Sorry ..až teraz sa ukončil test FRST... aj Addition
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25.03.2024
Ran by Izoplast (administrator) on DESKTOP-IZOPLAS (27-03-2024 14:09:48)
Running from C:\Users\Izoplast\Desktop\FRST64.exe
Loaded Profiles: Izoplast
Platform: Microsoft Windows 10 Pro Version 22H2 19045.3930 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer.exe ->) (TeamViewer Germany GmbH -> ) C:\Program Files (x86)\TeamViewer\crashpad_handler.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(C:\Program Files\Malwarebytes Anti-Malware Premium 2.2.1.1043 Final Portable (CZ)\MalwarebytesPortable.exe ->) (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware Premium 2.2.1.1043 Final Portable (CZ)\App\Malwarebytes\mbam.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <10>
(explorer.exe ->) (Malwarebytes Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes Anti-Malware Premium 2.2.1.1043 Final Portable (CZ)\MalwarebytesPortable.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.363\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.363\GoogleCrashHandler64.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(services.exe ->) (Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(services.exe ->) (Firebird Project) [File not signed] C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\NisSrv.exe
(services.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.123.11012.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.123.11012.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2401.2.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Windows.Media.BackgroundPlayback.exe
(TeamViewer Germany GmbH -> ) C:\Windows\Temp\nse7FA0.tmp\TvUpdateInfo.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\RedFox\CloneCD\CloneCDTray.exe [57344 2016-03-29] (RedFox) [File not signed]
HKLM-x32\...\Run: [tsnp2uvc] => C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe [322560 2012-02-23] (Sonix Technology Co., Ltd.) [File not signed]
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-21-1765005129-1590092598-4036685488-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [40412984 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-1765005129-1590092598-4036685488-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Izoplast\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-1765005129-1590092598-4036685488-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Izoplast\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" [66946080 2024-03-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1765005129-1590092598-4036685488-1001\...\RunOnce: [Uninstall 24.025.0204.0003] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Izoplast\AppData\Local\Microsoft\OneDrive\24.025.0204.0003" [0 2024-03-27] () <==== ATTENTION [zero byte File/Folder]
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP270 series: C:\WINDOWS\system32\CNMLM9X.DLL [336896 2010-04-24] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP280 series: C:\WINDOWS\system32\CNMLMAA.DLL [385024 2012-03-14] (CANON INC.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\123.0.6312.86\Installer\chrmstp.exe [2024-03-27] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ALFA plus - rýchle spustenie.lnk [2024-03-13]
ShortcutTarget: ALFA plus - rýchle spustenie.lnk -> C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe (Kros a.s. -> KROS a.s.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Web Signer.lnk [2019-01-08]
ShortcutTarget: Web Signer.lnk -> C:\Program Files (x86)\Disig\Disig Web Signer 1.0.7\Updater\WebSignerTray.exe (Disig a.s. -> Disig a.s.)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0A40253A-1C39-4716-B770-70651ACC48A5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {C0A37426-E2F8-4B21-B35D-E5FA920BC5CD} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {B18BFAFF-F764-48BF-9DDB-FEB9AA67B2BA} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703544 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "00312e41-2f7e-4c9d-942b-8f98591fba54" --version "6.11.10455" --silent
Task: {E11A0817-4B7B-4074-8FB5-80FD2790D78D} - System32\Tasks\CCleanerSkipUAC - Izoplast => C:\Program Files\CCleaner\CCleaner.exe [34159416 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {3D350203-C18F-4FE7-8B8E-EAF7505E0464} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-06] (Google Inc -> Google Inc.)
Task: {E14DEC4B-4FA6-4C90-8575-619269D7C2AC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-06] (Google Inc -> Google Inc.)
Task: {705E4F27-311B-4F71-81F7-D9031FBAD03B} - System32\Tasks\Hewlett-Packard\HP Diagnostics\HPDIAGS-c8c166e6-9cc6-4662-8b5d-e9ceab535bd7 => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe [61881520 2019-01-29] (HP Inc. -> ) -> C:\Program Files (x86)\HP\HpHwDiag\-runtests=53a826d5-9440-4b66-8cab-bf8a44956a7e,9f8e8ee1-02f7-414f-87e0-24fc8798e6b7,4e9e1ce2-4e01-4cf0-bb65-5ccd4b82edc3,3006e6d6-5ab9-414c-a53b-86e19e9ff4fd,855caf66-b69f-46e8-b9d1-4c1582494d19
Task: {FDA1B184-1A42-4120-AFAA-76926BA5447A} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64464 2024-03-11] (HP Inc. -> HP Inc.)
Task: {BD5F1972-7E7E-4D82-B78F-BABB09B5688B} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64464 2024-03-11] (HP Inc. -> HP Inc.)
Task: {FF1B5F4D-A16E-45E5-A2D6-BC4BC9823AA9} - System32\Tasks\HPCustParticipation HP LaserJet MFP M28-M31 => C:\Program Files\HP\HP LaserJet MFP M28-M31\Bin\HPCustPartic.exe [6662792 2018-07-04] (Hewlett Packard -> HP Inc.)
Task: {1A547BF1-7EF8-4A70-A9C5-A30FED287608} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-IZOPLAS-Izoplast DESKTOP-IZOPLAST => C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE [469640 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {3EA7001E-495B-4CAE-B7E1-92FF4319AAFA} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1642672 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {C17A376D-2DB4-4D49-90FF-D9206014B036} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {7CA36315-9A54-4EF7-9FEB-EAC81CC5B360} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {F18AA1AB-2D73-41C2-A929-390E2C510281} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E5509A68-C0D0-4D9C-BBBC-239932E29873} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5D142B7E-CBF4-4E4C-91C0-437C5ED826BB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A1094C36-1D9E-4DCE-BDFF-24C9BB5DB4DF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {28501DA9-5C76-4929-B67C-89501D491BEF} - System32\Tasks\Opera scheduled Autoupdate 1543062956 => C:\Users\Izoplast\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {CD41BEA6-7DED-4EDA-8063-B421FFFB2828} - System32\Tasks\Opera scheduled Autoupdate 1544693054 => C:\Users\Izoplast\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{4059de78-04cc-4b21-8e44-bafd7c2a750c}: [NameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Profile 1
Edge Profile: C:\Users\Izoplast\AppData\Local\Microsoft\Edge\User Data\Default [2024-03-26]
Edge DownloadDir: Default -> C:\Users\Izoplast\Downloads
Edge Extension: (Dokumenty Google v režime offline) - C:\Users\Izoplast\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-09]
Edge Extension: (Edge relevant text changes) - C:\Users\Izoplast\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-09]
Edge Profile: C:\Users\Izoplast\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2024-03-26]
Edge Extension: (Dokumenty Google v režime offline) - C:\Users\Izoplast\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-12-01]
Edge Extension: (Edge relevant text changes) - C:\Users\Izoplast\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-12-01]
Edge Profile: C:\Users\Izoplast\AppData\Local\Microsoft\Edge\User Data\Profile 2 [2024-03-26]
Edge Extension: (Dokumenty Google v režime offline) - C:\Users\Izoplast\AppData\Local\Microsoft\Edge\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-09]
Edge Extension: (Edge relevant text changes) - C:\Users\Izoplast\AppData\Local\Microsoft\Edge\User Data\Profile 2\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-09]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-01-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-08-10] (Nero AG -> Nero AG)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.14 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: ditec.sk/DAsicFac -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~1.DLL [2021-02-09] (DITEC, a.s. -> Ditec,a.s.)
FF Plugin-x32: ditec.sk/DitecZepDViewerFb -> C:\PROGRA~2\Ditec\DViewer\NPDITE~1.DLL [2021-02-09] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigMessageContainer -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~2.DLL [2021-02-09] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigXadesExtender -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~3.DLL [2021-02-09] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigXadesFb -> C:\PROGRA~2\Ditec\DSIGNE~1.NET\NPDITE~1.DLL [2021-09-06] (DITEC, a.s. -> Ditec,a.s.)
FF Plugin-x32: ditec.sk/XmlDataContainerFb -> C:\PROGRA~2\Ditec\DSIGNE~1.NET\NPDITE~2.DLL [2021-09-06] (DITEC, a.s. -> Ditec,a.s.)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\Izoplast\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-03-26]
CHR Profile: C:\Users\Izoplast\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-03-27]
CHR StartupUrls: Profile 1 -> "hxxps://
www.google.sk/?gws_rd=cr,ssl&ei=cyJrVIjnDcHNOLu5gMAD"
CHR Extension: (Prekladač Google) - C:\Users\Izoplast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-08-01]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Izoplast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-03-10]
CHR Extension: (AdBlock - najlepší blokovač reklám) - C:\Users\Izoplast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-03-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Izoplast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-19]
CHR Profile: C:\Users\Izoplast\AppData\Local\Google\Chrome\User Data\System Profile [2024-03-26]
CHR HKLM-x32\...\Chrome\Extension: [odbdbcaekkgabdfaabepfjgiooilmaoe]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R2 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1063736 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 FirebirdServerKROS_20400; C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe [3764224 2011-10-11] (Firebird Project) [File not signed]
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [234968 2024-03-11] (HP Inc. -> HP Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192320 2020-08-17] (Huawei Technologies Co., Ltd. -> ) [File not signed]
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware Premium 2.2.1.1043 Final Portable (CZ)\App\Malwarebytes\mbamservice.exe [1136608 2016-07-21] (Malwarebytes Corporation -> Malwarebytes)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534472 2024-01-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [18575672 2024-03-18] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\NisSrv.exe [3191272 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe [133688 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 MBAMScheduler; "\mbamscheduler.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R3 ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [40872 2014-02-10] (SlySoft, Inc. -> SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40872 2014-02-10] (SlySoft, Inc. -> SlySoft, Inc.)
R1 EpfwLWF; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [44632 2015-03-10] (ESET, spol. s r.o. -> ESET)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2024-03-27] (Malwarebytes Corporation -> Malwarebytes)
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] (ASUSTeK Computer Inc. -> )
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20928 2024-03-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [603416 2024-03-13] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105752 2024-03-13] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-03-27 13:58 - 2024-03-27 14:09 - 000044706 _____ C:\Users\Izoplast\Desktop\Addition.txt
2024-03-27 13:53 - 2024-03-27 14:11 - 000022018 _____ C:\Users\Izoplast\Desktop\FRST.txt
2024-03-27 13:52 - 2024-03-27 14:11 - 000000000 ____D C:\FRST
2024-03-27 13:51 - 2024-03-27 13:51 - 002391552 _____ (Farbar) C:\Users\Izoplast\Desktop\FRST64.exe
2024-03-27 11:23 - 2024-03-27 11:23 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-03-26 17:35 - 2024-03-26 17:35 - 000581358 _____ C:\Users\Izoplast\Documents\Faktura c. 242501.PDF
2024-03-26 16:55 - 2024-03-26 16:55 - 000000000 ___HD C:\$WinREAgent
2024-03-13 12:13 - 2024-03-27 13:48 - 000004144 _____ C:\WINDOWS\system32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-IZOPLAS-Izoplast DESKTOP-IZOPLAST
2024-03-13 12:02 - 2024-03-13 12:02 - 000003062 _____ C:\Users\Izoplast\mbam-log-2024-03-13 (11-29-43).xml
2024-03-13 11:29 - 2024-03-27 11:23 - 000192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2024-03-13 11:27 - 2024-03-13 11:27 - 000001846 _____ C:\Users\Izoplast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MalwarebytesPortable.lnk
2024-03-13 11:26 - 2024-03-13 11:29 - 000000000 ____D C:\Program Files\Malwarebytes Anti-Malware Premium 2.2.1.1043 Final Portable (CZ)
2024-03-13 11:22 - 2024-03-13 11:22 - 000003066 _____ C:\Users\Izoplast\mbam-log-2024-03-13 (10-45-20).xml
2024-03-13 10:20 - 2024-03-13 10:20 - 000003878 _____ C:\Users\Izoplast\mbam-log-2024-03-13 (09-19-45).xml
2024-03-11 12:05 - 2024-03-27 13:54 - 000003386 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1765005129-1590092598-4036685488-1001
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-03-27 13:59 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-03-27 13:54 - 2022-09-25 17:37 - 000002380 _____ C:\Users\Izoplast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-03-27 13:54 - 2021-12-13 08:55 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1765005129-1590092598-4036685488-1001
2024-03-27 13:45 - 2018-11-06 17:37 - 000000000 ____D C:\ProgramData\firebird
2024-03-27 13:44 - 2018-11-06 14:37 - 000000000 ____D C:\Users\Izoplast\Documents\Súbory programu Outlook
2024-03-27 13:43 - 2020-09-15 16:35 - 000003542 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-03-27 13:35 - 2022-01-06 14:11 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-03-27 13:35 - 2018-11-06 17:18 - 000000000 ____D C:\Program Files (x86)\Google
2024-03-27 13:20 - 2018-11-09 10:15 - 000000000 ____D C:\Users\Izoplast\Documents\Bluetooth
2024-03-27 13:11 - 2018-11-06 15:22 - 000000000 ____D C:\Users\Izoplast\AppData\Roaming\Microsoft\Excel
2024-03-27 12:34 - 2020-09-15 16:04 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-03-27 12:18 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2024-03-27 12:18 - 2018-11-07 10:10 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2024-03-27 12:07 - 2018-11-06 14:30 - 000000000 ____D C:\Users\Izoplast\AppData\Roaming\Microsoft\Word
2024-03-27 11:22 - 2018-11-13 09:30 - 000000000 ____D C:\Program Files\CCleaner
2024-03-27 11:18 - 2020-09-15 16:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-03-27 11:18 - 2020-09-15 16:03 - 000008192 ___SH C:\DumpStack.log.tmp
2024-03-27 11:17 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-03-27 11:16 - 2018-11-06 17:51 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-03-27 11:15 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-03-27 09:06 - 2020-09-15 16:35 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-03-26 17:47 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-03-26 17:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-03-26 17:45 - 2020-06-09 08:52 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-03-26 16:59 - 2020-09-15 16:35 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-03-26 16:59 - 2020-09-15 16:35 - 000003508 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-03-26 16:56 - 2022-11-28 07:28 - 000000000 ____D C:\Program Files\RUXIM
2024-03-13 12:51 - 2018-11-22 12:20 - 000000000 ____D C:\Users\Izoplast\Documents\Ccleaner
2024-03-13 12:45 - 2024-01-08 09:14 - 000002142 _____ C:\Users\Public\Desktop\ALFA plus.lnk
2024-03-13 12:45 - 2019-04-02 16:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KROS
2024-03-13 12:02 - 2020-09-15 16:08 - 000000000 ____D C:\Users\Izoplast
2024-03-13 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2024-03-13 10:20 - 2022-05-13 10:12 - 000000004 _____ C:\WINDOWS\system32\Drivers\etc\hosts.BackupByMalwarebytesPortable
2024-03-13 08:12 - 2018-11-06 14:38 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-03-13 08:05 - 2018-11-06 14:38 - 190470136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-03-13 08:04 - 2018-11-06 10:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-03-12 15:28 - 2018-11-06 14:30 - 000000000 ____D C:\Users\Izoplast\AppData\Roaming\Microsoft\Šablóny
2024-03-12 14:46 - 2019-03-23 19:22 - 000000000 ____D C:\Users\Izoplast\AppData\Local\ElevatedDiagnostics
2024-03-11 13:21 - 2021-06-24 18:06 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2024-03-11 13:21 - 2021-03-23 19:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2024-03-10 10:26 - 2023-05-15 09:17 - 000000000 ____D C:\Users\Izoplast\AppData\Roaming\vlc
2024-03-10 09:36 - 2021-09-07 13:36 - 000000000 ____D C:\Users\Izoplast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2024-03-10 09:36 - 2021-09-07 13:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2024-03-10 09:36 - 2019-01-19 19:22 - 000000000 ____D C:\Program Files (x86)\WinRAR
2024-03-10 09:36 - 2018-11-06 13:38 - 000000000 ____D C:\Program Files\WinRAR
==================== Files in the root of some directories ========
2018-11-24 13:38 - 2020-08-23 17:56 - 000000136 _____ () C:\Users\Izoplast\AppData\Roaming\downloads.json
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25.03.2024
Ran by Izoplast (27-03-2024 14:12:42)
Running from C:\Users\Izoplast\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.3930 (X64) (2020-09-15 15:36:02)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1765005129-1590092598-4036685488-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1765005129-1590092598-4036685488-503 - Limited - Disabled)
Guest (S-1-5-21-1765005129-1590092598-4036685488-501 - Limited - Disabled)
Izoplast (S-1-5-21-1765005129-1590092598-4036685488-1001 - Administrator - Enabled) => C:\Users\Izoplast
WDAGUtilityAccount (S-1-5-21-1765005129-1590092598-4036685488-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 23.01 (x64) (HKLM\...\7-Zip) (Version: 23.01 - Igor Pavlov)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1051-1033-7760-BC15014EA700}) (Version: 23.008.20458 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601053}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
ALFA plus 15.22.00 - C:\Program Files (x86)\KROS\ALFA plus\ (HKLM-x32\...\{17F87645-0DDA-488B-A12A-62589C630BA2}) (Version: 15.22.00 - KROS a.s.)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Asistent pri aktualizácii na Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22589 - Microsoft Corporation)
Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5 (HKLM-x32\...\{E031338C-839D-4EDD-9537-99B653C39D81}) (Version: 6.5.5.24 - Autodesk, Inc.)
AUTOPLAN 2021 RE1 (HKLM-x32\...\AUTOPLAN_is1) (Version: - KROB software s.r.o.)
Balík softvéru eID (HKLM-x32\...\{ea81dcd3-f9f3-4959-8bee-0349fc294ae5}) (Version: 1.0.0.0 - Ministerstvo vnútra Slovenskej republiky) Hidden
Bit4id - miniLector (HKLM-x32\...\Bit4id - miniLector) (Version: 3.7 - Bit4id)
Catalyst Control Center - Branding (HKLM-x32\...\{11087D24-567D-7D88-69C6-D7A08B5F4C47}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 6.11 - Piriform)
CloneCD (HKLM-x32\...\CloneCD) (Version: 5.3.4.0 - SlySoft)
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.3 - Elaborate Bytes)
D.Launcher (x86) (HKLM-x32\...\{0DC85C46-746B-4BC5-B727-D5434DF7E5D0}) (Version: 1.2.0.2 - DITEC, a.s.)
D.Signer/XAdES .NET so zásuvnými modulmi (x86) (HKLM-x32\...\{EDB276CE-A945-4201-A552-2683B13C321F}) (Version: 4.0.24 - DITEC, a.s.)
D.Signer/XAdES .NET Tools (x86) (HKLM-x32\...\{6648F510-5044-4CA9-BC21-494A2A198B3A}) (Version: 4.0.17 - DITEC, a.s.)
D.Suite/eIDAS (x86) (HKLM-x32\...\{8d169eac-87e2-4981-825f-701b32f24d72}) (Version: 1.0.29 - DITEC, a.s.)
D.Viewer .NET (x86) (HKLM-x32\...\{73D635BE-5D6F-43D3-8C1F-63B5CD4D5953}) (Version: 4.0.2033 - DITEC, a.s.)
Disig Web Signer 1.0.7 (HKLM-x32\...\{21859B7E-5E38-4892-A480-FA8B180ADE72}) (Version: 1.1.8 - Disig)
EAC MW klient (HKLM-x32\...\{BC7979F7-EC8D-4BA0-95D5-950630FFB2E9}) (Version: 3.0.0 - Ministerstvo vnútra Slovenskej republiky)
Elcomm (HKLM-x32\...\Elcomm) (Version: - )
Flvto Youtube Downloader (HKLM\...\Flvto Youtube Downloader) (Version: 1.2.1 - Hotger)
GemPcCCID (HKLM\...\{C2C14C20-A217-4FCA-B668-89B6C70B6EFF}) (Version: 2.0.7 - Gemalto)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 123.0.6312.86 - Google LLC)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 10.1.1.500 - Huawei Technologies Co., Ltd.)
HP Dropbox Plugin (HKLM-x32\...\{9646F2DC-B09E-4314-92EC-B3332900A7EE}) (Version: 36.0.191.0 - HP)
HP EmailSMTP Plugin (HKLM-x32\...\{AF9F1F16-F6B4-4A66-B789-9F00B40B08AF}) (Version: 43.0.191.0 - HP)
HP FTP Plugin (HKLM-x32\...\{7DB5EDF6-8009-4E01-AF0D-4F3E02A0287F}) (Version: 43.0.191.0 - HP)
HP Google Drive Plugin (HKLM-x32\...\{07F30E12-A85F-4EA4-A5B3-3728FAB947ED}) (Version: 36.0.191.0 - HP)
HP LaserJet MFP M28-M31 Basic Device Software (HKLM\...\{08644094-D714-4B6E-9CEB-11433F5CBDB7}) (Version: 46.2.2636.18185 - HP Inc.)
HP LaserJet MFP M28-M31 Help (HKLM-x32\...\{0DF6621D-67C2-4E12-A5CF-260E985B8743}) (Version: 0.00.0005 - HP)
HP OneDrive Plugin (HKLM-x32\...\{8ED0A60F-9F44-4B7F-9C88-CC9E0B362628}) (Version: 36.0.191.0 - HP)
HP PC Hardware Diagnostics Windows (HKLM-x32\...\{02E639C2-2C8A-4A55-8DFF-43666B46E8F3}) (Version: 1.5.6.0 - HP Inc.)
HP SFTP Plugin (HKLM-x32\...\{1F0191BF-E339-4192-85D9-C369CA3FE9F1}) (Version: 43.0.191.0 - HP)
HP SharePoint Plugin (HKLM-x32\...\{96DB7179-0B69-45E1-A109-3A3A1F5BBCDF}) (Version: 43.0.191.0 - HP)
I.R.I.S OCR (HKLM-x32\...\{3913CCF7-436B-4A7A-A265-62E9FFDD03D9}) (Version: 15.2.10.1114 - HP Inc.)
MF DachDesigner Demo (HKLM-x32\...\DachDesigner.EXE) (Version: - )
Microsoft Access MUI (Slovak) 2013 (HKLM\...\{90150000-0015-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft DCF MUI (Slovak) 2013 (HKLM\...\{90150000-0090-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 122.0.2365.92 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 122.0.2365.92 - Microsoft Corporation)
Microsoft Excel MUI (Slovak) 2013 (HKLM\...\{90150000-0016-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Groove MUI (Slovak) 2013 (HKLM\...\{90150000-00BA-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (Slovak) 2013 (HKLM\...\{90150000-0044-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Lync MUI (Slovak) 2013 (HKLM\...\{90150000-012B-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Office 2013 Professional Plus (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office 32-bit Components 2013 (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Nyelvi ellenőrző eszközök 2013 – magyar (HKLM\...\{90150000-001F-040E-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Slovak) 2013 (HKLM\...\{90150000-00E1-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Slovak) 2013 (HKLM\...\{90150000-00E2-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Slovak) 2013 (HKLM\...\{90150000-002C-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (Slovak) 2013 (HKLM\...\{90150000-00C1-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Slovak) 2013 (HKLM\...\{90150000-006E-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-1765005129-1590092598-4036685488-1001\...\OneDriveSetup.exe) (Version: 24.045.0303.0003 - Microsoft Corporation)
Microsoft OneNote MUI (Slovak) 2013 (HKLM\...\{90150000-00A1-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Slovak) 2013 (HKLM\...\{90150000-001A-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Slovak) 2013 (HKLM\...\{90150000-0018-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (Slovak) 2013 (HKLM\...\{90150000-0019-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (HKLM\...\{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (HKLM\...\{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (HKLM-x32\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (HKLM-x32\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Word MUI (Slovak) 2013 (HKLM\...\{90150000-001B-041B-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nero 12 (HKLM-x32\...\{560FC78C-A4B2-461D-9B47-820C1EEF87B8}) (Version: 12.0.02000 - Nero AG)
Nero Audio Pack 1 (HKLM-x32\...\{A7A0BF2E-31CC-49E3-9913-52C503EB969D}) (Version: 11.0.11500.110.0 - Nero AG) Hidden
Nero BackItUp (HKLM-x32\...\{0071820F-09B0-4998-8320-F89629DCBC99}) (Version: 12.0.2001 - Nero AG) Hidden
Nero BackItUp Help (CHM) (HKLM-x32\...\{EF0D1292-8FC1-41BE-9740-DBC134F66415}) (Version: 12.0.3000 - Nero AG) Hidden
Nero Blu-ray Player (HKLM-x32\...\{A2FE691E-3F8E-4E30-AA7D-FF17AC77EA87}) (Version: 12.0.14300 - Nero AG) Hidden
Nero Blu-ray Player Help (CHM) (HKLM-x32\...\{5B79E730-D897-4B8F-A1AD-7BB2D1F22B96}) (Version: 12.0.4000 - Nero AG) Hidden
Nero Burning ROM (HKLM-x32\...\{5963F4B4-D138-47CD-ADEF-470E87E185BD}) (Version: 12.0.20000 - Nero AG) Hidden
Nero Burning ROM Help (CHM) (HKLM-x32\...\{2890E324-6F3B-4975-8B95-E7D6D80E0226}) (Version: 12.0.3000 - Nero AG) Hidden
Nero ControlCenter (HKLM-x32\...\{ABC88553-8770-4B97-B43E-5A90647A5B63}) (Version: 11.0.15200 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (HKLM-x32\...\{C994C746-C6D0-4EBA-B09E-DF7B18381B69}) (Version: 12.0.5000 - Nero AG) Hidden
Nero Core Components (HKLM-x32\...\{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}) (Version: 11.0.18100 - Nero AG) Hidden
Nero Disc Menus Basic (HKLM-x32\...\{E17BCB76-9924-4BD5-B6D6-50D3407B4E74}) (Version: 12.0.11500 - Nero AG) Hidden
Nero Effects Basic (HKLM-x32\...\{29F67D84-3A70-456E-806A-52301B02070B}) (Version: 12.0.11500 - Nero AG) Hidden
Nero Express (HKLM-x32\...\{848A7C68-0ADC-4193-8A89-2CEA78E56A0C}) (Version: 12.0.20000 - Nero AG) Hidden
Nero Express Help (CHM) (HKLM-x32\...\{0708FF30-78C0-47B0-81F0-C84604DC769C}) (Version: 12.0.5000 - Nero AG) Hidden
Nero Kwik Media (HKLM-x32\...\{052A1E34-A54B-458C-A4E3-24C3E054754A}) (Version: 1.18.18200 - Nero AG) Hidden
Nero Kwik Media Help (CHM) (HKLM-x32\...\{1F16820E-D0E7-4636-939E-45CBFEFB06E1}) (Version: 12.0.4000 - Nero AG) Hidden
Nero Kwik Themes Basic (HKLM-x32\...\{1B6F5E51-575E-4693-BCA2-7543570D076D}) (Version: 12.0.11500 - Nero AG) Hidden
Nero Launcher (HKLM-x32\...\{0E4630AF-0AB7-440E-A978-1A78FC4F43B9}) (Version: 12.2.2000 - Nero AG) Hidden
Nero PiP Effects Basic (HKLM-x32\...\{ACE49D50-19CD-44A6-B192-46F985283B26}) (Version: 12.0.11500 - Nero AG) Hidden
Nero Recode (HKLM-x32\...\{1943C3BD-4462-4612-92C3-D36DD917C447}) (Version: 12.0.24000 - Nero AG) Hidden
Nero Recode Help (CHM) (HKLM-x32\...\{86847081-B387-4F49-AED1-C9B0A090D66C}) (Version: 12.0.4000 - Nero AG) Hidden
Nero RescueAgent (HKLM-x32\...\{B953732D-B623-4E84-B369-CFFF7B1AE06F}) (Version: 12.0.9000 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (HKLM-x32\...\{0B311221-05A5-4766-8D03-7A6446794156}) (Version: 12.0.3000 - Nero AG) Hidden
Nero SharedVideoCodecs (HKLM-x32\...\{2432E589-6256-4513-B0BF-EFA8E325D5F0}) (Version: 1.0.12100.2.0 - Nero AG) Hidden
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 11.0.11800.31.0 - Nero AG) Hidden
Nero Video (HKLM-x32\...\{83FCCFCD-46E3-43FB-A397-78BFD5A8980A}) (Version: 12.0.3000 - Nero AG) Hidden
Nero Video Help (CHM) (HKLM-x32\...\{B128179D-A5E1-43AC-9422-12A109ECD2A0}) (Version: 12.0.4000 - Nero AG) Hidden
neroxml (HKLM-x32\...\{56C049BE-79E9-4502-BEA7-9754A3E60F9B}) (Version: 1.0.0 - Nero AG) Hidden
Product Improvement Study for HP LaserJet MFP M28-M31 (HKLM\...\{B50C256D-80E2-473E-9546-0410162F44D5}) (Version: 46.2.2636.18185 - HP Inc.)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.52.3 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{B9A7A138-BFD5-4C73-A269-F78CCA28150E}) (Version: 8.94.0.0 - Microsoft Corporation)
USB Video Device (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.54300.120 - Sonix)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.20 - VideoLAN)
Welcome App (Start-up experience) (HKLM-x32\...\{828175FA-7307-4DBF-95AD-9CEE086B6F45}) (Version: 12.0.14000 - Nero AG) Hidden
Windows Kontrola stavu počítača (HKLM\...\{8D6B9DC1-A437-41E0-8DF1-9F37748394AE}) (Version: 3.6.2204.08001 - Microsoft Corporation)
WinRAR 7.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 7.00.0 - win.rar GmbH)
WinRAR 7.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.00.0 - win.rar GmbH)
Packages:
=========
Amazon Rainforest -> C:\Program Files\WindowsApps\Microsoft.AmazonRainforest_1.0.0.0_neutral__8wekyb3d8bbwe [2018-11-09] (Microsoft Corporation)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2722.1.0_x64__kgqvnymyfvs32 [2024-03-11] (king.com)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.20.3368.0_x64__rz1tebttyb220 [2024-03-11] (Dolby Laboratories)
Doplnok mediálneho nástroja pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-08-27] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_152.1.1099.0_x64__v10z8vjag6ke6 [2024-03-11] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-20] (Microsoft Corporation) [MS Ad]
My Photos -> C:\Program Files\WindowsApps\4846UtilitiesTools.MyPhotos_1.1.3.0_x64__b17t1j31etq18 [2019-06-07] (Utilities Tools) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-23] (Netflix, Inc.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.19.1262.0_x64__8wekyb3d8bbwe [2024-03-10] (Microsoft Studios) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-02-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-02-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-02-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-02-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-02-26] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Izoplast\AppData\Local\Microsoft\Edge\User Data\Profile 1\Profil 2 - Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\Izoplast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\KROS Fakturácia.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=noccbdmhngpfbghcheakieamkbkkepgk
ShortcutWithArgument: C:\Users\Izoplast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\Izoplast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\188f5ec9d11ded56\Profil 2 - Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Profile 1"
==================== Loaded Modules (Whitelisted) =============
2024-03-27 11:23 - 2024-03-27 11:23 - 000008704 _____ () [File not signed] C:\Users\Izoplast\AppData\Local\Temp\nsfC3CB.tmp\newadvsplash.dll
2024-03-27 11:23 - 2024-03-27 11:23 - 000025088 _____ () [File not signed] C:\Users\Izoplast\AppData\Local\Temp\nsfC3CB.tmp\Registry.dll
2024-03-27 11:23 - 2024-03-27 11:23 - 000010752 _____ () [File not signed] C:\Users\Izoplast\AppData\Local\Temp\nsfC3CB.tmp\System.dll
2015-11-04 15:40 - 2015-11-04 15:40 - 000004608 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamenu.dll
2018-11-12 20:28 - 2010-04-24 05:00 - 000336896 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMLM9X.DLL
2018-11-07 08:14 - 2012-03-14 05:00 - 000385024 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMLMAA.DLL
2018-11-06 17:31 - 2011-10-11 09:59 - 000007680 _____ (Firebird Project) [File not signed] C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\ib_util.dll
2018-11-06 17:31 - 2011-10-11 09:59 - 000921600 _____ (Firebird Project) [File not signed] C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\intl\fbintl.DLL
2018-11-06 17:31 - 2011-10-11 09:59 - 000434176 _____ (Firebird Project) [File not signed] C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\plugins\fbtrace.dll
2018-11-06 17:31 - 2011-10-11 09:59 - 001568768 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\icudt30.dll
2018-11-06 17:31 - 2011-10-11 09:59 - 000675840 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\icuuc30.dll
2022-07-05 12:58 - 2023-06-20 09:00 - 000101376 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2024-03-27 11:16 - 2024-03-27 12:01 - 000000006 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1765005129-1590092598-4036685488-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet 2: Epfw NDIS LightWeight Filter -> ESET_EpfwLWF (enabled)
Ethernet 3: Epfw NDIS LightWeight Filter -> ESET_EpfwLWF (enabled)
Ethernet 4: Epfw NDIS LightWeight Filter -> ESET_EpfwLWF (enabled)
Ethernet: Epfw NDIS LightWeight Filter -> ESET_EpfwLWF (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "ALFA plus - rýchle spustenie.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Web Signer.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "CanonMyPrinter"
HKLM\...\StartupApproved\Run: => "Realtek Camera Manager"
HKLM\...\StartupApproved\Run32: => "CanonSolutionMenuEx"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "CloneCDTray"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "tsnp2uvc"
HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher"
HKU\S-1-5-21-1765005129-1590092598-4036685488-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1765005129-1590092598-4036685488-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{5FA4DB26-1EC8-43C3-A056-16B9FEB6634F}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{4571C068-720F-49FE-9CE3-9B222A9CDE51}] => (Allow) LPort=5357
FirewallRules: [{782178F6-7D19-4E64-8AA0-CFE41C66E8D2}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{E57AEF23-191E-4EF4-BA6F-AAE9319C0A34}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\bin\DigitalWizards.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{0B3B81BB-6574-4DBA-B606-51FE4CC143E4}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\bin\EWSProxy.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{7FEC1A33-C813-437C-BF5D-3D31BDACCE80}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
FirewallRules: [{BDD477C4-484E-4D5E-8C3C-432B156F140D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
FirewallRules: [{C249D09D-B9A8-4879-B430-03A3CDE52E9C}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe (Nero AG -> Nero AG)
FirewallRules: [{45DA8CB5-C63A-4667-AD75-1405827BC68F}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe (Nero AG -> Nero AG)
FirewallRules: [{9D3EDDCA-923A-4182-9A8A-714C6BEBFB7F}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{07AD04A3-FDAC-43FC-A8FA-5772964982AF}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A3250133-0752-4540-93ED-1288A1FC3F4B}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5745DA3C-18F9-483E-BF01-C407EF8380EE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{83198189-2D21-4112-9C86-DE74470EC39E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E29FD033-7D8C-4754-A3F9-8C8A5F43F517}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{DF3B8380-CBA7-4C5F-A378-24BADA7BED0B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{DF08C95C-112A-4191-A760-5EDF0A7D73CF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{314BCAE1-4F23-4B02-8989-B23621DB6892}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{1AB6F2F0-77E8-4E51-8F2B-65F2C07B16C5}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{117FE7F6-6E5A-41BA-9BB6-559FE1E57609}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1CE86A61-C10F-4C08-A8BF-398EF73EE350}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DE1A5452-7C6E-4E37-8A1A-B2F5C52C7ABF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6D1C2134-CF95-46E2-BF3D-7A4D00B37D8B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EA4113AE-6940-4AF9-B810-FACA006169CC}] => (Allow) LPort=20400
FirewallRules: [{1BB86038-2339-414D-95EE-DB4A462299D0}] => (Allow) LPort=20401
FirewallRules: [{27B5F54B-400D-4AFB-B60C-8EDB20C2016D}] => (Allow) LPort=20402
FirewallRules: [{BB6D04C7-1AFD-4A0E-BC63-FF7117E2671F}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4D41F722-CCF6-4660-BF52-19625408A119}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{3181BC7F-A485-481B-915F-CDBF0B19D3A5}] => (Allow) C:\Program Files\Malwarebytes Anti-Malware Premium 2.2.1.1043 Final Portable (CZ)\App\Malwarebytes\mbam.exe (Malwarebytes Corporation -> Malwarebytes)
FirewallRules: [{0E5F2A2D-FF69-4E5C-B93F-2B9842A28CB4}] => (Allow) C:\Program Files\Malwarebytes Anti-Malware Premium 2.2.1.1043 Final Portable (CZ)\App\Malwarebytes\mbam.exe (Malwarebytes Corporation -> Malwarebytes)
FirewallRules: [{9CCB83D2-A96B-41AD-9E28-2AA5906785DE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{BDE35376-602C-4651-97DB-366E42407055}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{FFDE57A9-33FE-4B78-B4FF-2C9EA4F41090}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{7835BA94-1EFD-4D42-B381-FB2802A1764F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
==================== Restore Points =========================
13-03-2024 08:48:25 Inštalátor modulov systému Windows
13-03-2024 09:33:03 Inštalátor modulov systému Windows
13-03-2024 10:53:09 Inštalátor modulov systému Windows
26-03-2024 17:21:54 Inštalátor modulov systému Windows
27-03-2024 10:04:08 Inštalátor modulov systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (03/27/2024 12:38:17 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v HDD disc (D:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
Error: (03/27/2024 12:38:16 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v Vyhradené systémom (K:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
Error: (03/27/2024 12:38:15 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v Vyhradené systémom, pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
Error: (03/27/2024 12:23:15 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v HDD disc (D:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
Error: (03/27/2024 12:23:14 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v Vyhradené systémom (K:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
Error: (03/27/2024 12:23:13 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v Vyhradené systémom, pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
Error: (03/27/2024 12:14:35 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v HDD disc (D:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
Error: (03/27/2024 12:14:34 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v Vyhradené systémom (K:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
System errors:
=============
Error: (03/27/2024 11:23:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby MBAMScheduler zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.
Error: (03/27/2024 11:23:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby MBAMScheduler zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.
Error: (03/27/2024 11:16:57 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
Error: (03/27/2024 11:07:36 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x8007000d: 2024-03 Kumulatívna aktualizácia pre Windows 10 Version 22H2 pre systémy s procesorom typu x64 (KB5035845).
Error: (03/27/2024 10:48:58 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (03/27/2024 10:42:15 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (03/27/2024 10:42:12 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (03/27/2024 10:42:09 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Windows Defender:
================
Date: 2024-03-27 12:18:16
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-03-27 11:44:20
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-03-13 12:36:59
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-03-13 12:25:45
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-03-13 12:14:48
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]:
Date: 2024-03-27 09:14:17
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.407.391.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.24020.9
Error code: 0x80070020
Error description: The process cannot access the file because it is being used by another process.
Date: 2024-03-27 09:14:17
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.407.391.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.24020.9
Error code: 0x80070020
Error description: The process cannot access the file because it is being used by another process.
Date: 2024-03-27 09:14:17
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.407.391.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.24020.9
Error code: 0x80070020
Error description: The process cannot access the file because it is being used by another process.
Date: 2024-03-27 09:11:52
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.407.391.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.24020.9
Error code: 0x80240016
Error description: Počas vyhľadávania aktualizácií sa vyskytol neočakávaný problém. Informácie o inštalácii aktualizácií a riešení problémov s aktualizáciami nájdete v Pomoci a technickej podpore.
Date: 2024-03-27 09:05:19
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.407.391.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.24020.9
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
CodeIntegrity:
===============
Date: 2023-12-05 08:17:02
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-11-03 10:20:11
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-10-04 13:40:55
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-07-26 11:43:51
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-06-19 07:58:59
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-05-17 09:25:02
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 0501 08/03/2010
Motherboard: ASUSTeK Computer INC. M4N68T-M-LE-V2
Processor: AMD Athlon(tm) II X4 640 Processor
Percentage of memory in use: 77%
Total physical RAM: 4095.22 MB
Available physical RAM: 940.22 MB
Total Virtual: 5067.24 MB
Available Virtual: 1204.17 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:233.57 GB) (Free:144.68 GB) (Model: SAMSUNG HD502HJ SCSI Disk Device) NTFS
Drive d: (HDD disc) (Fixed) (Total:298.09 GB) (Free:217.52 GB) (Model: ST320DM0 00-1BD14C SCSI Disk Device) NTFS
Drive e: (Lokalny disk) (Fixed) (Total:231.29 GB) (Free:226.28 GB) (Model: SAMSUNG HD502HJ SCSI Disk Device) NTFS
Drive k: (Vyhradené systémom) (Fixed) (Total:0.34 GB) (Free:0.33 GB) (Model: SAMSUNG HD320KJ SCSI Disk Device) NTFS
Drive l: (HDD 2 disk) (Fixed) (Total:297.75 GB) (Free:163.41 GB) (Model: SAMSUNG HD320KJ SCSI Disk Device) NTFS
\\?\Volume{5bc53d8b-0000-0000-0000-100000000000}\ (Vyhradené systémom) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{5bc53d8b-0000-0000-0000-a06a3a000000}\ () (Fixed) (Total:0.81 GB) (Free:0.25 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 5BC53D8B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=233.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=826 MB) - (Type=27)
Partition 4: (Not Active) - (Size=231.3 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 0C800C7F)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=297.7 GB) - (Type=07 NTFS)
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: EF498C61)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================