Dobrý den, prosím o kontrolu logu. Děkuji
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07.06.2024
Ran by Admin (administrator) on LAPTOP-BHS3FTNJ (Acer Extensa 2540) (09-06-2024 08:24:54)
Running from C:\Users\Admin\Desktop\FRST64.exe
Loaded Profiles: Admin
Platform: Microsoft Windows 10 Pro Version 22H2 19045.4412 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Windows\Xerox\PanelMgr\SSMMgr.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(C:\Program Files\Acer\Acer Quick Access\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(C:\Program Files\Acer\Acer Quick Access\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Windows\Xerox\PanelMgr\SSMMgr.exe ->) () [File not signed] C:\Windows\Xerox\PanelMgr\caller64.exe
(DriverStore\FileRepository\igdlh64.inf_amd64_0b3e3ed3ace9602a\igfxCUIService.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0b3e3ed3ace9602a\igfxEM.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\24.101.0519.0010\Microsoft.SharePoint.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\efwd.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0b3e3ed3ace9602a\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0b3e3ed3ace9602a\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0b3e3ed3ace9602a\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(services.exe ->) (KYOCERA Document Solutions Inc.) [File not signed] C:\Program Files\KDService\bin\KDService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (pdfforge GmbH -> Avanquest pdfforge GmbH) C:\Program Files\PDF Architect 9\activation-service.exe
(sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2403.6.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe
(svchost.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0b3e3ed3ace9602a\igfxext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16696840 2016-09-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [196008 2024-02-14] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [Xerox PanelMgr] => C:\WINDOWS\Xerox\PanelMgr\SSMMgr.exe [557056 2009-06-22] () [File not signed]
HKLM-x32\...\Run: [LocalServiceControl] => C:\Program Files (x86)\LocalServiceComponents\LocalServiceControl.exe [486400 2023-05-16] () [File not signed]
HKLM\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\Update\OneDriveSetup.exe" (No File)
HKLM\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\StandaloneUpdater\OneDriveSetup.exe" [69727776 2024-06-08] (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\85.0.26.0\GoogleDriveFS.exe --startup_mode (No File)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\85.0.26.0\GoogleDriveFS.exe --startup_mode (No File)
HKU\S-1-5-21-1522470202-1352138926-4199276785-1001\...\Run: [MicrosoftEdgeAutoLaunch_5EFC0ECB77A7585FE9DCDD0B2E946A2B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4137000 2024-06-01] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1522470202-1352138926-4199276785-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Admin\AppData\Local\Microsoft\Teams\Update.exe [2591080 2023-12-20] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1522470202-1352138926-4199276785-1001\...\Run: [Microsoft.Lists] => C:\Program Files\Microsoft OneDrive\24.101.0519.0010\Microsoft.SharePoint.exe [1019408 2024-06-08] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\85.0.26.0\GoogleDriveFS.exe --startup_mode (No File)
HKLM\...\Windows x64\Print Processors\hpcpp140: C:\Windows\System32\spool\prtprocs\x64\hpcpp140.DLL [559616 2012-09-28] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\hpcpp190: C:\Windows\System32\spool\prtprocs\x64\hpcpp190.dll [651176 2016-08-26] (HP Inc. -> HP Inc.)
HKLM\...\Windows x64\Print Processors\sht13cPC: C:\Windows\System32\spool\prtprocs\x64\sht13cpc.dll [101080 2022-01-24] (联想图像(天津)科技有限公司 -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Windows x64\Print Processors\SXC2MPC: C:\Windows\System32\spool\prtprocs\x64\sxc2mpc.dll [33792 2008-01-17] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Server 2003 DDK provider)
HKLM\...\Windows x64\Print Processors\uh004PC: C:\Windows\System32\spool\prtprocs\x64\uh004pc.dll [74048 2019-04-01] (联想图像(天津)科技有限公司 -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\HP Universal Print Monitor: C:\Windows\system32\HPMPW081.DLL [127912 2016-08-26] (HP Inc. -> HP Inc.)
HKLM\...\Print\Monitors\HPMLM190: C:\Windows\system32\hpmlm190.dll [310512 2016-08-26] (HP Inc. -> HP Inc.)
HKLM\...\Print\Monitors\KX Language Monitor: C:\Windows\system32\KXPLM64.DLL [117312 2018-09-21] (Microsoft Windows Hardware Compatibility Publisher -> KYOCERA Document Solutions Inc.)
HKLM\...\Print\Monitors\PDF Architect 9 Monitor: C:\WINDOWS\system32\spool\DRIVERS\x64\brand_solution_name_pdfpmon_v.6.23.0.2.dll [974120 2024-05-27] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com))
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [196096 2024-05-27] (pdfforge GmbH) [File not signed]
HKLM\...\Print\Monitors\sht13c Langmon: C:\Windows\system32\sht13clm.dll [61840 2019-07-21] (联想图像(天津)科技有限公司 -> )
HKLM\...\Print\Monitors\SXC2M Langmon: C:\Windows\system32\sxc2ml6.dll [22016 2008-01-17] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\us008 Langmon: C:\Windows\system32\us008lm.dll [31256 2016-02-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\120.0.6099.130\Installer\chrmstp.exe [2023-12-27] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0378CFC6-1AC8-4F46-A117-F763D942B4AD} - System32\Tasks\Acer Collection Application => C:\Program Files (x86)\Acer\Acer Collection\ACEStd.exe [479024 2017-12-14] (Acer Incorporated -> )
Task: {3144FFFB-1C23-4A2E-B08A-F9139297BC38} - System32\Tasks\Acer Collection Monitor Application => C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe [417072 2017-12-13] (Acer Incorporated -> Acer Incorporated)
Task: {C2466FC8-AD00-4055-913F-D3728ACAEAFA} - System32\Tasks\AcerCloud => C:\ProgramData\acer\Acer Portal\launchPortal.exe [25816 2017-06-07] (Acer Incorporated -> )
Task: {33E1A0F5-2268-411C-AB85-903556687AF7} - System32\Tasks\AcerCMUpdateTask2.5.22250 => C:\Program Files (x86)\Acer\Amundsen\2.5.22250\awc.exe [96904 2022-09-25] (Acer Incorporated -> )
Task: {5117070D-E95C-4DEC-B76D-2B17254ED369} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {0E28F1EB-4755-4366-9793-A6E45DDD69BD} - System32\Tasks\AmazonAssistantHelper => C:\ProgramData\OEM\Transactional\amazonx@hermes\AmazonX.exe [28464 2018-08-23] (Acer Incorporated -> )
Task: {B0D6CBD0-5340-47BA-8ED3-DEC80FB5DB54} - System32\Tasks\Avanquest pdfforge GmbH\PDF Architect 9\App Notification => C:\Program Files\PDF Architect 9\architect-launcher.exe [2313152 2024-05-15] (pdfforge GmbH -> Avanquest pdfforge GmbH)
Task: {77591DF7-2A44-443F-916B-BA5BA45EC705} - System32\Tasks\Avanquest pdfforge GmbH\PDF Architect 9\App Notification Logon => C:\Program Files\PDF Architect 9\architect-launcher.exe [2313152 2024-05-15] (pdfforge GmbH -> Avanquest pdfforge GmbH)
Task: {2683CAFB-4C0B-4CAD-9D6F-2E6BFD8EFA5E} - System32\Tasks\Avanquest pdfforge GmbH\PDF Architect 9\Installer updater => C:\ProgramData\PDF Architect 9\Installation\PDF_Architect_9_Installer.exe [12050872 2024-05-27] (pdfforge GmbH -> )
Task: {F41C81CA-B21F-49EE-A742-2D5FC2C7C6FC} - System32\Tasks\Avanquest pdfforge GmbH\PDF Architect 9\Update => C:\Program Files\PDF Architect 9\architect.exe [3503040 2024-05-15] (pdfforge GmbH -> Avanquest pdfforge GmbH)
Task: {A6085A53-3CCD-4340-BEA5-0301440D4511} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {7C12085A-78AE-4C77-9D0D-CBBBE78376D2} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5074848 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc. All rights reserved.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "c28a3602-a633-46b9-9c08-10687e3d9106" --version "6.23.11010" --silent
Task: {CA53A48A-D8CD-4EE1-8AD3-CE47363DA880} - System32\Tasks\CCleanerSkipUAC - Admin => C:\Program Files\CCleaner\CCleaner.exe [39118752 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {06343E04-2BF8-4D6B-95BC-F4ECD0AEE396} - System32\Tasks\GoogleUpdateTaskMachineCore{5387786B-7E91-4AFF-AF79-2E16177A548A} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-18] (Google Inc -> Google Inc.)
Task: {7425AE7C-0FCE-411C-BA84-C1320724FD73} - System32\Tasks\GoogleUpdateTaskMachineUA{A2CD271E-AE05-44F2-BD93-26A4CE41ED26} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-18] (Google Inc -> Google Inc.)
Task: {8191A701-7C31-4914-8686-EDF224703661} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64464 2024-05-09] (HP Inc. -> HP Inc.)
Task: {1E11D5E5-483E-4C10-AC47-9B15D0347D60} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64464 2024-05-09] (HP Inc. -> HP Inc.)
Task: {D5F3BF66-06D3-4396-AFA8-B4BFE78D92AC} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [909112 2016-07-27] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
Task: {2D41EC6D-F7EB-428B-887B-568ABE769F27} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28498912 2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {75DDB89E-3E45-4C91-9BE6-A145D92E2BE3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28498912 2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {D045B593-D8C0-4562-9514-97C5AB22FFD6} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309912 2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {BCE1704E-4842-4BDB-8AC3-6C9CB936EC14} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309912 2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {D5FBDBD8-E7EA-46A8-80D2-532519DC44C4} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [169648 2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {9255825F-5742-4F46-B75B-9CB92F7D9989} - System32\Tasks\MonitorAcerPortal => C:\ProgramData\acer\Acer Portal\monitorPortal.exe [32472 2017-06-07] (Acer Incorporated -> )
Task: {20BD5264-2667-43D5-93A9-886E725FE461} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [673696 2024-05-29] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {B1010467-4044-4413-A6CE-47A01D4F0E88} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-1522470202-1352138926-4199276785-1001 E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [673696 2024-05-29] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {3B8F794F-5F1C-4D98-BC6A-FAF80ACEA611} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [33696 2024-05-29] (Mozilla Corporation -> Mozilla Foundation)
Task: {EB9BD520-0C1D-4D90-9665-976E1787C407} - System32\Tasks\Norton Security with Backup\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.20.5.39\SymErr.exe /ui (No File)
Task: {9B69251A-9EF4-4682-A256-45347D0BA4F4} - System32\Tasks\Norton Security with Backup\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.20.5.39\SymErr.exe /analyze (No File)
Task: {4427A36F-DE51-410B-A9D0-C7A51F64DC00} - System32\Tasks\Norton Security with Backup\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.20.5.39\SymErr.exe /submit (No File)
Task: {AE6D5F35-F095-4D3B-A08C-086359A5E902} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.15.1.8\SymErr.exe /ui (No File)
Task: {1D20CD6B-FC32-4BD5-8019-13102B1DF256} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.15.1.8\SymErr.exe /analyze (No File)
Task: {353355E8-4195-4CE4-956E-3656AF00ACA5} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.15.1.8\SymErr.exe /submit (No File)
Task: {F2296996-3104-4D8B-B46F-0AF3BFD1C207} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209056 2024-06-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {0A6F576A-9532-4BDE-9467-ACDB01278150} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1522470202-1352138926-4199276785-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209056 2024-06-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {9E63A61A-3FF1-40F7-A2D4-4647B82F2362} - System32\Tasks\PicstreamAgent => C:\Program -> Files (x86)\Acer\AOP Framework\uwplauncher.exe AcerIncorporated.6245439DEEE9E_48frkmn4z8aw4!abPhoto
Task: {854D732F-4A66-4B8E-B0CC-51A9BE3EFB5A} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe [2771104 2022-01-03] (Acer Incorporated -> Acer Incorporated)
Task: {8EF5C5E4-F34E-4B09-87D8-0AE736D73E3E} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [446624 2022-01-03] (Acer Incorporated -> Acer Incorporated)
Task: {376A4DA5-FFEC-4449-A88D-182DD726BB78} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [461472 2022-01-03] (Acer Incorporated -> Acer Incorporated)
Task: {E1BE0946-37B1-49FE-AFC1-8EED7CD91195} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [215856 2017-02-18] (Acer Incorporated -> TODO: <Company name>)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{405655b1-a030-4f2e-a54c-ffd285d7acb4}: [NameServer] 10.0.50.11,8.8.8.8
Tcpip\..\Interfaces\{f3c2666c-e65f-407b-80e5-a367f81d9452}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{f3c2666c-e65f-407b-80e5-a367f81d9452}\0556D616475687D237B6C61646: [DhcpNameServer] 192.168.49.2
Tcpip\..\Interfaces\{f3c2666c-e65f-407b-80e5-a367f81d9452}\0556D616475687D237B6C61646: [DhcpDomain] Pematex.local
Tcpip\..\Interfaces\{f3c2666c-e65f-407b-80e5-a367f81d9452}\14355535: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{f3c2666c-e65f-407b-80e5-a367f81d9452}\14355535F55374: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{f3c2666c-e65f-407b-80e5-a367f81d9452}\3516D63757E676F553: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{f3c2666c-e65f-407b-80e5-a367f81d9452}\4505D2C496E6B6F523E2437484A7F5933334936434: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{f3c2666c-e65f-407b-80e5-a367f81d9452}\653303F573233323: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{f3c2666c-e65f-407b-80e5-a367f81d9452}\D496B627F64596B6D2534493441464: [DhcpNameServer] 192.168.88.1
Edge:
=======
Edge Profile: C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default [2024-06-09]
Edge Extension: (Dokumenty Google offline) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-07]
Edge Extension: (Edge relevant text changes) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-03]
FireFox:
========
FF DefaultProfile: 9d1qsgiw.New-1631164675338
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9d1qsgiw.New-1631164675338 [2024-06-09]
FF Extension: (AdBlocker Ultimate) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9d1qsgiw.New-1631164675338\Extensions\adblockultimate@adblockultimate.net.xpi [2024-05-17]
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9d1qsgiw.New-1631164675338\Extensions\cs@dictionaries.addons.mozilla.org.xpi [2021-09-10]
FF Extension: (TWP - Translate Web Pages) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9d1qsgiw.New-1631164675338\Extensions\{036a55b4-5e72-4d05-a06c-cba2dfcc134a}.xpi [2024-03-12]
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nw3llktd.default [2024-06-02]
FF Homepage: Mozilla\Firefox\Profiles\nw3llktd.default -> www.seznam.cz
FF Extension: (Czech (CZ) Language Pack) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nw3llktd.default\Extensions\langpack-cs@firefox.mozilla.org.xpi [2018-08-30]
FF Extension: (Mozilla Partner Defaults) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nw3llktd.default\Extensions\partnerdefaults@mozilla.com [2018-08-30] [Legacy]
FF Extension: (User search study) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nw3llktd.default\Extensions\search-nudges@shield.mozilla.org.xpi [2018-08-30] [Legacy]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-05-12] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @DVR/npplugin,version=3.1.0.4 -> C:\Program Files (x86)\webrec\WEB30\WebPlugin_V2\npPlugin.dll [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-04-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Web Components -> C:\Program Files (x86)\Web Components\npWebVideoPlugin.dll [2017-08-30] () [File not signed]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2024-06-09]
Chrome:
=======
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default [2024-06-07]
CHR DownloadDir: C:\Users\Admin\Downloads
CHR Extension: (Lighthouse) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blipmdconlkpinefehnmjammfjpmpbjk [2024-04-23]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-04-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-21]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-08-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKU\S-1-5-21-1522470202-1352138926-4199276785-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2272472 2017-06-07] (Acer Incorporated -> Acer Incorporated)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1085856 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14012520 2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
R2 efwd; C:\Program Files\ESET\ESET Security\efwd.exe [2528632 2024-02-14] (ESET, spol. s r.o. -> ESET)
S3 EHttpSrv; C:\Program Files\ESET\ESET Security\ehttpsrv.exe [57720 2024-02-14] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3832248 2024-02-14] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3832248 2024-02-14] (ESET, spol. s r.o. -> ESET)
S2 FA_Scheduler; C:\Program Files\Fortinet\FortiClient\scheduler.exe [467544 2023-10-04] (Fortinet Technologies (Canada) ULC -> Fortinet Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.101.0519.0010\FileSyncHelper.exe [3514384 2024-06-08] (Microsoft Corporation -> Microsoft Corporation)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [241104 2024-05-09] (HP Inc. -> HP Inc.)
R2 KDService; C:\Program Files\KDService\bin\KDService.exe [514560 2018-09-21] (KYOCERA Document Solutions Inc.) [File not signed]
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2019-02-01] (HP Inc.) [File not signed]
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.101.0519.0010\OneDriveUpdaterService.exe [3853840 2024-06-08] (Microsoft Corporation -> Microsoft Corporation)
R3 PDF Architect 9; C:\Program Files\PDF Architect 9\activation-service.exe [3218368 2024-05-15] (pdfforge GmbH -> Avanquest pdfforge GmbH)
S3 PDF Architect 9 Creator; C:\Program Files\PDF Architect 9\creator-ws.exe [508864 2024-05-15] (pdfforge GmbH -> Avanquest pdfforge GmbH)
S3 PDF Architect 9 Update Service; C:\Program Files\PDF Architect 9\update-service.exe [414144 2024-05-15] (pdfforge GmbH -> Avanquest pdfforge GmbH)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2019-02-01] (HP Inc.) [File not signed]
S3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [466592 2022-01-03] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [505504 2022-01-03] (Acer Incorporated -> Acer Incorporated)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [522200 2024-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [296752 2017-02-21] (Acer Incorporated -> acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [282624 2023-11-15] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [147968 2023-11-15] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [219880 2024-02-14] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [16336 2024-02-14] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [259216 2024-02-14] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [84136 2024-02-14] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [126480 2024-02-14] (ESET, spol. s r.o. -> ESET)
R1 FortiFilter; C:\WINDOWS\system32\DRIVERS\FortiFilter.sys [35400 2023-10-04] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
S3 Fortips; C:\WINDOWS\System32\drivers\fortips.sys [202552 2023-10-04] (Fortinet, Inc. -> Fortinet Inc)
R3 FortiTransCtrl; C:\WINDOWS\System32\drivers\FortiTransCtrl.sys [98104 2023-10-04] (Fortinet, Inc. -> Fortinet Inc)
R3 ftsvnic; C:\WINDOWS\System32\drivers\ftsvnic.sys [76896 2023-10-04] (Fortinet, Inc. -> Fortinet Inc.)
R3 ft_vnic; C:\WINDOWS\System32\drivers\ftvnic.sys [70368 2023-10-04] (Fortinet Technologies (Canada) Inc. -> Fortinet Corporation)
R1 googledrivefs31357; C:\WINDOWS\System32\DriverStore\FileRepository\googledrivefs31357.inf_amd64_a8bf31a168cf7d00\googledrivefs31357.sys [384712 2023-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated)
R2 SSPORT; C:\WINDOWS\system32\Drivers\SSPORT.sys [14224 2021-04-01] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 MpKslcc799d53; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7133877A-84CA-41C4-B5B9-55265C2BC5DF}\MpKslDrv.sys [X]
S2 npf; \??\C:\WINDOWS\system32\drivers\npf.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-06-09 08:24 - 2024-06-09 08:26 - 000033111 _____ C:\Users\Admin\Desktop\FRST.txt
2024-06-09 08:17 - 2024-06-09 08:17 - 002395136 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2024-06-08 14:32 - 2024-06-08 14:32 - 000000000 ____D C:\WINDOWS\system32\%userprofile%
2024-06-07 18:06 - 2024-06-07 18:06 - 000085081 _____ C:\Users\Admin\Downloads\rekonstrukce-vystupni-ii-etapa.pdf
2024-06-07 06:22 - 2024-06-07 06:22 - 000136448 _____ C:\Users\Admin\Downloads\Sdeleni_informaci_o_poplatcich.pdf
2024-06-07 06:21 - 2024-06-07 06:21 - 000116795 _____ C:\Users\Admin\Downloads\Cenik_pro_Osobni_bankovnictvi.pdf
2024-06-07 06:20 - 2024-06-07 06:20 - 000091199 _____ C:\Users\Admin\Downloads\Navrh_smlouvy_Sporici_ucet_Vyhoda+.pdf
2024-06-07 06:19 - 2024-06-07 06:19 - 000083059 _____ C:\Users\Admin\Downloads\Pravidla_a_podminky_marketingove_akce.pdf
2024-06-06 13:43 - 2024-06-06 13:43 - 000059268 _____ C:\Users\Admin\Downloads\tisk-objednavky.pdf
2024-06-06 07:48 - 2024-06-06 07:49 - 019120872 _____ C:\Users\Admin\Downloads\S-2024-0914693-CZ.pdf
2024-06-04 14:52 - 2024-06-04 15:14 - 000022158 _____ C:\Users\Admin\Downloads\{3A091383-A6F5-40D2-84F9-AB73236BD07D} – kopie.xlsx
2024-06-03 17:24 - 2024-06-03 17:24 - 010553123 _____ C:\Users\Admin\Downloads\routeros-7.15-mipsbe.npk
2024-06-03 14:04 - 2024-06-03 14:04 - 000000000 ____D C:\Users\Admin\Downloads\EAP225-Outdoor_V3_5.1.6 Build 20240313
2024-06-03 14:04 - 2024-03-13 13:49 - 009096578 ____N C:\Users\Admin\Downloads\EAP225-OUTDOORv3_5.1.6_[20240313-rel43415]_up_signed.bin
2024-06-03 14:04 - 2023-12-13 11:20 - 000442346 ____N C:\Users\Admin\Downloads\GPL License Terms.pdf
2024-06-03 14:03 - 2024-06-03 14:03 - 009377993 _____ C:\Users\Admin\Downloads\EAP225-Outdoor_V3_5.1.6 Build 20240313.zip
2024-06-03 09:38 - 2024-06-03 09:38 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-06-02 07:39 - 2024-06-02 07:39 - 000060224 _____ C:\WINDOWS\system32\lc.dat
2024-06-02 07:16 - 2024-06-02 07:16 - 000004880 _____ C:\WINDOWS\system32\Tasks\AcerCMUpdateTask2.5.22250
2024-06-02 07:16 - 2024-06-02 07:16 - 000003066 _____ C:\WINDOWS\system32\Tasks\Power Button
2024-06-02 07:16 - 2024-06-02 07:16 - 000002992 _____ C:\WINDOWS\system32\Tasks\Quick Access
2024-05-31 08:16 - 2024-05-31 08:16 - 000009174 _____ C:\Users\Admin\Downloads\max PLZ.xlsx
2024-05-29 15:43 - 2024-05-29 15:43 - 000014122 _____ C:\Users\Admin\Downloads\Pematex Plzeň domácnost 28.5.2024 – kopie.xlsx
2024-05-29 15:27 - 2024-05-29 15:27 - 000042130 _____ C:\Users\Admin\Downloads\Spokar K2.xlsx
2024-05-29 15:24 - 2024-05-29 15:43 - 000028228 _____ C:\Users\Admin\Downloads\Pematex Plzeň malířina 28.5.2024 – full.xlsx
2024-05-29 15:22 - 2024-05-29 15:22 - 000026717 _____ C:\Users\Admin\Downloads\Pematex Plzeň malířina 28.5.2024 – kopie.xlsx
2024-05-29 10:17 - 2024-05-29 10:17 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Stationery
2024-05-29 10:10 - 2024-06-02 07:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2024-05-27 11:53 - 2024-05-27 11:53 - 000177552 _____ C:\Users\Admin\Documents\Soudal.pdf
2024-05-27 11:50 - 2024-05-27 11:50 - 015311430 _____ C:\Users\Admin\Documents\katalog-cz-2023-online.pdf
2024-05-27 11:50 - 2024-05-27 11:50 - 000000000 ____D C:\Users\Admin\Documents\PDF Architect
2024-05-27 11:48 - 2024-05-27 11:53 - 000000000 ____D C:\Users\Admin\AppData\Roaming\PDF Architect 9
2024-05-27 11:47 - 2024-05-27 11:47 - 000001185 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 9.lnk
2024-05-27 11:46 - 2024-05-27 11:50 - 000000000 ____D C:\Program Files\PDF Architect 9
2024-05-27 11:45 - 2024-05-27 11:45 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avanquest pdfforge GmbH
2024-05-27 11:44 - 2024-05-27 11:52 - 000000000 ____D C:\ProgramData\PDF Architect 9
2024-05-27 11:44 - 2024-05-27 11:45 - 000000000 ____D C:\Program Files\PDFCreator
2024-05-27 11:44 - 2024-05-27 11:44 - 000196096 _____ (pdfforge GmbH) C:\WINDOWS\system32\pdfcmon.dll
2024-05-27 11:44 - 2024-05-27 11:44 - 000000000 ____D C:\Users\Admin\AppData\Local\pdfforge
2024-05-27 11:44 - 2024-05-27 11:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2024-05-27 11:43 - 2024-05-27 11:43 - 044262456 _____ (Avanquest pdfforge GmbH) C:\Users\Admin\Downloads\PDFCreator-5_2_1-Setup.exe
2024-05-24 09:14 - 2024-05-24 09:15 - 000045056 _____ C:\Users\Admin\Downloads\funkce-cislo-na-text.xls
2024-05-18 18:43 - 2024-05-18 18:43 - 010383648 _____ C:\Users\Admin\Desktop\routeros-7.14.3-mipsbe.npk
2024-05-17 14:20 - 2024-05-17 14:20 - 015821397 _____ C:\Users\Admin\Downloads\katalog-cz-2023-online.pdf
2024-05-17 13:06 - 2024-05-17 13:46 - 000491915 _____ C:\Users\Admin\Downloads\NAB-2024-000297.pdf
2024-05-15 11:54 - 2024-05-15 11:54 - 000010219 _____ C:\Users\Admin\Downloads\blue.xlsx
2024-05-15 10:18 - 2024-05-15 10:18 - 000000000 ___HD C:\$WinREAgent
2024-05-15 09:15 - 2024-05-15 09:15 - 000011284 _____ C:\Users\Admin\Downloads\bl.xlsx
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-06-09 08:25 - 2021-05-07 07:07 - 000000000 ____D C:\FRST
2024-06-09 07:37 - 2020-06-03 09:49 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-06-09 07:36 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-06-08 14:32 - 2024-01-04 09:02 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-06-08 14:32 - 2024-01-03 09:21 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1522470202-1352138926-4199276785-1001
2024-06-08 14:32 - 2024-01-03 09:21 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-06-08 14:32 - 2024-01-03 09:21 - 000000000 ___RD C:\Users\Default\OneDrive
2024-06-08 14:32 - 2024-01-03 09:20 - 000002134 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-06-08 14:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-06-08 07:28 - 2018-08-30 19:37 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Excel
2024-06-07 18:00 - 2022-12-08 18:54 - 000021416 _____ C:\Users\Admin\Desktop\Elektroměr.xlsx
2024-06-07 17:50 - 2020-11-02 09:22 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-06-07 17:50 - 2020-11-02 09:22 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-06-07 15:30 - 2020-11-02 09:09 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-06-06 13:32 - 2021-09-03 15:28 - 000000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2024-06-06 07:25 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-06-06 06:50 - 2018-09-08 07:35 - 000000000 ____D C:\Users\Admin\AppData\Local\D3DSCache
2024-06-05 09:57 - 2018-08-30 14:08 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Word
2024-06-04 10:52 - 2017-11-22 01:20 - 000000000 ____D C:\Users\Admin\AppData\Local\Packages
2024-06-04 09:04 - 2024-01-02 09:06 - 000000619 _____ C:\Users\Admin\Desktop\Server.lnk
2024-06-04 09:04 - 2024-01-02 09:03 - 000002380 _____ C:\Users\Admin\Documents\dochazka.rdp
2024-06-03 14:01 - 2023-12-21 12:59 - 000000000 ____D C:\Users\Admin\AppData\Roaming\FortiClient
2024-06-03 12:17 - 2023-12-21 13:00 - 000000000 ____D C:\Users\Admin\AppData\Local\FortiClient
2024-06-03 09:37 - 2021-06-03 06:54 - 000000000 ____D C:\Program Files\Microsoft Office
2024-06-02 08:10 - 2020-11-02 09:20 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-06-02 08:10 - 2019-12-07 16:43 - 000718024 _____ C:\WINDOWS\system32\perfh005.dat
2024-06-02 08:10 - 2019-12-07 16:43 - 000145166 _____ C:\WINDOWS\system32\perfc005.dat
2024-06-02 08:10 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2024-06-02 08:05 - 2021-05-19 15:20 - 000000000 ____D C:\ProgramData\boost_interprocess
2024-06-02 08:05 - 2020-11-02 09:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-06-02 08:05 - 2020-11-02 09:09 - 000008192 ___SH C:\DumpStack.log.tmp
2024-06-02 08:05 - 2017-11-22 01:20 - 000000000 __SHD C:\Users\Admin\IntelGraphicsProfiles
2024-06-02 08:04 - 2019-12-07 11:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2024-06-02 07:57 - 2022-02-09 13:49 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-06-02 07:42 - 2020-07-25 11:30 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Skype
2024-06-02 07:39 - 2020-11-02 09:13 - 000000000 ____D C:\Users\Admin
2024-06-02 07:39 - 2018-08-30 20:31 - 000000000 ____D C:\Program Files\CCleaner
2024-06-02 07:39 - 2017-11-21 23:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-06-02 07:36 - 2024-02-27 13:08 - 000000000 ____D C:\Program Files\TeamViewer
2024-06-02 07:34 - 2017-11-21 23:37 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2024-06-02 07:31 - 2018-08-29 16:43 - 000000000 ____D C:\Users\Admin\AppData\Local\IIIQF
2024-06-02 07:31 - 2018-08-29 16:43 - 000000000 ____D C:\ProgramData\{72725B64-F17C-4EB1-9CF0-3729C6F52EB5}
2024-06-02 07:30 - 2017-11-21 23:49 - 000000000 ____D C:\ProgramData\Acer
2024-06-02 07:30 - 2017-11-21 23:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2024-06-02 07:30 - 2017-11-21 23:48 - 000000000 ____D C:\Program Files (x86)\Acer
2024-06-02 07:30 - 2017-06-07 05:43 - 000000000 ___HD C:\OEM
2024-06-02 07:29 - 2018-09-18 06:44 - 000000000 ____D C:\Users\Admin\AppData\Local\Google
2024-06-02 07:16 - 2020-11-02 09:22 - 000005404 _____ C:\WINDOWS\system32\Tasks\Software Update Application
2024-05-31 10:10 - 2018-08-30 14:08 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Office
2024-05-29 10:43 - 2017-11-21 23:52 - 000001236 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-05-29 07:28 - 2020-11-23 14:06 - 000000000 ____D C:\Users\Admin\Desktop\Bordel
2024-05-27 15:52 - 2020-09-22 17:56 - 000000000 ____D C:\Users\Admin\Documents\Doma
2024-05-21 10:28 - 2018-09-05 08:28 - 000000000 ____D C:\ProgramData\Packages
2024-05-20 06:47 - 2023-01-11 12:04 - 000002065 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2024-05-20 06:47 - 2022-10-13 07:01 - 000002077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-05-20 06:47 - 2021-12-13 10:18 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-05-20 06:45 - 2023-10-05 06:30 - 000000000 ____D C:\Program Files\RUXIM
2024-05-15 12:06 - 2020-11-02 09:09 - 000582488 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-05-15 12:03 - 2019-12-07 16:47 - 000000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents
2024-05-15 12:03 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Portable Devices
2024-05-15 12:03 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2024-05-15 12:03 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-05-15 12:03 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2024-05-15 12:03 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2024-05-15 12:03 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2024-05-15 12:03 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2024-05-15 12:03 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-05-15 12:03 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2024-05-15 12:03 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-05-15 12:03 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-05-15 12:03 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-05-15 12:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-05-15 12:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2024-05-15 12:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2024-05-15 12:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-05-15 12:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-05-15 12:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-05-15 12:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2024-05-15 12:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-05-15 12:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-05-15 12:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2024-05-15 12:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-05-15 12:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-05-15 12:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-05-15 12:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-05-15 12:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-05-15 12:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-05-15 12:03 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2024-05-15 10:47 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-05-15 10:35 - 2020-11-02 09:10 - 003017216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-05-15 09:27 - 2018-08-30 14:33 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-05-15 09:21 - 2018-08-30 14:33 - 196465576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Files in the root of some directories ========
2023-05-17 06:39 - 2023-05-17 06:40 - 000010094 _____ () C:\ProgramData\SMRResults540.dat
2022-04-22 12:03 - 2022-04-22 12:03 - 000000000 _____ () C:\Users\Admin\AppData\Local\zenmap.exe.log
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07.06.2024
Ran by Admin (09-06-2024 08:28:53)
Running from C:\Users\Admin\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.4412 (X64) (2020-11-02 07:23:01)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Admin (S-1-5-21-1522470202-1352138926-4199276785-1001 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-1522470202-1352138926-4199276785-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1522470202-1352138926-4199276785-503 - Limited - Disabled)
Guest (S-1-5-21-1522470202-1352138926-4199276785-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1522470202-1352138926-4199276785-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton Security (Enabled - Up to date) {1122B19A-E671-38EC-8EAC-87048FD4528D}
AV: Norton Security (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton 360 (Enabled - Up to date) {9E3FD331-C4C2-7AC4-0537-131EEF1B1F8A}
AV: ESET Security (Enabled - Up to date) {26E0861C-6FB9-CEF9-E4F0-531986211ACE}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Security (Disabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E}
FW: Norton 360 (Disabled) {A6045214-8EAD-7B9C-2E68-BA2B11C858F1}
FW: Norton Security (Disabled) {291930BF-AC1E-39B4-A5F3-2E31710715F6}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (HKLM\...\{50229C72-539F-4E65-BEB5-F0491C5074B7}) (Version: 22.2.1 - HP Inc.) Hidden
Acer Collection (HKLM-x32\...\{8CD449EA-BBA0-477F-AFF9-9AF6E8C50EF2}) (Version: 1.01.3011 - Acer Incorporated)
Acer Configuration Manager (HKLM-x32\...\{8CB1A03C-9849-4744-AD56-341A18F9E3E2}) (Version: 2.5.22250 - Acer)
Acer Quick Access (HKLM\...\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}) (Version: 2.01.3030 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 3.03.3000 - Acer Incorporated)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 24.002.20759 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601067}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{ed5cef80-a339-45bd-8c06-514eaf785ca8}) (Version: 19.71.0 - Intel Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 6.23 - Piriform)
Documentation Manager (HKLM\...\{FDDF7EA4-D624-4418-B3C5-1CF6247F844D}) (Version: 21.60.2.1 - Intel Corporation) Hidden
eObčanka (HKLM\...\{ACBD191C-CF98-4E52-A0CA-1E26EACB3CA8}) (Version: 3.4.2.23413 - MONET+, a.s. pro Ministerstvo vnitra České republiky)
ESET Endpoint Antivirus (HKLM\...\{0F172D3A-E01A-4729-BD5F-EDB529CC6114}) (Version: 11.0.2044.0 - ESET, spol. s r.o.)
FortiClient VPN (HKLM\...\{8DEDB631-3E1D-4DAF-AA5B-A91F8F95A6E9}) (Version: 7.2.2.0864 - Fortinet Technologies Inc)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 120.0.6099.130 - Google LLC)
HP Color Laser MFP 178 179 (HKLM-x32\...\HP Color Laser MFP 178 179) (Version: V1.15 (05.05.2021) - HP Inc.)
HP MFP Scan (HKLM-x32\...\HP MFP Scan) (Version: 1.06.67 (07.04.2021) - HP Inc.)
HP Scan Process Machine (HKLM-x32\...\HP Scan Process Machine) (Version: 1.03.05.30 - HP Development Company, L.P.) Hidden
Intel(R) Chipset Device Software (HKLM\...\{3AAD3A73-0D6A-4EFE-93FC-7719DC6C89E4}) (Version: 10.1.1.37 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{226be6c3-8e08-4d52-bd3a-d361008448c5}) (Version: 10.1.1.37 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1025 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{4EB05024-F740-48CF-B9B0-62A041E22D5C}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{DD04783C-E206-46DB-97A7-1155B1C76038}) (Version: 11.6.0.1025 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 25.20.100.6446 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1633.3 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{EC883E72-01ED-4DED-AA46-9162C34A7D4F}) (Version: 30.100.1633.03 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000060-0210-1029-84C8-B8D95FA3C8C3}) (Version: 21.60.0.4 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{5E952F21-EFE4-47D8-9C8E-29AE9A2D75B7}) (Version: 19.71.0.1071 - Intel Corporation) Hidden
Intel® Software Installer (HKLM-x32\...\{91984066-e894-49de-ac7d-b2ef4fe7b446}) (Version: 21.60.2.1 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (HKLM\...\{75FE588B-F158-4BB3-A283-A8D18E522A52}) (Version: 1.43.301.1 - Intel Corporation) Hidden
IrfanView 4.53 (64-bit) (HKLM\...\IrfanView64) (Version: 4.53 - Irfan Skiljan)
Kyocera Printer Extension (HKLM\...\Kyocera Printer Extension) (Version: 5.0.1325 - KYOCERA Document Solutions Inc.)
Kyocera Product Library (HKLM\...\Kyocera Product Library) (Version: 6.0.1308 - KYOCERA Document Solutions Inc.)
KYOCERA Status Monitor 5 (HKLM\...\{24EE7F6D-C648-463f-9E71-DC5FD2258D17}) (Version: 5.0.62.13 - KYOCERA Document Solutions Inc.)
LocalServiceComponents (HKLM-x32\...\{80DDB8B4-9C6F-44A2-81AD-155EE6917A9A}_is1) (Version: 1.0.0.60 - )
Microsoft 365 Apps pro firmy - cs-cz (HKLM\...\O365BusinessRetail - cs-cz) (Version: 16.0.17628.20110 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 125.0.2535.92 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 125.0.2535.92 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.101.0519.0010 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1522470202-1352138926-4199276785-1001\...\Teams) (Version: 1.6.00.33567 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{B409944C-1493-4B0D-A92C-2CE3C5F5F289}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{0E8D087B-5654-4010-AF4D-DE1250B8C1EB}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30037 (HKLM-x32\...\{4b2f3795-f407-415e-88d5-8c8ab322909d}) (Version: 14.29.30037.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30040 (HKLM-x32\...\{a8968509-65be-4c09-a460-fd1584b1cdbf}) (Version: 14.29.30040.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30037 (HKLM\...\{529D20E8-132A-4F1A-A25F-9211B8C943AC}) (Version: 14.29.30037 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30037 (HKLM\...\{C874FB5A-1C85-460A-A4A9-CBCC3FAE7880}) (Version: 14.29.30037 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.29.30040 (HKLM-x32\...\{EFC21A37-5640-4BE1-981A-2FD3EDA1D893}) (Version: 14.29.30040 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.29.30040 (HKLM-x32\...\{3093CC12-EF27-4036-AD72-A759500271E9}) (Version: 14.29.30040 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 126.0.1 (x64 cs)) (Version: 126.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 92.0 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17628.20110 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17628.20102 - Microsoft Corporation) Hidden
PDF Architect 9 (HKLM-x32\...\PDF Architect 9) (Version: 9.1.56.3239 - pdfforge GmbH)
PDF Architect 9 Edit Module (HKLM\...\{AA8EF0C9-CA08-429F-8479-FC30CEC76070}) (Version: 9.1.57.21767 - Avanquest pdfforge GmbH) Hidden
PDF Architect 9 OCR Module (HKLM\...\{F3ED4561-0904-4230-849C-A5495F69A5E4}) (Version: 9.1.57.21767 - Avanquest pdfforge GmbH) Hidden
PDF Architect 9 OCR TESS Module (HKLM\...\{33CF1637-3E63-48A7-B145-6B5523506235}) (Version: 9.1.57.21767 - Avanquest pdfforge GmbH) Hidden
PDF Architect 9 View Module (HKLM\...\{3ACDACA4-0678-4D90-9C5A-8630849362C8}) (Version: 9.1.57.21767 - Avanquest pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{122CEDF1-5697-4EC3-A796-9565E746A021}) (Version: 5.2.1 - Avanquest pdfforge GmbH)
PSPad editor (HKLM\...\PSPad editor 64bit_is1) (Version: 5.0.6.589 - Jan Fiala)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7936 - Realtek Semiconductor Corp.)
Smart Play 3.34.8 (HKLM-x32\...\Smart Play) (Version: 3.34.8 - Amcrest Technologies LLC)
Tim 9.31.31 (HKLM-x32\...\{44B8FFD5-5D77-44F6-9B19-D459078ABDC5}) (Version: 9.31.31 - Ing. Martin Lenz - HippoSoft)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{85C69797-7336-4E83-8D97-32A7C8465A3B}) (Version: 8.94.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Vision ERP (HKLM\...\Vision ERP_is1) (Version: - Vision Praha s.r.o.)
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Web Components (HKLM-x32\...\{03B13AF8-9625-478A-AF0E-205337B9415A}_is1) (Version: 3.0.7.500 - )
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
Xerox Phaser 3435 (HKLM-x32\...\Xerox Phaser 3435) (Version: - )
Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-03-14] ()
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_153.1.1137.0_x64__v10z8vjag6ke6 [2024-05-09] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft Teams (work or school) -> C:\Program Files\WindowsApps\MSTeams_23320.3021.2567.4799_x64__8wekyb3d8bbwe [2024-01-03] (Microsoft) [Startup Task]
WinZip Universal -> C:\Program Files\WindowsApps\WinZipComputing.WinZipUniversal_1.5.13516.0_x64__3ykzqggjzj4z0 [2019-06-01] (WinZip Computing)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1522470202-1352138926-4199276785-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-1522470202-1352138926-4199276785-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.23334.10\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1522470202-1352138926-4199276785-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-1522470202-1352138926-4199276785-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\Admin\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.101.0519.0010\FileSyncShell64.dll [2024-06-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.101.0519.0010\FileSyncShell64.dll [2024-06-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.101.0519.0010\FileSyncShell64.dll [2024-06-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.101.0519.0010\FileSyncShell64.dll [2024-06-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.101.0519.0010\FileSyncShell64.dll [2024-06-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.101.0519.0010\FileSyncShell64.dll [2024-06-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.101.0519.0010\FileSyncShell64.dll [2024-06-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-06-07] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-06-07] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-06-07] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.101.0519.0010\FileSyncShell64.dll [2024-06-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.101.0519.0010\FileSyncShell64.dll [2024-06-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.101.0519.0010\FileSyncShell64.dll [2024-06-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.101.0519.0010\FileSyncShell64.dll [2024-06-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.101.0519.0010\FileSyncShell64.dll [2024-06-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.101.0519.0010\FileSyncShell64.dll [2024-06-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.101.0519.0010\FileSyncShell64.dll [2024-06-08] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.101.0519.0010\FileSyncShell64.dll [2024-06-08] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-02-14] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [PDFArchitect8_ManagerExt] -> {EC981B88-4DFE-457D-B623-09D6C0E3EE6C} => C:\Program Files\PDF Architect 9\context-menu.dll [2024-05-15] (pdfforge GmbH -> Avanquest pdfforge GmbH)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2022-10-04] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-02-14] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.101.0519.0010\FileSyncShell64.dll [2024-06-08] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => -> No File
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.101.0519.0010\FileSyncShell64.dll [2024-06-08] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0b3e3ed3ace9602a\igfxDTCM.dll [2018-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-02-14] (ESET, spol. s r.o. -> ESET)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2024-03-18 08:37 - 2024-03-18 08:37 - 005855744 _____ (ESET, spol. s r.o. -> ESET) [File not signed] C:\Program Files\ESET\ESET Security\Modules\em045_64\1087\em045_64.dll
2024-05-27 11:44 - 2024-05-27 11:44 - 000196096 _____ (pdfforge GmbH) [File not signed] C:\WINDOWS\System32\pdfcmon.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-1522470202-1352138926-4199276785-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-1522470202-1352138926-4199276785-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
SearchScopes: HKU\S-1-5-21-1522470202-1352138926-4199276785-1001 -> DefaultScope {BEFE635F-0D39-4DB6-989D-26AD27FA9366} URL =
SearchScopes: HKU\S-1-5-21-1522470202-1352138926-4199276785-1001 -> {BEFE635F-0D39-4DB6-989D-26AD27FA9366} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2024-04-10] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-04-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1522470202-1352138926-4199276785-1001\...\sharepoint.com -> hxxps://mekrs-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-03-18 23:03 - 2024-06-03 12:17 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Vision32\asa\bin64;C:\Program Files\Vision32\asa\bin32;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKCU\Environment\\Path -> %USERPROFILE%\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-1522470202-1352138926-4199276785-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
Network Binding:
=============
Wi-Fi: FortiClient NDIS 6.3 Packet Filter Driver -> ft_fortifilter (enabled)
Ethernet 2: FortiClient NDIS 6.3 Packet Filter Driver -> ft_fortifilter (enabled)
Ethernet 3: FortiClient NDIS 6.3 Packet Filter Driver -> ft_fortifilter (enabled)
Ethernet: FortiClient NDIS 6.3 Packet Filter Driver -> ft_fortifilter (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "LocalServiceControl"
HKU\S-1-5-21-1522470202-1352138926-4199276785-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1522470202-1352138926-4199276785-1001\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-1522470202-1352138926-4199276785-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_5EFC0ECB77A7585FE9DCDD0B2E946A2B"
HKU\S-1-5-21-1522470202-1352138926-4199276785-1001\...\StartupApproved\Run: => "GoogleDriveFS"
HKU\S-1-5-21-1522470202-1352138926-4199276785-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{79F86C99-416F-46E8-959D-C06B2CBC6384}] => (Allow) C:\Users\Admin\AppData\Local\Apowersoft\Online Video Converter\Online Video Converter.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{1360EDD5-E28A-4F7D-B7E0-747E93B8A02E}] => (Allow) C:\Users\Admin\AppData\Local\Apowersoft\Online Video Converter\Online Video Converter.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{89C6C083-B3EE-4CA3-9F05-98FBB9418108}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
FirewallRules: [{2E95C356-F3C2-498B-9FCA-83F37A018BD9}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
FirewallRules: [{8BD38E8A-C9F5-4E43-954F-CA5ECEBFAD50}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel(R) Wireless Connectivity Solutions -> )
FirewallRules: [{5A79AADA-2057-4FE3-A2C5-BFC0D9957844}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6F0120E6-28B7-439A-B83D-60199844B77F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{19A4242E-8463-4A5E-BDF7-1508C7F3C54D}] => (Allow) LPort=9422
FirewallRules: [{E00877D0-3872-4E9D-A876-315FB2384D79}] => (Allow) LPort=9245
FirewallRules: [{92A2F723-9523-49BE-AB66-60DABD2C19D0}] => (Allow) LPort=9246
FirewallRules: [{CD05FB5C-7DD7-45E9-B24F-B5B1B5B11129}] => (Allow) LPort=9247
FirewallRules: [{A2BCE7B3-9FA8-4C07-A1DB-DCC9D751BB6C}] => (Allow) LPort=3702
FirewallRules: [{E476C6E2-6268-4FBB-82C1-F00C785A0EFB}] => (Allow) LPort=9244
FirewallRules: [{7871AF74-4C74-4289-B3C1-CE9C2ABD38DF}] => (Allow) LPort=9444
FirewallRules: [{CB6975C3-02F1-4CB4-92B3-B8CCF1C7D471}] => (Allow) C:\Windows\twain_32\HP\HPCLM17X\ScanCDLM\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{D22BBAFC-39F1-4301-AAA1-CBA9CE9177A1}] => (Allow) C:\Windows\twain_32\HP\HPCLM17X\ScanCDLM\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{CD6830CE-BBBC-484C-B151-2D485FA3C4F3}] => (Allow) C:\Program Files (x86)\HP\MFP Scan\EDC.exe () [File not signed]
FirewallRules: [{A5F8DB04-BB22-43C6-AF1D-15D057BA3A83}] => (Allow) C:\Program Files (x86)\HP\MFP Scan\EDC.exe () [File not signed]
FirewallRules: [{9AF9C101-EA7E-4B17-B466-F21823866AC9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{20788D31-6B14-4426-80F1-59D9A98A0392}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8217217D-E290-4569-9FA5-FC4BC4CB3F9A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5EE853BC-2383-419B-B358-7D4D2A6994E6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9B84E6E5-57B7-456D-AE39-28563FF807FD}] => (Allow) C:\Program Files\Fortinet\FortiClient\FortiClient.exe (Fortinet Technologies (Canada) ULC -> Fortinet Inc.)
FirewallRules: [{7E0C538E-DB98-4020-9F1E-ADE5DC5F411A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{F6CA7EC6-5DF7-4093-BB27-D9248E4A9F38}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DB33C17B-AB9B-4CB1-A99C-6FF079DFAE7A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B8E53883-579C-47E2-8095-969C6B7DB053}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F4D18332-762F-4BF5-BA33-E3004AF8E70D}] => (Allow) C:\Program Files\WindowsApps\MSTeams_23320.3021.2567.4799_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CA2881DA-68CC-40D8-BA75-316E84E53B71}] => (Allow) C:\Program Files\WindowsApps\MSTeams_23320.3021.2567.4799_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2222CD4A-90BC-47F5-A3C9-65D1C1497D10}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6E8E071A-5E8A-4B70-81C5-0B9A0238296C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{12716D8E-BA5F-464C-8C9B-5961B5CC373C}C:\users\admin\downloads\winbox64.exe] => (Allow) C:\users\admin\downloads\winbox64.exe (Mikrotikls SIA -> )
FirewallRules: [UDP Query User{A749FE8C-6B44-4563-90FB-6141143C90E8}C:\users\admin\downloads\winbox64.exe] => (Allow) C:\users\admin\downloads\winbox64.exe (Mikrotikls SIA -> )
FirewallRules: [TCP Query User{74DFA79E-FFE0-446F-97E5-5FE0CAAB23C8}C:\users\admin\downloads\anydesk.exe] => (Allow) C:\users\admin\downloads\anydesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [UDP Query User{3B93DE5B-4F03-4335-BCE1-B66CA6BC1912}C:\users\admin\downloads\anydesk.exe] => (Allow) C:\users\admin\downloads\anydesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{D7090E9C-020F-45FA-B3F6-3C36BC8050D7}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.92\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
24-05-2024 07:35:20 Naplánovaný kontrolní bod
27-05-2024 11:45:04 Installed PDF Architect 9 View Module
27-05-2024 11:48:42 Installed PDF Architect 9 Edit Module
27-05-2024 11:49:27 Installed PDF Architect 9 OCR Module
27-05-2024 11:50:12 Installed PDF Architect 9 OCR TESS Module
02-06-2024 07:25:21 Removed Acer Configuration Manager
02-06-2024 07:26:11 Removed Bonjour
02-06-2024 07:28:20 Removed Acer Quick Access
02-06-2024 07:28:48 Removed Backup and Sync from Google
02-06-2024 07:29:56 Removed Care Center
02-06-2024 07:33:01 Removed Kontrola stavu osobního počítače s Windows
==================== Faulty Device Manager Devices ============
Name: Fortinet SSL VPN Virtual Ethernet Adapter
Description: Fortinet SSL VPN Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Fortinet Inc
Service: ftsvnic
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (06/06/2024 01:32:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Acrobat.exe, verze: 24.2.20759.0, časové razítko: 0x663fd4ba
Název chybujícího modulu: Acrobat.dll, verze: 24.2.20759.0, časové razítko: 0x663fd4b2
Kód výjimky: 0xc000041d
Posun chyby: 0x000000000090936b
ID chybujícího procesu: 0x514
Čas spuštění chybující aplikace: 0x01dab805270faf22
Cesta k chybující aplikaci: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
Cesta k chybujícímu modulu: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.dll
ID zprávy: 0e8696d6-0056-48b9-98e5-edd95116fe17
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (06/06/2024 01:32:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Acrobat.exe, verze: 24.2.20759.0, časové razítko: 0x663fd4ba
Název chybujícího modulu: Acrobat.dll, verze: 24.2.20759.0, časové razítko: 0x663fd4b2
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000090936b
ID chybujícího procesu: 0x514
Čas spuštění chybující aplikace: 0x01dab805270faf22
Cesta k chybující aplikaci: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
Cesta k chybujícímu modulu: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.dll
ID zprávy: e3f8fdb7-5ffd-4090-962e-4c3ed4a99c00
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (06/04/2024 11:05:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Acrobat.exe, verze: 24.2.20759.0, časové razítko: 0x663fd4ba
Název chybujícího modulu: Acrobat.dll, verze: 24.2.20759.0, časové razítko: 0x663fd4b2
Kód výjimky: 0xc000041d
Posun chyby: 0x000000000090936b
ID chybujícího procesu: 0x1dfc
Čas spuštění chybující aplikace: 0x01dab65e51da8d42
Cesta k chybující aplikaci: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
Cesta k chybujícímu modulu: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.dll
ID zprávy: 3a237570-a4e0-4585-a46a-ce562f540b54
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (06/04/2024 11:05:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Acrobat.exe, verze: 24.2.20759.0, časové razítko: 0x663fd4ba
Název chybujícího modulu: Acrobat.dll, verze: 24.2.20759.0, časové razítko: 0x663fd4b2
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000090936b
ID chybujícího procesu: 0x1dfc
Čas spuštění chybující aplikace: 0x01dab65e51da8d42
Cesta k chybující aplikaci: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
Cesta k chybujícímu modulu: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.dll
ID zprávy: 5df9b681-ab7c-4437-903d-697b553f79da
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (06/02/2024 07:46:48 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\HP\MFP Scan\EDC.exe se nezdařilo.
Závislé sestavení Microsoft.VC90.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (06/02/2024 07:44:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: lync.exe, verze: 16.0.17531.20152, časové razítko: 0x663d7c06
Název chybujícího modulu: MsoAria.dll, verze: 16.0.17531.20004, časové razítko: 0x660beccd
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000008d67
ID chybujícího procesu: 0x504
Čas spuštění chybující aplikace: 0x01dab4af9eb36142
Cesta k chybující aplikaci: C:\Program Files\Microsoft Office\root\Office16\lync.exe
Cesta k chybujícímu modulu: C:\Program Files\Microsoft Office\root\Office16\MsoAria.dll
ID zprávy: b4b23357-68c3-42e6-910d-45d76119a005
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (06/02/2024 07:43:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DllHost.exe, verze: 10.0.19041.3636, časové razítko: 0x5f959e44
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.4355, časové razítko: 0x35a939aa
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000634f6
ID chybujícího procesu: 0x2ea0
Čas spuštění chybující aplikace: 0x01dab4afbca2f3ea
Cesta k chybující aplikaci: C:\WINDOWS\system32\DllHost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: f76f230e-1e94-42a7-be7b-d2445be2a122
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (06/02/2024 07:41:25 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\HP\MFP Scan\EDC.exe se nezdařilo.
Závislé sestavení Microsoft.VC90.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
System errors:
=============
Error: (06/07/2024 07:03:13 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80240017): KYOCERA Document Solutions Inc. - Printer - 6/6/2013 12:00:00 AM - 10.0.17134.1.
Error: (06/06/2024 07:24:49 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80240017): KYOCERA Document Solutions Inc. - Printer - 6/6/2013 12:00:00 AM - 10.0.17134.1.
Error: (06/05/2024 09:22:54 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80240017): KYOCERA Document Solutions Inc. - Printer - 6/6/2013 12:00:00 AM - 10.0.17134.1.
Error: (06/04/2024 11:12:10 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80240017): KYOCERA Document Solutions Inc. - Printer - 6/6/2013 12:00:00 AM - 10.0.17134.1.
Error: (06/04/2024 06:55:16 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80240017): KYOCERA Document Solutions Inc. - Printer - 6/6/2013 12:00:00 AM - 10.0.17134.1.
Error: (06/03/2024 08:28:46 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80240017): KYOCERA Document Solutions Inc. - Printer - 6/6/2013 12:00:00 AM - 10.0.17134.1.
Error: (06/02/2024 08:05:10 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba npf neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (06/02/2024 07:46:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba npf neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
CodeIntegrity:
===============
Date: 2024-06-09 07:37:33
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2024-06-09 07:37:16
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: Insyde Corp. V1.11 08/11/2017
Motherboard: Acer BA40_SL
Processor: Intel(R) Core(TM) i3-6006U CPU @ 2.00GHz
Percentage of memory in use: 60%
Total physical RAM: 3976.91 MB
Available physical RAM: 1555.83 MB
Total Virtual: 6122.61 MB
Available Virtual: 2752.25 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:445.9 GB) (Free:303.26 GB) (Model: KINGSTON SA400S37480G) NTFS
\\?\Volume{a0722515-51e8-453d-98ee-d61caa603de3}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.36 GB) NTFS
\\?\Volume{b1ffb85a-8c2f-4b6e-bd08-c51f5832fc5c}\ (ESP) (Fixed) (Total:0.1 GB) (Free:0.04 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 447.1 GB) (Disk ID: BDDFCC1E)
Partition: GPT.
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Kontrola logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Kontrola logu
Ahoj,
mas tam Norton aj Eset - jeden z nich odinstaluj
Prescanuj PC s Adwcleanerom - log sem
mas tam Norton aj Eset - jeden z nich odinstaluj
Prescanuj PC s Adwcleanerom - log sem
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Přispějete na provoz fóra?