local\temp\5e917feb-81a8-4897-959b-90bea0e55128_netscanner.zip.128\netscanner64.exe] => (Allow) C:\users\lukas\appdata\local\temp\5e917feb-81a8-4897-959b-90bea0e55128_netscanner.zip.128\netscanner64.exe => No File
FirewallRules: [UDP Query User{E033A1EB-A149-4726-840B-61A34ECAD7CF}C:\users\lukas\appdata\local\temp\5e917feb-81a8-4897-959b-90bea0e55128_netscanner.zip.128\netscanner64.exe] => (Allow) C:\users\lukas\appdata\local\temp\5e917feb-81a8-4897-959b-90bea0e55128_netscanner.zip.128\netscanner64.exe => No File
FirewallRules: [TCP Query User{33B38A59-929D-45D1-97AE-3BCA4CBF2004}C:\program files\davinci resolve\resolve.exe] => (Allow) C:\program files\davinci resolve\resolve.exe => No File
FirewallRules: [UDP Query User{7BCDBD2C-C861-4128-B900-AF2B62194303}C:\program files\davinci resolve\resolve.exe] => (Allow) C:\program files\davinci resolve\resolve.exe => No File
\Device\HarddiskVolumeShadowCopy11\Users\lukas\AppData\Local\Mozilla\Firefox\Profiles\niv94x9u.default-release\cache2\entries\01A7CAB71879AC69708F246381DEA26CAD724FC7
E:\Záloha HP ProBook - po nastavení disku smaž\PDFCreator-2_0_0-setup.exe
D:\$RECYCLE.BIN\S-1-5-21-1435680546-1721906594-1447614293-1001\$RS7IHL4.exe

EmptyTemp:
End
Uložte do D:\OneDrive\Plocha jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
plk
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 17 úno 2010 20:18

Re: Prosím o kontrolu Defender hlásí Trojan:HTML/Pish!pz

#7 Příspěvek od plk »

Fix result of Farbar Recovery Scan Tool (x64) Version: 27.01.2024 01
Ran by lukas (29-01-2024 17:18:38) Run:1
Running from D:\OneDrive\Plocha
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [750680 2023-12-19] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1435680546-1721906594-1447614293-1001\...\Policies\Explorer: []
HKU\S-1-5-21-1435680546-1721906594-1447614293-1001\...\MountPoints2: {0bff3993-940b-11ee-96c9-9cad974fad61} - "F:\RunGame.exe"
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
CustomCLSID: HKU\S-1-5-21-1435680546-1721906594-1447614293-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-1435680546-1721906594-1447614293-1001_Classes\CLSID\{5370C727-1451-4700-A960-77630950AF6D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe /Automation => No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\Windows:CM_cdfdf49505024624d2decf3e9557d51162be6aba9545d69de4a936f7ba6139f4 [74]
AlternateDataStreams: C:\Windows:CM_d1cca5b43b23e7a102fa897d892102fdacb2faaf6f5875efce3bd0a2c56874f8 [74]
AlternateDataStreams: C:\Windows:CM_ddc327b64f685355a51c706651d661157d9c56a567b08d951c0a21f802879420 [74]
AlternateDataStreams: C:\Windows:CM_ff0bb62cece0c757632923a1bae7321ad617e4b7332ae4476b623929db52258c [74]
FirewallRules: [TCP Query User{B4EE40C6-8BF4-44F0-B923-541519C0CC3C}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe => No File
FirewallRules: [UDP Query User{ABFAAF09-F725-4995-8202-0F3C647E6442}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe => No File
FirewallRules: [TCP Query User{F87633DB-8270-470F-A808-D3DFB29BCBA9}C:\users\lukas\appdata\local\temp\5e917feb-81a8-4897-959b-90bea0e55128_netscanner.zip.128\netscanner64.exe] => (Allow) C:\users\lukas\appdata\local\temp\5e917feb-81a8-4897-959b-90bea0e55128_netscanner.zip.128\netscanner64.exe => No File
FirewallRules: [UDP Query User{E033A1EB-A149-4726-840B-61A34ECAD7CF}C:\users\lukas\appdata\local\temp\5e917feb-81a8-4897-959b-90bea0e55128_netscanner.zip.128\netscanner64.exe] => (Allow) C:\users\lukas\appdata\local\temp\5e917feb-81a8-4897-959b-90bea0e55128_netscanner.zip.128\netscanner64.exe => No File
FirewallRules: [TCP Query User{33B38A59-929D-45D1-97AE-3BCA4CBF2004}C:\program files\davinci resolve\resolve.exe] => (Allow) C:\program files\davinci resolve\resolve.exe => No File
FirewallRules: [UDP Query User{7BCDBD2C-C861-4128-B900-AF2B62194303}C:\program files\davinci resolve\resolve.exe] => (Allow) C:\program files\davinci resolve\resolve.exe => No File
\Device\HarddiskVolumeShadowCopy11\Users\lukas\AppData\Local\Mozilla\Firefox\Profiles\niv94x9u.default-release\cache2\entries\01A7CAB71879AC69708F246381DEA26CAD724FC7
E:\Záloha HP ProBook - po nastavení disku smaž\PDFCreator-2_0_0-setup.exe
D:\$RECYCLE.BIN\S-1-5-21-1435680546-1721906594-1447614293-1001\$RS7IHL4.exe

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
"HKU\S-1-5-21-1435680546-1721906594-1447614293-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\" => removed successfully
HKU\S-1-5-21-1435680546-1721906594-1447614293-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0bff3993-940b-11ee-96c9-9cad974fad61} => removed successfully

"C:\Windows\system32\GroupPolicy\Machine" folder move:

C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
HKU\S-1-5-21-1435680546-1721906594-1447614293-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98} => removed successfully
HKU\S-1-5-21-1435680546-1721906594-1447614293-1001_Classes\CLSID\{5370C727-1451-4700-A960-77630950AF6D} => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
C:\Windows => ":CM_cdfdf49505024624d2decf3e9557d51162be6aba9545d69de4a936f7ba6139f4" ADS removed successfully
C:\Windows => ":CM_d1cca5b43b23e7a102fa897d892102fdacb2faaf6f5875efce3bd0a2c56874f8" ADS removed successfully
C:\Windows => ":CM_ddc327b64f685355a51c706651d661157d9c56a567b08d951c0a21f802879420" ADS removed successfully
C:\Windows => ":CM_ff0bb62cece0c757632923a1bae7321ad617e4b7332ae4476b623929db52258c" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B4EE40C6-8BF4-44F0-B923-541519C0CC3C}C:\program files (x86)\utorrent\utorrent.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{ABFAAF09-F725-4995-8202-0F3C647E6442}C:\program files (x86)\utorrent\utorrent.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F87633DB-8270-470F-A808-D3DFB29BCBA9}C:\users\lukas\appdata\local\temp\5e917feb-81a8-4897-959b-90bea0e55128_netscanner.zip.128\netscanner64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E033A1EB-A149-4726-840B-61A34ECAD7CF}C:\users\lukas\appdata\local\temp\5e917feb-81a8-4897-959b-90bea0e55128_netscanner.zip.128\netscanner64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{33B38A59-929D-45D1-97AE-3BCA4CBF2004}C:\program files\davinci resolve\resolve.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7BCDBD2C-C861-4128-B900-AF2B62194303}C:\program files\davinci resolve\resolve.exe" => removed successfully
\Device\HarddiskVolumeShadowCopy11\Users\lukas\AppData\Local\Mozilla\Firefox\Profiles\niv94x9u.default-release\cache2\entries\01A7CAB71879AC69708F246381DEA26CAD724FC7 => Error: No automatic fix found for this entry.
"E:\Záloha HP ProBook - po nastavení disku smaž\PDFCreator-2_0_0-setup.exe" => not found
"D:\$RECYCLE.BIN\S-1-5-21-1435680546-1721906594-1447614293-1001\$RS7IHL4.exe" => not found

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 206494985 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 8665455 B
Edge => 0 B
Firefox => 128178973 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 129786788 B
systemprofile32 => 129786788 B
LocalService => 129786788 B
NetworkService => 129948980 B
lukas => 348017715 B

RecycleBin => 0 B
EmptyTemp: => 1.1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 17:20:00 ====
Loaded Profiles: lukas
Nahoru
plk
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 17 úno 2010 20:18

Re: Prosím o kontrolu Defender hlásí Trojan:HTML/Pish!pz

#8 Příspěvek od plk »

u té Mozilla\Firefox\...cache2 je nějaký problém, i tam mi to nemohl odstranit ten vestavěný windows antivir a to jsem celou složku cache2 smazal :shock:
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu Defender hlásí Trojan:HTML/Pish!pz

#9 Příspěvek od Rudy »

OK. A jak to vypadá nyní?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
plk
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 17 úno 2010 20:18

Re: Prosím o kontrolu Defender hlásí Trojan:HTML/Pish!pz

#10 Příspěvek od plk »

Ani vestavěná ochrana před viry a hrozbami nic, ani ESET Online Scanner nic nenašel.
Takže to vypadá dobře, děkuji.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu Defender hlásí Trojan:HTML/Pish!pz

#11 Příspěvek od Rudy »

OK, rádo se stalo! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“