Dobrý večer,
poslední dobou mám problém při vkládání příspěvku na net, kde je potřeba vyplnit Capha, že nejsem robot. Občas se podaří Capha vyplnit, ale pak hlásí chybové hlášení, že se odesílají z mého PC automatizované odkazy. (viz. obrázek) či i když vyplním obrázky správně, tak pořád je to špatně. někdy trvá delší dobu než je v tlačítku slovo ověřit. Nemůžu mít v PC nějakou havěť. Používám CC Cleaner. ZoneAlarm, Aviru a Malwarebytes free.

Problém s Capha při vkládání příspěvku na net (1)
Chybové hlášení Capha.jpg (53.76 KiB) Zobrazeno 2838 x

Posílám logy z FRST a díky za prověření a další rady.
Ivo Antušek

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-01-2022
Ran by Admin (administrator) on DESKTOP-1U0LM3C (28-01-2022 17:21:06)
Running from D:\Aviry
Loaded Profiles: Admin
Platform: Microsoft Windows 10 Home Version 21H1 19043.1466 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ABBYY Production LLC -> ABBYY Production LLC) C:\Program Files (x86)\Common Files\ABBYY\FineReader\15\Licensing\NetworkLicenseServer.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <2>
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Inc.) [File not signed] D:\Programy\Adobe\Adobe Acrobat Distiller 5.0\Distillr\AcroTray.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) D:\Fotoeditory\Adobe Photoshop Elements 11\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
(ASUSTeK Computer Inc. -> ) C:\Windows\System32\AsusUpdateCheck.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) D:\Aviry\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) D:\Aviry\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) D:\Aviry\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) D:\Aviry\Avira\Antivirus\protectedservice.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) D:\Aviry\Avira\Antivirus\sched.exe
(Corel Corporation -> WinZip Computing) D:\Archivace\WinZip\WzPreloader.exe
(geek software GmbH -> geek software GmbH) D:\Prográmky\PDF24\pdf24.exe <2>
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett Packard -> Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) D:\Aviry\CheckPoint\ZoneAlarm\vsmon.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) D:\Aviry\CheckPoint\ZoneAlarm\zatray.exe
(Malwarebytes Inc -> Malwarebytes) D:\Aviry\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) D:\Aviry\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2111.12605.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2111.12605.0_x64__8wekyb3d8bbwe\Win32Bridge.Server.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 7\updater-ws.exe
(pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 7\ws.exe
(Piriform Software Ltd -> Piriform Software Ltd) D:\Aviry\CCleaner\CCleaner64.exe
(RealNetworks, Inc. -> ) D:\Prográmky\RealPlayer\downloader2.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) D:\Prográmky\RealPlayer\Update\realsched.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) D:\Prográmky\UpdateService\RealPlayerUpdateSvc.exe
(Softland SRL -> Microsoft) C:\Program Files\Softland\novaPDF 10\Server\novapdfs.exe
Failed to access process -> Pm70.exe
Failed to access process -> Pm70.exe
Failed to access process -> Pm70.exe
Failed to access process -> Pm70.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [PDF24] => D:\Prográmky\PDF24\pdf24.exe [587000 2021-11-15] (geek software GmbH -> geek software GmbH)
HKLM-x32\...\Run: [ZoneAlarm] => D:\Aviry\CheckPoint\ZoneAlarm\zatray.exe [325856 2020-01-23] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [706800 2021-09-16] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2623032 2019-07-26] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files (x86)\Opera\assistant\browser_assistant.exe [4105424 2021-10-14] (Opera Software AS -> Opera Software)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [TkBellExe] => d:\prográmky\realplayer\Update\realsched.exe [347560 2021-12-26] (RealNetworks, Inc. -> RealNetworks, Inc.)
HKU\S-1-5-21-722231672-965411127-3486821242-1001\...\Run: [CCleaner Smart Cleaning] => D:\Aviry\CCleaner\CCleaner64.exe [35320448 2022-01-25] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-722231672-965411127-3486821242-1001\...\Run: [] => [X]
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [239704 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\novaPDF 10 Port Monitor: C:\WINDOWS\system32\novamn10.dll [18944 2020-10-19] (Softland) [File not signed]
HKLM\...\Print\Monitors\PCL hpz3lw71: C:\WINDOWS\system32\hpz3lw71.dll [55392 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\PDF Architect 7 Monitor: C:\Windows\system32\spool\DRIVERS\x64\pdf architect_pdfpmon_v. [932984 2019-11-26] (PDF Tools AG -> PDF Tools AG (hxxp://
HKLM\...\Print\Monitors\PDF-XChange5-ABBYY: C:\Windows\system32\pxc50pma.dll [58936 2014-11-13] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
HKLM\...\Print\Monitors\PDF-XChange5-ABBYY-FR15: C:\WINDOWS\system32\pxc50pmaf15.dll [57328 2018-12-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\97.0.4692.99\Installer\chrmstp.exe [2022-01-25] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Avira.lnk [2020-02-02]
ShortcutTarget: Avira.lnk -> C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acrobat Assistant.lnk [2020-01-31]
ShortcutTarget: Acrobat Assistant.lnk -> D:\Programy\Adobe\Adobe Acrobat Distiller 5.0\Distillr\AcroTray.exe (Adobe Systems Inc.) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2019-11-26]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2020-08-11]
ShortcutTarget: WinZip Preloader.lnk -> D:\Archivace\WinZip\WzPreloader.exe (Corel Corporation -> WinZip Computing)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {08883AF0-231B-4B4F-951A-1AD9EFBE811A} - System32\Tasks\CCleaner Update => D:\Aviry\CCleaner\CCUpdate.exe [684976 2022-01-25] (Piriform Software Ltd -> Piriform)
Task: {09F58E83-DD6B-4D22-9C17-9FD917C21114} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {0C3F0ED1-2C1F-42EA-AECE-130E4BEA6A04} - System32\Tasks\doPDF 10 Telemetry => C:\Program Files\Softland\novaPDF 10\Driver\GoogleAnalytics.exe [51504 2020-10-19] (Softland SRL -> )
Task: {2DA4E14C-06DD-498D-8217-4755502737E1} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-722231672-965411127-3486821242-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [128240 2016-02-03] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {30515FA6-F9ED-44C5-8EFA-8506DAE5A0F2} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-1U0LM3C-Admin => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {3A4FCE33-CA62-4B79-9A74-E2086F13EC84} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-722231672-965411127-3486821242-1001 => d:\prográmky\realplayer\realupgrade.exe [129960 2021-12-26] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {45D3064C-3490-40EA-A308-48CC75246022} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-11-26] (Google Inc -> Google Inc.)
Task: {4E9E6481-B630-4BC4-A5B7-3C95F0DB01C7} - System32\Tasks\Opera scheduled assistant Autoupdate 1580117963 => C:\Program Files (x86)\Opera\launcher.exe [1753808 2022-01-12] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files (x86)\Opera\assistant" $(Arg0)
Task: {5B5F805B-03A4-4A69-A43E-334AC0F875CA} - System32\Tasks\Opera scheduled Autoupdate 1574800406 => C:\Program Files (x86)\Opera\launcher.exe [1753808 2022-01-12] (Opera Software AS -> Opera Software)
Task: {616CEEB4-EE69-42DB-AA2F-E7853BF033DA} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {6D0F4719-6443-4675-A203-79D1F80F2BD1} - System32\Tasks\Avira_Antivirus_Systray => D:\Aviry\Avira\Antivirus\avgnt.exe [2648424 2021-11-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {6E2CF984-2BBD-462A-B1A6-B86BD1DBBC32} - System32\Tasks\WinZip Update Notifier 3 => d:\Archivace\WinZip\WZUpdateNotifier.exe [2814096 2020-02-24] (Corel Corporation -> Corel Corporation)
Task: {8189F116-3BEA-493C-B93F-2F3FDED8F43C} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-722231672-965411127-3486821242-1001 => d:\prográmky\realplayer\realupgrade.exe [129960 2021-12-26] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {9D9147FE-E3A9-4DA6-9467-97B7F4A01A0B} - System32\Tasks\WinZip Update Notifier 2 => d:\Archivace\WinZip\WZUpdateNotifier.exe [2814096 2020-02-24] (Corel Corporation -> Corel Corporation)
Task: {A9B5C750-A8A6-46C0-887B-D224DD94FD74} - System32\Tasks\WinZip Update Notifier 1 => d:\Archivace\WinZip\WZUpdateNotifier.exe [2814096 2020-02-24] (Corel Corporation -> Corel Corporation)
Task: {B01B9418-6846-4E2E-A1D2-A7B9F27667D9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-11-26] (Google Inc -> Google Inc.)
Task: {BB9C4A9E-8903-42A2-9BCF-77E08E69BE01} - System32\Tasks\klcp_update => D:\Prográmky\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1907712 2021-04-12] () [File not signed]
Task: {BC760D4F-D70E-43BC-8E6A-8371CC7FF274} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {C058F360-D1E7-4B0B-817D-F6E7783E7B0F} - System32\Tasks\RealDownloader Update Check => d:\prográmky\realplayer\downloader2.exe [1167784 2021-12-26] (RealNetworks, Inc. -> )
Task: {D2C135A4-E491-469B-9EE5-8BBB500E2731} - System32\Tasks\CCleanerSkipUAC - Admin => D:\Aviry\CCleaner\CCleaner.exe [29453952 2022-01-25] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DD4DDD5E-C15D-41A6-BFE2-8EBFC70439DC} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-722231672-965411127-3486821242-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [128240 2016-02-03] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {E1920BD4-C7C5-47DA-B6E7-56B22AB96BDB} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {E948ECFF-5A89-46DA-AE8D-EFA7EF4E35F1} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {EB2B61BF-C3A2-4F58-B725-387972CD7149} - System32\Tasks\doPDF 10 Update => C:\Program Files\Softland\novaPDF 10\Driver\UpdateApplication.exe [98096 2020-10-19] (Softland SRL -> )
Task: {FFDCBDCA-7CFB-4740-B675-7E5A751731CC} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe /from_scheduler:1 (No File)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-722231672-965411127-3486821242-1001] => http=;ftp=;https=;
Tcpip\Parameters: [DhcpNameServer]
Tcpip\..\Interfaces\{2344692f-c41b-4ac7-9c50-43b9fc907f50}: [DhcpNameServer]
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-28]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FF DefaultProfile: 2i1040qs.default-1582311638745
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\u4mgi7h5.default-release [2022-01-28]
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2i1040qs.default-1582311638745 [2022-01-28]
FF HKLM\...\Firefox\Extensions: [] - C:\Program Files\PDF Architect 7\creator\plugins\FirefoxAddin\
FF Extension: (PDF Architect 7 Creator) - C:\Program Files\PDF Architect 7\creator\plugins\FirefoxAddin\ [2019-10-02]
FF HKLM-x32\...\Firefox\Extensions: [] - C:\Program Files\PDF Architect 7\creator\plugins\FirefoxAddin\
FF Plugin:,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin:,version=3.0.10 -> D:\Prográmky\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin:,version=3.0.11 -> D:\Prográmky\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin:,version=3.0.12 -> D:\Prográmky\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin:,version=3.0.14 -> D:\Prográmky\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin:,version=3.0.16 -> D:\Prográmky\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin:,version=3.0.8 -> D:\Prográmky\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-07-26] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32:,version=14.0 -> C:\PROGRA~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32:,version=14.0 -> C:\PROGRA~2\Office14\NPSPWRAP.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32:,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32:;version= -> d:\prográmky\realplayer\Netscape6\nppl3260.dll [2021-12-26] (RealNetworks, Inc. -> RealNetworks, Inc.)
FF Plugin-x32:;version= -> d:\prográmky\realplayer\Netscape6\nprpplugin.dll [2021-12-26] (RealNetworks, Inc. -> RealPlayer)
FF Plugin-x32: -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-07-26] (Adobe Inc. -> Adobe Systems)

CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default [2022-01-28]
CHR StartupUrls: Default -> "hxxp://"
CHR Extension: (uBlock Origin) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-01-13]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-01-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

OPR Profile: C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable [2022-01-28]
OPR DefaultSuggestURL: Opera Stable -> hxxps:// ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-01-27]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-15]
OPR Extension: (uBlock Origin) - C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2022-01-18]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.15.0; C:\Program Files (x86)\Common Files\ABBYY\FineReader\15\Licensing\NetworkLicenseServer.exe [1058032 2019-07-29] (ABBYY Production LLC -> ABBYY Production LLC)
S2 ABBYY.Licensing.PDFTransformer.Classic.4.0; D:\Programy\ABBYY PDF Transformer+\NetworkLicenseServer.exe [962256 2014-12-02] (ABBYY Production LLC -> ABBYY Production LLC)
R2 AdobeActiveFileMonitor10.0; D:\Fotoeditory\Adobe Photoshop Elements 11\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [816184 2019-07-26] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3849472 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3617024 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AntiVirMailService; D:\Aviry\Avira\Antivirus\avmailc7.exe [1206648 2021-07-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntivirProtectedService; D:\Aviry\Avira\Antivirus\ProtectedService.exe [538000 2021-07-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; D:\Aviry\Avira\Antivirus\sched.exe [485048 2021-07-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; D:\Aviry\Avira\Antivirus\avguard.exe [485048 2021-07-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; D:\Aviry\Avira\Antivirus\avwebg7.exe [574832 2022-01-14] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AsusUpdateCheck; C:\WINDOWS\System32\AsusUpdateCheck.exe [768408 2022-01-28] (ASUSTeK Computer Inc. -> )
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [631008 2021-09-16] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 MBAMService; D:\Aviry\Malwarebytes\Anti-Malware\MBAMService.exe [7972536 2022-01-25] (Malwarebytes Inc -> Malwarebytes)
S3 Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Office14\GROOVE.EXE [30963576 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NovaPdf10Server; C:\Program Files\Softland\novaPDF 10\Server\novapdfs.exe [52528 2020-10-19] (Softland SRL -> Microsoft)
R3 PDF Architect 7; C:\Program Files\PDF Architect 7\ws.exe [2579752 2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
S3 PDF Architect 7 Creator; C:\Program Files\PDF Architect 7\creator\common\creator-ws.exe [692008 2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 7 Update Service; C:\Program Files\PDF Architect 7\updater-ws.exe [1832232 2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF24; D:\Prográmky\PDF24\pdf24.exe [587000 2021-11-15] (geek software GmbH -> geek software GmbH)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RealPlayerUpdateSvc; D:\prográmky\UpdateService\RealPlayerUpdateSvc.exe [38856 2021-12-04] (RealNetworks, Inc. -> RealNetworks, Inc.)
S2 RealTimes Desktop Service; d:\prográmky\realplayer\RPDS\Bin\rpdsvc.exe [991176 2021-12-26] (RealNetworks, Inc. -> RealNetworks, Inc.)
R2 vsmon; D:\Aviry\CheckPoint\ZoneAlarm\vsmon.exe [4528344 2020-01-20] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [3201616 2019-11-26] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe [103168 2019-11-26] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZA NET ICM Service; C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe [42208 2020-03-13] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 ZAPrivacyService; D:\Aviry\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [114936 2020-01-20] (Check Point Software Technologies Ltd. -> Check Point Software Technologies, Ltd.)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [78936 2019-06-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22848 2021-07-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [209088 2021-11-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [199312 2021-03-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [89736 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [45472 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220568 2022-01-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-11-16] (Malwarebytes Inc -> Malwarebytes)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 Vsdatant; C:\WINDOWS\system32\DRIVERS\vsdatant.sys [461240 2019-07-25] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-11-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [351968 2019-11-26] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-11-26] (Microsoft Windows -> Microsoft Corporation)
U3 iswSvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-28 17:08 - 2022-01-28 17:08 - 000010073 _____ C:\Users\Admin\AppData\LocalLow\
2022-01-28 17:08 - 2022-01-28 17:08 - 000010071 _____ C:\Users\Admin\AppData\LocalLow\
2022-01-28 17:07 - 2022-01-28 17:07 - 000010069 _____ C:\Users\Admin\AppData\LocalLow\
2022-01-28 17:07 - 2022-01-28 17:07 - 000010068 _____ C:\Users\Admin\AppData\LocalLow\
2022-01-28 17:06 - 2022-01-28 17:10 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\fB9oV
2022-01-28 17:06 - 2022-01-28 17:08 - 000000978 _____ C:\Users\Admin\AppData\LocalLow\outlook.txt
2022-01-28 17:06 - 2022-01-28 17:06 - 000010066 _____ C:\Users\Admin\AppData\LocalLow\
2022-01-28 17:06 - 2022-01-28 17:06 - 000010063 _____ C:\Users\Admin\AppData\LocalLow\
2022-01-28 15:45 - 2022-01-28 15:45 - 000220568 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-01-27 18:26 - 2022-01-28 15:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-01-25 21:10 - 2022-01-25 21:11 - 015990331 _____ C:\Users\Admin\Downloads\VID-20211114-WA0001.mp4
2022-01-24 20:46 - 2022-01-24 20:47 - 002886153 _____ C:\Users\Admin\Downloads\20_04 Hrobka_u_strašnického_krematoria_Katerina_Pohlova.pdf
2022-01-23 16:59 - 2022-01-23 17:31 - 000000000 ____D C:\ProgramData\tmp
2022-01-23 16:59 - 2022-01-23 17:31 - 000000000 ____D C:\ProgramData\hps
2022-01-23 16:59 - 2022-01-23 16:59 - 000000000 ____D C:\Users\Admin\AppData\Local\FOTOLAB CEWE fotosvet
2022-01-23 16:59 - 2022-01-23 16:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FOTOLAB CEWE fotosvet
2022-01-13 00:22 - 2022-01-13 00:22 - 000523776 _____ (curl, hxxps:// C:\WINDOWS\system32\curl.exe
2022-01-13 00:22 - 2022-01-13 00:22 - 000464384 _____ (curl, hxxps:// C:\WINDOWS\SysWOW64\curl.exe
2022-01-13 00:22 - 2022-01-13 00:22 - 000011797 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-01-13 00:16 - 2022-01-13 00:16 - 000000000 ___HD C:\$WinREAgent
2022-01-10 21:29 - 2022-01-10 21:29 - 000023232 _____ C:\Users\Admin\Downloads\1_-_MESTA_VE_VETACH.pdf
2022-01-04 22:28 - 2022-01-04 22:28 - 003921072 ____T C:\Users\Admin\Downloads\Korona song.mp4
2022-01-01 15:59 - 2022-01-01 15:59 - 003954113 _____ C:\Users\Admin\Downloads\Novoroční přání video.mp4

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-28 17:21 - 2020-02-14 18:00 - 000000000 ____D C:\FRST
2022-01-28 17:16 - 2019-11-27 01:03 - 000000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2022-01-28 17:12 - 2020-05-17 18:38 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\IGDump
2022-01-28 17:11 - 2019-11-27 01:56 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\Mozilla
2022-01-28 17:11 - 2019-11-26 21:34 - 000000000 ____D C:\ProgramData\Mozilla
2022-01-28 16:56 - 2019-11-26 21:30 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-28 16:16 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-28 16:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-01-28 16:16 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\
2022-01-28 15:57 - 2020-04-28 21:25 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-01-28 15:49 - 2020-11-05 23:18 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-01-28 15:49 - 2019-12-07 15:41 - 000716764 _____ C:\WINDOWS\system32\perfh005.dat
2022-01-28 15:49 - 2019-12-07 15:41 - 000144942 _____ C:\WINDOWS\system32\perfc005.dat
2022-01-28 15:49 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-01-28 15:45 - 2021-12-26 18:07 - 000003556 _____ C:\WINDOWS\system32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-722231672-965411127-3486821242-1001
2022-01-28 15:45 - 2021-12-26 18:07 - 000003492 _____ C:\WINDOWS\system32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-722231672-965411127-3486821242-1001
2022-01-28 15:45 - 2020-11-05 23:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-01-28 15:45 - 2020-11-05 23:09 - 000783504 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-01-28 15:45 - 2020-11-05 23:09 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-28 15:45 - 2019-11-26 21:34 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-01-28 15:45 - 2019-11-26 21:33 - 000000000 ____D C:\Program Files (x86)\Opera
2022-01-28 15:45 - 2019-11-20 19:04 - 000768408 _____ C:\WINDOWS\system32\AsusUpdateCheck.exe
2022-01-28 15:45 - 2019-11-20 12:12 - 000000000 ____D C:\ProgramData\NVIDIA
2022-01-28 15:44 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-01-28 15:44 - 2019-11-20 19:04 - 000807280 _____ C:\WINDOWS\system32\wpbbin.exe
2022-01-27 23:12 - 2021-10-10 20:31 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-01-27 23:12 - 2019-11-26 21:34 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-01-27 18:58 - 2020-02-05 19:20 - 000000000 ____D C:\Users\Admin\AppData\Roaming\vlc
2022-01-26 19:22 - 2020-11-28 07:46 - 000003488 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b3c178cf4b4
2022-01-26 19:22 - 2020-11-05 23:16 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-25 23:43 - 2020-11-05 23:16 - 000003920 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-01-25 21:48 - 2020-06-07 13:04 - 000000927 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-01-25 21:48 - 2020-06-07 13:04 - 000000927 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-01-25 21:48 - 2020-06-07 13:04 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-01-25 19:51 - 2019-11-26 21:30 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-25 19:51 - 2019-11-26 21:30 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-01-24 20:21 - 2021-12-10 23:41 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-722231672-965411127-3486821242-1001
2022-01-24 20:21 - 2020-11-05 23:16 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-722231672-965411127-3486821242-1001
2022-01-24 20:21 - 2020-11-05 23:10 - 000002377 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-01-22 15:34 - 2019-11-26 21:47 - 000000000 ____D C:\Users\Admin\AppData\Local\Adobe
2022-01-21 23:27 - 2020-06-14 18:30 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-01-21 23:27 - 2020-06-14 18:30 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-01-21 13:22 - 2020-11-05 23:09 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-01-21 10:51 - 2020-11-05 23:16 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-01-21 10:51 - 2020-11-05 23:16 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-01-17 17:21 - 2020-11-05 23:16 - 000003970 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1574800406
2022-01-17 17:21 - 2019-11-26 21:33 - 000001155 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2022-01-14 15:36 - 2019-11-26 20:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2022-01-13 16:56 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-01-13 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-01-13 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-01-13 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-01-13 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-01-13 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-01-13 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-01-13 00:25 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-01-13 00:15 - 2019-11-26 20:09 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-01-13 00:13 - 2019-11-26 20:09 - 145765912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-01-11 17:31 - 2020-11-05 23:10 - 000000000 ____D C:\Users\Admin
2022-01-11 15:48 - 2021-12-12 13:10 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-01-11 15:48 - 2021-12-12 13:10 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2022-01-11 15:48 - 2020-11-05 23:16 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-01-08 21:41 - 2019-11-27 21:06 - 000000000 ____D C:\Users\Admin\AppData\Local\Windows Live
2022-01-03 20:57 - 2021-12-27 21:19 - 000000000 ____D C:\Users\Admin\.cache

==================== Files in the root of some directories ========

2020-04-30 13:57 - 2020-04-30 13:57 - 000000000 _____ () C:\Users\Admin\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-01-2022
Ran by Admin (28-01-2022 17:22:32)
Running from D:\Aviry
Microsoft Windows 10 Home Version 21H1 19043.1466 (X64) (2020-11-05 22:16:13)
Boot Mode: Normal

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Admin (S-1-5-21-722231672-965411127-3486821242-1001 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-722231672-965411127-3486821242-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-722231672-965411127-3486821242-503 - Limited - Disabled)
Guest (S-1-5-21-722231672-965411127-3486821242-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-722231672-965411127-3486821242-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {8A154ED8-4428-DB2D-0E3F-BD82C448FD94}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Free Firewall Firewall (Enabled) {217C3BCF-3FBD-7C30-A427-2D11E16F3BEB}
FW: ZoneAlarm Free Firewall Firewall (Disabled) {8D637332-9C08-995E-98D7-8237936B0E9F}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 19.01 alpha (x64) (HKLM\...\7-Zip) (Version: 19.01 alpha - Igor Pavlov)
A Sharper Scaling version 1.2 (HKLM-x32\...\{7CFADE53-9599-48C5-9FE3-689E56C1D96B}_is1) (Version: 1.2 - )
ABBYY FineReader 15 (HKLM\...\{F15000FE-0001-6400-0000-074957833700}) (Version: 15.0.1496 - ABBYY Production LLC)
ABBYY PDF Transformer+ (HKLM\...\{FA400000-0001-6400-0000-074957833700}) (Version: 4.2.186 - ABBYY Production LLC)
Adobe Acrobat 5.0 (HKLM-x32\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 21.011.20039 - Adobe)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe Inc.)
Adobe PageMaker 7.0 (HKLM-x32\...\Adobe PageMaker 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Photoshop Elements 10 (HKLM-x32\...\Adobe Photoshop Elements 10) (Version: 10.0 - Adobe Systems Incorporated)
Avira (HKLM-x32\...\{6156e18b-c7ce-48c3-bc6d-d09fade03fd3}) (Version: - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{9754C7FC-FBAA-4ABF-8BC9-1B101D079104}) (Version: - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2201.2134 - Avira Operations GmbH & Co. KG)
BAHN 3.81r1 (HKLM-x32\...\BAHN381r1_is1) (Version: 3.81 - JBSS Chemnitz/Dresden)
calibre 64bit (HKLM\...\{6DB760DC-BEC5-4727-AA50-722D2881725E}) (Version: 5.9.0 - Kovid Goyal)
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.89 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
doPDF (HKLM\...\{3A2B5138-BDC2-4905-8683-0F416835A4FD}) (Version: 10.9.132 - Softland) Hidden
doPDF 10 (HKLM-x32\...\{358437cf-c8bf-4fd7-a16f-7a5a6265602d}) (Version: 10.9.132 - Softland)
doPDF 10 add-in for Microsoft Office (x64) (HKLM\...\{064F8223-4848-4562-B77E-997C3E74E749}) (Version: 10.6.122 - Softland)
doPDF 10 add-in for Microsoft Office (x86) (HKLM-x32\...\{705BC7F6-DE19-4764-A8C2-0162DC824AB9}) (Version: 10.6.122 - Softland)
doPDF 10 Printer Driver (HKLM\...\{786E2F7E-E97D-46B7-A9B1-FDEF161F9FE0}) (Version: 10.9.132 - Softland)
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: - Logitech, Inc.) Hidden
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FOTOLAB CEWE fotosvet (HKLM-x32\...\FOTOLAB CEWE fotosvet) (Version: 6.3.7 - CEWE Stiftung u Co. KGaA)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 97.0.4692.99 - Google LLC)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F4200 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{8C925017-72A8-4C4A-AF21-84901E26638F}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: - Hewlett-Packard)
K-Lite Mega Codec Pack 16.4.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 16.4.5 - KLCP)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
LibreOffice (HKLM\...\{4DACF7A7-C851-4943-A63D-3CAE495C48E0}) (Version: - The Document Foundation)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
Malwarebytes version (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 97.0.1072.69 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Language Pack 2010 - Czech/èeština (HKLM-x32\...\Office14.OMUI.cs-cz) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-722231672-965411127-3486821242-1001\...\OneDriveSetup.exe) (Version: 22.002.0103.0004 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 96.0.3 (x64 cs)) (Version: 96.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 73.0 - Mozilla)
NVIDIA Ovladač HD audia (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: - NVIDIA Corporation)
NVIDIA Ovladače grafiky 456.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 456.71 - NVIDIA Corporation)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Opera Stable 82.0.4227.58 (HKLM-x32\...\Opera 82.0.4227.58) (Version: 82.0.4227.58 - Opera Software)
PDF Architect 7 (HKLM-x32\...\PDF Architect 7) (Version: - pdfforge GmbH)
PDF Architect 7 Create Module (HKLM\...\{B600CC13-8F68-4D44-8867-93490894FAE5}) (Version: - pdfforge GmbH) Hidden
PDF Architect 7 Edit Module (HKLM\...\{BA2C2671-B379-4101-A21C-4C549671FC8D}) (Version: - pdfforge GmbH) Hidden
PDF Architect 7 View Module (HKLM\...\{E947A304-6110-4CFE-98AD-E6909072E87D}) (Version: - pdfforge GmbH) Hidden
PDF24 Creator 10.7.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 10.7.0 -
PSE10 STI Installer (HKLM-x32\...\{11D08055-939C-432b-98C3-E072478A0CD7}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
Rajče verze 2.5.9 sestavení 290 (HKLM-x32\...\Rajče.net_is1) (Version: - rajč
RealDownloader (HKLM-x32\...\{48D18738-099C-4FAA-AFD9-80B592A25478}) (Version: - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM-x32\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (HKLM-x32\...\{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}) (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 20.0) (Version: 20.0.7 - RealNetworks)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (HKLM-x32\...\{90140000-0100-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{1FCBAAF2-0321-4986-8DAE-5F2891EC6E8E}) (Version: - Microsoft)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype verze 8.79 (HKLM-x32\...\Skype_is1) (Version: 8.79 - Skype Technologies S.A.)
UpdateService (HKLM-x32\...\{E3AE96D6-E196-45B4-AF62-2B41998B9E37}) (Version: 1.0.0 - RealNetworks, Inc.) Hidden
vc2012_redist (HKLM-x32\...\{9402AEF2-5981-4097-8BE2-6501DAC4DBFD}) (Version: - Realnetworks) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
vs2015_redist x86 (HKLM-x32\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: - Realnetworks) Hidden
VSO Inspector 2.0.2 (HKLM-x32\...\VSO Inspector_is1) (Version: - VSO-Software SARL)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
WinZip (HKLM-x32\...\WinZip) (Version: 10.0 (6667) - WinZip Computing LP)
WinZip 24.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C24127}) (Version: 24.0.14033 - Corel Corporation)
XMedia Recode 64bit verze (HKLM\...\{D31E6E69-4C6A-42CC-926F-CC7B186864EB}_is1) (Version: - XMedia Recode 64bit)
ZoneAlarm Firewall (HKLM-x32\...\{2F77A309-CAB9-4C8A-8ED0-8C8DA3FF0744}) (Version: - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: - Check Point)
ZoneAlarm Security (HKLM-x32\...\{DA17D180-7193-4070-B085-9827DB80C2F8}) (Version: - Check Point Software Technologies Ltd.) Hidden
Zoner Photo Studio 8 (HKLM-x32\...\Zoner Photo Studio 8_is1) (Version: - ZONER software)

ASUS Grid (Beta) -> C:\Program Files\WindowsApps\B9ECED6F.133F79A42C6_1.0.14.0_x64__qmba6cd70vzyy [2020-07-12] (ASUSTeK COMPUTER INC.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\ [2022-01-12] (
Candy Crush Friends -> C:\Program Files\WindowsApps\ [2022-01-21] (
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-07-12] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-07-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-07-12] (Microsoft Corporation) [MS Ad]
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_4.1.11220.0_x64__8wekyb3d8bbwe [2021-12-16] (Microsoft Studios) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.1050.0_x64__8wekyb3d8bbwe [2022-01-13] (Microsoft Studios) [MS Ad]
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.62.5211.0_x64__8wekyb3d8bbwe [2022-01-23] (Microsoft Corporation) [Startup Task]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-26] (Netflix, Inc.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0 [2022-01-23] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-722231672-965411127-3486821242-1001_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> D:\Archivace\WinZip\adxloader64.WinZipExpressForOffice.dll (Corel Corporation -> )
CustomCLSID: HKU\S-1-5-21-722231672-965411127-3486821242-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6723984 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Office14\GROOVEEX.DLL [4222864 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Archivace\7-Zip\7-zip.dll [2019-09-05] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [FineReader15ContextMenu] -> {53339754-4DD1-438B-8D24-0D0730F1A591} => C:\Program Files (x86)\ABBYY FineReader 15\x64\FRIntegration.x64.dll [2019-08-22] (ABBYY Production LLC -> ABBYY Production LLC.)
ContextMenuHandlers1: [PDFArchitect7_ManagerExt] -> {21989F59-B260-4302-90C3-E51740E03639} => C:\Program Files\PDF Architect 7\context-menu.dll [2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1-x32: [Transformer4ContextMenu] -> {558BA64F-C7A8-4B96-BCDD-B46E9D00756A} => D:\Programy\ABBYY PDF Transformer+\TRIntegration.dll [2015-01-28] (ABBYY Production LLC -> ABBYY Production LLC.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\ Archivace\WinRar 5.91\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\ Archivace\WinRar 5.91\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => D:\Archivace\WinZip\wzshls64.dll [2020-02-24] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\Aviry\Malwarebytes\Anti-Malware\mbshlext.dll [2020-06-07] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => d:\prográmky\realplayer\RPDS\Bin64\rpcontextmenu.dll [2021-12-26] (RealNetworks, Inc. -> RealNetworks, Inc.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Archivace\7-Zip\7-zip.dll [2019-09-05] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => D:\Aviry\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => D:\Archivace\WinZip\wzshls64.dll [2020-02-24] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Archivace\7-Zip\7-zip.dll [2019-09-05] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [FineReader15ContextMenu] -> {53339754-4DD1-438B-8D24-0D0730F1A591} => C:\Program Files (x86)\ABBYY FineReader 15\x64\FRIntegration.x64.dll [2019-08-22] (ABBYY Production LLC -> ABBYY Production LLC.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\Aviry\Malwarebytes\Anti-Malware\mbshlext.dll [2020-06-07] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => D:\Aviry\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6-x32: [Transformer4ContextMenu] -> {558BA64F-C7A8-4B96-BCDD-B46E9D00756A} => D:\Programy\ABBYY PDF Transformer+\TRIntegration.dll [2015-01-28] (ABBYY Production LLC -> ABBYY Production LLC.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\ Archivace\WinRar 5.91\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\ Archivace\WinRar 5.91\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => D:\Archivace\WinZip\wzshls64.dll [2020-02-24] (Corel Corporation -> WinZip Computing)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.X264] => C:\WINDOWS\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.HFYU] => C:\WINDOWS\system32\huffyuv.dll [55296 2005-01-22] () [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\system32\lagarith.dll [148992 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\system32\xvidvfw.dll [310784 2019-12-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.HFYU] => C:\Windows\SysWOW64\huffyuv.dll [39936 2004-05-18] (Disappearing Inc.) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284160 2019-12-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\SysWOW64\lameACM.acm [473088 2015-02-25] (hxxp:// [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Network Shortcuts\My Web Sites on MSN\target.lnk -> hxxp://

==================== Loaded Modules (Whitelisted) =============

2019-11-27 00:19 - 2001-06-18 02:59 - 000094208 _____ ( Adobe Systems Incorporated) [File not signed] d:\programy\adobe\pagemaker 7.0\EpsImport.dll
2019-11-27 00:19 - 2001-06-18 02:28 - 000073728 _____ ( Adobe Systems Incorporated) [File not signed] d:\programy\adobe\pagemaker 7.0\InitBravo.dll
2019-11-27 00:19 - 2001-06-18 03:28 - 000073728 _____ ( Adobe Systems Incorporated) [File not signed] d:\programy\adobe\pagemaker 7.0\InitPM7Bravo.dll
2019-11-27 00:19 - 2001-06-18 02:26 - 000086016 _____ () [File not signed] d:\programy\adobe\pagemaker 7.0\Aoln.dll
2019-11-27 00:19 - 2001-06-18 02:18 - 000064512 _____ () [File not signed] d:\programy\adobe\pagemaker 7.0\MAIPM6.dll
2019-11-27 00:19 - 2001-06-18 02:19 - 003444736 _____ () [File not signed] d:\programy\adobe\pagemaker 7.0\MPS.dll
2019-11-27 00:19 - 2001-06-18 02:35 - 000663552 _____ () [File not signed] d:\programy\adobe\pagemaker 7.0\Vamp.dll
2019-11-27 00:19 - 2001-06-18 02:37 - 000147456 _____ (Adobe Systems Incorporated) [File not signed] d:\programy\adobe\pagemaker 7.0\ALDCL6.dll
2019-11-27 00:19 - 2001-06-18 02:30 - 000081920 _____ (Adobe Systems Incorporated) [File not signed] d:\programy\adobe\pagemaker 7.0\ALDFS32.dll
2019-11-27 00:19 - 2001-06-18 02:43 - 000421888 _____ (Adobe Systems Incorporated) [File not signed] d:\programy\adobe\pagemaker 7.0\aldim4.dll
2019-11-27 00:19 - 2001-06-18 02:30 - 000077824 _____ (Adobe Systems Incorporated) [File not signed] d:\programy\adobe\pagemaker 7.0\ALDVM32.dll
2019-11-27 00:19 - 2001-06-18 02:19 - 000069632 _____ (Adobe Systems Incorporated) [File not signed] d:\programy\adobe\pagemaker 7.0\PM7OPP.dll
2019-11-27 00:19 - 2001-06-18 03:48 - 000323584 _____ (Adobe Systems Incorporated) [File not signed] d:\programy\adobe\pagemaker 7.0\PMExt.dll
2019-11-27 00:19 - 2001-06-18 03:44 - 000184320 _____ (Adobe Systems Incorporated) [File not signed] d:\programy\adobe\pagemaker 7.0\RBENG.dll
2019-11-27 00:19 - 2001-06-18 03:45 - 000102400 _____ (Adobe Systems Incorporated) [File not signed] d:\programy\adobe\pagemaker 7.0\RSRC\SwitchB\DFLTCMSG\DFLTCMSG.SWB
2019-11-27 00:19 - 2001-06-18 02:30 - 000020480 _____ (Adobe Systems Incorporated) [File not signed] d:\programy\adobe\pagemaker 7.0\RSRC\USENGLSH\ALDFSR32.RSL
2019-11-27 00:19 - 2001-06-18 02:43 - 000020480 _____ (Adobe Systems Incorporated) [File not signed] d:\programy\adobe\pagemaker 7.0\RSRC\USENGLSH\ALDIM4RS.RSL
2019-11-27 00:19 - 2001-06-18 03:43 - 000045056 _____ (Adobe Systems Incorporated) [File not signed] d:\programy\adobe\pagemaker 7.0\RSRC\USENGLSH\ALDRBRES.RSL
2019-11-27 00:19 - 2001-06-18 03:45 - 000032768 _____ (Adobe Systems Incorporated) [File not signed] d:\programy\adobe\pagemaker 7.0\RSRC\USENGLSH\DFLTRES.RSL
2019-11-27 00:19 - 2001-06-19 22:50 - 000978944 _____ (Adobe Systems Incorporated) [File not signed] d:\programy\adobe\pagemaker 7.0\RSRC\USENGLSH\PM70.RSL
2019-11-27 00:19 - 2001-06-18 02:18 - 000017920 _____ (Adobe Systems Incorporated.) [File not signed] d:\programy\adobe\pagemaker 7.0\MF.dll
2019-11-27 00:19 - 2001-06-18 02:18 - 000446464 _____ (Adobe Systems, Incorporated) [File not signed] d:\programy\adobe\pagemaker 7.0\ACE.dll
2019-11-27 00:19 - 2001-06-18 02:18 - 001859584 _____ (Adobe Systems, Incorporated) [File not signed] d:\programy\adobe\pagemaker 7.0\AGM.dll
2019-11-27 00:19 - 2001-06-18 02:18 - 000147456 _____ (Adobe Systems, Incorporated) [File not signed] d:\programy\adobe\pagemaker 7.0\BIB.dll
2019-11-27 00:19 - 2001-06-18 02:18 - 001441792 _____ (Adobe Systems, Incorporated) [File not signed] d:\programy\adobe\pagemaker 7.0\CoolType.dll
2019-11-27 00:19 - 2001-06-18 02:19 - 000434176 _____ (Adobe Systems, Incorporated) [File not signed] d:\programy\adobe\pagemaker 7.0\PM7ACE.dll
2019-11-27 00:19 - 2001-06-18 02:19 - 001781760 _____ (Adobe Systems, Incorporated) [File not signed] d:\programy\adobe\pagemaker 7.0\PM7AGM.dll
2019-11-27 00:19 - 2001-06-18 02:19 - 000188529 _____ (Adobe Systems, Incorporated) [File not signed] d:\programy\adobe\pagemaker 7.0\PM7BIB.dll
2019-11-27 00:19 - 2001-06-18 02:19 - 001347584 _____ (Adobe Systems, Incorporated) [File not signed] d:\programy\adobe\pagemaker 7.0\PM7CoolType.dll
2009-11-17 22:58 - 2009-11-17 22:58 - 000342656 _____ (Hewlett Packard -> Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqmif08.dll
2009-11-17 22:58 - 2009-11-17 22:58 - 000559232 _____ (Hewlett Packard -> Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusg.dll
2012-05-27 16:44 - 2012-05-27 16:44 - 000032256 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.rsc
2011-04-29 11:34 - 2011-04-29 11:34 - 000934400 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsem08.rsc
2011-04-29 11:34 - 2011-04-29 11:34 - 000012288 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqstp08.rsc
2011-04-29 19:08 - 2011-04-29 19:08 - 000048128 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc
2010-08-06 11:15 - 2010-08-06 11:15 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000054784 _____ (Hewlett-Packard) [File not signed] C:\WINDOWS\SYSTEM32\hpzipr12.dll
2020-01-20 21:16 - 2020-01-20 21:16 - 000986112 _____ (Microsoft Corporation) [File not signed] D:\Aviry\CheckPoint\ZoneAlarm\dbghelp.dll
2020-10-19 14:04 - 2020-10-19 14:04 - 000018944 _____ (Softland) [File not signed] C:\WINDOWS\System32\novamn10.dll
2018-12-10 10:29 - 2018-12-10 10:29 - 000438272 _____ (The curl library, hxxps:// [File not signed] C:\Program Files\PDF Architect 7\libcurl.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: PDF Architect 7 Helper -> {2B035CAB-1F3D-4DE6-A32D-39B9E5F456D0} -> C:\Program Files\PDF Architect 7\creator\plugins\IEAddin\creator-ie-helper.dll [2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> d:\prográmky\realplayer\BrowserRecordPlugin\IE\rndlbrowserrecordplugin64.dll [2021-12-26] (RealNetworks, Inc. -> RealPlayer)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: PDF Architect 7 Helper -> {2B035CAB-1F3D-4DE6-A32D-39B9E5F456D0} -> C:\Program Files (x86)\PDF Architect 7\creator\plugins\IEAddin\creator-ie-helper.dll [2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> d:\prográmky\realplayer\BrowserRecordPlugin\IE\rndlbrowserrecordplugin.dll [2021-12-26] (RealNetworks, Inc. -> RealPlayer)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - PDF Architect 7 Toolbar - {61E612A7-2382-4570-8D3F-42BC136DDAD7} - C:\Program Files\PDF Architect 7\creator\plugins\IEAddin\creator-ie-plugin.dll [2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
Toolbar: HKLM-x32 - PDF Architect 7 Toolbar - {61E612A7-2382-4570-8D3F-42BC136DDAD7} - C:\Program Files (x86)\PDF Architect 7\creator\plugins\IEAddin\creator-ie-plugin.dll [2019-10-07] (pdfforge GmbH -> pdfforge GmbH)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-722231672-965411127-3486821242-1001\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2020-02-03 20:01 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-722231672-965411127-3486821242-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\Pictures\Saved Pictures\m104 - sombrero.bmp
DNS Servers: -
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F1C3FD45-225F-4248-BB58-CC07D80EA9B9}] => (Allow) D:\Aviry\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{7FE0D65D-4851-4F77-BD27-FF9EE5C9BCAA}] => (Allow) D:\Aviry\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{98E55126-E08E-4283-BC9F-1CD4487C5376}] => (Allow) D:\Aviry\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{463A6C42-0E1B-4675-8A95-5E8E0F425848}] => (Allow) D:\Aviry\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{7059C7E5-30C1-4084-A8C6-CA7C0AB13286}] => (Allow) LPort=8501
FirewallRules: [{D9603B5C-325E-4237-BC4E-91DCA55B90A1}] => (Allow) LPort=8501
FirewallRules: [{D33BCFB3-EA54-4BD5-954B-45F544174DFE}] => (Allow) C:\Program Files (x86)\Office14\ONENOTE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{87F08FF4-AAB0-4911-9194-EB67A27D0ED3}] => (Allow) C:\Program Files (x86)\Office14\ONENOTE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{63FD2332-F2D6-45A0-8793-C7410883EF3D}] => (Allow) LPort=1900
FirewallRules: [{09D0FD54-F9E5-4E9B-B5EC-8C5985AB222F}] => (Allow) LPort=2869
FirewallRules: [{13FD4DA9-5757-49F9-987F-7641F63CD5D5}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D53AC4E9-924B-48B4-A6E6-95AF36DAFFDE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3F60A5E6-326B-4D15-A51D-52B43BF1ABC4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CA0013FD-B126-4C46-BEE0-597F4DDB0B80}] => (Allow) C:\Program Files (x86)\Office14\GROOVE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0BBCD6C0-2206-46C3-A2BD-0348B1897A4D}] => (Allow) C:\Program Files (x86)\Office14\GROOVE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6C8F3AE3-4336-4D9E-BA25-A3671EE747A8}] => (Allow) C:\Program Files (x86)\Office14\ONENOTE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9B5E2AB7-51AF-4ED3-B069-4EB883C9A166}] => (Allow) C:\Program Files (x86)\Office14\ONENOTE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{91181CAB-8ADE-439A-8631-8327892A308B}] => (Allow) C:\Program Files (x86)\Office14\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DFD547C9-0CFE-4699-8CF3-D4433F0B5972}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{33D705BD-7BFE-4FE1-8899-0E527C6F19F5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{15931879-68B7-450E-9912-820F4E591178}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D9F5080B-F1EA-46B1-BE1B-353A98878F88}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0CE445A5-21BB-467A-A270-7065480A7DB2}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9A0EB60E-5410-48B5-85F9-1C9B71271994}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E6EC08C9-BC65-4D7B-B033-5092276B64F8}] => (Allow) d:\prográmky\realplayer\RPDS\Bin\rpdsvc.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
FirewallRules: [{EEBDC094-AAA2-4871-AD93-AEBBD357AF94}] => (Allow) d:\prográmky\realplayer\RealPlay.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
FirewallRules: [{96A0D9C4-BEB1-4749-8114-4BE556A05269}] => (Allow) C:\Program Files (x86)\Opera\82.0.4227.43\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{7EB9973F-E767-4177-8D39-BF2AD5D5BCC2}] => (Allow) C:\Program Files (x86)\Opera\82.0.4227.58\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{6D019467-7666-43C9-ADC9-CEEEC59C3B20}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F9EAE377-E204-4C0B-B820-CEC548006A36}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{944896B2-EE94-4303-9304-6B2DB36B6A6B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{720E2229-C2B6-4B34-B0D0-ECB8307448F4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C552009C-29A9-4C79-BDCE-587770CCB3F7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{72BF2582-16DA-4D70-86CA-504AA6D5A3EA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3A5499E0-8CAB-4F42-932E-4A7516852298}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A5788512-F933-4CA0-A133-8F45C93B1261}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A636529B-63CF-4A80-8C34-8854C171DDC1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

31-12-2021 18:30:12 Naplánovaný kontrolní bod
09-01-2022 15:50:49 Naplánovaný kontrolní bod
13-01-2022 00:15:35 Instalační služba modulů systému Windows
13-01-2022 00:16:06 Instalační služba modulů systému Windows
20-01-2022 14:13:34 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
Error: (01/28/2022 04:37:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: PM70.EXE, verze:, časové razítko: 0x3b2d4092
Název chybujícího modulu: Vamp.dll, verze:, časové razítko: 0x3b2d1b79
Kód výjimky: 0xc0000005
Posun chyby: 0x00059262
ID chybujícího procesu: 0x2c5c
Čas spuštění chybující aplikace: 0x01d8145ce1aa73cb
Cesta k chybující aplikaci: d:\programy\adobe\pagemaker 7.0\PM70.EXE
Cesta k chybujícímu modulu: d:\programy\adobe\pagemaker 7.0\Vamp.dll
ID zprávy: bb81f204-de86-4f82-b546-dc05cd9af7eb
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/28/2022 04:37:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: PM70.EXE, verze:, časové razítko: 0x3b2d4092
Název chybujícího modulu: unknown, verze:, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0458d8af
ID chybujícího procesu: 0x2c5c
Čas spuštění chybující aplikace: 0x01d8145ce1aa73cb
Cesta k chybující aplikaci: d:\programy\adobe\pagemaker 7.0\PM70.EXE
Cesta k chybujícímu modulu: unknown
ID zprávy: 0d0e1364-f2be-43cf-9320-1d64d1359903
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/28/2022 04:34:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: PM70.EXE, verze:, časové razítko: 0x3b2d4092
Název chybujícího modulu: Vamp.dll, verze:, časové razítko: 0x3b2d1b79
Kód výjimky: 0xc0000005
Posun chyby: 0x00059262
ID chybujícího procesu: 0xcf4
Čas spuštění chybující aplikace: 0x01d8145b33cdb3f1
Cesta k chybující aplikaci: d:\programy\adobe\pagemaker 7.0\PM70.EXE
Cesta k chybujícímu modulu: d:\programy\adobe\pagemaker 7.0\Vamp.dll
ID zprávy: d7eccd13-fb0f-4db4-96aa-3eddfc892aa3
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/28/2022 04:34:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: PM70.EXE, verze:, časové razítko: 0x3b2d4092
Název chybujícího modulu: unknown, verze:, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0438d8af
ID chybujícího procesu: 0xcf4
Čas spuštění chybující aplikace: 0x01d8145b33cdb3f1
Cesta k chybující aplikaci: d:\programy\adobe\pagemaker 7.0\PM70.EXE
Cesta k chybujícímu modulu: unknown
ID zprávy: 8728ccb3-b79c-45de-8e59-cbc124b12f80
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/28/2022 03:47:56 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu FirewallProduct z úložiště dat.

Error: (01/26/2022 08:09:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Pm70.exe, verze:, časové razítko: 0x3b2d4092
Název chybujícího modulu: Vamp.dll, verze:, časové razítko: 0x3b2d1b79
Kód výjimky: 0xc0000005
Posun chyby: 0x00059262
ID chybujícího procesu: 0x3b88
Čas spuštění chybující aplikace: 0x01d812e2c956b6a7
Cesta k chybující aplikaci: D:\Programy\Adobe\PageMaker 7.0\Pm70.exe
Cesta k chybujícímu modulu: D:\Programy\Adobe\PageMaker 7.0\Vamp.dll
ID zprávy: 31dc2800-d4b5-43a1-9085-88dd16628675
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/26/2022 08:09:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Pm70.exe, verze:, časové razítko: 0x3b2d4092
Název chybujícího modulu: unknown, verze:, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0438d87f
ID chybujícího procesu: 0x3b88
Čas spuštění chybující aplikace: 0x01d812e2c956b6a7
Cesta k chybující aplikaci: D:\Programy\Adobe\PageMaker 7.0\Pm70.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 06a1f3dd-0cb0-47a1-a8c2-81a9e37dbbd8
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/25/2022 11:32:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Pm70.exe, verze:, časové razítko: 0x3b2d4092
Název chybujícího modulu: Vamp.dll, verze:, časové razítko: 0x3b2d1b79
Kód výjimky: 0xc0000005
Posun chyby: 0x00059262
ID chybujícího procesu: 0x240c
Čas spuštění chybující aplikace: 0x01d81239df93f65f
Cesta k chybující aplikaci: D:\Programy\Adobe\PageMaker 7.0\Pm70.exe
Cesta k chybujícímu modulu: D:\Programy\Adobe\PageMaker 7.0\Vamp.dll
ID zprávy: b92d62cb-1ddf-485e-9f7a-8138d2260276
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

System errors:
Error: (01/28/2022 05:16:56 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-1U0LM3C)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (01/28/2022 05:16:39 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-1U0LM3C)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (01/28/2022 03:46:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba RealTimes Desktop Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/28/2022 03:46:04 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby ABBYY PDF Transformer+ - Licensing Service bylo dosaženo časového limitu (60000 ms).

Error: (01/28/2022 03:44:26 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba AsusUpdateCheck se po přijetí pokynu pro vypnutí neukončila správně.

Error: (01/28/2022 03:44:13 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby wuauserv s argumenty Není kdispozici za účelem spuštění serveru:

Error: (01/28/2022 03:44:13 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby wuauserv s argumenty Není kdispozici za účelem spuštění serveru:

Error: (01/21/2022 10:50:45 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NFFX4SZZ23L-Microsoft.549981C3F5F10.

Windows Defender:
Date: 2020-11-05 23:16:20
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace: ... terprise=0
Název: HackTool:Win32/AutoKMS
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: containerfile:_C:\Windows\AutoKMS.exe; file:_C:\Windows\AutoKMS.exe->[MSILRES:AutoKMS.Properties.Resources.resources]
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Název procesu: C:\Windows\AutoKMS.exe
Verze bezpečnostních informací: AV: 1.305.2858.0, AS: 1.305.2858.0, NIS: 1.305.2858.0
Verze modulu: AM: 1.1.16500.1, NIS: 1.1.16500.1

Date: 2020-11-05 23:16:19
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace: ... terprise=0
Název: HackTool:Win32/AutoKMS
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\Windows\AutoKMS.exe->[MSILRES:AutoKMS.Properties.Resources.resources]
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Název procesu: C:\Windows\AutoKMS.exe
Verze bezpečnostních informací: AV: 1.305.2858.0, AS: 1.305.2858.0, NIS: 1.305.2858.0
Verze modulu: AM: 1.1.16500.1, NIS: 1.1.16500.1

Date: 2022-01-28 15:48:01
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Aviry\CheckPoint\ZoneAlarm\ZA_WSC_Remediation.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 2901 10/16/2019
Processor: AMD Ryzen 5 2600 Six-Core Processor
Percentage of memory in use: 46%
Total physical RAM: 8124.13 MB
Available physical RAM: 4365.91 MB
Total Virtual: 9404.13 MB
Available Virtual: 5197.71 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:237.84 GB) (Free:159.7 GB) NTFS
Drive d: (Místní disk) (Fixed) (Total:931.5 GB) (Free:566.77 GB) NTFS

\\?\Volume{d6458fe6-83f6-4935-9c1d-28a7f72e381b}\ () (Fixed) (Total:0.52 GB) (Free:0.09 GB) NTFS
\\?\Volume{b5a6f67e-0283-4ca7-8508-df1d94760cbf}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

Disk: 1 (Size: 238.5 GB) (Disk ID: 39AE08EB)

Partition: GPT.

==================== End of Addition.txt =======================

