VIRY.CZ

Dobrý den prosím o kontrolu logu.
nainstaloval jsem xmrig, a chtěl těžit. po pár dnech mi PC nevidí WIFI síť od O2, i když jiná zařízení se k wifi připojí. PC vidí i třeba když spustím hotspot z telefonu. Na internet je PC připojene přes kabel. nějaké další problémy (zpomalení apod) se nezdá.
Projel jsem Kaspersky antivirem a snažil jsem se vyčistit.
Jediné co se změnilo byla instalace xmrig, tak jestli něco neudělal on.
prosím o kontrolu děkuji

Kód: Vybrat vše

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-06-2021
Ran by ordinace_2 (administrator) on PC-HLAVNI (ATComputers ALZA) (09-06-2021 10:55:49)
Running from C:\Users\ordinace_2\Desktop
Loaded Profiles: ordinace_2 & MSSQL$DATA
Platform: Windows 10 Pro Version 20H2 19042.1023 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe <2>
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <2>
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <27>
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(HP) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Ing. Karel Rubáš, HoboSoft® -> HoboSoft® Ing. Karel Rubáš) D:\hobosoft\Stomatolog\Bin\Stomat.bin
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_54b736e5be5b50b2\OneApp.IGCC.WinService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a086f01cc7be643a\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a086f01cc7be643a\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_48973fc6c96c696a\RstMwService.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avp.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avpui.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\plugins_nms.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_tray.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksdeui.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.DATA\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(SIRONA Dental Systems GmbH) [File not signed] C:\Program Files\Sirona\SIDEXIS4\OptionsManager3G.exe
(SIRONA Dental Systems GmbH) [File not signed] C:\Program Files\Sirona\SIDEXIS4\Sidexis4.exe
(Sirona Dental Systems GmbH) [File not signed] C:\Program Files\Sirona\SIDEXIS4\XG\NGPIMan.exe
(Sirona Dental, Inc.) [File not signed] [File is in use] C:\Program Files (x86)\Schick Technologies\Shared Files\MarconiService.exe
(Sirona Dental, Inc.) [File not signed] C:\Program Files (x86)\Schick Technologies\Shared Files\MarconiMonitor.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Value Added Tehnologies Co.,Ltd) [File not signed] C:\EasyDent4\File Server\FileServer.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [FileServer] => C:\EasyDent4\File Server\FileBackUp.exe [36864 2007-03-12] (Value Added Technologies Co.,Ltd) [File not signed]
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [779448 2021-05-05] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-03-10] (Adobe Inc. -> )
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5296352 2021-05-28] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [330040 2014-02-12] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Autodesk Genuine Service ] => C:\ProgramData\Autodesk\Genuine Service\x64\GenuineService.exe [2913648 2021-05-10] (Autodesk, Inc. -> Autodesk)
HKU\S-1-5-21-1930677817-3247307296-2436609557-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5549280 2021-05-28] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1930677817-3247307296-2436609557-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5549280 2021-05-28] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1930677817-3247307296-2436609557-1001\...\Policies\Explorer: [] 
HKU\S-1-5-21-1930677817-3247307296-2436609557-1001\...\MountPoints2: {11298201-a8bd-11eb-8eed-c38db3d2b80d} - "G:\HiSuiteDownLoader.exe" 
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [65160 2021-05-28] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\Windows\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\91.0.4472.77\Installer\chrmstp.exe [2021-05-27] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2021-05-28] (Adobe Inc. -> Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Wireless Monitor.lnk [2021-01-28]
ShortcutTarget: Wireless Monitor.lnk -> C:\Program Files (x86)\Schick Technologies\Shared Files\MarconiMonitor.exe (Sirona Dental, Inc.) [File not signed]

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0CF5E128-68CF-4E63-BD79-318DFB66A2DA} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [89840 2014-10-19] (Hewlett-Packard Company -> Hewlett Packard)
Task: {2459DC5E-A2B3-45BC-B169-1E58E627DC1A} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [682008 2021-03-30] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {24E65DB6-FB51-49A6-A2A2-AAFA430309F1} - System32\Tasks\AMSkipUAC => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [682008 2021-03-30] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {25DA87CD-C4A8-416A-858A-C364C4DDD7E1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {2BAEAB6D-83C9-43F9-A285-2D52FF9D7808} - System32\Tasks\Intel PTT EK Recertification => C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {661FAF78-FC45-440E-B99B-94C11DF770C5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-16] (Google LLC -> Google LLC)
Task: {678C843C-A0EA-4911-9449-DA9200FFC4EC} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [743488 2021-06-09] (Kaspersky Lab JSC -> AO Kaspersky Lab)
Task: {7F339252-B2E1-49E2-BD7B-B21C38ECEF06} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {AB0D4E7E-B353-4850-98F6-B41326A97BE3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-16] (Google LLC -> Google LLC)
Task: {F4714F2A-5BFD-4CF0-AEFF-789C56669DA3} - System32\Tasks\kpm_tray.exe => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_tray.exe [622168 2021-04-28] (Kaspersky Lab JSC -> AO Kaspersky Lab)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{783d6656-b6d5-4145-b63a-99cafed18757}: [NameServer] 10.0.1.138

Edge: 
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\ordinace_2\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-09]
Edge Extension: (Outlook) - C:\Users\ordinace_2\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjhmmnoficofgoiacjaajpkfndojknpb [2021-01-16]
Edge Extension: (Word) - C:\Users\ordinace_2\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikhggiobiflkdfdgdajcfklmcibbopi [2021-01-16]
Edge Extension: (Excel) - C:\Users\ordinace_2\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\leffmjdabcgaflkikcefahmlgpodjkdm [2021-01-16]
Edge Extension: (PowerPoint) - C:\Users\ordinace_2\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\opfacbhaojodjaojgocnibmklknchehf [2021-01-16]
Edge HKU\S-1-5-21-1930677817-3247307296-2436609557-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]

FireFox:
========
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-02-01]
FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2021-05-05] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-06-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-06-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-05-28] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-05-28] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2021-05-05] (Adobe Inc. -> Adobe Systems)

Chrome: 
=======
CHR Profile: C:\Users\ordinace_2\AppData\Local\Google\Chrome\User Data\Default [2021-06-09]
CHR Extension: (Prezentace) - C:\Users\ordinace_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-01-16]
CHR Extension: (Ochrana Kaspersky) - C:\Users\ordinace_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-06-09]
CHR Extension: (Podepisovací komponenta Signer) - C:\Users\ordinace_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\alldahcdhngmcjagmefklhhecboiigni [2021-02-03]
CHR Extension: (Dokumenty) - C:\Users\ordinace_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-01-16]
CHR Extension: (Disk Google) - C:\Users\ordinace_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-16]
CHR Extension: (YouTube) - C:\Users\ordinace_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-01-16]
CHR Extension: (Adobe Acrobat) - C:\Users\ordinace_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-03-16]
CHR Extension: (Tabulky) - C:\Users\ordinace_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-01-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\ordinace_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\ordinace_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-01]
CHR Extension: (Gmail) - C:\Users\ordinace_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-16]
CHR Extension: (Chrome Media Router) - C:\Users\ordinace_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-05-31]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [842424 2021-05-05] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avp.exe [384280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176128 2014-06-24] (HP) [File not signed]
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [288360 2021-05-10] (HP Inc. -> HP Inc.)
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 kpm_launch_service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe [357272 2021-04-28] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 KSDE5.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe [646520 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 MSSQL$DATA; C:\Program Files\Microsoft SQL Server\MSSQL12.DATA\MSSQL\Binn\sqlservr.exe [370368 2015-06-10] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5393304 2021-06-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 SQLAgent$DATA; C:\Program Files\Microsoft SQL Server\MSSQL12.DATA\MSSQL\Binn\SQLAGENT.EXE [613056 2015-06-10] (Microsoft Corporation -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13261608 2021-05-28] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\NisSrv.exe [2644760 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\MsMpEng.exe [136656 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 amsdk; C:\Windows\system32\drivers\amsdk.sys [232792 2021-06-08] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
R3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [250032 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klbackupdisk; C:\Windows\system32\DRIVERS\klbackupdisk.sys [110336 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [211704 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [126216 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\Windows\system32\DRIVERS\klflt.sys [514840 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [657696 2021-05-08] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [1439456 2021-05-08] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [253736 2021-06-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1042712 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klim6; C:\Windows\system32\DRIVERS\klim6.sys [98040 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [112392 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [112904 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [85256 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [96008 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\drivers\kltap.sys [55592 2021-02-19] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\Windows\System32\Drivers\klupd_klif_arkmon.sys [263888 2021-06-09] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\Windows\System32\Drivers\klupd_klif_klark.sys [309104 2021-06-09] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\Windows\System32\Drivers\klupd_klif_klbg.sys [115744 2021-06-09] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\Windows\System32\Drivers\klupd_klif_mark.sys [224880 2021-06-09] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S4 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [155912 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [327936 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [300808 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S4 RsFx0300; C:\Windows\System32\DRIVERS\RsFx0300.sys [247488 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
R3 rtwlane_13; C:\Windows\System32\drivers\rtwlane_13.sys [3717120 2019-12-07] (Microsoft Windows -> Realtek Semiconductor Corporation)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49560 2021-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [425208 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [76008 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
U2 sqlserveragent; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-06-09 10:55 - 2021-06-09 10:56 - 000027669 _____ C:\Users\ordinace_2\Desktop\FRST.txt
2021-06-09 10:55 - 2021-06-09 10:56 - 000000000 ____D C:\FRST
2021-06-09 10:54 - 2021-06-09 09:44 - 002300416 _____ (Farbar) C:\Users\ordinace_2\Desktop\FRST64.exe
2021-06-09 09:57 - 2021-06-09 09:57 - 000000000 ____D C:\Users\ordinace_2\AppData\Local\Kaspersky Lab
2021-06-09 09:44 - 2021-06-09 09:44 - 002300416 _____ (Farbar) C:\Users\ordinace_2\Downloads\FRST64.exe
2021-06-09 09:43 - 2021-06-09 09:43 - 000309104 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klark.sys
2021-06-09 09:42 - 2021-06-09 09:42 - 000263888 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_arkmon.sys
2021-06-09 09:42 - 2021-06-09 09:42 - 000224880 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_mark.sys
2021-06-09 09:42 - 2021-06-09 09:42 - 000115744 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klbg.sys
2021-06-09 09:42 - 2021-06-09 09:42 - 000003392 _____ C:\Windows\system32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2021-06-09 09:42 - 2021-06-09 09:42 - 000003192 _____ C:\Windows\system32\Tasks\kpm_tray.exe
2021-06-09 09:42 - 2021-06-09 09:42 - 000001234 _____ C:\Users\Public\Desktop\Kaspersky Password Manager.lnk
2021-06-09 09:42 - 2021-06-09 09:42 - 000001170 _____ C:\Users\Public\Desktop\Kaspersky VPN.lnk
2021-06-09 09:42 - 2021-06-09 09:42 - 000000000 ____D C:\Users\Default\AppData\Local\Kaspersky Lab
2021-06-09 09:42 - 2021-06-09 09:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky VPN
2021-06-09 09:42 - 2021-06-09 09:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Password Manager
2021-06-09 09:42 - 2021-06-09 09:42 - 000000000 ____D C:\Program Files\Common Files\AV
2021-06-09 09:41 - 2021-06-09 09:42 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2021-06-09 09:41 - 2021-06-09 09:42 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2021-06-09 09:41 - 2021-06-09 09:41 - 000002173 _____ C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2021-06-09 09:41 - 2021-06-09 09:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2021-06-09 09:41 - 2021-02-19 21:09 - 000110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2021-06-09 09:41 - 2021-02-19 21:08 - 001042712 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2021-06-09 09:41 - 2021-02-19 21:08 - 000514840 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2021-06-09 09:39 - 2021-06-09 09:39 - 002765696 _____ (Kaspersky) C:\Users\ordinace_2\Downloads\kav21.3.10.391cs_25685.exe
2021-06-08 22:42 - 2021-06-09 09:55 - 118751232 _____ C:\Windows\system32\config\SOFTWARE
2021-06-08 22:39 - 2021-06-08 22:42 - 000000000 ____D C:\Windows\Microsoft Antimalware
2021-06-08 15:56 - 2021-06-08 15:56 - 002270385 _____ C:\Users\ordinace_2\Downloads\Majner.Fr.47.pdf
2021-06-08 15:54 - 2021-06-08 15:55 - 002270385 _____ C:\Users\ordinace_2\Documents\Majner.Fr.47.pdf
2021-06-08 15:10 - 2021-06-08 15:10 - 000037291 _____ C:\Users\ordinace_2\Downloads\stáhnout.htm
2021-06-08 15:09 - 2021-06-09 10:56 - 000109342 _____ C:\Windows\ZAM.krnl.trace
2021-06-08 15:09 - 2021-06-08 15:09 - 000232792 _____ (Copyright 2018.) C:\Windows\system32\Drivers\amsdk.sys
2021-06-08 15:09 - 2021-06-08 15:09 - 000003556 _____ C:\Windows\system32\Tasks\AMHelper
2021-06-08 15:09 - 2021-06-08 15:09 - 000002676 _____ C:\Windows\system32\Tasks\AMSkipUAC
2021-06-08 15:09 - 2021-06-08 15:09 - 000001340 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2021-06-08 15:09 - 2021-06-08 15:09 - 000000000 ____D C:\Users\ordinace_2\AppData\Local\Zemana
2021-06-08 15:09 - 2021-06-08 15:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2021-06-08 15:09 - 2021-06-08 15:09 - 000000000 ____D C:\Program Files (x86)\Zemana
2021-06-08 15:08 - 2021-06-08 15:24 - 000000000 ____D C:\Users\ordinace_2\AppData\Local\AMSDK
2021-06-08 15:08 - 2021-06-08 15:08 - 013922376 _____ (Zemana Ltd. ) C:\Users\ordinace_2\Downloads\AntiMalware_Setup.exe
2021-06-08 11:55 - 2021-06-08 11:55 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2021-06-08 11:55 - 2021-06-08 11:55 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2021-06-08 11:55 - 2021-06-08 11:55 - 002260480 _____ (The ICU Project) C:\Windows\system32\icu.dll
2021-06-08 11:55 - 2021-06-08 11:55 - 001864192 _____ (The ICU Project) C:\Windows\SysWOW64\icu.dll
2021-06-08 11:55 - 2021-06-08 11:55 - 001823792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2021-06-08 11:55 - 2021-06-08 11:55 - 001393496 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2021-06-08 11:55 - 2021-06-08 11:55 - 001314120 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2021-06-08 11:55 - 2021-06-08 11:55 - 000657464 _____ C:\Windows\system32\WindowManagementAPI.dll
2021-06-08 11:55 - 2021-06-08 11:55 - 000568832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2021-06-08 11:55 - 2021-06-08 11:55 - 000468440 _____ C:\Windows\SysWOW64\WindowManagementAPI.dll
2021-06-08 11:55 - 2021-06-08 11:55 - 000451072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2021-06-08 11:55 - 2021-06-08 11:55 - 000423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2021-06-08 11:55 - 2021-06-08 11:55 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe
2021-06-08 11:55 - 2021-06-08 11:55 - 000097280 _____ C:\Windows\system32\Drivers\cimfs.sys
2021-06-08 11:55 - 2021-06-08 11:55 - 000011327 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-06-08 11:54 - 2021-06-08 11:54 - 000563712 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2021-06-08 11:54 - 2021-06-08 11:54 - 000287232 _____ C:\Windows\system32\CoreMas.dll
2021-06-08 11:54 - 2021-06-08 11:54 - 000272384 _____ C:\Windows\system32\TpmTool.exe
2021-06-08 11:21 - 2021-06-08 11:21 - 000000000 ____D C:\Users\ordinace_2\Documents\FeedbackHub
2021-06-07 13:52 - 2021-06-07 13:52 - 000536385 _____ C:\Users\ordinace_2\Documents\Zrušení_smlouvy1200124794 podepsaná.pdf
2021-06-07 13:52 - 2021-06-07 13:52 - 000514857 _____ C:\Users\ordinace_2\Documents\změna správce ps podepsaná.pdf
2021-06-07 13:51 - 2021-06-07 13:51 - 000442325 _____ C:\Users\ordinace_2\Documents\změna správce ps.pdf
2021-06-07 13:50 - 2021-06-07 13:50 - 000463851 _____ C:\Users\ordinace_2\Documents\Zrušení_smlouvy1200124794.pdf
2021-06-07 09:32 - 2021-06-07 09:32 - 000000036 _____ C:\Windows\SysWOW64\id.dat
2021-06-04 13:53 - 2021-06-04 14:24 - 000000000 ____D C:\ProgramData\bitmonero
2021-06-04 13:53 - 2021-06-04 13:53 - 000000000 ____D C:\Users\ordinace_2\Documents\Monero
2021-06-04 13:53 - 2021-06-04 13:53 - 000000000 ____D C:\ProgramData\.shared-ringdb
2021-06-04 13:52 - 2021-06-07 07:49 - 000000000 ____D C:\Users\ordinace_2\AppData\Roaming\monero-wallet-gui
2021-06-04 13:40 - 2021-06-04 13:40 - 000000000 ____D C:\Users\ordinace_2\AppData\Roaming\Ledger Live
2021-06-04 13:40 - 2021-06-04 13:40 - 000000000 ____D C:\Users\ordinace_2\AppData\Local\ledger-live-desktop-updater
2021-06-04 12:34 - 2021-06-04 12:34 - 000000000 ____D C:\Users\ordinace_2\Downloads\Nová složka
2021-06-04 12:34 - 2021-06-04 12:34 - 000000000 ____D C:\Users\ordinace_2\Downloads\hk
2021-06-04 11:43 - 2021-06-04 11:43 - 000335602 _____ C:\Users\ordinace_2\Documents\VoZP kompenzace sestry.pdf
2021-06-03 16:49 - 2021-06-03 19:50 - 000000000 ____D C:\Users\ordinace_2\AppData\Roaming\MultiDoge
2021-06-03 16:46 - 2021-06-03 16:46 - 000164640 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2021-06-03 16:46 - 2021-06-03 16:46 - 000000000 ____D C:\Users\ordinace_2\AppData\Roaming\Sun
2021-06-03 16:46 - 2021-06-03 16:46 - 000000000 ____D C:\Users\ordinace_2\AppData\LocalLow\Sun
2021-06-03 16:46 - 2021-06-03 16:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2021-06-03 16:46 - 2021-06-03 16:46 - 000000000 ____D C:\Program Files (x86)\Java
2021-06-03 16:18 - 2021-06-04 09:48 - 000000000 ____D C:\Users\ordinace_2\Documents\Doge
2021-05-28 07:58 - 2021-05-28 07:58 - 000065160 _____ (Adobe Systems Inc) C:\Windows\system32\AdobePDF.dll
2021-05-28 07:58 - 2021-05-28 07:58 - 000035992 _____ (Adobe Systems Inc.) C:\Windows\system32\AdobePDFUI.dll
2021-05-12 14:14 - 2021-05-12 14:14 - 001687040 _____ C:\Windows\system32\libcrypto.dll
2021-05-12 14:14 - 2021-05-12 14:14 - 001163776 _____ C:\Windows\system32\MBR2GPT.EXE
2021-05-12 14:14 - 2021-05-12 14:14 - 000700928 _____ C:\Windows\system32\FsNVSDeviceSource.dll
2021-05-12 14:14 - 2021-05-12 14:14 - 000165888 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2021-05-12 14:14 - 2021-05-12 14:14 - 000157184 _____ C:\Windows\system32\uwfcsp.dll
2021-05-12 14:14 - 2021-05-12 14:14 - 000153600 _____ C:\Windows\system32\uwfcfgmgmt.dll
2021-05-12 14:14 - 2021-05-12 14:14 - 000060928 _____ C:\Windows\system32\runexehelper.exe
2021-05-12 14:14 - 2021-05-12 14:14 - 000013312 _____ C:\Windows\system32\agentactivationruntimestarter.exe
2021-05-11 07:55 - 2021-05-11 07:55 - 000000000 ____D C:\Program Files\HPPrintScanDoctor

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-06-09 10:54 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-06-09 10:41 - 2020-09-29 11:30 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-06-09 10:08 - 2021-03-10 17:39 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-06-09 10:03 - 2020-09-29 11:36 - 001976050 _____ C:\Windows\system32\PerfStringBackup.INI
2021-06-09 10:03 - 2020-05-26 10:29 - 000815972 _____ C:\Windows\system32\perfh005.dat
2021-06-09 10:03 - 2020-05-26 10:29 - 000184358 _____ C:\Windows\system32\perfc005.dat
2021-06-09 10:03 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2021-06-09 09:56 - 2021-03-10 17:50 - 000000000 ___RD C:\Users\ordinace_2\Creative Cloud Files
2021-06-09 09:56 - 2021-01-16 16:46 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-06-09 09:56 - 2021-01-16 10:20 - 000000000 __SHD C:\Users\ordinace_2\IntelGraphicsProfiles
2021-06-09 09:56 - 2020-09-29 11:30 - 000008192 ___SH C:\DumpStack.log.tmp
2021-06-09 09:56 - 2020-09-29 11:30 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-06-09 09:56 - 2020-09-29 11:30 - 000000000 ____D C:\Intel
2021-06-09 09:55 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2021-06-09 09:41 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-06-09 09:41 - 2019-12-07 11:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2021-06-09 09:38 - 2021-03-10 17:38 - 000000000 ____D C:\Program Files\Adobe
2021-06-09 02:27 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2021-06-08 16:34 - 2020-09-29 11:35 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-06-08 15:58 - 2021-03-10 17:56 - 000002121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2021-06-08 15:58 - 2021-03-10 17:56 - 000002110 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2021-06-08 12:38 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\NDF
2021-06-08 12:03 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-06-08 12:01 - 2020-09-29 11:30 - 000490264 _____ C:\Windows\system32\FNTCACHE.DAT
2021-06-08 12:00 - 2019-12-07 11:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-06-08 12:00 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\PrintDialog
2021-06-08 12:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2021-06-08 12:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2021-06-08 12:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2021-06-08 12:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2021-06-08 12:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2021-06-08 12:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\lv-LV
2021-06-08 12:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\et-EE
2021-06-08 12:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2021-06-08 12:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-06-08 12:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2021-06-08 11:57 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2021-06-08 11:47 - 2021-01-16 12:27 - 000000000 ___HD C:\$WinREAgent
2021-06-08 11:23 - 2021-03-10 17:38 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-06-07 10:36 - 2021-04-06 13:02 - 000000000 ____D C:\Program Files (x86)\Autodesk
2021-06-07 10:36 - 2021-04-06 12:51 - 000000000 ____D C:\ProgramData\Autodesk
2021-06-07 10:36 - 2021-04-06 12:50 - 000000000 ____D C:\Users\ordinace_2\AppData\Local\Autodesk
2021-06-07 10:34 - 2021-04-06 12:53 - 000000000 ____D C:\Program Files\Autodesk
2021-06-07 10:33 - 2021-04-06 12:51 - 000000000 ____D C:\Users\ordinace_2\AppData\Roaming\Autodesk Installer
2021-06-07 10:31 - 2021-04-06 12:51 - 000000000 ____D C:\Users\ordinace_2\AppData\Roaming\Autodesk
2021-06-07 10:22 - 2021-01-28 16:52 - 000000000 ____D C:\Users\ordinace_2\AppData\Local\D3DSCache
2021-06-05 21:27 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-06-05 17:23 - 2020-09-29 11:30 - 000000000 ____D C:\Windows\system32\Drivers\wd
2021-06-05 14:23 - 2021-01-16 17:59 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-06-05 14:23 - 2021-01-16 17:59 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-05-29 07:29 - 2021-01-16 10:22 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1930677817-3247307296-2436609557-1001
2021-05-29 07:29 - 2021-01-16 10:22 - 000000000 ___RD C:\Users\ordinace_2\OneDrive
2021-05-29 07:29 - 2021-01-16 10:19 - 000002387 _____ C:\Users\ordinace_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-05-27 01:59 - 2021-01-16 15:40 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-05-27 01:59 - 2021-01-16 15:40 - 000002213 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-05-12 18:22 - 2019-12-07 11:51 - 000000000 ____D C:\Windows\system32\OpenSSH
2021-05-12 18:22 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2021-05-12 18:22 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2021-05-12 18:22 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2021-05-12 18:22 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2021-05-12 18:22 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2021-05-12 18:22 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2021-05-12 18:22 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\setup
2021-05-12 18:22 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\lt-LT
2021-05-12 18:22 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Provisioning
2021-05-12 18:22 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\DiagTrack
2021-05-12 18:21 - 2021-01-16 10:19 - 000000000 ____D C:\Users\ordinace_2
2021-05-12 14:16 - 2019-12-07 11:54 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\OEMDefaultAssociations.dll
2021-05-12 14:07 - 2021-01-16 17:56 - 000000000 ____D C:\Windows\system32\MRT
2021-05-12 14:05 - 2021-04-06 12:53 - 000000000 ____D C:\Program Files\dotnet
2021-05-12 14:05 - 2021-01-16 17:56 - 132732536 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-05-12 14:05 - 2020-09-29 11:34 - 000000000 ____D C:\ProgramData\Package Cache
2021-05-11 07:54 - 2021-04-14 09:12 - 000000000 ____D C:\Windows\system32\Tasks\HP

==================== Files in the root of some directories ========

2021-03-10 17:57 - 2021-03-10 17:57 - 000000000 _____ () C:\Users\ordinace_2\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

dobrýden,
děkuji za odpověd.
tady vypis, zdá se že nic.

Kód: Vybrat vše

# -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build:    03-22-2021
# Database: 2021-05-17.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    06-09-2021
# Duration: 00:00:05
# OS:       Windows 10 Pro
# Scanned:  31965
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Toto je OK. Přidejte ještě log Addition, je na ploše v souboru addition.txt a dočistíme ručně.

dobrý den,
dostal jsem se k tomu až dnes, tady výpis

Kód: Vybrat vše

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-06-2021
Ran by ordinace_2 (09-06-2021 10:56:51)
Running from C:\Users\ordinace_2\Desktop
Windows 10 Pro Version 20H2 19042.1023 (X64) (2020-09-29 11:05:48)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1930677817-3247307296-2436609557-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1930677817-3247307296-2436609557-503 - Limited - Disabled)
Guest (S-1-5-21-1930677817-3247307296-2436609557-501 - Limited - Enabled)
ordinace_2 (S-1-5-21-1930677817-3247307296-2436609557-1001 - Administrator - Enabled) => C:\Users\ordinace_2
WDAGUtilityAccount (S-1-5-21-1930677817-3247307296-2436609557-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Anti-Virus (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 21.005.20048 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.005.20048 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.4.5.550 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version:  - Adobe)
AEC-DATA pro ArCon (Designer ploch) - LB 11-2020 (HKLM-x32\...\AEC-DATA pro ArCon (Designer ploch) - LB 11-2020_is1) (Version: 2020.11 - SOFTconsult spol. s.r.o.)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version:  - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version:  - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version:  - Microsoft)
AutoCAD Open in Desktop (HKLM\...\{1C66A0B0-784E-4777-97B3-93F843D1C8CF}) (Version: 1.0.20.0 - Autodesk)
Autodesk App Manager (HKLM-x32\...\{9C2E49CB-F671-47EC-8093-CC1A8749A92A}) (Version: 3.2.1 - Autodesk)
Autodesk Genuine Service (HKLM\...\{1C5DB7B1-CE18-438C-B071-3AD6B8ADA5A0}) (Version: 4.4.0.85 - Autodesk)
Autodesk Single Sign On Component (HKLM\...\{B9F5BDED-021C-4926-8518-4FA7114B7040}) (Version: 12.3.3.1803 - Autodesk)
Dentsply Sirona Sidexis 4 (HKLM\...\{430E1156-6996-42D9-AF5F-A0ACB11AB430}) (Version: 4.3.0.0 - Sirona Dental Systems GmbH)
EasyDent V4 (Multi-Language) (HKLM-x32\...\{A8A75EB1-1364-4C0F-9DD2-49C2FF1A2865}) (Version: 4.1.5.9 - Vatech)
Excel (HKU\S-1-5-21-1930677817-3247307296-2436609557-1001\...\1fc5b090eab9aa41f8a2f5987367e6da) (Version: 1.0 - Excel)
GDR 2269 for SQL Server 2014 (KB3045324) (64-bit) (HKLM\...\KB3045324) (Version: 12.0.2269.0 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.77 - Google LLC)
HP LaserJet Pro MFP M127-M128 (HKLM-x32\...\{3b050369-8d19-413d-9dec-84ff278472eb}) (Version: 15.0.15309.1258 - Hewlett-Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPLJProMFPM127M128 (HKLM-x32\...\{B5409C23-DE0C-4B48-8C8A-50AE38694955}) (Version: 1.00.0000 - Hewlett-Packard)
HPLJUTCore (HKLM-x32\...\{B445502B-2F83-4873-90F1-06059F71A46A}) (Version: 014.000.0001 - HP) Hidden
HPLJUTM127_128 (HKLM-x32\...\{2C886751-51BD-4A8C-B33A-B4C513AB5B9A}) (Version: 008.000.0001 - HP) Hidden
hppM125LaserJetService (HKLM-x32\...\{18D5B189-DBDD-4E57-A84B-58C7700E9BB0}) (Version: 001.032.00682 - Hewlett-Packard) Hidden
hpStatusAlerts (HKLM-x32\...\{7504A7B0-003E-4875-A454-B627E127E9D9}) (Version: 100.040.00218 - Hewlett Packard) Hidden
hpStatusAlertsM127-M128 (HKLM-x32\...\{10D7EBAF-A550-48CD-8511-7D947184EE44}) (Version: 080.046.00112 - Hewlett-Packard) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{b666e502-9089-483b-9816-0774ccc9cb61}) (Version: 10.1.18295.8201 - Intel(R) Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1937.12.0.1312 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.7985 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.57.263.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{cca61e5e-7498-4d07-925c-194b016c272e}) (Version: 1.57.263.0 - Intel Corporation) Hidden
Java 8 Update 291 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180291F0}) (Version: 8.0.2910.10 - Oracle Corporation)
Kaspersky Anti-Virus (HKLM-x32\...\{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Hidden
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky)
Kaspersky Password Manager (HKLM-x32\...\{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab) Hidden
Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab)
Kaspersky VPN (HKLM-x32\...\{FF2A12B8-AEB7-48C0-95C8-E2E3D67DFCB2}) (Version: 21.3.10.391 - Kaspersky) Hidden
Kaspersky VPN (HKLM-x32\...\InstallWIX_{FF2A12B8-AEB7-48C0-95C8-E2E3D67DFCB2}) (Version: 21.3.10.391 - Kaspersky)
Messenger 97.11.116 (HKU\S-1-5-21-1930677817-3247307296-2436609557-1001\...\c1b3adcf-2068-5e8d-b25d-30ce588e3a4c) (Version: 97.11.116 - Facebook, Inc.)
Microsoft .NET Core Runtime - 3.1.15 (x64) (HKLM-x32\...\{dd692d58-33e1-46f9-94e4-bfa34502d743}) (Version: 3.1.15.30014 - Microsoft Corporation)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft ASP.NET Core 3.1.15 - Shared Framework (HKLM-x32\...\{6d409965-38ab-45c2-b232-f99e51100815}) (Version: 3.1.15.21215 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.41 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{A106FA6F-E94C-44C9-8A0F-C34BD82C9FE6}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1930677817-3247307296-2436609557-1001\...\OneDriveSetup.exe) (Version: 21.083.0425.0003 - Microsoft Corporation)
Microsoft Report Viewer 2014 Runtime (HKLM-x32\...\{327E9C0D-1687-414F-923E-F5979E549548}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{83F2B8F4-5CF3-4BE9-9772-9543EAE4AC5F}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{6292D514-17A4-403F-98F9-E150F10C043D}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2014) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2014 Policies  (HKLM-x32\...\{1C30FE7E-8A8C-4492-89D6-10CB20C3B0EB}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Setup (English) (HKLM\...\{37C44B5C-E839-4A9D-9E20-A93E1B2FD35A}) (Version: 12.0.2269.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL Compiler Service  (HKLM\...\{537203CB-708E-43A3-BA16-3D5C14A587BB}) (Version: 12.0.2269.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{C3F6F200-6D7B-4879-B9EE-700C0CE1FCDA}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{8C06D6DB-A391-4686-B050-99CC522A7843}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{4fd02573-5f12-4ae4-8027-c63f8e1115af}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29112 (HKLM-x32\...\{0f770e99-3916-4b0c-8f9b-83822826bcbf}) (Version: 14.27.29112.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29112 (HKLM-x32\...\{be826f5f-eda5-45a2-a3fe-c2cb5c1b9842}) (Version: 14.27.29112.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2014 (HKLM\...\{366CD715-2FF4-40B4-A8B4-A05E5D21A945}) (Version: 12.0.2000.8 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MultiDoge 0.1.7 (HKLM-x32\...\MultiDoge 0.1.7) (Version: 0.1.7 - )
OpenOffice 4.1.7 (HKLM-x32\...\{E3E3C1D4-6886-4EDB-9F12-335641465055}) (Version: 4.17.9800 - Apache Software Foundation)
Outlook (HKU\S-1-5-21-1930677817-3247307296-2436609557-1001\...\6b0f23e57a39ebfbf2814acb1a24293d) (Version: 1.0 - Outlook)
PowerPoint (HKU\S-1-5-21-1930677817-3247307296-2436609557-1001\...\319814cb56b667dff88f54e08be8f51f) (Version: 1.0 - PowerPoint)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8702.1 - Realtek Semiconductor Corp.)
Schick WiFi Driver (HKLM-x32\...\{2942A71C-EDBD-4351-8A0C-C0985A3627FF}) (Version: 5.5.981.6176 - Sirona Dental, Inc.)
Signer for browser 1.0 (HKLM-x32\...\{FA2B17BD-D866-4793-B1DC-56B2EE0A4851}_is1) (Version:  - Asseco Central Europe, a.s.)
Sirona XIOS XG Dynamic Sharpen Slider 1.2 (HKLM-x32\...\{96A04C69-5425-4910-AFCD-51E0D7ED8840}) (Version: 1.2.0.0 - Sirona Dental Systems GmbH)
Sirona XIOS XG Select / Supreme 1.2 (HKLM-x32\...\{56F01108-A577-43D2-909A-6C22F744BB9F}) (Version: 1.2.0.0 - Sirona Dental Systems GmbH)
Speciální aplikace Autodesk (HKLM-x32\...\{46EA8955-D629-4B3E-AAF0-D136031D7C95}) (Version: 3.2.1 - Autodesk)
SQL Server 2014 Client Tools (HKLM\...\{2BA1811B-44C0-4C50-8C5A-CE68AB25ED71}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Client Tools (HKLM\...\{B5ECFA5C-AC4F-45A4-A12E-A76ABDD9CCBA}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Common Files (HKLM\...\{BD1CD96B-FE4B-4EAE-83D4-6EF55AB5779C}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Common Files (HKLM\...\{F7012F84-80F5-4C25-852E-B1BA03276FE6}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (HKLM\...\{17531BCD-C627-46A2-9F1E-7CC920E0E94A}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (HKLM\...\{5082A9F3-AEE5-4639-9BA7-C19661BA7331}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (HKLM\...\{ACC530B8-B6B4-40D6-B59B-152468CF47D0}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (HKLM\...\{D1B847A9-B06B-4264-9EF0-78E6E1571E65}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Management Studio (HKLM\...\{75A54138-3B98-4705-92E4-F619825B121F}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Management Studio (HKLM\...\{839EF29A-3055-43DC-ADCE-8E84893798D5}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2014 (HKLM-x32\...\{3204DE95-97D2-4261-A286-98A262E171D4}) (Version: 12.0.2000.8 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (HKLM\...\{6476DB81-F263-4C04-8574-AAD31136C304}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
Stomatolog verze 2.4 sestavení 9/0 (HKLM-x32\...\Stomatolog_is1) (Version: 2.4.9/0 - HoboSoft)
Sweet Home 3D version 6.5 (HKLM\...\Sweet Home 3D_is1) (Version: 6.5 - eTeks)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.18.5 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.40219 - Microsoft Corporation)
WhatsApp (HKU\S-1-5-21-1930677817-3247307296-2436609557-1001\...\WhatsApp) (Version: 2.2110.12 - WhatsApp)
WiFi Configuration Utility (HKLM-x32\...\{E7D4BC6A-4A84-4F29-AE23-89670C7DE3B7}) (Version: 5.5.981.6176 - Sirona Dental)
Word (HKU\S-1-5-21-1930677817-3247307296-2436609557-1001\...\1b837d0bf93d01407352736c91b7bf50) (Version: 1.0 - Word)
Zemana AntiMalware verze 3.2.28 (HKLM-x32\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.2.28 - Zemana)
Zoom (HKU\S-1-5-21-1930677817-3247307296-2436609557-1001\...\ZoomUMX) (Version: 5.5.4 (13142.0301) - Zoom Video Communications, Inc.)

Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2021-03-10] (Adobe Systems Incorporated)
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2021-03-10] (Adobe Systems Incorporated)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_127.1.115.0_x64__v10z8vjag6ke6 [2021-05-10] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-01-16] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-01-16] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5310.0_x64__8wekyb3d8bbwe [2021-06-05] (Microsoft Studios) [MS Ad]
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3325.0_x64__8j3eq9eme6ctt [2021-05-10] (INTEL CORP) [Startup Task]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0 [2021-05-30] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1930677817-3247307296-2436609557-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-093C144BF6B3} -> [Creative Cloud Files] => C:\Users\ordinace_2\Creative Cloud Files [2021-03-10 17:50]
CustomCLSID: HKU\S-1-5-21-1930677817-3247307296-2436609557-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-1930677817-3247307296-2436609557-1001_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8}\localserver32 -> D:\Autodesk\AutoCAD 2022\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-1930677817-3247307296-2436609557-1001_Classes\CLSID\{8B4929F8-076F-4AEC-AFEE-8928747B7AE3}\localserver32 -> D:\Autodesk\AutoCAD 2022\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-1930677817-3247307296-2436609557-1001_Classes\CLSID\{AA46BA8A-9825-40FD-8493-0BA3C4D5CEB5}\localserver32 -> D:\Autodesk\AutoCAD 2022\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-1930677817-3247307296-2436609557-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> D:\Autodesk\AutoCAD 2022\cs-CZ\acadficn.dll => No File
CustomCLSID: HKU\S-1-5-21-1930677817-3247307296-2436609557-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-06-03] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-06-03] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-06-03] (Adobe Inc. -> )
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2021-03-30] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-06-03] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-05-28] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\shellex.dll [2021-06-09] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers2: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\shellex.dll [2021-06-09] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\shellex.dll [2021-06-09] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2021-03-30] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-06-03] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-05-28] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\shellex.dll [2021-06-09] (Kaspersky Lab JSC -> AO Kaspersky Lab)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\ordinace_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) ->  --profile-directory=Default --app-id=leffmjdabcgaflkikcefahmlgpodjkdm
ShortcutWithArgument: C:\Users\ordinace_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) ->  --profile-directory=Default --app-id=bjhmmnoficofgoiacjaajpkfndojknpb
ShortcutWithArgument: C:\Users\ordinace_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) ->  --profile-directory=Default --app-id=opfacbhaojodjaojgocnibmklknchehf
ShortcutWithArgument: C:\Users\ordinace_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) ->  --profile-directory=Default --app-id=hikhggiobiflkdfdgdajcfklmcibbopi

==================== Loaded Modules (Whitelisted) =============

2016-03-11 11:44 - 2016-03-11 11:44 - 001443840 _____ () [File not signed] [File is in use] C:\Program Files\Sirona\SIDEXIS4\CefSharp.Core.dll
2018-05-30 13:58 - 2018-05-30 13:58 - 003264000 _____ () [File not signed] [File is in use] C:\Program Files\Sirona\SIDEXIS4\SOUP\ManagedDcmtkWrapper2\ManagedDcmtkWrapper2.dll
2017-04-06 11:21 - 2017-04-06 11:21 - 000076288 _____ () [File not signed] [File is in use] C:\Program Files\Sirona\SIDEXIS4\SOUP\NGFilterWrapper\NGFilterWrapper.dll
2015-03-17 02:34 - 2015-03-17 02:34 - 000010240 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\cs_cz\acrotray.cze
2016-03-11 11:44 - 2016-03-11 11:44 - 069952512 _____ () [File not signed] C:\Program Files\Sirona\SIDEXIS4\libcef.dll
2013-01-08 15:29 - 2013-01-08 15:29 - 000086092 _____ () [File not signed] C:\Program Files\Sirona\SIDEXIS4\XG\NGXml.dll
2021-01-26 09:24 - 2016-12-01 11:14 - 000016384 _____ () [File not signed] D:\hobosoft\Stomatolog\Bin\Cavo3usr.DLL
2021-01-26 09:24 - 2015-11-24 09:25 - 001190400 _____ () [File not signed] D:\hobosoft\Stomatolog\Bin\CertDataExtractorDynWrapper.DLL
2021-01-26 09:24 - 2008-05-26 12:09 - 001988096 _____ () [File not signed] D:\hobosoft\Stomatolog\Bin\FabPaint.DLL
2021-01-26 09:24 - 2016-05-04 18:49 - 000269824 _____ () [File not signed] D:\hobosoft\Stomatolog\Bin\JBHTTPsDynWrapper.DLL
2021-01-26 09:24 - 2016-05-04 20:25 - 000011776 _____ () [File not signed] D:\hobosoft\Stomatolog\Bin\JBMD5DynWrapper.DLL
2021-01-26 09:24 - 2018-11-20 14:41 - 000048128 _____ () [File not signed] D:\hobosoft\Stomatolog\Bin\TB.DLL
2021-01-26 09:24 - 2004-11-11 08:31 - 000057856 _____ () [File not signed] D:\hobosoft\Stomatolog\Bin\UNZDLL.DLL
2021-01-26 09:24 - 2004-11-11 08:04 - 000068096 _____ () [File not signed] D:\hobosoft\Stomatolog\Bin\ZIPDLL.DLL
2021-02-02 07:49 - 2021-02-02 07:49 - 000021504 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\cs_cz\Acrobat Elements\ContextMenuShim64.cze
2013-01-08 15:29 - 2013-01-08 15:29 - 001953866 _____ (BCGSoft Ltd) [File not signed] C:\Program Files\Sirona\SIDEXIS4\XG\BCGCBPRO651.dll
2021-01-26 09:24 - 2013-03-12 02:08 - 000126976 _____ (Computer Associates International) [File not signed] D:\hobosoft\Stomatolog\Bin\_DBFCDX.RDD
2021-01-26 09:24 - 2016-12-01 11:14 - 000223232 _____ (Computer Associates International) [File not signed] D:\hobosoft\Stomatolog\Bin\VO28ORUN.DLL
2021-01-26 09:24 - 2016-12-01 11:14 - 000557056 _____ (Computer Associates International) [File not signed] D:\hobosoft\Stomatolog\Bin\VO28RUN.DLL
2021-01-26 09:24 - 2016-12-01 11:14 - 000006144 _____ (Computer Associates International, Inc.) [File not signed] D:\hobosoft\Stomatolog\Bin\CAIM3DBM.DLL
2021-01-26 09:24 - 2016-12-01 11:14 - 000105472 _____ (Computer Associates International, Inc.) [File not signed] D:\hobosoft\Stomatolog\Bin\CATO3CNT.dll
2021-01-26 09:24 - 2016-12-01 11:14 - 000017920 _____ (Computer Associates International, Inc.) [File not signed] D:\hobosoft\Stomatolog\Bin\CATO3DAT.dll
2021-01-26 09:24 - 2016-12-01 11:14 - 000026112 _____ (Computer Associates International, Inc.) [File not signed] D:\hobosoft\Stomatolog\Bin\CATO3MSK.dll
2021-01-26 09:24 - 2016-12-01 11:14 - 000025600 _____ (Computer Associates International, Inc.) [File not signed] D:\hobosoft\Stomatolog\Bin\CATO3NBR.dll
2021-01-26 09:24 - 2016-12-01 11:14 - 000027136 _____ (Computer Associates International, Inc.) [File not signed] D:\hobosoft\Stomatolog\Bin\CATO3SBR.dll
2021-01-26 09:24 - 2016-12-01 11:14 - 000091136 _____ (Computer Associates International, Inc.) [File not signed] D:\hobosoft\Stomatolog\Bin\CATO3TBR.dll
2021-01-26 09:24 - 2016-12-01 11:14 - 000018944 _____ (Computer Associates International, Inc.) [File not signed] D:\hobosoft\Stomatolog\Bin\CATO3TIM.dll
2021-01-26 09:24 - 2016-12-01 11:14 - 001492480 _____ (Computer Associates International, Inc.) [File not signed] D:\hobosoft\Stomatolog\Bin\VO28GUI.DLL
2021-01-26 09:24 - 2016-12-01 11:14 - 000302592 _____ (Computer Associates International, Inc.) [File not signed] D:\hobosoft\Stomatolog\Bin\VO28INET.DLL
2021-01-26 09:24 - 2016-12-01 11:14 - 000153088 _____ (Computer Associates International, Inc.) [File not signed] D:\hobosoft\Stomatolog\Bin\VO28OLE.DLL
2021-01-26 09:24 - 2016-12-01 11:14 - 000371712 _____ (Computer Associates International, Inc.) [File not signed] D:\hobosoft\Stomatolog\Bin\VO28RDD.DLL
2021-01-26 09:24 - 2016-12-01 11:14 - 000257536 _____ (Computer Associates International, Inc.) [File not signed] D:\hobosoft\Stomatolog\Bin\VO28REP.DLL
2021-01-26 09:24 - 2016-12-01 11:14 - 000286720 _____ (Computer Associates International, Inc.) [File not signed] D:\hobosoft\Stomatolog\Bin\VO28SQL.DLL
2021-01-26 09:24 - 2016-12-01 11:14 - 000151040 _____ (Computer Associates International, Inc.) [File not signed] D:\hobosoft\Stomatolog\Bin\VO28SYS.DLL
2021-01-26 09:24 - 2016-12-01 11:14 - 000058368 _____ (Computer Associates Intl.) [File not signed] D:\hobosoft\Stomatolog\Bin\CAQR3CQM.DLL
2021-01-26 09:24 - 2016-12-01 11:14 - 000019968 _____ (Computer Associates Intl.) [File not signed] D:\hobosoft\Stomatolog\Bin\CAQR3DBA.DLL
2021-01-26 09:24 - 2016-12-01 11:14 - 000018432 _____ (Computer Associates Intl.) [File not signed] D:\hobosoft\Stomatolog\Bin\CAQR3DBC.dll
2021-01-26 09:24 - 2016-12-01 11:14 - 000019968 _____ (Computer Associates Intl.) [File not signed] D:\hobosoft\Stomatolog\Bin\CAQR3MEM.dll
2021-01-26 09:24 - 2016-12-01 11:14 - 000015872 _____ (Computer Associates Intl.) [File not signed] D:\hobosoft\Stomatolog\Bin\CAQR3RCC.DLL
2021-01-26 09:24 - 2016-12-01 11:14 - 000022016 _____ (Computer Associates Intl.) [File not signed] D:\hobosoft\Stomatolog\Bin\CAQR3RES.dll
2021-01-26 09:24 - 2016-12-01 11:14 - 000298496 _____ (Computer Associates Intl.) [File not signed] D:\hobosoft\Stomatolog\Bin\CAQR3RET.dll
2021-01-26 09:24 - 2016-12-01 11:14 - 000012288 _____ (Computer Associates Intl.) [File not signed] D:\hobosoft\Stomatolog\Bin\CAQR3WBM.DLL
2021-01-26 09:24 - 2016-12-01 11:14 - 000015360 _____ (Computer Associates Intl.) [File not signed] D:\hobosoft\Stomatolog\Bin\CAQR3WQM.DLL
2021-01-26 09:24 - 2016-12-01 11:14 - 000034816 _____ (Computer Associates Intl.) [File not signed] D:\hobosoft\Stomatolog\Bin\CAQR3WRM.DLL
2021-01-26 09:24 - 2016-12-01 11:14 - 000017408 _____ (Computer Associates Intl.) [File not signed] D:\hobosoft\Stomatolog\Bin\CAQR3WUT.DLL
2009-09-16 18:44 - 2009-09-16 18:44 - 000153088 _____ (Hewlett Packard) [File not signed] C:\Windows\System32\hptcpmib.dll
2009-09-16 18:45 - 2009-09-16 18:45 - 000331264 _____ (Hewlett Packard) [File not signed] C:\Windows\System32\HpTcpMon.dll
2009-09-16 11:44 - 2009-09-16 11:44 - 000132096 _____ (Hewlett Packard) [File not signed] C:\Windows\System32\hpzjrd01.dll
2014-06-24 23:31 - 2014-06-24 23:31 - 000041472 _____ (Hewlett-Packard Company) [File not signed] [File is in use] C:\Program Files (x86)\HP\HPLaserJetService\HPHTTPProxy.dll
2014-06-24 23:31 - 2014-06-24 23:31 - 000073728 _____ (Hewlett-Packard Company) [File not signed] [File is in use] C:\Program Files (x86)\HP\HPLaserJetService\HPTools.dll
2014-06-24 23:31 - 2014-06-24 23:31 - 001222656 _____ (Hewlett-Packard Company) [File not signed] [File is in use] C:\Program Files (x86)\HP\HPLaserJetService\LEDMXMLObjects.dll
2014-06-24 23:31 - 2014-06-24 23:31 - 000034816 _____ (HP) [File not signed] [File is in use] C:\Program Files (x86)\HP\HPLaserJetService\HPServiceCommunicator.dll
2021-01-16 18:03 - 2019-02-21 18:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2003-03-18 23:23 - 2003-03-18 23:23 - 000024576 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\1029\mdmui.dll
2009-09-16 18:45 - 2009-09-16 18:45 - 000317440 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\HPTcpMUI.dll
2015-12-24 14:16 - 2015-12-24 14:16 - 000086070 _____ (Open Source Software community project) [File not signed] C:\Program Files (x86)\Schick Technologies\Shared Files\pthreadVC2.dll
2015-12-24 14:16 - 2015-12-24 14:16 - 000184832 _____ (SCM Microsystems) [File not signed] C:\Program Files (x86)\Schick Technologies\Shared Files\SCM_NFC.DLL
2018-07-18 04:35 - 2018-07-18 04:35 - 001568768 _____ (Sirona Dental Systems GmbH) [File not signed] [File is in use] C:\Program Files\Sirona\SIDEXIS4\OwsCore.Tools.CppCliLib.dll
2018-07-18 04:35 - 2018-07-18 04:35 - 000407552 _____ (Sirona Dental Systems GmbH) [File not signed] [File is in use] C:\Program Files\Sirona\SIDEXIS4\Sirona.Aten.RenderEngineDX.dll
2018-07-18 04:35 - 2018-07-18 04:35 - 000056832 _____ (Sirona Dental Systems GmbH) [File not signed] C:\Program Files\Sirona\SIDEXIS4\OwsCore.Tools.CppLib.dll
2021-01-26 09:24 - 2018-02-13 06:42 - 001371136 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] D:\hobosoft\Stomatolog\Bin\LIBEAY32.dll
2021-01-26 09:24 - 2018-02-13 06:42 - 000337920 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] D:\hobosoft\Stomatolog\Bin\SSLEAY32.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-1930677817-3247307296-2436609557-1001\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer (Whitelisted) ==========

BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2021-02-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2021-02-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\ssv.dll [2021-06-03] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2021-02-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\jp2ssv.dll [2021-06-03] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2021-02-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2021-02-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2021-02-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;D:\SQL_Server\SQL_Server\Client SDK\ODBC\110\Tools\Binn\;D:\SQL_Server\SQL_Serverx86\120\Tools\Binn\;D:\SQL_Server\SQL_Server\120\Tools\Binn\;D:\SQL_Server\SQL_Server\120\DTS\Binn\;D:\SQL_Server\SQL_Serverx86\120\Tools\Binn\ManagementStudio\;D:\SQL_Server\SQL_Serverx86\120\DTS\Binn\;C:\Program Files\dotnet\
HKU\S-1-5-21-1930677817-3247307296-2436609557-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-80-281799896-3941622561-3476407516-3152736070-1295630018\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 10.0.1.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "Autodesk Genuine Service "
HKLM\...\StartupApproved\Run32: => "StatusAlerts"
HKU\S-1-5-21-1930677817-3247307296-2436609557-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{F4ADFBC5-89AA-45E3-9803-4B180326047F}C:\easydent4\file server\fileserver.exe] => (Allow) C:\easydent4\file server\fileserver.exe (Value Added Tehnologies Co.,Ltd) [File not signed]
FirewallRules: [UDP Query User{50CFDE59-81FE-45AD-BD7D-939558FB5A66}C:\easydent4\file server\fileserver.exe] => (Allow) C:\easydent4\file server\fileserver.exe (Value Added Tehnologies Co.,Ltd) [File not signed]
FirewallRules: [{F9A5380F-8D41-4BC8-AC05-550122B2C4AC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1872CB59-A33C-4B0B-BBDF-134CD6D648E6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B45E2885-1E51-4743-8064-DA4B4E21E931}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{11F75B2B-101A-4AA5-83C3-0BF7F497A5F6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{74D8A3B4-F5D2-41C5-91F0-FA9923C132E2}] => (Allow) C:\Program Files (x86)\Schick Technologies\Shared Files\MarconiService.exe (Sirona Dental, Inc.) [File not signed] [File is in use]
FirewallRules: [{3E707E49-4202-459D-A826-728140BE7AE6}] => (Allow) C:\Users\ordinace_2\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{C4969329-CC4D-4A61-87CE-112771B86780}] => (Allow) C:\Users\ordinace_2\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{14D15668-E7E6-407C-9ACD-F8A246718E32}] => (Allow) C:\Users\ordinace_2\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{C3E47EF0-D6F8-4459-8B5B-F0306C2684EC}] => (Allow) C:\Program Files\HP\HP LaserJet Pro MFP M127-M128\bin\SendAFax.exe (VistaName -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{C534801D-8C85-4477-BC4E-44F5F6B82BCE}] => (Allow) C:\Program Files\HP\HP LaserJet Pro MFP M127-M128\Bin\HPNetworkCommunicatorCom.exe (VistaName -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{6F486503-8398-48FB-999F-0A3504448C75}] => (Allow) C:\Program Files\HP\HP LaserJet Pro MFP M127-M128\bin\FaxPrinterUtility.exe (VistaName -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{FA713740-C80A-4C75-89FA-1ACCA2FCA0B9}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M127-M128\bin\FaxApplications.exe (VistaName -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{28A353BA-9308-4E97-B477-9B0456C75B64}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M127-M128\Bin\HPNetworkCommunicatorCom.exe (VistaName -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{C5CF1EC4-7C4A-4721-A421-15BAA17D0D09}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M127-M128\bin\EWSProxy.exe (VistaName -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{95E5DDFA-DFE6-445B-BF9C-57BCCEB35EC2}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{5A620C09-C9A4-4627-A225-9F401181E3F1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D16A80A5-00D6-401A-830D-31E030C73E69}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{440BDD21-0606-4E88-8E3A-827DA9674AA9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{837419E4-70DB-4260-8D07-77AA9C09B6F5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FFB59E5E-BDF0-453C-A2CA-C6C8C057FA45}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0369E6D2-BB46-49F7-997A-ADFAA42CB603}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5C9139A6-8815-4E55-9C88-A26CB0EC6552}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F1239FC2-C1AC-49CF-A13B-8F0B20F54315}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F5D38927-68DF-41EA-99D0-03B9474A3E98}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A364663D-BC71-47A2-A4D0-CC776D7A1EF7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{AC790345-CF43-4BC5-AD9D-1839281AA0E3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{379137A6-1C00-4341-864A-EFAA17EE0B29}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{3227B04C-2C0A-47C8-B005-84386E088356}C:\program files\dogecoin\dogecoin-qt.exe] => (Allow) C:\program files\dogecoin\dogecoin-qt.exe => No File
FirewallRules: [UDP Query User{5A60CD14-A494-454F-956E-0951CDD04897}C:\program files\dogecoin\dogecoin-qt.exe] => (Allow) C:\program files\dogecoin\dogecoin-qt.exe => No File
FirewallRules: [TCP Query User{6214C2B6-9FBF-44BB-9D76-8BE62A0F9416}C:\program files\monero gui wallet\monero-wallet-gui.exe] => (Allow) C:\program files\monero gui wallet\monero-wallet-gui.exe => No File
FirewallRules: [UDP Query User{0F473C78-675C-4058-B6E0-EB80BA42D942}C:\program files\monero gui wallet\monero-wallet-gui.exe] => (Allow) C:\program files\monero gui wallet\monero-wallet-gui.exe => No File
FirewallRules: [TCP Query User{45C16F69-E550-4642-9F78-CBD4FE105135}C:\program files\monero gui wallet\monerod.exe] => (Allow) C:\program files\monero gui wallet\monerod.exe => No File
FirewallRules: [UDP Query User{23DD08B3-4457-4AF3-AE5A-00661F7B6482}C:\program files\monero gui wallet\monerod.exe] => (Allow) C:\program files\monero gui wallet\monerod.exe => No File
FirewallRules: [TCP Query User{657DB825-C141-4FF9-AAA2-316CF3A7C053}C:\easydent4\file server\fileserver.exe] => (Allow) C:\easydent4\file server\fileserver.exe (Value Added Tehnologies Co.,Ltd) [File not signed]
FirewallRules: [UDP Query User{ECC4E8B7-5E27-4AB9-9E47-6E1EBEA6DD39}C:\easydent4\file server\fileserver.exe] => (Allow) C:\easydent4\file server\fileserver.exe (Value Added Tehnologies Co.,Ltd) [File not signed]

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============

Name: MTP
Description: MTP
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (06/08/2021 11:21:45 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (06/08/2021 11:21:45 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (06/08/2021 08:03:42 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: TwainServer.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.ObjectDisposedException
   na System.Threading.WaitHandle.WaitOneNative(System.Runtime.InteropServices.SafeHandle, UInt32, Boolean, Boolean)
   na System.Threading.WaitHandle.InternalWaitOne(System.Runtime.InteropServices.SafeHandle, Int64, Boolean, Boolean)
   na System.Threading.WaitHandle.WaitOne(Int32, Boolean)
   na System.Threading.WaitHandle.WaitOne()
   na log4net.Appender.FileAppender+InterProcessLock.AcquireLock()
   na log4net.Appender.FileAppender+LockingStream.AcquireLock()
   na log4net.Appender.FileAppender.WriteFooter()
   na log4net.Appender.TextWriterAppender.WriteFooterAndCloseWriter()
   na log4net.Appender.FileAppender.Reset()
   na log4net.Appender.TextWriterAppender.OnClose()
   na log4net.Appender.AppenderSkeleton.Close()
   na log4net.Appender.AppenderSkeleton.Finalize()

Error: (06/07/2021 11:52:00 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program monero-wallet-gui.exe verze 0.0.0.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 3db0

Čas spuštění: 01d75937f9947a75

Čas ukončení: 17

Cesta k aplikaci: C:\Program Files\Monero GUI Wallet\monero-wallet-gui.exe

ID hlášení: 4d8ee9e6-1d5b-400c-8982-9551f129ffb4

Úplný název balíčku s chybou: 

ID aplikace relativní podle balíčku s chybou: 

Typ zablokování: Unknown

Error: (06/07/2021 09:37:28 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Microsoft.Photos.exe verze 2020.20120.4004.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 3f94

Čas spuštění: 01d75b65004c9242

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.20120.4004.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

ID hlášení: d7f98dc8-c7e2-4b9d-afdd-03cec948edc1

Úplný název balíčku s chybou: Microsoft.Windows.Photos_2020.20120.4004.0_x64__8wekyb3d8bbwe

ID aplikace relativní podle balíčku s chybou: App

Typ zablokování: Quiesce

Error: (06/07/2021 09:08:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: monerod.exe, verze: 0.0.0.0, časové razítko: 0x606c9995
Název chybujícího modulu: msvcrt.dll, verze: 7.0.19041.546, časové razítko: 0x564f9f39
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000005d2f1
ID chybujícího procesu: 0x3508
Čas spuštění chybující aplikace: 0x01d75b60e099df4d
Cesta k chybující aplikaci: C:\Program Files\Monero GUI Wallet\monerod.exe
Cesta k chybujícímu modulu: C:\Windows\System32\msvcrt.dll
ID zprávy: 37762746-f30a-4828-82f9-83805ad1d6bc
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (06/07/2021 08:04:34 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Microsoft.Photos.exe verze 2020.20120.4004.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 2b58

Čas spuštění: 01d7589114011f61

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.20120.4004.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

ID hlášení: 61c6c820-cacd-4da6-8e0a-b1d21671c872

Úplný název balíčku s chybou: Microsoft.Windows.Photos_2020.20120.4004.0_x64__8wekyb3d8bbwe

ID aplikace relativní podle balíčku s chybou: App

Typ zablokování: Quiesce

Error: (06/06/2021 01:55:15 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na DATA (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)


System errors:
=============
Error: (06/09/2021 10:00:34 AM) (Source: DCOM) (EventID: 10010) (User: PC-HLAVNI)
Description: Server {2F810ED9-5723-4BF8-B9E6-B51BE7263F50} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/09/2021 09:55:49 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Služba inteligentního přenosu na pozadí skončila s následující chybou specifickou pro službu: 
%%2147943515 = Probíhá vypnutí systému.

Error: (06/09/2021 09:55:49 AM) (Source: Microsoft-Windows-Bits-Client) (EventID: 16392) (User: NT AUTHORITY)
Description: Službu BITS se nezdařilo spustit. Chyba 2147943515.

Error: (06/09/2021 09:55:47 AM) (Source: DCOM) (EventID: 10010) (User: PC-HLAVNI)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/09/2021 09:55:47 AM) (Source: DCOM) (EventID: 10010) (User: PC-HLAVNI)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/09/2021 09:55:47 AM) (Source: DCOM) (EventID: 10010) (User: PC-HLAVNI)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/09/2021 09:51:51 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Volání ScRegSetValueExW skončilo neúspěšné pro Start s touto chybou: 
Byl překročen maximální počet tajných údajů, které lze uložit v jednom systému.

Error: (06/09/2021 09:51:47 AM) (Source: DCOM) (EventID: 10000) (User: PC-HLAVNI)
Description: Nelze spustit server DCOM: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}. Došlo k chybě: 
2147942405
při provádění příkazu: 
C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}


Windows Defender:
================
Date: 2021-06-08 17:58:21
Description: 
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D3C43116-FC0C-418A-84D4-011FBAA66A64}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-06-08 14:08:35
Description: 
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=App:XMRigMiner&threatid=268622&enterprise=0
Název: App:XMRigMiner
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\ordinace_2\AppData\Local\Programs\NiceHash Miner\miner_plugins\0e0a7320-94ec-11ea-a64d-17be303ea466\bins\16.0\xmrig-6.8.1\xmrig.exe; file:_C:\Users\ordinace_2\Downloads\xmrig-6.12.2\xmrig.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Uživatel
Uživatel: PC-HLAVNI\ordinace_2
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.341.301.0, AS: 1.341.301.0, NIS: 1.341.301.0
Verze modulu: AM: 1.1.18200.4, NIS: 1.1.18200.4

Date: 2021-06-08 14:08:35
Description: 
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/FusionCore&threatid=229442&enterprise=0
Název: PUA:Win32/FusionCore
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_D:\Dokumenty\Dokumenty\Documents\Documents\GOMPLAYERGLOBALSETUP.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Uživatel
Uživatel: PC-HLAVNI\ordinace_2
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.341.301.0, AS: 1.341.301.0, NIS: 1.341.301.0
Verze modulu: AM: 1.1.18200.4, NIS: 1.1.18200.4

Date: 2021-06-08 14:08:35
Description: 
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/CoinMiner&threatid=227033&enterprise=0
Název: PUA:Win32/CoinMiner
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\ordinace_2\AppData\Local\Programs\NiceHash Miner\miner_plugins\27315fe0-3b03-11eb-b105-8d43d5bd63be\dlls\15.0\MP.Excavator.dll
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Uživatel
Uživatel: PC-HLAVNI\ordinace_2
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.341.301.0, AS: 1.341.301.0, NIS: 1.341.301.0
Verze modulu: AM: 1.1.18200.4, NIS: 1.1.18200.4

Date: 2021-06-08 14:08:35
Description: 
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/Presenoker&threatid=242420&enterprise=0
Název: PUA:Win32/Presenoker
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: containerfile:_D:\Dokumenty\Dokumenty\Downloads\monero-gui-install-win-x64-v0.17.2.2.exe; file:_C:\Program Files\Monero GUI Wallet\monero-blockchain-ancestry.exe; file:_C:\Program Files\Monero GUI Wallet\monero-blockchain-depth.exe; file:_C:\Program Files\Monero GUI Wallet\monero-blockchain-export.exe; file:_C:\Program Files\Monero GUI Wallet\monero-blockchain-prune-known-spent-data.exe; file:_C:\Program Files\Monero GUI Wallet\monero-blockchain-prune.exe; file:_C:\Users\ordinace_2\AppData\Local\Programs\NiceHash Miner\miner_plugins\27315fe0-3b03-11eb-b105-8d43d5bd63be\dlls\15.1\MP.Excavator.dll; file:_C:\Users\ordinace_2\AppData\Local\Programs\NiceHash Miner\miner_plugins\27315fe0-3b03-11eb-b105-8d43d5bd63be\dlls\15.2\MP.Excavator.dll; file:_C:\Users\ordinace_2\AppData\Local\Programs\NiceHash Miner\miner_plugins\27315fe0-3b03-11eb-b105-8d43d5bd63be\dlls\15.4\MP.Excavator.dll; file:_D:\Dokumenty\Dokumenty\Downloads\monero-gui-install-win-x64-v0.17.2.2.exe->(inno#000010); file:_D:\Dokumenty\Dokumenty\Download
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Uživatel
Uživatel: PC-HLAVNI\ordinace_2
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.341.301.0, AS: 1.341.301.0, NIS: 1.341.301.0
Verze modulu: AM: 1.1.18200.4, NIS: 1.1.18200.4

Date: 2021-06-05 00:14:42
Description: 
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 
Předchozí verze bezpečnostních informací: 1.341.54.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.18200.4
Kód chyby: 0x80070070
Popis chyby: Na disku není dost místa. 

Date: 2021-06-05 00:14:42
Description: 
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 
Předchozí verze bezpečnostních informací: 1.341.54.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.18200.4
Kód chyby: 0x80070070
Popis chyby: Na disku není dost místa. 

Date: 2021-06-04 13:05:54
Description: 
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.341.8.0
Předchozí verze bezpečnostních informací: 1.339.1962.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18200.4
Předchozí verze modulu: 1.1.18100.6
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy. 

Date: 2021-06-04 13:05:54
Description: 
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.341.8.0
Předchozí verze bezpečnostních informací: 1.339.1962.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18200.4
Předchozí verze modulu: 1.1.18100.6
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy. 

Date: 2021-06-04 13:05:54
Description: 
Program Antivirová ochrana v programu Microsoft Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.18200.4
Předchozí verze modulu: 1.1.18100.6
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy. 

CodeIntegrity:
===============
Date: 2021-06-09 10:44:05
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avp.exe) attempted to load \Device\HarddiskVolume3\Windows\SysWOW64\sqlncli11.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-06-09 10:44:05
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avp.exe) attempted to load \Device\HarddiskVolume3\Windows\SysWOW64\msodbcsql11.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

BIOS: American Megatrends Inc. 1605 07/17/2020
Motherboard: ASUSTeK COMPUTER INC. PRIME H310M-R R2.0
Processor: Intel(R) Core(TM) i5-8400 CPU @ 2.80GHz
Percentage of memory in use: 40%
Total physical RAM: 16263.01 MB
Available physical RAM: 9748.01 MB
Total Virtual: 28551.01 MB
Available Virtual: 21644.52 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:222.8 GB) (Free:21.06 GB) NTFS
Drive d: (DATA) (Fixed) (Total:1863.01 GB) (Free:1692.62 GB) NTFS
Drive f: (Zaloha_USB) (Fixed) (Total:931.5 GB) (Free:913.46 GB) NTFS
Drive g: (HiSuite) (CDROM) (Total:0 GB) (Free:0 GB) CDFS

\\?\Volume{20690060-10d8-44cc-a0ef-cd7b4c4d00fc}\ (Recovery tools) (Fixed) (Total:0.49 GB) (Free:0.46 GB) NTFS
\\?\Volume{13817e69-1b8d-4b87-ab46-2011a081a982}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: DD4315EF)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: A2ECFD63)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=42)

==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: A2ECFD64)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=42)

==========================================================
Disk: 3 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
CustomCLSID: HKU\S-1-5-21-1930677817-3247307296-2436609557-1001_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8}\localserver32 -> D:\Autodesk\AutoCAD 2022\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-1930677817-3247307296-2436609557-1001_Classes\CLSID\{8B4929F8-076F-4AEC-AFEE-8928747B7AE3}\localserver32 -> D:\Autodesk\AutoCAD 2022\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-1930677817-3247307296-2436609557-1001_Classes\CLSID\{AA46BA8A-9825-40FD-8493-0BA3C4D5CEB5}\localserver32 -> D:\Autodesk\AutoCAD 2022\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-1930677817-3247307296-2436609557-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> D:\Autodesk\AutoCAD 2022\cs-CZ\acadficn.dll => No File
FirewallRules: [{C4969329-CC4D-4A61-87CE-112771B86780}] => (Allow) C:\Users\ordinace_2\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{14D15668-E7E6-407C-9ACD-F8A246718E32}] => (Allow) C:\Users\ordinace_2\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [TCP Query User{3227B04C-2C0A-47C8-B005-84386E088356}C:\program files\dogecoin\dogecoin-qt.exe] => (Allow) C:\program files\dogecoin\dogecoin-qt.exe => No File
FirewallRules: [UDP Query User{5A60CD14-A494-454F-956E-0951CDD04897}C:\program files\dogecoin\dogecoin-qt.exe] => (Allow) C:\program files\dogecoin\dogecoin-qt.exe => No File
FirewallRules: [TCP Query User{6214C2B6-9FBF-44BB-9D76-8BE62A0F9416}C:\program files\monero gui wallet\monero-wallet-gui.exe] => (Allow) C:\program files\monero gui wallet\monero-wallet-gui.exe => No File
FirewallRules: [UDP Query User{0F473C78-675C-4058-B6E0-EB80BA42D942}C:\program files\monero gui wallet\monero-wallet-gui.exe] => (Allow) C:\program files\monero gui wallet\monero-wallet-gui.exe => No File
FirewallRules: [TCP Query User{45C16F69-E550-4642-9F78-CBD4FE105135}C:\program files\monero gui wallet\monerod.exe] => (Allow) C:\program files\monero gui wallet\monerod.exe => No File
FirewallRules: [UDP Query User{23DD08B3-4457-4AF3-AE5A-00661F7B6482}C:\program files\monero gui wallet\monerod.exe] => (Allow) C:\program files\monero gui wallet\monerod.exe => No File
C:\Users\ordinace_2\AppData\Local\Programs\NiceHash Miner\miner_plugins\0e0a7320-94ec-11ea-a64d-17be303ea466\bins\16.0\xmrig-6.8.1\xmrig.exe
C:\Users\ordinace_2\Downloads\xmrig-6.12.2\xmrig.exe
D:\Dokumenty\Dokumenty\Documents\Documents\GOMPLAYERGLOBALSETUP.exe
C:\Users\ordinace_2\AppData\Local\Programs\NiceHash Miner\miner_plugins\27315fe0-3b03-11eb-b105-8d43d5bd63be\dlls\15.0\MP.Excavator.dll
D:\Dokumenty\Dokumenty\Downloads\monero-gui-install-win-x64-v0.17.2.2.exe¨
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1930677817-3247307296-2436609557-1001\...\MountPoints2: {11298201-a8bd-11eb-8eed-c38db3d2b80d} - "G:\HiSuiteDownLoader.exe"
Task: {661FAF78-FC45-440E-B99B-94C11DF770C5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-16] (Google LLC -> Google LLC)
Task: {2459DC5E-A2B3-45BC-B169-1E58E627DC1A} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [682008 2021-03-30] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {24E65DB6-FB51-49A6-A2A2-AAFA430309F1} - System32\Tasks\AMSkipUAC => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [682008 2021-03-30] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
U2 sqlserveragent; no ImagePath
C:\Program Files (x86)\Zemana

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Dobrý den tady ten log po fixu:

Kód: Vybrat vše

Fix result of Farbar Recovery Scan Tool (x64) Version: 09-06-2021
Ran by ordinace_2 (10-06-2021 11:46:18) Run:1
Running from C:\Users\ordinace_2\Desktop
Loaded Profiles: ordinace_2 & MSSQL$DATA
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
CustomCLSID: HKU\S-1-5-21-1930677817-3247307296-2436609557-1001_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8}\localserver32 -> D:\Autodesk\AutoCAD 2022\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-1930677817-3247307296-2436609557-1001_Classes\CLSID\{8B4929F8-076F-4AEC-AFEE-8928747B7AE3}\localserver32 -> D:\Autodesk\AutoCAD 2022\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-1930677817-3247307296-2436609557-1001_Classes\CLSID\{AA46BA8A-9825-40FD-8493-0BA3C4D5CEB5}\localserver32 -> D:\Autodesk\AutoCAD 2022\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-1930677817-3247307296-2436609557-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> D:\Autodesk\AutoCAD 2022\cs-CZ\acadficn.dll => No File
FirewallRules: [{C4969329-CC4D-4A61-87CE-112771B86780}] => (Allow) C:\Users\ordinace_2\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{14D15668-E7E6-407C-9ACD-F8A246718E32}] => (Allow) C:\Users\ordinace_2\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [TCP Query User{3227B04C-2C0A-47C8-B005-84386E088356}C:\program files\dogecoin\dogecoin-qt.exe] => (Allow) C:\program files\dogecoin\dogecoin-qt.exe => No File
FirewallRules: [UDP Query User{5A60CD14-A494-454F-956E-0951CDD04897}C:\program files\dogecoin\dogecoin-qt.exe] => (Allow) C:\program files\dogecoin\dogecoin-qt.exe => No File
FirewallRules: [TCP Query User{6214C2B6-9FBF-44BB-9D76-8BE62A0F9416}C:\program files\monero gui wallet\monero-wallet-gui.exe] => (Allow) C:\program files\monero gui wallet\monero-wallet-gui.exe => No File
FirewallRules: [UDP Query User{0F473C78-675C-4058-B6E0-EB80BA42D942}C:\program files\monero gui wallet\monero-wallet-gui.exe] => (Allow) C:\program files\monero gui wallet\monero-wallet-gui.exe => No File
FirewallRules: [TCP Query User{45C16F69-E550-4642-9F78-CBD4FE105135}C:\program files\monero gui wallet\monerod.exe] => (Allow) C:\program files\monero gui wallet\monerod.exe => No File
FirewallRules: [UDP Query User{23DD08B3-4457-4AF3-AE5A-00661F7B6482}C:\program files\monero gui wallet\monerod.exe] => (Allow) C:\program files\monero gui wallet\monerod.exe => No File
C:\Users\ordinace_2\AppData\Local\Programs\NiceHash Miner\miner_plugins\0e0a7320-94ec-11ea-a64d-17be303ea466\bins\16.0\xmrig-6.8.1\xmrig.exe
C:\Users\ordinace_2\Downloads\xmrig-6.12.2\xmrig.exe
D:\Dokumenty\Dokumenty\Documents\Documents\GOMPLAYERGLOBALSETUP.exe
C:\Users\ordinace_2\AppData\Local\Programs\NiceHash Miner\miner_plugins\27315fe0-3b03-11eb-b105-8d43d5bd63be\dlls\15.0\MP.Excavator.dll
D:\Dokumenty\Dokumenty\Downloads\monero-gui-install-win-x64-v0.17.2.2.exe¨
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1930677817-3247307296-2436609557-1001\...\MountPoints2: {11298201-a8bd-11eb-8eed-c38db3d2b80d} - "G:\HiSuiteDownLoader.exe"
Task: {661FAF78-FC45-440E-B99B-94C11DF770C5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-16] (Google LLC -> Google LLC)
Task: {2459DC5E-A2B3-45BC-B169-1E58E627DC1A} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [682008 2021-03-30] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {24E65DB6-FB51-49A6-A2A2-AAFA430309F1} - System32\Tasks\AMSkipUAC => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [682008 2021-03-30] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
U2 sqlserveragent; no ImagePath
C:\Program Files (x86)\Zemana

EmptyTemp:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-1930677817-3247307296-2436609557-1001_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8} => removed successfully
HKU\S-1-5-21-1930677817-3247307296-2436609557-1001_Classes\CLSID\{8B4929F8-076F-4AEC-AFEE-8928747B7AE3} => removed successfully
HKU\S-1-5-21-1930677817-3247307296-2436609557-1001_Classes\CLSID\{AA46BA8A-9825-40FD-8493-0BA3C4D5CEB5} => removed successfully
HKU\S-1-5-21-1930677817-3247307296-2436609557-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C4969329-CC4D-4A61-87CE-112771B86780}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{14D15668-E7E6-407C-9ACD-F8A246718E32}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3227B04C-2C0A-47C8-B005-84386E088356}C:\program files\dogecoin\dogecoin-qt.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5A60CD14-A494-454F-956E-0951CDD04897}C:\program files\dogecoin\dogecoin-qt.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6214C2B6-9FBF-44BB-9D76-8BE62A0F9416}C:\program files\monero gui wallet\monero-wallet-gui.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0F473C78-675C-4058-B6E0-EB80BA42D942}C:\program files\monero gui wallet\monero-wallet-gui.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{45C16F69-E550-4642-9F78-CBD4FE105135}C:\program files\monero gui wallet\monerod.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{23DD08B3-4457-4AF3-AE5A-00661F7B6482}C:\program files\monero gui wallet\monerod.exe" => removed successfully
"C:\Users\ordinace_2\AppData\Local\Programs\NiceHash Miner\miner_plugins\0e0a7320-94ec-11ea-a64d-17be303ea466\bins\16.0\xmrig-6.8.1\xmrig.exe" => not found
"C:\Users\ordinace_2\Downloads\xmrig-6.12.2\xmrig.exe" => not found
D:\Dokumenty\Dokumenty\Documents\Documents\GOMPLAYERGLOBALSETUP.exe => moved successfully
"C:\Users\ordinace_2\AppData\Local\Programs\NiceHash Miner\miner_plugins\27315fe0-3b03-11eb-b105-8d43d5bd63be\dlls\15.0\MP.Excavator.dll" => not found
"D:\Dokumenty\Dokumenty\Downloads\monero-gui-install-win-x64-v0.17.2.2.exe¨" => not found
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKU\S-1-5-21-1930677817-3247307296-2436609557-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{11298201-a8bd-11eb-8eed-c38db3d2b80d} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{661FAF78-FC45-440E-B99B-94C11DF770C5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{661FAF78-FC45-440E-B99B-94C11DF770C5}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2459DC5E-A2B3-45BC-B169-1E58E627DC1A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2459DC5E-A2B3-45BC-B169-1E58E627DC1A}" => removed successfully
C:\Windows\System32\Tasks\AMHelper => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AMHelper" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{24E65DB6-FB51-49A6-A2A2-AAFA430309F1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{24E65DB6-FB51-49A6-A2A2-AAFA430309F1}" => removed successfully
C:\Windows\System32\Tasks\AMSkipUAC => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AMSkipUAC" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
HKLM\System\CurrentControlSet\Services\sqlserveragent => removed successfully
sqlserveragent => service removed successfully
C:\Program Files (x86)\Zemana => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 16002635 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 381456821 B
Edge => 999315 B
Chrome => 447739758 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 80544680 B
NetworkService => 80957718 B
ordinace_2 => 2010075033 B
MSSQL$DATA => 2010075033 B

RecycleBin => 0 B
EmptyTemp: => 4.7 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 11:49:43 ====

Smazáno, log by již měl být OK.

ok děkuji, tady ještě log po další kontrole
nicméně problém s wifi stále trvá, tak to bude asi spíš "sítový" problém, než že by to udělal vir, co myslíte?
Po síti to tu máme trochu složitější a do toho se sám pouštět moc nechci.
Jinak děkuji za pomoc;)

Kód: Vybrat vše

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-06-2021
Ran by ordinace_2 (administrator) on PC-HLAVNI (ATComputers ALZA) (10-06-2021 12:00:34)
Running from C:\Users\ordinace_2\Desktop
Loaded Profiles: ordinace_2 & MSSQL$DATA
Platform: Windows 10 Pro Version 20H2 19042.1052 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe <2>
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <2>
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe <2>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(HP) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_54b736e5be5b50b2\OneApp.IGCC.WinService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a086f01cc7be643a\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a086f01cc7be643a\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_48973fc6c96c696a\RstMwService.exe
(Intel(R) Trust Services -> Intel(R) Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\TPMProvisioningService.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avp.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avpui.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.DATA\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
(Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe <2>
(Sirona Dental, Inc.) [File not signed] [File is in use] C:\Program Files (x86)\Schick Technologies\Shared Files\MarconiService.exe
(Sirona Dental, Inc.) [File not signed] C:\Program Files (x86)\Schick Technologies\Shared Files\MarconiMonitor.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Value Added Tehnologies Co.,Ltd) [File not signed] C:\EasyDent4\File Server\FileServer.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [FileServer] => C:\EasyDent4\File Server\FileBackUp.exe [36864 2007-03-12] (Value Added Technologies Co.,Ltd) [File not signed]
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [779448 2021-05-05] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-03-10] (Adobe Inc. -> )
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5296352 2021-05-28] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [330040 2014-02-12] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM-x32\...\Run: [Autodesk Genuine Service ] => C:\ProgramData\Autodesk\Genuine Service\x64\GenuineService.exe [2913648 2021-05-10] (Autodesk, Inc. -> Autodesk)
HKU\S-1-5-21-1930677817-3247307296-2436609557-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5549280 2021-05-28] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1930677817-3247307296-2436609557-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5549280 2021-05-28] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1930677817-3247307296-2436609557-1001\...\Policies\Explorer: [] 
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [65160 2021-05-28] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\Windows\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\91.0.4472.77\Installer\chrmstp.exe [2021-05-27] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2021-05-28] (Adobe Inc. -> Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Wireless Monitor.lnk [2021-01-28]
ShortcutTarget: Wireless Monitor.lnk -> C:\Program Files (x86)\Schick Technologies\Shared Files\MarconiMonitor.exe (Sirona Dental, Inc.) [File not signed]

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0CF5E128-68CF-4E63-BD79-318DFB66A2DA} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [89840 2014-10-19] (Hewlett-Packard Company -> Hewlett Packard)
Task: {25DA87CD-C4A8-416A-858A-C364C4DDD7E1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {2BAEAB6D-83C9-43F9-A285-2D52FF9D7808} - System32\Tasks\Intel PTT EK Recertification => C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {678C843C-A0EA-4911-9449-DA9200FFC4EC} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [743488 2021-06-09] (Kaspersky Lab JSC -> AO Kaspersky Lab)
Task: {7F339252-B2E1-49E2-BD7B-B21C38ECEF06} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {AB0D4E7E-B353-4850-98F6-B41326A97BE3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-16] (Google LLC -> Google LLC)
Task: {F4714F2A-5BFD-4CF0-AEFF-789C56669DA3} - System32\Tasks\kpm_tray.exe => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_tray.exe [622168 2021-04-28] (Kaspersky Lab JSC -> AO Kaspersky Lab)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-1930677817-3247307296-2436609557-1001] => domino.dent.cz:3128
Tcpip\..\Interfaces\{783d6656-b6d5-4145-b63a-99cafed18757}: [NameServer] 10.0.1.138

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\ordinace_2\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-10]
Edge Extension: (Ochrana Kaspersky) - C:\Users\ordinace_2\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-06-09]
Edge Extension: (Outlook) - C:\Users\ordinace_2\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjhmmnoficofgoiacjaajpkfndojknpb [2021-01-16]
Edge Extension: (Word) - C:\Users\ordinace_2\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikhggiobiflkdfdgdajcfklmcibbopi [2021-01-16]
Edge Extension: (Excel) - C:\Users\ordinace_2\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\leffmjdabcgaflkikcefahmlgpodjkdm [2021-01-16]
Edge Extension: (PowerPoint) - C:\Users\ordinace_2\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\opfacbhaojodjaojgocnibmklknchehf [2021-01-16]
Edge HKU\S-1-5-21-1930677817-3247307296-2436609557-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]

FireFox:
========
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-02-01]
FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2021-05-05] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-06-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-06-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-05-28] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-05-28] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2021-05-05] (Adobe Inc. -> Adobe Systems)

Chrome: 
=======
CHR Profile: C:\Users\ordinace_2\AppData\Local\Google\Chrome\User Data\Default [2021-06-10]
CHR Extension: (Prezentace) - C:\Users\ordinace_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-01-16]
CHR Extension: (Ochrana Kaspersky) - C:\Users\ordinace_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-06-09]
CHR Extension: (Podepisovací komponenta Signer) - C:\Users\ordinace_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\alldahcdhngmcjagmefklhhecboiigni [2021-02-03]
CHR Extension: (Dokumenty) - C:\Users\ordinace_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-01-16]
CHR Extension: (Disk Google) - C:\Users\ordinace_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-16]
CHR Extension: (YouTube) - C:\Users\ordinace_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-01-16]
CHR Extension: (Adobe Acrobat) - C:\Users\ordinace_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-03-16]
CHR Extension: (Tabulky) - C:\Users\ordinace_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-01-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\ordinace_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\ordinace_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-01]
CHR Extension: (Gmail) - C:\Users\ordinace_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-16]
CHR Extension: (Chrome Media Router) - C:\Users\ordinace_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-05-31]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [842424 2021-05-05] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avp.exe [384280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176128 2014-06-24] (HP) [File not signed]
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [288360 2021-05-10] (HP Inc. -> HP Inc.)
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 kpm_launch_service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe [357272 2021-04-28] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S2 KSDE5.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe [646520 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 MSSQL$DATA; C:\Program Files\Microsoft SQL Server\MSSQL12.DATA\MSSQL\Binn\sqlservr.exe [370368 2015-06-10] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5393304 2021-06-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 SQLAgent$DATA; C:\Program Files\Microsoft SQL Server\MSSQL12.DATA\MSSQL\Binn\SQLAGENT.EXE [613056 2015-06-10] (Microsoft Corporation -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13261608 2021-05-28] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\NisSrv.exe [2644760 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\MsMpEng.exe [136656 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 amsdk; C:\Windows\system32\drivers\amsdk.sys [232792 2021-06-08] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [250032 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klbackupdisk; C:\Windows\system32\DRIVERS\klbackupdisk.sys [110336 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [211704 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [126216 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\Windows\system32\DRIVERS\klflt.sys [514840 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [657696 2021-05-08] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [1439456 2021-05-08] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [253736 2021-06-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1042712 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klim6; C:\Windows\system32\DRIVERS\klim6.sys [98040 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [112392 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [112904 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [85256 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [96008 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\drivers\kltap.sys [55592 2021-02-19] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\Windows\System32\Drivers\klupd_klif_arkmon.sys [263888 2021-06-09] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 klupd_klif_klark; C:\Windows\System32\Drivers\klupd_klif_klark.sys [309104 2021-06-09] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\Windows\System32\Drivers\klupd_klif_klbg.sys [115744 2021-06-09] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\Windows\System32\Drivers\klupd_klif_mark.sys [224880 2021-06-09] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S4 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [155912 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [327936 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [300808 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S4 RsFx0300; C:\Windows\System32\DRIVERS\RsFx0300.sys [247488 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
R3 rtwlane_13; C:\Windows\System32\drivers\rtwlane_13.sys [3717120 2019-12-07] (Microsoft Windows -> Realtek Semiconductor Corporation)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49560 2021-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [425208 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [76008 2021-06-05] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-06-10 12:00 - 2021-06-10 12:00 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC
2021-06-10 11:46 - 2021-06-10 11:49 - 000011185 _____ C:\Users\ordinace_2\Desktop\Fixlog.txt
2021-06-10 11:45 - 2021-06-10 11:45 - 000000000 ____D C:\Users\ordinace_2\Desktop\FRST-OlderVersion
2021-06-10 10:27 - 2021-06-10 10:27 - 001376370 _____ C:\Users\ordinace_2\Documents\Noskova.změna.VoZP.pdf
2021-06-10 10:26 - 2021-06-10 10:26 - 001025491 _____ C:\Users\ordinace_2\Documents\Pavelcova.Mat.vysvědčeni..pdf
2021-06-10 10:22 - 2021-06-10 10:22 - 001690307 _____ C:\Users\ordinace_2\Documents\Jana.Bůžkova.Vzdělání..pdf
2021-06-10 07:58 - 2021-06-10 07:58 - 000286443 _____ C:\Users\ordinace_2\Downloads\p70000699956.pdf
2021-06-09 17:24 - 2021-06-09 17:24 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2021-06-09 17:24 - 2021-06-09 17:24 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2021-06-09 17:24 - 2021-06-09 17:24 - 000011353 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-06-09 15:51 - 2021-06-09 15:52 - 000000000 ____D C:\AdwCleaner
2021-06-09 15:51 - 2021-06-09 15:51 - 008534696 _____ (Malwarebytes) C:\Users\ordinace_2\Downloads\adwcleaner_8.2.exe
2021-06-09 14:52 - 2021-06-09 14:52 - 000593800 _____ C:\Users\ordinace_2\Downloads\fulltext1.php.pdf
2021-06-09 10:56 - 2021-06-09 10:57 - 000062919 _____ C:\Users\ordinace_2\Desktop\Addition.txt
2021-06-09 10:55 - 2021-06-10 12:00 - 000024564 _____ C:\Users\ordinace_2\Desktop\FRST.txt
2021-06-09 10:55 - 2021-06-10 12:00 - 000000000 ____D C:\FRST
2021-06-09 10:54 - 2021-06-10 11:45 - 002300416 _____ (Farbar) C:\Users\ordinace_2\Desktop\FRST64.exe
2021-06-09 09:57 - 2021-06-09 09:57 - 000000000 ____D C:\Users\ordinace_2\AppData\Local\Kaspersky Lab
2021-06-09 09:44 - 2021-06-09 09:44 - 002300416 _____ (Farbar) C:\Users\ordinace_2\Downloads\FRST64.exe
2021-06-09 09:43 - 2021-06-09 09:43 - 000309104 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klark.sys
2021-06-09 09:42 - 2021-06-09 09:42 - 000263888 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_arkmon.sys
2021-06-09 09:42 - 2021-06-09 09:42 - 000224880 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_mark.sys
2021-06-09 09:42 - 2021-06-09 09:42 - 000115744 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klbg.sys
2021-06-09 09:42 - 2021-06-09 09:42 - 000003392 _____ C:\Windows\system32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2021-06-09 09:42 - 2021-06-09 09:42 - 000003192 _____ C:\Windows\system32\Tasks\kpm_tray.exe
2021-06-09 09:42 - 2021-06-09 09:42 - 000001234 _____ C:\Users\Public\Desktop\Kaspersky Password Manager.lnk
2021-06-09 09:42 - 2021-06-09 09:42 - 000001170 _____ C:\Users\Public\Desktop\Kaspersky VPN.lnk
2021-06-09 09:42 - 2021-06-09 09:42 - 000000000 ____D C:\Users\Default\AppData\Local\Kaspersky Lab
2021-06-09 09:42 - 2021-06-09 09:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky VPN
2021-06-09 09:42 - 2021-06-09 09:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Password Manager
2021-06-09 09:42 - 2021-06-09 09:42 - 000000000 ____D C:\Program Files\Common Files\AV
2021-06-09 09:41 - 2021-06-09 09:42 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2021-06-09 09:41 - 2021-06-09 09:42 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2021-06-09 09:41 - 2021-06-09 09:41 - 000002173 _____ C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2021-06-09 09:41 - 2021-06-09 09:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2021-06-09 09:41 - 2021-02-19 21:09 - 000110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2021-06-09 09:41 - 2021-02-19 21:08 - 001042712 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2021-06-09 09:41 - 2021-02-19 21:08 - 000514840 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2021-06-09 09:39 - 2021-06-09 09:39 - 002765696 _____ (Kaspersky) C:\Users\ordinace_2\Downloads\kav21.3.10.391cs_25685.exe
2021-06-08 22:42 - 2021-06-10 11:59 - 119013376 _____ C:\Windows\system32\config\SOFTWARE
2021-06-08 22:39 - 2021-06-08 22:42 - 000000000 ____D C:\Windows\Microsoft Antimalware
2021-06-08 15:56 - 2021-06-08 15:56 - 002270385 _____ C:\Users\ordinace_2\Downloads\Majner.Fr.47.pdf
2021-06-08 15:54 - 2021-06-08 15:55 - 002270385 _____ C:\Users\ordinace_2\Documents\Majner.Fr.47.pdf
2021-06-08 15:10 - 2021-06-08 15:10 - 000037291 _____ C:\Users\ordinace_2\Downloads\stáhnout.htm
2021-06-08 15:09 - 2021-06-10 12:01 - 000058092 _____ C:\Windows\ZAM.krnl.trace
2021-06-08 15:09 - 2021-06-08 15:09 - 000232792 _____ (Copyright 2018.) C:\Windows\system32\Drivers\amsdk.sys
2021-06-08 15:09 - 2021-06-08 15:09 - 000001340 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2021-06-08 15:09 - 2021-06-08 15:09 - 000000000 ____D C:\Users\ordinace_2\AppData\Local\Zemana
2021-06-08 15:09 - 2021-06-08 15:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2021-06-08 15:08 - 2021-06-08 15:24 - 000000000 ____D C:\Users\ordinace_2\AppData\Local\AMSDK
2021-06-08 15:08 - 2021-06-08 15:08 - 013922376 _____ (Zemana Ltd. ) C:\Users\ordinace_2\Downloads\AntiMalware_Setup.exe
2021-06-08 11:55 - 2021-06-08 11:55 - 002260480 _____ (The ICU Project) C:\Windows\system32\icu.dll
2021-06-08 11:55 - 2021-06-08 11:55 - 001864192 _____ (The ICU Project) C:\Windows\SysWOW64\icu.dll
2021-06-08 11:55 - 2021-06-08 11:55 - 001823792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2021-06-08 11:55 - 2021-06-08 11:55 - 001393496 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2021-06-08 11:55 - 2021-06-08 11:55 - 001314120 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2021-06-08 11:55 - 2021-06-08 11:55 - 000657464 _____ C:\Windows\system32\WindowManagementAPI.dll
2021-06-08 11:55 - 2021-06-08 11:55 - 000568832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2021-06-08 11:55 - 2021-06-08 11:55 - 000468440 _____ C:\Windows\SysWOW64\WindowManagementAPI.dll
2021-06-08 11:55 - 2021-06-08 11:55 - 000451072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2021-06-08 11:55 - 2021-06-08 11:55 - 000423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2021-06-08 11:55 - 2021-06-08 11:55 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe
2021-06-08 11:55 - 2021-06-08 11:55 - 000097280 _____ C:\Windows\system32\Drivers\cimfs.sys
2021-06-08 11:54 - 2021-06-08 11:54 - 000563712 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2021-06-08 11:54 - 2021-06-08 11:54 - 000287232 _____ C:\Windows\system32\CoreMas.dll
2021-06-08 11:54 - 2021-06-08 11:54 - 000272384 _____ C:\Windows\system32\TpmTool.exe
2021-06-08 11:21 - 2021-06-08 11:21 - 000000000 ____D C:\Users\ordinace_2\Documents\FeedbackHub
2021-06-07 13:52 - 2021-06-07 13:52 - 000536385 _____ C:\Users\ordinace_2\Documents\Zrušení_smlouvy1200124794 podepsaná.pdf
2021-06-07 13:52 - 2021-06-07 13:52 - 000514857 _____ C:\Users\ordinace_2\Documents\změna správce ps podepsaná.pdf
2021-06-07 13:51 - 2021-06-07 13:51 - 000442325 _____ C:\Users\ordinace_2\Documents\změna správce ps.pdf
2021-06-07 13:50 - 2021-06-07 13:50 - 000463851 _____ C:\Users\ordinace_2\Documents\Zrušení_smlouvy1200124794.pdf
2021-06-07 09:32 - 2021-06-07 09:32 - 000000036 _____ C:\Windows\SysWOW64\id.dat
2021-06-04 13:53 - 2021-06-04 14:24 - 000000000 ____D C:\ProgramData\bitmonero
2021-06-04 13:53 - 2021-06-04 13:53 - 000000000 ____D C:\Users\ordinace_2\Documents\Monero
2021-06-04 13:53 - 2021-06-04 13:53 - 000000000 ____D C:\ProgramData\.shared-ringdb
2021-06-04 13:52 - 2021-06-07 07:49 - 000000000 ____D C:\Users\ordinace_2\AppData\Roaming\monero-wallet-gui
2021-06-04 13:40 - 2021-06-04 13:40 - 000000000 ____D C:\Users\ordinace_2\AppData\Roaming\Ledger Live
2021-06-04 13:40 - 2021-06-04 13:40 - 000000000 ____D C:\Users\ordinace_2\AppData\Local\ledger-live-desktop-updater
2021-06-04 12:34 - 2021-06-04 12:34 - 000000000 ____D C:\Users\ordinace_2\Downloads\Nová složka
2021-06-04 12:34 - 2021-06-04 12:34 - 000000000 ____D C:\Users\ordinace_2\Downloads\hk
2021-06-04 11:43 - 2021-06-04 11:43 - 000335602 _____ C:\Users\ordinace_2\Documents\VoZP kompenzace sestry.pdf
2021-06-03 16:49 - 2021-06-03 19:50 - 000000000 ____D C:\Users\ordinace_2\AppData\Roaming\MultiDoge
2021-06-03 16:46 - 2021-06-03 16:46 - 000164640 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2021-06-03 16:46 - 2021-06-03 16:46 - 000000000 ____D C:\Users\ordinace_2\AppData\Roaming\Sun
2021-06-03 16:46 - 2021-06-03 16:46 - 000000000 ____D C:\Users\ordinace_2\AppData\LocalLow\Sun
2021-06-03 16:46 - 2021-06-03 16:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2021-06-03 16:46 - 2021-06-03 16:46 - 000000000 ____D C:\Program Files (x86)\Java
2021-06-03 16:18 - 2021-06-04 09:48 - 000000000 ____D C:\Users\ordinace_2\Documents\Doge
2021-05-28 07:58 - 2021-05-28 07:58 - 000065160 _____ (Adobe Systems Inc) C:\Windows\system32\AdobePDF.dll
2021-05-28 07:58 - 2021-05-28 07:58 - 000035992 _____ (Adobe Systems Inc.) C:\Windows\system32\AdobePDFUI.dll
2021-05-12 14:14 - 2021-05-12 14:14 - 001687040 _____ C:\Windows\system32\libcrypto.dll
2021-05-12 14:14 - 2021-05-12 14:14 - 001163776 _____ C:\Windows\system32\MBR2GPT.EXE
2021-05-12 14:14 - 2021-05-12 14:14 - 000700928 _____ C:\Windows\system32\FsNVSDeviceSource.dll
2021-05-12 14:14 - 2021-05-12 14:14 - 000165888 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2021-05-12 14:14 - 2021-05-12 14:14 - 000157184 _____ C:\Windows\system32\uwfcsp.dll
2021-05-12 14:14 - 2021-05-12 14:14 - 000153600 _____ C:\Windows\system32\uwfcfgmgmt.dll
2021-05-12 14:14 - 2021-05-12 14:14 - 000060928 _____ C:\Windows\system32\runexehelper.exe
2021-05-12 14:14 - 2021-05-12 14:14 - 000013312 _____ C:\Windows\system32\agentactivationruntimestarter.exe
2021-05-11 07:55 - 2021-05-11 07:55 - 000000000 ____D C:\Program Files\HPPrintScanDoctor

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-06-10 12:00 - 2021-03-10 17:50 - 000000000 ___RD C:\Users\ordinace_2\Creative Cloud Files
2021-06-10 12:00 - 2021-01-16 10:20 - 000000000 __SHD C:\Users\ordinace_2\IntelGraphicsProfiles
2021-06-10 11:59 - 2021-01-16 16:46 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-06-10 11:59 - 2020-09-29 11:30 - 000008192 ___SH C:\DumpStack.log.tmp
2021-06-10 11:59 - 2020-09-29 11:30 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-06-10 11:59 - 2020-09-29 11:30 - 000000000 ____D C:\Intel
2021-06-10 11:59 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-06-10 11:59 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2021-06-10 11:53 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2021-06-10 11:46 - 2021-02-23 10:16 - 000000000 ____D C:\Users\ordinace_2\AppData\LocalLow\Temp
2021-06-10 08:54 - 2020-09-29 11:30 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-06-10 08:03 - 2021-03-10 17:39 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-06-09 18:04 - 2020-09-29 11:36 - 001976050 _____ C:\Windows\system32\PerfStringBackup.INI
2021-06-09 18:04 - 2020-05-26 10:29 - 000815972 _____ C:\Windows\system32\perfh005.dat
2021-06-09 18:04 - 2020-05-26 10:29 - 000184358 _____ C:\Windows\system32\perfc005.dat
2021-06-09 18:04 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2021-06-09 17:58 - 2020-09-29 11:30 - 000490264 _____ C:\Windows\system32\FNTCACHE.DAT
2021-06-09 17:57 - 2019-12-07 11:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-06-09 17:57 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2021-06-09 17:57 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\migwiz
2021-06-09 17:57 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2021-06-09 17:25 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2021-06-09 17:20 - 2021-01-16 12:27 - 000000000 ___HD C:\$WinREAgent
2021-06-09 17:18 - 2021-01-16 17:56 - 000000000 ____D C:\Windows\system32\MRT
2021-06-09 17:16 - 2021-04-06 12:53 - 000000000 ____D C:\Program Files\dotnet
2021-06-09 17:16 - 2021-01-16 17:56 - 132447432 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-06-09 17:16 - 2020-09-29 11:34 - 000000000 ____D C:\ProgramData\Package Cache
2021-06-09 16:20 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-06-09 12:14 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\NDF
2021-06-09 09:41 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-06-09 09:41 - 2019-12-07 11:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2021-06-09 09:38 - 2021-03-10 17:38 - 000000000 ____D C:\Program Files\Adobe
2021-06-08 16:34 - 2020-09-29 11:35 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-06-08 15:58 - 2021-03-10 17:56 - 000002121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2021-06-08 15:58 - 2021-03-10 17:56 - 000002110 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2021-06-08 12:03 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-06-08 12:00 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\PrintDialog
2021-06-08 12:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2021-06-08 12:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2021-06-08 12:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2021-06-08 12:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2021-06-08 12:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\lv-LV
2021-06-08 12:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\et-EE
2021-06-08 12:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2021-06-08 12:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-06-08 11:23 - 2021-03-10 17:38 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-06-07 10:36 - 2021-04-06 13:02 - 000000000 ____D C:\Program Files (x86)\Autodesk
2021-06-07 10:36 - 2021-04-06 12:51 - 000000000 ____D C:\ProgramData\Autodesk
2021-06-07 10:36 - 2021-04-06 12:50 - 000000000 ____D C:\Users\ordinace_2\AppData\Local\Autodesk
2021-06-07 10:34 - 2021-04-06 12:53 - 000000000 ____D C:\Program Files\Autodesk
2021-06-07 10:33 - 2021-04-06 12:51 - 000000000 ____D C:\Users\ordinace_2\AppData\Roaming\Autodesk Installer
2021-06-07 10:31 - 2021-04-06 12:51 - 000000000 ____D C:\Users\ordinace_2\AppData\Roaming\Autodesk
2021-06-07 10:22 - 2021-01-28 16:52 - 000000000 ____D C:\Users\ordinace_2\AppData\Local\D3DSCache
2021-06-05 17:23 - 2020-09-29 11:30 - 000000000 ____D C:\Windows\system32\Drivers\wd
2021-06-05 14:23 - 2021-01-16 17:59 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-06-05 14:23 - 2021-01-16 17:59 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-05-29 07:29 - 2021-01-16 10:22 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1930677817-3247307296-2436609557-1001
2021-05-29 07:29 - 2021-01-16 10:22 - 000000000 ___RD C:\Users\ordinace_2\OneDrive
2021-05-29 07:29 - 2021-01-16 10:19 - 000002387 _____ C:\Users\ordinace_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-05-27 01:59 - 2021-01-16 15:40 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-05-27 01:59 - 2021-01-16 15:40 - 000002213 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-05-12 18:22 - 2019-12-07 11:51 - 000000000 ____D C:\Windows\system32\OpenSSH
2021-05-12 18:22 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2021-05-12 18:22 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2021-05-12 18:22 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2021-05-12 18:22 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2021-05-12 18:22 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2021-05-12 18:22 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2021-05-12 18:22 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\setup
2021-05-12 18:22 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\lt-LT
2021-05-12 18:22 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Provisioning
2021-05-12 18:22 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\DiagTrack
2021-05-12 18:21 - 2021-01-16 10:19 - 000000000 ____D C:\Users\ordinace_2
2021-05-12 14:16 - 2019-12-07 11:54 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\OEMDefaultAssociations.dll
2021-05-11 07:54 - 2021-04-14 09:12 - 000000000 ____D C:\Windows\system32\Tasks\HP

==================== Files in the root of some directories ========

2021-03-10 17:57 - 2021-03-10 17:57 - 000000000 _____ () C:\Users\ordinace_2\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Log je OK.

ok děkuji, tady teda prosím LOCK

Nemáte zač!

VIRY.CZ

Kontrola logu po xmrig

Kontrola logu po xmrig

Re: Kontrola logu po xmrig

Re: Kontrola logu po xmrig

Re: Kontrola logu po xmrig

Re: Kontrola logu po xmrig

Re: Kontrola logu po xmrig

Re: Kontrola logu po xmrig

Re: Kontrola logu po xmrig

Re: Kontrola logu po xmrig

Re: Kontrola logu po xmrig

Re: Kontrola logu po xmrig

Re: Kontrola logu po xmrig