Po 2 let

[memart]

Zdravím Vás!

Mam starsi DELL Latitude E6430 a rad bych zkontroloval stav ohrozenosti a dostal moznou radu.
Hlavni je duvod, ze mi u prihlaseni na OnLine UCB banking hlasi nebezpeci prihlaseni
Nevim jestli je napadnuta banka, nebo mam certika.
V mobilu mi jde prihlaseni a platba bez hlasky.
Zde jsou skeny z FRST-u:

=============
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-06-2022 01
Ran by markovic (administrator) on OKS69 (Dell Inc. Latitude E6430) (11-06-2022 15:20:42)
Running from C:\Users\markovic\AppData\Local\Temp\scoped_dir2272_2029001724
Loaded Profiles: markovic
Platform: Microsoft Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: Opera
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe ->) (Sophos Ltd -> Sophos Limited) C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\SophosUpdate.exe
(C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpgrade22.exe ->) (Safer-Networking Limited -> Safer-Networking Ltd.) C:\Windows\Temp\is-G8Q0A.tmp\SDUpgrade22.tmp
(C:\Program Files\Sophos\Sophos File Scanner\SophosFS.exe ->) (Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Sophos File Scanner\SophosFileScanner.exe <2>
(C:\Windows\Temp\is-DVQOV.tmp\spybot-setup.tmp ->) () [File not signed] C:\Windows\Temp\is-M7EFF.tmp\_isetup\_setup64.tmp
(C:\Windows\Temp\is-G8Q0A.tmp\SDUpgrade22.tmp ->) (Safer-Networking Limited -> Safer-Networking Ltd.) C:\Windows\Temp\is-RM5O3.tmp\spybot-setup.exe
(C:\Windows\Temp\is-RM5O3.tmp\spybot-setup.exe ->) (Safer-Networking Limited -> Safer-Networking Ltd.) C:\Windows\Temp\is-DVQOV.tmp\spybot-setup.tmp
(Safer-Networking Limited -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpgrade22.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (GlavSoft LLC -> GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe
(services.exe ->) (Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Connect\Watchdog\EPWD.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Kerio Technologies Inc.) [File not signed] C:\Program Files (x86)\Kerio\UpdaterService\ktupdaterservice.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(services.exe ->) (O2Micro Inc. -> O2Micro International) C:\Windows\System32\o2flash.exe
(services.exe ->) (OCS Inventory NG) [File not signed] C:\Program Files (x86)\OCS Inventory Agent\OcsService.exe
(services.exe ->) (Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
(services.exe ->) (Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Health\SophosHealth.exe
(services.exe ->) (Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsAgent.exe
(services.exe ->) (Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsClient.exe
(services.exe ->) (Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
(services.exe ->) (Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
(services.exe ->) (Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sdcservice.exe
(services.exe ->) (Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
(services.exe ->) (Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
(services.exe ->) (Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Clean\SophosCleanM64.exe
(services.exe ->) (Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Endpoint Defense\SEDService.exe
(services.exe ->) (Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Endpoint Defense\SSPService.exe
(services.exe ->) (Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Safestore\SophosSafestore64.exe
(services.exe ->) (Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Sophos File Scanner\SophosFS.exe
(services.exe ->) (Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Sophos Network Threat Protection\SophosNtpService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(winlogon.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LogonUI.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [tvncontrol] => C:\Program Files\TightVNC\tvnserver.exe [1699480 2018-03-01] (GlavSoft LLC -> GlavSoft LLC.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2015-01-09] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
HKLM\...\Run: [Sophos UI.exe] => C:\Program Files\Sophos\Sophos UI\Sophos UI.exe [1650464 2021-11-08] (Sophos Ltd -> Sophos Limited)
HKU\S-1-5-21-1071798875-1387944877-1996711308-14587\...\Run: [PCAM] => C:\Users\markovic\AppData\Local\VITS\PCAM\pcam.exe [606208 2014-05-21] () [File not signed]
HKU\S-1-5-21-1071798875-1387944877-1996711308-14587\...\Run: [Opera Browser Assistant] => C:\Users\markovic\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4137216 2022-06-07] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-1071798875-1387944877-1996711308-14587\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Canon MG5700 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCS.DLL [30208 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\KOAZCA_P: C:\Windows\System32\spool\prtprocs\x64\KOAZCA_P.DLL [41984 2012-02-15] (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) [File not signed]
HKLM\...\Print\Monitors\C368SeriesPCL Language Monitor: C:\windows\system32\KOAXWJ_L.DLL [25592 2017-08-28] (Microsoft Windows Hardware Compatibility Publisher -> KONICA MINOLTA, INC.)
HKLM\...\Print\Monitors\C652SeriesPS Language Monitor: C:\windows\system32\KOAZCA_L.DLL [15360 2012-02-15] () [File not signed]
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5700 series: C:\windows\system32\CNMLMCS.DLL [406528 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\windows\system32\CNMN6PPM.DLL [375296 2015-03-17] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\HP 1353 Status Monitor: C:\windows\system32\hpinksts1353LM.dll [468064 2017-12-21] (Hewlett Packard -> HP Inc.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Ink Tank Wireless 410 series): C:\windows\system32\HPDiscoPM1353.dll [988808 2018-07-27] (Hewlett Packard -> HP Inc.)
HKLM\...\Print\Monitors\pdfcmon: C:\windows\system32\pdfcmon.dll [116736 2019-04-18] (pdfforge GmbH) [File not signed]
HKLM\...\Print\Monitors\SafeQ: C:\windows\system32\SAFEQVS64.DLL [4003840 2012-02-15] () [File not signed]
AppInit_DLLs: C:\windows\system32\SophosAV\SOPHOS~1.DLL => C:\windows\system32\SophosAV\SOPHOS~1.DLL [242936 2021-07-07] (Sophos Ltd -> Sophos Limited)
AppInit_DLLs-x32: C:\windows\SysWOW64\SophosAV\SOPHOS~1.DLL => C:\windows\SysWOW64\SophosAV\SOPHOS~1.DLL [247072 2021-07-07] (Sophos Ltd -> Sophos Limited)
Startup: C:\Users\markovic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledování výstrah kazety - HP Ink Tank Wireless 410 series.lnk [2022-06-11]
ShortcutAndArgument: Sledování výstrah kazety - HP Ink Tank Wireless 410 series.lnk -> C:\windows\system32\RunDll32.exe => "C:\Program Files\HP\HP Ink Tank Wireless 410 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN04H5M02D06PF;CONNECTION=USB;MONITOR=1;
BootExecute: autocheck autochk * sdnclean64.exe
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {05E5552D-2323-48BA-855D-70B57F9562CA} - System32\Tasks\Opera scheduled Autoupdate 1557900633 => C:\Users\markovic\AppData\Local\Programs\Opera\launcher.exe [2473216 2022-06-02] (Opera Software AS -> Opera Software)
Task: {1988D0A3-E08A-4AE3-B9A9-F7DCD6481C80} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\markovic\AppData\Local\Temp\scoped_dir6412_1142737047\esetonlinescanner_csy.exe LOGON (No File) <==== ATTENTION
Task: {20246E78-FB8B-427C-A958-5DB730CC5D68} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-09] (Adobe Inc. -> Adobe)
Task: {2C49BA85-1251-46FE-907F-53DD0739375E} - System32\Tasks\{37D6EE52-BB4B-477E-B724-6B1767401175} => C:\windows\system32\pcalua.exe -a C:\Users\markovic\Downloads\win64_15.33.48.5069.exe -d C:\Users\markovic\Downloads
Task: {326B50D0-63C8-4FFB-AC10-F51071B73302} - System32\Tasks\{AE2CC0F9-9507-437C-A1ED-C8B14C9346AE} => C:\windows\system32\pcalua.exe -a C:\Users\markovic\Downloads\win64_15.36.36.5067.exe -d C:\Users\markovic\Downloads
Task: {3B727BAF-E95B-456C-AD87-DC8042F376C9} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [973744 2022-04-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {46BD00AF-F2B0-4AC0-8D3C-D02E588430A4} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {4B9FA230-C9EA-4312-85EB-7CD33DF50AC6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-29] (Google LLC -> Google LLC)
Task: {4DFAF887-DE23-48EA-8839-36F0699E83A6} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel(R) Software Development Products -> Intel Corporation)
Task: {54FACD97-E153-4D4A-9836-2BA83F7E4103} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe [1499704 2020-12-09] (Adobe Inc. -> Adobe)
Task: {66FF6791-8875-49EA-BFE2-1D909DCB0664} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\markovic\AppData\Local\Temp\scoped_dir6412_1142737047\esetonlinescanner_csy.exe SCHED (No File) <==== ATTENTION
Task: {6AE835D9-AAD7-4205-B3B5-940F5ED2C5A8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {76869E25-86C1-4E59-B832-9F785D5A279D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
Task: {7C94CF32-7E64-4781-BACC-EE971DCE628A} - System32\Tasks\HPCustParticipation HP Ink Tank Wireless 410 series => C:\Program Files\HP\HP Ink Tank Wireless 410 series\Bin\HPCustPartic.exe [6661256 2018-07-27] (Hewlett Packard -> HP Inc.)
Task: {842313C1-92E4-4C16-AD25-D3671806080C} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File)
Task: {99FD7758-52D4-4313-B1BA-66042E301B4D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [973744 2022-04-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {A33D8321-97A2-4672-A2F2-CD6CD9176D74} - System32\Tasks\Abelssoft\AntiLogger_3 => C:\Program Files (x86)\AntiLogger\AbLauncher.exe Abelssoft\AntiLogger AntiLogger.exe -minimized -autorun (No File)
Task: {B89EDB88-0AD2-446F-91C3-2F16F3B0BF11} - System32\Tasks\Opera scheduled assistant Autoupdate 1580994261 => C:\Users\markovic\AppData\Local\Programs\Opera\launcher.exe [2473216 2022-06-02] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\markovic\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {EAD2876E-D6A2-481F-A59D-E87FC0C753FF} - System32\Tasks\{59E8265B-0EB0-4B0A-96E8-2554EF7CE164} => C:\windows\system32\pcalua.exe -a C:\Users\markovic\Downloads\dxwebsetup(1).exe -d C:\Users\markovic\Downloads
Task: {ECDE3940-9A82-460D-9F71-4A42897D8C02} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-29] (Google LLC -> Google LLC)
Task: {EE1D8296-55B5-458C-885F-C4EAAEE0804D} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel(R) Software Development Products -> Intel Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-1071798875-1387944877-1996711308-14587] => localhost:8080
Winsock: Catalog9 01 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [133560 2021-03-23] (Sophos Ltd -> Sophos Limited)
Winsock: Catalog9 02 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [133560 2021-03-23] (Sophos Ltd -> Sophos Limited)
Winsock: Catalog9 03 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [133560 2021-03-23] (Sophos Ltd -> Sophos Limited)
Winsock: Catalog9 04 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [133560 2021-03-23] (Sophos Ltd -> Sophos Limited)
Winsock: Catalog9 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [133560 2021-03-23] (Sophos Ltd -> Sophos Limited)
Winsock: Catalog9 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [133560 2021-03-23] (Sophos Ltd -> Sophos Limited)
Winsock: Catalog9 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [133560 2021-03-23] (Sophos Ltd -> Sophos Limited)
Winsock: Catalog9 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [133560 2021-03-23] (Sophos Ltd -> Sophos Limited)
Winsock: Catalog9 19 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [133560 2021-03-23] (Sophos Ltd -> Sophos Limited)
Winsock: Catalog9-x64 01 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [193968 2021-03-23] (Sophos Ltd -> Sophos Limited)
Winsock: Catalog9-x64 02 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [193968 2021-03-23] (Sophos Ltd -> Sophos Limited)
Winsock: Catalog9-x64 03 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [193968 2021-03-23] (Sophos Ltd -> Sophos Limited)
Winsock: Catalog9-x64 04 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [193968 2021-03-23] (Sophos Ltd -> Sophos Limited)
Winsock: Catalog9-x64 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [193968 2021-03-23] (Sophos Ltd -> Sophos Limited)
Winsock: Catalog9-x64 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [193968 2021-03-23] (Sophos Ltd -> Sophos Limited)
Winsock: Catalog9-x64 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [193968 2021-03-23] (Sophos Ltd -> Sophos Limited)
Winsock: Catalog9-x64 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [193968 2021-03-23] (Sophos Ltd -> Sophos Limited)
Winsock: Catalog9-x64 19 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [193968 2021-03-23] (Sophos Ltd -> Sophos Limited)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{99A13926-9087-4A53-B0DC-A406BDE84750}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{9ACEAA39-8621-47BF-9904-C2A301D981F4}: [DhcpNameServer] 172.21.2.100 172.21.2.101
Tcpip\..\Interfaces\{CF2559DB-ECCB-4014-ACEB-8BC32162F1FD}: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF DefaultProfile: gu7j9r2d.default-1558026461877
FF ProfilePath: C:\Users\markovic\AppData\Roaming\Mozilla\Firefox\Profiles\gu7j9r2d.default-1558026461877 [2022-06-11]
FF NetworkProxy: Mozilla\Firefox\Profiles\gu7j9r2d.default-1558026461877 -> type", 4
FF Session Restore: Mozilla\Firefox\Profiles\gu7j9r2d.default-1558026461877 -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\gu7j9r2d.default-1558026461877 -> hxxps://login.gearbest.com; hxxps://www.gearbest.com; hxxps://www.hosco.com; hxxps://www.youtube.com; hxxps://cs67.divokekmeny.cz; hxxps://eune.op.gg; hxxps://cs68.divokekmeny.cz; hxxps://www-domywstylu-pl-01.salesmanagopush.com; hxxps://www.alibaba.com; hxxps://www.facebook.com; hxxps://zpravy.dt24.cz; hxxps://www.plnapenezenka.cz; hxxps://cs69.divokekmeny.cz; hxxps://cs70.divokekmeny.cz; hxxps://www.comfor.cz; hxxps://csp6.divokekmeny.cz; hxxps://vd.kinogo.fr; hxxps://www.divokekmeny.cz; hxxps://www.aliexpress.com; hxxps://www.abelssoft.de; hxxps://www.telenor.rs
FF Extension: (Firefox DevTools ADB Extension) - C:\Users\markovic\AppData\Roaming\Mozilla\Firefox\Profiles\gu7j9r2d.default-1558026461877\Extensions\adb@mozilla.org.xpi [2019-06-20] [UpdateUrl:hxxps://ftp.mozilla.org/pub/labs/devtools/adb-extension/win32/update.json]
FF Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\markovic\AppData\Roaming\Mozilla\Firefox\Profiles\gu7j9r2d.default-1558026461877\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2021-11-30]
FF Extension: (Colorful cubes) - C:\Users\markovic\AppData\Roaming\Mozilla\Firefox\Profiles\gu7j9r2d.default-1558026461877\Extensions\{168c7cf2-8d10-460d-94f3-6482b8602cc2}.xpi [2020-07-31]
FF Extension: (Plná Peněženka Lištička Lite) - C:\Users\markovic\AppData\Roaming\Mozilla\Firefox\Profiles\gu7j9r2d.default-1558026461877\Extensions\{85d8e8cc-273a-4845-a75b-4b44377c703c}.xpi [2021-03-18]
FF Extension: (gray leaf) - C:\Users\markovic\AppData\Roaming\Mozilla\Firefox\Profiles\gu7j9r2d.default-1558026461877\Extensions\{979aae3a-31db-479d-b7d5-95054b5a33ff}.xpi [2020-07-31]
FF Extension: (Northern Lake FT by MaDonna) - C:\Users\markovic\AppData\Roaming\Mozilla\Firefox\Profiles\gu7j9r2d.default-1558026461877\Extensions\{fcebb804-5eb9-43d9-a12a-30f6ca1b9b1b}.xpi [2021-06-16]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2019-07-02] (CANON INC.) [File not signed]
FF Plugin-x32: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2019-04-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2019-04-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2019-04-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)

Opera:
=======
OPR Profile: C:\Users\markovic\AppData\Roaming\Opera Software\Opera Stable [2022-06-11]
OPR DownloadDir: C:\Users\markovic\Downloads
OPR Notifications: Opera Stable -> hxxps://etnodomgorocvet.ucoz.com; hxxps://fr.aliexpress.com; hxxps://h5-global.alimebot.aliexpress.com; hxxps://message.alibaba.com; hxxps://pl.pinterest.com; hxxps://pt.aliexpress.com; hxxps://wp.aliexpress.com; hxxps://www.alibaba.com; hxxps://www.aliexpress.com; hxxps://www.facebook.com; hxxps://www.heureka.cz; hxxps://www.messenger.com; hxxps://www.pakamera.pl; hxxps://www.tvarenasport.com; hxxps://www.wawel.com.pl; hxxps://www.youtube.com
OPR DefaultSuggestURL: Opera Stable -> hxxps://ac.duckduckgo.com/ac/?q={searchTerms}&type=list&t={opera:vpnClient}
OPR Extension: (Rich Hints Agent) - C:\Users\markovic\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-05-10]
OPR Extension: (Opera Crypto Wallet) - C:\Users\markovic\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-06-04]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\markovic\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-12]
OPR Extension: (Alitools - nákupní asistent) - C:\Users\markovic\AppData\Roaming\Opera Software\Opera Stable\Extensions\nkekkheibgkgeepapinkalkongndfajn [2022-03-21]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3054520 2022-04-28] (Microsoft Corporation -> Microsoft Corporation)
S4 clr_optimization_v2.0.50727_64; C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [90776 2014-03-21] (Microsoft Corporation -> Microsoft Corporation)
S2 clr_optimization_v4.0.30319_64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [158912 2019-03-28] (Microsoft Dynamic Code Publisher -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [810928 2021-05-21] (EasyAntiCheat Oy -> Epic Games, Inc)
R2 EPWD; C:\Program Files (x86)\CheckPoint\Endpoint Connect\Watchdog\EPWD.exe [292600 2018-05-17] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [236864 2021-06-03] (Huawei Technologies Co., Ltd. -> ) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [445432 2021-04-19] (Canon Inc. -> )
R2 ktupdaterservice; C:\Program Files (x86)\Kerio\UpdaterService\ktupdaterservice.exe [949248 2015-10-10] (Kerio Technologies Inc.) [File not signed]
S3 mracsvc; C:\windows\System32\mracsvc.exe [21753376 2022-01-25] (Mail.Ru LLC -> LLC Mail.Ru)
R2 O2FLASH; C:\windows\system32\o2flash.exe [244328 2015-01-09] (O2Micro Inc. -> O2Micro International)
R2 OCS Inventory Service; C:\Program Files (x86)\OCS Inventory Agent\OcsService.exe [39424 2014-05-17] (OCS Inventory NG) [File not signed]
R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [308112 2021-07-07] (Sophos Ltd -> Sophos Limited)
R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [216728 2021-07-07] (Sophos Ltd -> Sophos Limited)
S3 SmrtService; C:\ProgramData\SmartGuard\lineage2\smrt3d\release\Data\21a69c6aa89ec79ee3c698946173561aee8e0f72\smrtsvc64.exe [13143752 2021-11-18] (Eikonect Software SL -> )
R2 SntpService; C:\Program Files\Sophos\Sophos Network Threat Protection\SophosNtpService.exe [9517912 2022-01-25] (Sophos Ltd -> Sophos Limited)
R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [808664 2022-01-17] (Sophos Ltd -> Sophos Limited)
R2 Sophos Clean Service; C:\Program Files\Sophos\Clean\SophosCleanM64.exe [1481160 2021-10-01] (Sophos Ltd -> Sophos Limited)
R3 Sophos Device Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sdcservice.exe [622688 2021-07-07] (Sophos Ltd -> Sophos Limited)
R2 Sophos Endpoint Defense Service; C:\Program Files\Sophos\Endpoint Defense\SEDService.exe [3667888 2021-12-13] (Sophos Ltd -> Sophos Limited)
R2 Sophos File Scanner Service; C:\Program Files\Sophos\Sophos File Scanner\SophosFS.exe [1134104 2022-01-17] (Sophos Ltd -> Sophos Limited)
R2 Sophos Health Service; C:\Program Files (x86)\Sophos\Health\SophosHealth.exe [1555024 2021-10-05] (Sophos Ltd -> Sophos Limited)
R2 Sophos MCS Agent; C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsAgent.exe [1290536 2022-01-17] (Sophos Ltd -> Sophos Limited)
R2 Sophos MCS Client; C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsClient.exe [1432600 2022-01-17] (Sophos Ltd -> Sophos Limited)
R2 Sophos Safestore Service; C:\Program Files\Sophos\Safestore\SophosSafestore64.exe [3631336 2021-10-01] (Sophos Ltd -> Sophos Limited)
R2 Sophos System Protection Service; C:\Program Files\Sophos\Endpoint Defense\SSPService.exe [11898424 2021-12-13] (Sophos Ltd -> Sophos Limited)
R2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [351336 2020-09-25] (Sophos Ltd -> Sophos Limited)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2015-01-09] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [3608056 2021-03-23] (Sophos Ltd -> Sophos Limited)
S2 swi_update_64; C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe [2102440 2021-03-23] (Sophos Ltd -> Sophos Limited)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12871464 2021-04-29] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 TracSrvWrapper; C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe [5867256 2018-06-04] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R2 tvnserver; C:\Program Files\TightVNC\tvnserver.exe [1699480 2018-03-01] (GlavSoft LLC -> GlavSoft LLC.)
S2 vmicrdv; C:\windows\System32\ICSvc.dll [539648 2015-02-12] (Microsoft Corporation) [File not signed]
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
S4 SDScannerService; "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" [X]
S4 SDUpdateService; "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 d554gps; C:\windows\system32\drivers\d554gps64.sys [103184 2015-01-09] (Ericsson AB -> Ericsson AB)
S3 ecnssndis; C:\windows\System32\Drivers\wwuss64.sys [26664 2015-01-09] (Ericsson AB -> Ericsson AB)
S3 ecnssndisfltr; C:\windows\System32\Drivers\wwussf64.sys [29736 2015-01-09] (Ericsson AB -> Ericsson AB)
S3 ew_usbccgpfilter; C:\windows\System32\DRIVERS\ew_usbccgpfilter.sys [18944 2021-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 gencounter; C:\windows\System32\DRIVERS\vmgencounter.sys [11264 2015-02-12] (Microsoft Corporation) [File not signed]
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2021-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hyperkbd; C:\windows\System32\DRIVERS\hyperkbd.sys [13824 2015-02-12] (Microsoft Corporation) [File not signed]
S3 Mbm3CBus; C:\windows\system32\drivers\Mbm3CBus.sys [443648 2015-01-09] (MCCI Corporation -> MCCI Corporation)
S3 Mbm3DevMt; C:\windows\system32\drivers\Mbm3DevMt.sys [455936 2015-01-09] (MCCI Corporation -> MCCI Corporation)
S3 mracdrv; C:\windows\System32\drivers\mracdrv1.sys [20986200 2022-01-25] (Mail.Ru LLC -> LLC Mail.Ru)
S3 nwdelgobi3kfilter; C:\windows\system32\drivers\nwdelgobi3kfilter.sys [34304 2015-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Novatel Wireless Inc)
S3 NWDellPort; C:\windows\system32\drivers\nwdelser.sys [227712 2015-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Novatel Wireless Inc.)
S3 NWDellPort2; C:\windows\system32\drivers\nwdelser2.sys [227712 2015-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Novatel Wireless Inc.)
S3 nwdelserial; C:\windows\system32\drivers\nwdelserial.sys [234112 2015-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Novatel Wireless Inc.)
S3 PSKMAD; C:\windows\System32\DRIVERS\PSKMAD.sys [50320 2015-01-29] (Panda Security S.L. -> Panda Security, S.L.)
R1 SAVOnAccess; C:\windows\System32\DRIVERS\savonaccess.sys [216280 2020-06-10] (Sophos Ltd -> Sophos Limited)
R3 sdcfilter; C:\windows\System32\DRIVERS\sdcfilter.sys [38144 2018-10-26] (Sophos Limited -> Sophos Limited)
R1 sntp; C:\windows\system32\DRIVERS\sntp.sys [259088 2021-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Sophos Limited)
R0 Sophos Endpoint Defense; C:\windows\System32\DRIVERS\SophosED.sys [2582568 2021-12-13] (Microsoft Windows Hardware Compatibility Publisher -> Sophos Limited)
S4 SophosBootDriver; C:\windows\System32\DRIVERS\SophosBootDriver.sys [45840 2018-10-26] (Sophos Limited -> Sophos Limited)
R1 sophosntplwf; C:\windows\System32\DRIVERS\sophosntplwf.sys [164872 2021-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Sophos Limited)
S3 ST7007; C:\windows\system32\drivers\ST7007.sys [69896 2015-01-09] (STMicroelectronics -> STMicroelectronics)
R0 stdcfltn; C:\windows\System32\DRIVERS\stdcfltn.sys [22128 2011-07-15] (STMicroelectronics -> ST Microelectronics)
R3 STHDA; C:\windows\System32\DRIVERS\stwrt64.sys [551936 2015-01-09] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S3 swg3knmea05; C:\windows\system32\drivers\swg3knmea05.sys [276720 2015-07-03] (Sierra Wireless, Inc. -> Sierra Wireless Incorporated)
S3 swg3kser05; C:\windows\system32\drivers\swg3kser05.sys [276720 2015-07-03] (Sierra Wireless, Inc. -> Sierra Wireless Incorporated)
S3 swibus05; C:\windows\system32\drivers\swibus05.sys [88848 2015-07-03] (Sierra Wireless -> Sierra Wireless Inc.)
S3 swibusflt05; C:\windows\system32\drivers\swibusflt05.sys [88848 2015-07-03] (Sierra Wireless -> Sierra Wireless Inc.)
R3 vna_ap; C:\windows\System32\DRIVERS\vnaap.sys [165392 2017-08-01] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 xhunter1; \??\C:\windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-06-11 15:27 - 2022-06-11 15:28 - 000000000 ____D C:\Program Files\Trend Micro
2022-06-11 15:27 - 2022-06-11 15:27 - 000000036 _____ C:\Users\markovic\AppData\Local\housecall.guid.cache
2022-06-11 15:14 - 2022-06-11 15:14 - 000454650 _____ C:\Users\markovic\Documents\hosts.txt
2022-06-11 14:57 - 2022-06-11 15:27 - 000000000 ____D C:\FRST
2022-06-11 14:56 - 2022-06-11 14:56 - 002368000 _____ (Farbar) C:\Users\markovic\Downloads\FRST64.exe
2022-06-11 14:13 - 2022-06-11 14:13 - 003711816 _____ (Trend Micro Inc.) C:\Users\markovic\Downloads\HousecallLauncher64.exe
2022-06-11 14:11 - 2022-06-11 14:11 - 000388608 _____ (Trend Micro Inc.) C:\Users\markovic\Downloads\hijackthis.exe
2022-06-11 14:01 - 2022-06-11 14:01 - 007911195 _____ C:\Users\markovic\Documents\Wash&Go report 2022-06-11.pdf
2022-06-11 12:09 - 2022-06-11 12:09 - 000000085 _____ C:\windows\wininit.ini
2022-06-09 14:21 - 2022-06-09 14:21 - 000004328 _____ C:\windows\system32\Tasks\Opera scheduled assistant Autoupdate 1580994261
2022-06-07 14:43 - 2022-06-07 14:43 - 007258654 _____ C:\Users\markovic\Downloads\FlowersFoliage.themepack
2022-06-06 07:33 - 2022-06-06 07:34 - 000344641 _____ C:\Users\markovic\Documents\Fa-2022001.pdf
2022-06-05 22:15 - 2022-06-06 07:33 - 000074240 _____ C:\Users\markovic\Documents\Fa-2022001.xls
2022-06-05 21:59 - 2022-06-05 21:59 - 000088064 _____ C:\Users\markovic\Downloads\Fa-2018004.xls
2022-06-01 07:07 - 2022-06-01 07:07 - 000002183 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2022-06-01 07:07 - 2022-06-01 07:07 - 000002171 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2022-06-01 07:06 - 2022-06-01 07:06 - 000000000 ____D C:\Program Files\Google

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-06-11 15:27 - 2019-12-29 16:35 - 000000000 ____D C:\Program Files (x86)\Google
2022-06-11 14:11 - 2020-03-05 14:48 - 000000000 ____D C:\Users\markovic\AppData\Local\VirtualStore
2022-06-11 14:06 - 2019-06-06 08:10 - 000000000 ____D C:\Users\markovic\Desktop\Hotové
2022-06-11 13:08 - 2019-10-23 17:54 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2022-06-11 13:07 - 2009-07-14 05:20 - 000000000 ____D C:\windows\inf
2022-06-11 12:20 - 2019-05-03 08:18 - 000000000 ____D C:\Users\markovic\Documents\Soubory aplikace Outlook
2022-06-11 12:19 - 2020-12-05 10:25 - 000000000 ____D C:\Program Files (x86)\WashAndGo
2022-06-11 12:11 - 2020-12-01 10:48 - 000000000 ____D C:\ProgramData\Abelssoft
2022-06-11 12:09 - 2022-01-25 19:49 - 000000000 ____D C:\Users\markovic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameCenter
2022-06-11 12:09 - 2019-10-23 17:54 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2022-06-11 09:36 - 2009-07-14 06:45 - 000034240 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2022-06-11 09:36 - 2009-07-14 06:45 - 000034240 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2022-06-11 09:15 - 2019-09-19 09:28 - 000000000 __SHD C:\Users\markovic\IntelGraphicsProfiles
2022-06-11 09:14 - 2020-10-23 18:16 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-06-11 09:14 - 2009-07-14 07:08 - 000000006 ____H C:\windows\Tasks\SA.DAT
2022-06-09 19:20 - 2019-06-25 09:50 - 000000000 ____D C:\Users\markovic\AppData\Roaming\WhatsApp
2022-06-09 18:42 - 2019-06-25 09:50 - 000000000 ____D C:\Users\markovic\AppData\Local\WhatsApp
2022-06-09 14:35 - 2019-04-26 13:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-06-09 14:32 - 2019-04-30 06:30 - 000000000 ____D C:\Program Files\Microsoft Office 15
2022-06-03 13:56 - 2020-03-18 12:31 - 000004084 _____ C:\windows\system32\Tasks\Opera scheduled Autoupdate 1557900633
2022-06-02 17:27 - 2009-07-14 07:08 - 000032590 _____ C:\windows\Tasks\SCHEDLGU.TXT
2022-05-28 22:19 - 2019-05-03 21:59 - 000000000 ____D C:\ProgramData\Riot Games
2022-05-22 20:45 - 2019-05-04 00:23 - 000000000 ____D C:\Users\markovic\Documents\Neša
2022-05-22 13:58 - 2021-05-15 08:57 - 000000000 ____D C:\Users\markovic\Documents\NanoZone

==================== Files in the root of some directories ========

2019-05-13 13:21 - 2019-05-13 13:31 - 000022269 _____ () C:\Users\markovic\AppData\Roaming\Hodnoty oddělené čárkami.ADR
2019-04-30 11:33 - 2019-09-28 09:54 - 000011022 _____ () C:\Users\markovic\AppData\Local\CPREBUILT.pac
2022-06-11 15:27 - 2022-06-11 15:27 - 000000036 _____ () C:\Users\markovic\AppData\Local\housecall.guid.cache
2019-05-14 19:28 - 2019-05-14 19:28 - 000007597 _____ () C:\Users\markovic\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2022-06-08 22:41
==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-06-2022 01
Ran by markovic (11-06-2022 15:54:34)
Running from C:\Users\markovic\AppData\Local\Temp\scoped_dir2272_2029001724
Microsoft Windows 7 Professional Service Pack 1 (X64) (2019-04-26 11:12:43)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3225396077-3917102331-627377444-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-3225396077-3917102331-627377444-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Sophos Anti-Virus (Enabled - Up to date) {F6EF0F75-4CCD-059F-B5E3-F43DFF8ECEEF}
AS: Spybot - Search and Destroy (Disabled - Up to date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
AS: Sophos Anti-Virus (Enabled - Up to date) {4D8EEE91-6AF7-0A11-8F53-CF4F84098452}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 22.001.20117 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.465 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.465 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-001824458876}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Autodesk DWG TrueView 2018 - English (HKLM\...\DWG TrueView 2018 - English) (Version: 22.0.50.0 - Autodesk)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.4.4 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.7.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.20.13 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.4.0 - Canon Inc.)
Canon MG5700 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5700_series) (Version: 1.01 - Canon Inc.)
Canon MG5700 series On-screen Manual (HKLM-x32\...\Canon MG5700 series On-screen Manual) (Version: 7.8.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.4 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
Conqueror`s Blade MY.GAMES (HKU\S-1-5-21-1071798875-1387944877-1996711308-14587\...\Conqueror`s Blade MY.GAMES) (Version: 1.325 - MY.GAMES)
Dell Command | Update (HKLM-x32\...\{EC542D5D-B608-4145-A8F7-749C02BE6D94}) (Version: 2.4.0 - Dell Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1200.101.134 - ALPS ELECTRIC CO., LTD.)
Drakensang Online (HKLM-x32\...\Drakensang Online) (Version: - )
FORM studio (HKLM-x32\...\FSCZ_is1) (Version: - KASTNER software s.r.o.)
Google Earth Pro (HKLM\...\{DE181B35-ACEF-4DB0-86D9-731D5767ABB1}) (Version: 7.3.4.8642 - Google)
GSview and Aladdin Ghostscript (HKLM-x32\...\GSview and Aladdin Ghostscript) (Version: - )
Heroes of Might and Magic 4 Complete (HKLM-x32\...\GOGPACKHOMM4COMPLETE_is1) (Version: 2.0.0.12 - GOG.com)
Heroes of Might And Magic IV: Equilibris (HKLM-x32\...\Equilibris) (Version: - )
HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.550 - Huawei Technologies Co., Ltd.)
HP Dropbox Plugin (HKLM-x32\...\{5EF4704F-DE13-45E8-B92A-EB8BDD61ED47}) (Version: 36.0.175.0 - HP)
HP EmailSMTP Plugin (HKLM-x32\...\{B5E7B43A-B632-4CA8-8761-9D572BB0C377}) (Version: 43.0.175.0 - HP)
HP FTP Plugin (HKLM-x32\...\{F420F4B3-A616-4058-8054-CD4F8AE2F11C}) (Version: 43.0.175.0 - HP)
HP Google Drive Plugin (HKLM-x32\...\{AC78E347-F30A-4B81-873D-841886ADEF7A}) (Version: 36.0.175.0 - HP)
HP Ink Tank Wireless 410 series Nápověda (HKLM-x32\...\{08D8BCBD-7BD2-4EC7-8805-D5A2C24E5E85}) (Version: 44.0.0 - HP)
HP OneDrive Plugin (HKLM-x32\...\{085F8621-800B-4C14-98CC-ABA8AA64BDD2}) (Version: 36.0.175.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP SFTP Plugin (HKLM-x32\...\{6E9B2B7C-1701-4DD3-80F7-B45ECA565DF9}) (Version: 43.0.175.0 - HP)
HP SharePoint Plugin (HKLM-x32\...\{60DFD588-0A30-4FA2-9B00-6210B85268B6}) (Version: 43.0.175.0 - HP)
Check Point VPN (HKLM-x32\...\{CD839662-A4AE-4F23-8B5A-C5BF23EBE9EC}) (Version: 98.60.8010 - Check Point Software Technologies Ltd.)
Intel(R) Computing Improvement Program (HKLM\...\{85B6BF0F-EF1B-4F0F-892D-E68BD798950C}) (Version: 2.4.04669 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.5059 - Intel Corporation)
IrfanView (uninstall) (HKLM\...\IrfanView) (Version: - )
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.41 - Irfan Skiljan)
Java 7 Update 80 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217080FF}) (Version: 7.0.800 - Oracle)
Kerio Outlook Connector (Offline Edition) (HKLM-x32\...\{ABC4F4E7-E529-4A86-B176-1D06E58B7954}) (Version: 8.5.5082 - Kerio Technologies Inc.)
Kerio Updater Service (HKLM-x32\...\{C8DF962D-5B48-4952-9AF5-EEEF68773AB3}) (Version: 1.2.65324 - Kerio Technologies, Inc.)
K-Lite Mega Codec Pack 6.3.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 6.3.0 - )
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
League of Legends (HKU\S-1-5-21-1071798875-1387944877-1996711308-14587\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Microsoft .NET Framework 4.8 (CSY) (HKLM\...\{39DC4515-B8C1-3AD9-AA88-D7C8A333612F}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{16735AF7-1D8D-3681-94A5-C578A61EC832}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Office 2013 alatke za proveru - srpski (HKLM\...\{90150000-001F-081A-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office 2013 alatke za proveru - srpski (HKLM-x32\...\{90150000-001F-081A-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office 2013 pro podnikatele - cs-cz (HKLM\...\HomeBusinessRetail - cs-cz) (Version: 15.0.5449.1000 - Microsoft Corporation)
Microsoft Office Proofing Tools 2013 - hrvatski (HKLM\...\{90150000-001F-041A-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Proofing Tools 2013 - hrvatski (HKLM-x32\...\{90150000-001F-041A-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1071798875-1387944877-1996711308-14587\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1071798875-1387944877-1996711308-14587\...\Teams) (Version: 1.4.00.13073 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.28.29334 (HKLM\...\{2E11EF4E-901F-4B2D-B68E-3DB2A566C857}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.28.29334 (HKLM\...\{8A3F7D5B-422D-49D9-84F7-8DC1B7782967}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29334 (HKLM-x32\...\{14C49FC8-3E9B-4F29-8526-26629B5CF30B}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29334 (HKLM-x32\...\{0D01A812-82A1-481F-8546-8E28E976F8DF}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Mozilla Firefox (x86 cs) (HKLM-x32\...\Mozilla Firefox 93.0 (x86 cs)) (Version: 93.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 61.0 - Mozilla)
OCS Inventory NG Agent 2.1.1.1 (HKLM-x32\...\OCS Inventory NG Agent) (Version: 2.1.1.1 - OCS Inventory NG Team)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5449.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5449.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0405-0000-0000000FF1CE}) (Version: 15.0.5449.1000 - Microsoft Corporation) Hidden
Opera Stable 87.0.4390.45 (HKU\S-1-5-21-1071798875-1387944877-1996711308-14587\...\Opera 87.0.4390.45) (Version: 87.0.4390.45 - Opera Software)
Panda Cloud Cleaner (HKLM-x32\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.1.10 - Panda Security)
PCAM (HKLM-x32\...\{EF47014E-F119-4C45-9E2B-2B0ED0DA534C}) (Version: 1.0.14 - VITS)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 3.4.1 - pdfforge GmbH)
Polarr (HKU\S-1-5-21-1071798875-1387944877-1996711308-14587\...\Polarr) (Version: 4.0.6 - Polarr, Inc.)
Registrace uživatele zařízení Canon MG5700 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG5700 series) (Version: - ‭Canon Inc.)
SafeQ Client (HKLM-x32\...\{FE390EE1-41F4-4CF4-AE63-DC22EFECA5C1}) (Version: 1.26 - Y Soft)
Skype verze 8.73 (HKLM-x32\...\Skype_is1) (Version: 8.73 - Skype Technologies S.A.)
SmartGuard Anti-Cheat (HKLM\...\SmartGuardAntiCheat) (Version: - )
Sophos Anti-Virus (HKLM-x32\...\{5C28F8A0-4BCB-4267-A869-2D589DF264F1}) (Version: 10.8.11.41 - Sophos Limited) Hidden
Sophos AutoUpdate XG (HKLM-x32\...\{608FB9D9-77C2-4CA6-AB53-4F50900BD9E0}) (Version: 6.12.86 - Sophos Limited) Hidden
Sophos Clean (HKLM\...\Sophos Clean) (Version: 3.9.14.1 - Sophos Limited) Hidden
Sophos Diagnostic Utility (HKLM-x32\...\{8078549C-CFF0-48C5-9B77-6BA48A14673D}) (Version: 6.11.234 - Sophos Limited) Hidden
Sophos Endpoint Agent (HKLM\...\{8D7BB12C-6854-46DF-A67D-F82D778D75C8}) (Version: 2.4.230.0 - Sophos Limited) Hidden
Sophos Endpoint Agent (HKLM\...\Sophos Endpoint Agent) (Version: 2.20.11 - Sophos Limited)
Sophos Endpoint Defense (HKLM\...\Sophos Endpoint Defense) (Version: 3.0.1.878 - Sophos Limited) Hidden
Sophos Endpoint Firewall (HKLM\...\{2831282D-8519-4910-B339-2302840ABEF3}) (Version: 2.0.20.0 - Sophos Limited) Hidden
Sophos Endpoint Self Help (HKLM\...\{4EFCDD15-24A2-4D89-84A4-857D1BF68FA8}) (Version: 3.1.88.0 - Sophos Limited) Hidden
Sophos File Scanner (HKLM\...\{CD39E739-F480-4AC4-B0C9-68CA731D8AC6}) (Version: 1.9.16.3 - Sophos Limited) Hidden
Sophos Health (HKLM-x32\...\{5E8436D5-3688-4007-94C7-55D017275F89}) (Version: 2.8.130.0 - Sophos Limited) Hidden
Sophos Management Communications System (HKLM-x32\...\{2C14E1A2-C4EB-466E-8374-81286D723D3A}) (Version: 4.15.79.0 - Sophos Limited) Hidden
Sophos Network Threat Protection (HKLM\...\{2D2A1891-4657-4E6F-9373-BFCE4C9AC5BA}) (Version: 1.15.835.0 - Sophos Limited) Hidden
Sophos Standalone Engine (HKLM\...\Sophos Standalone Engine) (Version: 1.8.8.1 - Sophos Limited) Hidden
Studie vylepšování produktu HP Ink Tank Wireless 410 series (HKLM\...\{CF0E89FE-5BA0-4BD4-BA89-7F0CEE62880F}) (Version: 45.3.2597.18208 - HP Inc.)
TeamSpeak 3 Client (HKU\S-1-5-21-1071798875-1387944877-1996711308-14587\...\TeamSpeak 3 Client) (Version: 3.3.0 - TeamSpeak Systems GmbH)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.17.7 - TeamViewer)
TERA Online (HKU\S-1-5-21-1071798875-1387944877-1996711308-14587\...\EME_GAME_tera) (Version: - Krafton)
TightVNC (HKLM\...\{B7458EC3-2AA0-4DB4-8FC4-FBB73CC44948}) (Version: 2.8.11.0 - GlavSoft LLC.)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 9.0a - Ghisler Software GmbH)
Viber (HKLM-x32\...\{0B854A2D-3F1C-4AA4-8DEB-1DC843783B74}) (Version: 16.1.0.0 - Viber Media S.a.r.l) Hidden
Viber (HKU\S-1-5-21-1071798875-1387944877-1996711308-14587\...\{4f406dac-1693-4d09-82a3-0e1672bb0743}) (Version: 16.1.0.0 - 2010-2021 Viber Media S.a.r.l)
WashAndGo (HKLM-x32\...\AbAppId-53_is1) (Version: 23.09 - Abelssoft)
WhatsApp (HKU\S-1-5-21-1071798875-1387944877-1996711308-14587\...\WhatsApp) (Version: 2.2218.8 - WhatsApp)
Základní software zařízení HP Ink Tank Wireless 410 series (HKLM\...\{36DA5F84-8F50-4B12-A19B-7C66C1F7B040}) (Version: 45.3.2597.18208 - HP Inc.)
Zoom (HKU\S-1-5-21-1071798875-1387944877-1996711308-14587\...\ZoomUMX) (Version: 5.7.1 (543) - Zoom Video Communications, Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1071798875-1387944877-1996711308-14587_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\markovic\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21063.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1071798875-1387944877-1996711308-14587_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2018 - English\en-US\dwgviewrficn.dll (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1071798875-1387944877-1996711308-14587_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\windows\system32\igfxEM.exe (Intel Corporation -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1071798875-1387944877-1996711308-14587_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\markovic\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1071798875-1387944877-1996711308-14587_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2018 - English\dwgviewr.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1071798875-1387944877-1996711308-14587_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\markovic\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1071798875-1387944877-1996711308-14587_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\markovic\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1071798875-1387944877-1996711308-14587_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\markovic\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1071798875-1387944877-1996711308-14587_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\markovic\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\windows\system32\AcSignIcon.dll [2017-02-15] (Autodesk, Inc -> Autodesk, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2017-02-15] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1: [SavShellExt] -> {A3A1D8A1-006D-4B93-BA27-6F6B4C9C4F1D} => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavShellExtX64.dll [2021-07-07] (Sophos Ltd -> Sophos Limited)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers1: [SophosUIShellExt] -> {2F08133C-3011-427C-8F50-2914253782B1} => C:\Program Files\Sophos\Sophos UI\SophosUIShellExt.dll [2021-11-08] (Sophos Ltd -> Sophos Limited)
ContextMenuHandlers2: [SavShellExt] -> {A3A1D8A1-006D-4B93-BA27-6F6B4C9C4F1D} => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavShellExtX64.dll [2021-07-07] (Sophos Ltd -> Sophos Limited)
ContextMenuHandlers2: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers2: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers2: [SophosUIShellExt] -> {2F08133C-3011-427C-8F50-2914253782B1} => C:\Program Files\Sophos\Sophos UI\SophosUIShellExt.dll [2021-11-08] (Sophos Ltd -> Sophos Limited)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [SavShellExt] -> {A3A1D8A1-006D-4B93-BA27-6F6B4C9C4F1D} => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavShellExtX64.dll [2021-07-07] (Sophos Ltd -> Sophos Limited)
ContextMenuHandlers4: [SophosUIShellExt] -> {2F08133C-3011-427C-8F50-2914253782B1} => C:\Program Files\Sophos\Sophos UI\SophosUIShellExt.dll [2021-11-08] (Sophos Ltd -> Sophos Limited)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\windows\system32\igfxDTCM.dll [2018-09-24] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [SavShellExt] -> {A3A1D8A1-006D-4B93-BA27-6F6B4C9C4F1D} => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavShellExtX64.dll [2021-07-07] (Sophos Ltd -> Sophos Limited)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers6: [SophosUIShellExt] -> {2F08133C-3011-427C-8F50-2914253782B1} => C:\Program Files\Sophos\Sophos UI\SophosUIShellExt.dll [2021-11-08] (Sophos Ltd -> Sophos Limited)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [msacm.l3fhg] => C:\Windows\SysWOW64\mp3fhg.acm [232448 2006-10-18] (Fraunhofer Institut Integrierte Schaltungen IIS) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [134144 2010-06-08] () [File not signed]
HKLM\...\Drivers32: [VIDC.YV12] => C:\Windows\SysWOW64\yv12vfw.dll [217088 2004-01-25] (www.helixcommunity.org) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [151552 2010-01-17] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [108032 2010-08-12] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) =============

2013-03-06 17:51 - 2013-03-06 17:51 - 000067584 _____ () [File not signed] [File is in use] C:\Program Files (x86)\OCS Inventory Agent\zlib1.dll
2015-10-10 12:32 - 2015-10-10 12:32 - 000086016 _____ () [File not signed] C:\Program Files (x86)\Kerio\UpdaterService\ktzlib100_1.2.3.dll
2012-02-15 15:35 - 2012-02-15 15:35 - 000015360 _____ () [File not signed] C:\windows\System32\KOAZCA_L.DLL
2018-06-29 13:11 - 2012-02-15 15:35 - 000679936 _____ () [File not signed] C:\windows\System32\SafeQCairoLib64.dll
2018-06-29 13:11 - 2012-02-15 15:35 - 004003840 _____ () [File not signed] C:\windows\System32\SAFEQVS64.DLL
2022-06-11 12:02 - 2022-06-11 12:02 - 000006144 ____N () [File not signed] C:\windows\TEMP\is-M7EFF.tmp\_isetup\_setup64.tmp
2022-06-11 12:02 - 2020-02-03 12:09 - 000347667 ____N () [File not signed] C:\windows\TEMP\is-M7EFF.tmp\inno-imgconvert.dll
2021-10-25 10:00 - 2015-03-17 08:51 - 000375296 _____ (CANON INC.) [File not signed] C:\windows\System32\CNMN6PPM.DLL
2018-06-29 12:18 - 2019-02-21 18:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2018-06-29 13:12 - 2012-02-15 15:35 - 000041984 _____ (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) [File not signed] C:\windows\system32\spool\PRTPROCS\x64\KOAZCA_P.DLL
2022-06-11 12:02 - 2016-04-17 18:16 - 000237568 ____N (Mitrich Software) [File not signed] C:\windows\TEMP\is-M7EFF.tmp\idp.dll
2014-05-17 00:22 - 2014-05-17 00:22 - 000288768 _____ (OCS Inventory NG) [File not signed] [File is in use] C:\Program Files (x86)\OCS Inventory Agent\OCSInventory Front.dll
2014-05-17 00:22 - 2014-05-17 00:22 - 000037376 _____ (OCS Inventory NG) [File not signed] [File is in use] C:\Program Files (x86)\OCS Inventory Agent\OcsWmi.dll
2014-05-17 00:22 - 2014-05-17 00:22 - 000636928 _____ (OCS Inventory NG) [File not signed] [File is in use] C:\Program Files (x86)\OCS Inventory Agent\SysInfo.dll
2019-04-18 12:58 - 2019-04-18 12:58 - 000116736 _____ (pdfforge GmbH) [File not signed] C:\windows\System32\pdfcmon.dll
2013-03-06 17:54 - 2013-03-06 17:54 - 001097216 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] [File is in use] C:\Program Files (x86)\OCS Inventory Agent\LIBEAY32.dll
2015-10-10 12:32 - 2015-10-10 12:32 - 001178112 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Kerio\UpdaterService\KTLIBEAY100_1.0.1m.DLL
2015-10-10 12:32 - 2015-10-10 12:32 - 000273920 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Kerio\UpdaterService\KTSSLEAY100_1.0.1m.DLL
2022-06-11 15:28 - 2022-01-24 13:03 - 000318464 _____ (Trend Micro Inc.) [File not signed] C:\Program Files\Trend Micro\HouseCall\plugin\downloader.plugin.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\markovic\Data aplikací:6699d3ee8dd9cf775caae782c8f44f03 [394]
AlternateDataStreams: C:\Users\markovic\AppData\Roaming:6699d3ee8dd9cf775caae782c8f44f03 [394]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAVService => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SntpService => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Sophos File Scanner Service => ""="service"

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-1071798875-1387944877-1996711308-14587\Software\Classes\.scr: DWGTrueViewScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer (Version 11) (Whitelisted) ==========

HKU\S-1-5-21-1071798875-1387944877-1996711308-14587\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://intra.vitkovice.cz/
HKU\S-1-5-21-1071798875-1387944877-1996711308-14587\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.cz/
HKU\S-1-5-21-3225396077-3917102331-627377444-500\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2022-04-29] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2022-03-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2019-04-30] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2022-04-25] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2019-04-30] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
IE Session Restore: HKU\S-1-5-21-1071798875-1387944877-1996711308-14587 -> is enabled.
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2019-05-03] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7942 more sites.

IE restricted site: HKU\S-1-5-21-1071798875-1387944877-1996711308-14587\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1071798875-1387944877-1996711308-14587\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1071798875-1387944877-1996711308-14587\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1071798875-1387944877-1996711308-14587\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1071798875-1387944877-1996711308-14587\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1071798875-1387944877-1996711308-14587\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1071798875-1387944877-1996711308-14587\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1071798875-1387944877-1996711308-14587\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1071798875-1387944877-1996711308-14587\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1071798875-1387944877-1996711308-14587\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1071798875-1387944877-1996711308-14587\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1071798875-1387944877-1996711308-14587\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1071798875-1387944877-1996711308-14587\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1071798875-1387944877-1996711308-14587\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1071798875-1387944877-1996711308-14587\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1071798875-1387944877-1996711308-14587\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1071798875-1387944877-1996711308-14587\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1071798875-1387944877-1996711308-14587\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1071798875-1387944877-1996711308-14587\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1071798875-1387944877-1996711308-14587\...\123simsen.com -> www.123simsen.com

There are 7942 more sites.

IE restricted site: HKU\S-1-5-21-3225396077-3917102331-627377444-500\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3225396077-3917102331-627377444-500\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3225396077-3917102331-627377444-500\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3225396077-3917102331-627377444-500\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3225396077-3917102331-627377444-500\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3225396077-3917102331-627377444-500\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3225396077-3917102331-627377444-500\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3225396077-3917102331-627377444-500\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3225396077-3917102331-627377444-500\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3225396077-3917102331-627377444-500\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3225396077-3917102331-627377444-500\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3225396077-3917102331-627377444-500\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3225396077-3917102331-627377444-500\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3225396077-3917102331-627377444-500\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3225396077-3917102331-627377444-500\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3225396077-3917102331-627377444-500\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3225396077-3917102331-627377444-500\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3225396077-3917102331-627377444-500\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3225396077-3917102331-627377444-500\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3225396077-3917102331-627377444-500\...\123simsen.com -> www.123simsen.com

There are 7942 more sites.


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2022-06-11 12:02 - 000454708 ____R C:\windows\system32\drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com

There are 15607 more lines.


==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Kerio\Outlook Connector (Offline Edition)\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\HP\Common\HPDestPlgIn\
HKU\S-1-5-21-1071798875-1387944877-1996711308-14587\Control Panel\Desktop\\Wallpaper -> C:\Users\markovic\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3225396077-3917102331-627377444-500\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\startupreg: Apoint => C:\Program Files\DellTPad\Apoint.exe
MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
MSCONFIG\startupreg: Check Point VPN => "C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGui.exe"
MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
MSCONFIG\startupreg: HotKeysCmds => C:\windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\windows\system32\igfxtray.exe
MSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
MSCONFIG\startupreg: Persistence => C:\windows\system32\igfxpers.exe
MSCONFIG\startupreg: SafeQ Client => "C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe"
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: Skype for Desktop => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
MSCONFIG\startupreg: Steam => "E:\Steam\steam.exe" -silent

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) C:\windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) C:\windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{751C6E4E-9A9F-4A65-A403-E68A8D152308}] => (Allow) C:\Program Files\TightVNC\tvnserver.exe (GlavSoft LLC -> GlavSoft LLC.)
FirewallRules: [{DF8B7582-5057-4F42-89BE-93B65926E236}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{54782271-7603-48D2-9C75-E0401ED6DD6B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5312C9DE-16C4-4F3E-9B5D-95D56BA9C77D}] => (Allow) C:\Users\markovic\AppData\Local\VITS\PCAM\PCAM.exe () [File not signed]
FirewallRules: [{FF1E3F0C-085A-455B-B551-A035364D809C}] => (Allow) C:\Users\markovic\AppData\Local\VITS\PCAM\PCAM.exe () [File not signed]
FirewallRules: [{1EBF92C6-032D-41FA-8D9C-179285EFF17A}] => (Allow) C:\Users\markovic\AppData\Local\VITS\PCAM\get_app.exe () [File not signed]
FirewallRules: [{6626F67F-D701-46E9-95C1-762CFA365E24}] => (Allow) C:\Users\markovic\AppData\Local\VITS\PCAM\get_app.exe () [File not signed]
FirewallRules: [{CB3FC48E-43B5-4C4E-8480-AF0A3F07D15D}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{231D7631-E400-4532-BF7F-32EA93A7509C}] => (Allow) C:\Users\markovic\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{C36656D2-E44A-40B0-BC78-B6C2B76E332D}C:\program files (x86)\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre7\bin\jp2launcher.exe (Oracle America, Inc. -> Oracle Corporation)
FirewallRules: [UDP Query User{79086173-5BEC-4715-A862-40191AD88C38}C:\program files (x86)\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre7\bin\jp2launcher.exe (Oracle America, Inc. -> Oracle Corporation)
FirewallRules: [{5B5227C7-A879-4ABB-A0D9-BE14834BB4DC}] => (Allow) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGUI.exe => No File
FirewallRules: [{4C214397-41FB-473C-9C95-29777CD982A2}] => (Allow) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
FirewallRules: [{F4CA1CB6-91A7-41E3-9C0B-425B4197CD5C}] => (Allow) E:\LoL\LeagueClient.exe => No File
FirewallRules: [{2F850DA3-8683-4AD6-8FA1-269832C8AC51}] => (Allow) E:\LoL\LeagueClient.exe => No File
FirewallRules: [TCP Query User{3BC6CAC9-C052-4FC2-8C57-6B2B59B3EC96}E:\lol\rads\projects\league_client\releases\0.0.0.199\deploy\leagueclient.exe] => (Allow) E:\lol\rads\projects\league_client\releases\0.0.0.199\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{919D335B-5CCE-4B37-963B-6C3A73685D3B}E:\lol\rads\projects\league_client\releases\0.0.0.199\deploy\leagueclient.exe] => (Allow) E:\lol\rads\projects\league_client\releases\0.0.0.199\deploy\leagueclient.exe => No File
FirewallRules: [{E0F4F243-E98B-4209-AFFE-A18F7A23B261}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B456B7A7-162E-4697-853F-18855CC5126C}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{2F5BBF48-984A-4D59-BFCC-C8A64E328F16}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{F8E49858-2CD6-461A-931F-0EE5C39BB40B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{E262C87F-78A3-46EB-BCD8-18D438702E36}E:\lol\game\league of legends.exe] => (Block) E:\lol\game\league of legends.exe => No File
FirewallRules: [UDP Query User{67D52B11-9CAA-4236-AEFA-D92310E539C3}E:\lol\game\league of legends.exe] => (Block) E:\lol\game\league of legends.exe => No File
FirewallRules: [{3CEF5EA4-CFC6-4862-849A-E95B695D75F9}] => (Allow) E:\Steam\Steam.exe => No File
FirewallRules: [{6189D15F-253F-4507-A173-9435247BE99C}] => (Allow) E:\Steam\Steam.exe => No File
FirewallRules: [{A81AF129-6594-46A1-B21B-65492726DCE3}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{DFC24A49-47BE-4124-B575-BA2AC6F1018D}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{2BACCADD-CBFE-4A6C-A8E1-2765B70E4B36}] => (Allow) E:\Steam\BIN\CEF\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{A5818C2D-C45B-45AA-84A6-1DDE9423DBFD}] => (Allow) E:\Steam\BIN\CEF\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{EF7D24A1-7926-474C-9800-F7981222F055}E:\lol\game\league of legends.exe] => (Allow) E:\lol\game\league of legends.exe => No File
FirewallRules: [UDP Query User{524CFB54-7FA3-4B22-9C3D-FAE73475FBA0}E:\lol\game\league of legends.exe] => (Allow) E:\lol\game\league of legends.exe => No File
FirewallRules: [{5217B65B-0592-4C0E-8366-38C35D76B149}] => (Allow) E:\Steam\steamapps\common\Black Desert Online\Black Desert Online Steam Launcher.exe => No File
FirewallRules: [{F22FE383-E1BB-4DB4-8A85-5A09242C7402}] => (Allow) E:\Steam\steamapps\common\Black Desert Online\Black Desert Online Steam Launcher.exe => No File
FirewallRules: [TCP Query User{90197B6B-2E67-4BA3-8BA3-2C26ADA9DB72}C:2\lol\game\league of legends.exe] => (Allow) C:2\lol\game\league of legends.exe => No File
FirewallRules: [UDP Query User{DF649134-74F4-4001-A5E6-52E4DF501B42}C:2\lol\game\league of legends.exe] => (Allow) C:2\lol\game\league of legends.exe => No File
FirewallRules: [TCP Query User{9E982EB7-CC3F-4C4C-91D9-6D1D7B4D08A9}C:3\lol\game\league of legends.exe] => (Allow) C:3\lol\game\league of legends.exe => No File
FirewallRules: [UDP Query User{C7BAF59A-5E96-47C4-A3AC-F464B36D5036}C:3\lol\game\league of legends.exe] => (Allow) C:3\lol\game\league of legends.exe => No File
FirewallRules: [TCP Query User{7A4F2BD6-F4B1-4501-8F69-01AE52685D0A}C:7\lol\game\league of legends.exe] => (Allow) C:7\lol\game\league of legends.exe => No File
FirewallRules: [UDP Query User{89E143CA-83BE-456F-861A-3BE94A0D2A59}C:7\lol\game\league of legends.exe] => (Allow) C:7\lol\game\league of legends.exe => No File
FirewallRules: [{B2446D46-A631-43EB-B31A-987BC7F8B54C}] => (Allow) C:\Users\markovic\AppData\Local\Programs\Opera\66.0.3515.103\opera.exe => No File
FirewallRules: [{EA16440D-9C42-42C7-B2B1-AF252BC36770}] => (Allow) E:\Steam\steamapps\common\MyLands\ClientAir.exe => No File
FirewallRules: [{B766E448-94A2-4330-84B7-562B1B552EB4}] => (Allow) E:\Steam\steamapps\common\MyLands\ClientAir.exe => No File
FirewallRules: [{4FBACB6A-D5A1-439D-845B-BEC4296B25B1}] => (Allow) E:\Steam\steamapps\common\ONE TOWER\One Tower.exe => No File
FirewallRules: [{29828508-1F82-46E4-8E5F-B6F8E60D843F}] => (Allow) E:\Steam\steamapps\common\ONE TOWER\One Tower.exe => No File
FirewallRules: [TCP Query User{F15A4556-860F-44BF-8B9F-EA3D4EEFCA6C}C:\users\markovic\appdata\local\programs\opera\66.0.3515.115\opera.exe] => (Block) C:\users\markovic\appdata\local\programs\opera\66.0.3515.115\opera.exe => No File
FirewallRules: [UDP Query User{F563C010-2EE5-49B1-A9E1-E08FC0773B67}C:\users\markovic\appdata\local\programs\opera\66.0.3515.115\opera.exe] => (Block) C:\users\markovic\appdata\local\programs\opera\66.0.3515.115\opera.exe => No File
FirewallRules: [TCP Query User{68794B2C-9353-4A6C-9361-F189537264E0}C:\users\markovic\appdata\local\programs\opera\66.0.3515.115\opera.exe] => (Allow) C:\users\markovic\appdata\local\programs\opera\66.0.3515.115\opera.exe => No File
FirewallRules: [UDP Query User{FCEDAF19-8A32-4632-86B2-EE304C4D0298}C:\users\markovic\appdata\local\programs\opera\66.0.3515.115\opera.exe] => (Allow) C:\users\markovic\appdata\local\programs\opera\66.0.3515.115\opera.exe => No File
FirewallRules: [TCP Query User{B31C0517-B7B2-49F3-8EDF-100857DFF021}C:\users\markovic\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\markovic\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [UDP Query User{48C10C1E-5D74-417D-913B-F195DDC00E2C}C:\users\markovic\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\markovic\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [TCP Query User{664E853B-C8AB-40DE-95AD-498364C5C041}C:\users\markovic\appdata\local\programs\opera\67.0.3575.115\opera.exe] => (Allow) C:\users\markovic\appdata\local\programs\opera\67.0.3575.115\opera.exe => No File
FirewallRules: [UDP Query User{FBC3115E-C3AA-421A-993B-BC401BE815F1}C:\users\markovic\appdata\local\programs\opera\67.0.3575.115\opera.exe] => (Allow) C:\users\markovic\appdata\local\programs\opera\67.0.3575.115\opera.exe => No File
FirewallRules: [TCP Query User{39E5BF0C-7599-42E1-80E4-7A4D53BFA939}C:\users\markovic\documents\relax\utorrent.exe] => (Allow) C:\users\markovic\documents\relax\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{34B5FE1D-8280-4974-B8FC-CEA47C7A59F1}C:\users\markovic\documents\relax\utorrent.exe] => (Allow) C:\users\markovic\documents\relax\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{0724F483-6081-4A41-856A-FCAC1024CB75}] => (Allow) C:\Users\markovic\Desktop\steam.exe => No File
FirewallRules: [{E0AD8F9A-D8B2-4AE0-A200-867D2B18192C}] => (Allow) C:\Users\markovic\Desktop\steam.exe => No File
FirewallRules: [{57141687-E576-4B9F-AC7E-8CBB37FB60B3}] => (Allow) C:\Users\markovic\Desktop\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{58557F6C-D562-4AFC-BC69-7E66FDE71F91}] => (Allow) C:\Users\markovic\Desktop\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{D4BCEF4F-B1A8-4E91-AA55-6F875690F1E3}F:\steam\steam.exe] => (Allow) F:\steam\steam.exe => No File
FirewallRules: [UDP Query User{228B0B2B-9FBB-4BA8-9ECC-4D1DB6533496}F:\steam\steam.exe] => (Allow) F:\steam\steam.exe => No File
FirewallRules: [{576E7110-4DB0-40C2-A385-ECB9B557FFB4}] => (Allow) F:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{8643D51E-1DC8-4938-8241-08DED87D2B6F}] => (Allow) F:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{3F4C9BB2-9F91-4F17-83BA-FC25154185E0}] => (Allow) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{57770489-008F-4B83-BF2B-D301CCB7194B}] => (Allow) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{6969ECC8-A443-4B30-8BAE-0CAD54F98A17}] => (Allow) F:\Steam\steamapps\common\Driftland The Magic Revival\Driftland.exe => No File
FirewallRules: [{510FECED-8507-4A21-A5A9-18AB700A70C1}] => (Allow) F:\Steam\steamapps\common\Driftland The Magic Revival\Driftland.exe => No File
FirewallRules: [TCP Query User{EE441C0C-148F-4BDF-9B95-6A1F7002DC47}C:\users\markovic\appdata\local\programs\opera\72.0.3815.320\opera.exe] => (Allow) C:\users\markovic\appdata\local\programs\opera\72.0.3815.320\opera.exe => No File
FirewallRules: [UDP Query User{77C30FE3-31EE-4A7F-9382-12097E356B40}C:\users\markovic\appdata\local\programs\opera\72.0.3815.320\opera.exe] => (Allow) C:\users\markovic\appdata\local\programs\opera\72.0.3815.320\opera.exe => No File
FirewallRules: [TCP Query User{8584726E-D559-443F-A771-6F7544688F8F}C:\users\markovic\appdata\local\programs\opera\73.0.3856.284\opera.exe] => (Allow) C:\users\markovic\appdata\local\programs\opera\73.0.3856.284\opera.exe => No File
FirewallRules: [UDP Query User{2B6E4F83-5F20-4A60-BC32-467094E21F35}C:\users\markovic\appdata\local\programs\opera\73.0.3856.284\opera.exe] => (Allow) C:\users\markovic\appdata\local\programs\opera\73.0.3856.284\opera.exe => No File
FirewallRules: [TCP Query User{57FF24B5-2CC0-4F09-AA35-D474015D0977}C:\users\markovic\appdata\local\programs\opera\73.0.3856.329\opera.exe] => (Allow) C:\users\markovic\appdata\local\programs\opera\73.0.3856.329\opera.exe => No File
FirewallRules: [UDP Query User{8F5E6622-B74D-4C78-981E-13C908517E46}C:\users\markovic\appdata\local\programs\opera\73.0.3856.329\opera.exe] => (Allow) C:\users\markovic\appdata\local\programs\opera\73.0.3856.329\opera.exe => No File
FirewallRules: [TCP Query User{B977719D-96CD-4D3E-9B68-2758D2EEC020}C:\users\markovic\appdata\local\programs\opera\73.0.3856.344\opera.exe] => (Block) C:\users\markovic\appdata\local\programs\opera\73.0.3856.344\opera.exe => No File
FirewallRules: [UDP Query User{6A4A317E-112F-4614-9FAF-33DCB8F4582B}C:\users\markovic\appdata\local\programs\opera\73.0.3856.344\opera.exe] => (Block) C:\users\markovic\appdata\local\programs\opera\73.0.3856.344\opera.exe => No File
FirewallRules: [TCP Query User{FBBAEC6E-8464-41DF-8BFC-E40EC11B3464}C:\users\markovic\appdata\local\programs\opera\74.0.3911.107\opera.exe] => (Block) C:\users\markovic\appdata\local\programs\opera\74.0.3911.107\opera.exe => No File
FirewallRules: [UDP Query User{A9A15732-32B0-4160-A236-8E9CA10B5FB7}C:\users\markovic\appdata\local\programs\opera\74.0.3911.107\opera.exe] => (Block) C:\users\markovic\appdata\local\programs\opera\74.0.3911.107\opera.exe => No File
FirewallRules: [TCP Query User{6382900E-0F83-4579-85F0-905F3A1DA0F4}C:\users\markovic\appdata\local\programs\opera\74.0.3911.160\opera.exe] => (Allow) C:\users\markovic\appdata\local\programs\opera\74.0.3911.160\opera.exe => No File
FirewallRules: [UDP Query User{2BD840F3-2568-47B2-B693-1092B657D8F2}C:\users\markovic\appdata\local\programs\opera\74.0.3911.160\opera.exe] => (Allow) C:\users\markovic\appdata\local\programs\opera\74.0.3911.160\opera.exe => No File
FirewallRules: [TCP Query User{958B8309-7D47-4452-A89E-94251B25DF67}C:\users\markovic\appdata\local\programs\opera\74.0.3911.203\opera.exe] => (Block) C:\users\markovic\appdata\local\programs\opera\74.0.3911.203\opera.exe => No File
FirewallRules: [UDP Query User{373492FC-29F8-4E67-AA06-81C1F1CC32E7}C:\users\markovic\appdata\local\programs\opera\74.0.3911.203\opera.exe] => (Block) C:\users\markovic\appdata\local\programs\opera\74.0.3911.203\opera.exe => No File
FirewallRules: [TCP Query User{D7FBB6A5-1AEB-42E8-9E48-32EC2ED438BD}C:\users\markovic\appdata\local\programs\opera\74.0.3911.218\opera.exe] => (Allow) C:\users\markovic\appdata\local\programs\opera\74.0.3911.218\opera.exe => No File
FirewallRules: [UDP Query User{1E5B1DF2-5FBF-4D49-A1DE-9BEC9A4B371C}C:\users\markovic\appdata\local\programs\opera\74.0.3911.218\opera.exe] => (Allow) C:\users\markovic\appdata\local\programs\opera\74.0.3911.218\opera.exe => No File
FirewallRules: [{20EBC92F-07B8-48C7-916B-4F314AFFCCF3}] => (Allow) E:\Steam\steamapps\common\Driftland The Magic Revival\Driftland.exe => No File
FirewallRules: [{A347C11C-7105-427A-BE84-2D76A2FC0168}] => (Allow) E:\Steam\steamapps\common\Driftland The Magic Revival\Driftland.exe => No File
FirewallRules: [TCP Query User{51D2FBDE-3D5B-44F7-8E0B-52D1D52EBA19}C:\users\markovic\appdata\local\programs\opera\74.0.3911.232\opera.exe] => (Block) C:\users\markovic\appdata\local\programs\opera\74.0.3911.232\opera.exe => No File
FirewallRules: [UDP Query User{43299FBA-01B0-4C4C-A262-8A9AC597F54B}C:\users\markovic\appdata\local\programs\opera\74.0.3911.232\opera.exe] => (Block) C:\users\markovic\appdata\local\programs\opera\74.0.3911.232\opera.exe => No File
FirewallRules: [TCP Query User{CAD32AB0-2A8E-475A-ADF7-1C1B5FC8B9CD}C:\users\markovic\appdata\local\programs\opera\75.0.3969.149\opera.exe] => (Block) C:\users\markovic\appdata\local\programs\opera\75.0.3969.149\opera.exe => No File
FirewallRules: [UDP Query User{4AC3FC4D-1029-4B27-A963-47F739D1B5F7}C:\users\markovic\appdata\local\programs\opera\75.0.3969.149\opera.exe] => (Block) C:\users\markovic\appdata\local\programs\opera\75.0.3969.149\opera.exe => No File
FirewallRules: [TCP Query User{AF1480F9-613E-4AB3-91B6-84DA3563229D}C:\users\markovic\appdata\local\viber\viber.exe] => (Allow) C:\users\markovic\appdata\local\viber\viber.exe (Viber Media S.à r.l. -> Viber Media S.Ã r.l.)
FirewallRules: [UDP Query User{1CB80652-61CF-46CC-9CD2-4BD9328A4602}C:\users\markovic\appdata\local\viber\viber.exe] => (Allow) C:\users\markovic\appdata\local\viber\viber.exe (Viber Media S.à r.l. -> Viber Media S.Ã r.l.)
FirewallRules: [TCP Query User{72AF3B0A-30EF-41AD-86D6-619A461F9058}C:\users\markovic\appdata\local\programs\opera\75.0.3969.171\opera.exe] => (Block) C:\users\markovic\appdata\local\programs\opera\75.0.3969.171\opera.exe => No File
FirewallRules: [UDP Query User{26E1D59F-256F-416D-A49F-01A40F3D6187}C:\users\markovic\appdata\local\programs\opera\75.0.3969.171\opera.exe] => (Block) C:\users\markovic\appdata\local\programs\opera\75.0.3969.171\opera.exe => No File
FirewallRules: [TCP Query User{9286BCBC-F7B9-41FC-9E64-176785B01436}C:\users\markovic\appdata\local\programs\opera\75.0.3969.218\opera.exe] => (Block) C:\users\markovic\appdata\local\programs\opera\75.0.3969.218\opera.exe => No File
FirewallRules: [UDP Query User{4BB6011D-8D89-4043-AED5-8BF8FE99E3AB}C:\users\markovic\appdata\local\programs\opera\75.0.3969.218\opera.exe] => (Block) C:\users\markovic\appdata\local\programs\opera\75.0.3969.218\opera.exe => No File
FirewallRules: [TCP Query User{BA5E38A2-30B5-4420-94F7-A3AA5B32EA17}C:\users\markovic\appdata\local\programs\opera\75.0.3969.243\opera.exe] => (Block) C:\users\markovic\appdata\local\programs\opera\75.0.3969.243\opera.exe => No File
FirewallRules: [UDP Query User{A201274C-A651-4533-A22B-C2CA1E7597CF}C:\users\markovic\appdata\local\programs\opera\75.0.3969.243\opera.exe] => (Block) C:\users\markovic\appdata\local\programs\opera\75.0.3969.243\opera.exe => No File
FirewallRules: [TCP Query User{9C33D1B4-A2A9-4FFB-800C-E778CE76BF7D}C:\users\markovic\appdata\local\programs\opera\76.0.4017.107\opera.exe] => (Block) C:\users\markovic\appdata\local\programs\opera\76.0.4017.107\opera.exe => No File
FirewallRules: [UDP Query User{C1211E13-5828-4BF7-AAA4-D674CC14FDCD}C:\users\markovic\appdata\local\programs\opera\76.0.4017.107\opera.exe] => (Block) C:\users\markovic\appdata\local\programs\opera\76.0.4017.107\opera.exe => No File
FirewallRules: [{F9E9F232-F2DC-4857-91E6-8A930365A543}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{862F97A5-A967-4C3E-8585-5CD957CE21E7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F24D763A-6A44-48A6-A5F8-8FCAE3F47B31}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F37333D7-E0C6-4F86-9E54-95C5098EB465}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{6FBE4E8B-4F9C-4E92-9800-7B55A3F067DF}C:\users\markovic\appdata\local\programs\opera\76.0.4017.123\opera.exe] => (Allow) C:\users\markovic\appdata\local\programs\opera\76.0.4017.123\opera.exe => No File
FirewallRules: [UDP Query User{0176DD9E-319F-48BF-B597-0DB17CEFBCA8}C:\users\markovic\appdata\local\programs\opera\76.0.4017.123\opera.exe] => (Allow) C:\users\markovic\appdata\local\programs\opera\76.0.4017.123\opera.exe => No File
FirewallRules: [{45088D37-A2BB-423A-8EAD-C4FCE702DECF}] => (Allow) E:\Steam\steamapps\common\Black Desert Online\BlackDesertLauncher.exe => No File
FirewallRules: [{0E01A964-20D2-4C9E-8B0D-B2112BB968BF}] => (Allow) E:\Steam\steamapps\common\Black Desert Online\BlackDesertLauncher.exe => No File
FirewallRules: [TCP Query User{48C66F2D-48CD-4671-A21B-D3D2C81F858D}C:\users\markovic\appdata\local\programs\opera\76.0.4017.154\opera.exe] => (Allow) C:\users\markovic\appdata\local\programs\opera\76.0.4017.154\opera.exe => No File
FirewallRules: [UDP Query User{8141E566-4B24-4BDB-8679-D55CEA42C9F5}C:\users\markovic\appdata\local\programs\opera\76.0.4017.154\opera.exe] => (Allow) C:\users\markovic\appdata\local\programs\opera\76.0.4017.154\opera.exe => No File
FirewallRules: [TCP Query User{C91FFDB6-F4BF-42AD-8C7C-B955FDC8795D}C:\users\markovic\appdata\local\programs\opera\76.0.4017.177\opera.exe] => (Allow) C:\users\markovic\appdata\local\programs\opera\76.0.4017.177\opera.exe => No File
FirewallRules: [UDP Query User{8EB0C708-0A12-423D-A536-B70C6939CF25}C:\users\markovic\appdata\local\programs\opera\76.0.4017.177\opera.exe] => (Allow) C:\users\markovic\appdata\local\programs\opera\76.0.4017.177\opera.exe => No File
FirewallRules: [TCP Query User{37782D81-F416-44A9-B5BC-3D2C2489B1DD}C:\users\markovic\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\markovic\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{6B5630B9-5740-4B0E-9512-D8E497676A3B}C:\users\markovic\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\markovic\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{87FCA38D-90FA-4354-9CC2-78ABEC31B4F1}C:\users\markovic\appdata\local\programs\opera\77.0.4054.90\opera.exe] => (Allow) C:\users\markovic\appdata\local\programs\opera\77.0.4054.90\opera.exe => No File
FirewallRules: [UDP Query User{D82C4F92-AF0F-41B8-9378-B58DBF9B8C69}C:\users\markovic\appdata\local\programs\opera\77.0.4054.90\opera.exe] => (Allow) C:\users\markovic\appdata\local\programs\opera\77.0.4054.90\opera.exe => No File
FirewallRules: [TCP Query User{862C88E4-2542-4516-B6CE-145147E5BA59}C:\users\markovic\appdata\local\programs\opera\77.0.4054.146\opera.exe] => (Block) C:\users\markovic\appdata\local\programs\opera\77.0.4054.146\opera.exe => No File
FirewallRules: [UDP Query User{A8911154-5B13-4248-B597-DF8E6AC87F66}C:\users\markovic\appdata\local\programs\opera\77.0.4054.146\opera.exe] => (Block) C:\users\markovic\appdata\local\programs\opera\77.0.4054.146\opera.exe => No File
FirewallRules: [{28AC173A-E303-4DB5-895E-C1D8BCF9B757}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F8512FE0-F9DC-4401-A7C8-26457EC1255B}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{36D0DCD0-40C8-4A52-92EF-C3F32A296F2C}C:\users\markovic\appdata\local\programs\opera\77.0.4054.172\opera.exe] => (Allow) C:\users\markovic\appdata\local\programs\opera\77.0.4054.172\opera.exe => No File
FirewallRules: [UDP Query User{3148570C-6FAF-4D3D-A3E5-165781D1FD0C}C:\users\markovic\appdata\local\programs\opera\77.0.4054.172\opera.exe] => (Allow) C:\users\markovic\appdata\local\programs\opera\77.0.4054.172\opera.exe => No File
FirewallRules: [TCP Query User{76330426-2461-4890-BDDF-0DD0BEE5473A}C:\users\markovic\appdata\local\programs\opera\77.0.4054.203\opera.exe] => (Allow) C:\users\markovic\appdata\local\programs\opera\77.0.4054.203\opera.exe => No File
FirewallRules: [UDP Query User{3B716135-74C5-4C9C-99FC-DB836F68631D}C:\users\markovic\appdata\local\programs\opera\77.0.4054.203\opera.exe] => (Allow) C:\users\markovic\appdata\local\programs\opera\77.0.4054.203\opera.exe => No File
FirewallRules: [TCP Query User{C9029D2E-7AAE-4A6B-A602-F13E3EDB143B}C:\users\markovic\appdata\local\programs\opera\77.0.4054.277\opera.exe] => (Allow) C:\users\markovic\appdata\local\programs\opera\77.0.4054.277\opera.exe => No File
FirewallRules: [UDP Query User{B563278A-F561-4AFB-AB2A-1EEFB3427B2F}C:\users\markovic\appdata\local\programs\opera\77.0.4054.277\opera.exe] => (Allow) C:\users\markovic\appdata\local\programs\opera\77.0.4054.277\opera.exe => No File
FirewallRules: [TCP Query User{64068C1B-4A1E-4752-BCF4-B5CC3C47AB48}C:\users\markovic\appdata\local\programs\opera\78.0.4093.147\opera.exe] => (Allow) C:\users\markovic\appdata\local\programs\opera\78.0.4093.147\opera.exe => No File
FirewallRules: [UDP Query User{3B93A067-88E1-4037-91CA-4BA349BD25DF}C:\users\markovic\appdata\local\programs\opera\78.0.4093.147\opera.exe] => (Allow) C:\users\markovic\appdata\local\programs\opera\78.0.4093.147\opera.exe => No File
FirewallRules: [TCP Query User{A88AB42A-E6C3-4EFA-BDFB-BA36DB56A83C}C:\users\markovic\appdata\local\programs\opera\78.0.4093.147\opera.exe] => (Block) C:\users\markovic\appdata\local\programs\opera\78.0.4093.147\opera.exe => No File
FirewallRules: [UDP Query User{DC4BE0D0-5BC9-4B1C-BF4D-8BD61D3D0D41}C:\users\markovic\appdata\local\programs\opera\78.0.4093.147\opera.exe] => (Block) C:\users\markovic\appdata\local\programs\opera\78.0.4093.147\opera.exe => No File
FirewallRules: [TCP Query User{5FFFB77F-5499-4DAE-9E71-06DDA6ADFF6F}C:\users\markovic\documents\my games\lol\riot games\riot client\riotclientservices.exe] => (Allow) C:\users\markovic\documents\my games\lol\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{EF697FBA-0C5E-45E9-BC64-11F5EA501FD5}C:\users\markovic\documents\my games\lol\riot games\riot client\riotclientservices.exe] => (Allow) C:\users\markovic\documents\my games\lol\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{6EA3062F-4D7F-4ECF-B0A6-C2BF22BF0722}C:\users\markovic\appdata\local\programs\opera\78.0.4093.184\opera.exe] => (Allow) C:\users\markovic\appdata\local\programs\opera\78.0.4093.184\opera.exe => No File
FirewallRules: [UDP Query User{8E0181CF-A263-45AA-9573-EEA33CF758C3}C:\users\markovic\appdata\local\programs\opera\78.0.4093.184\opera.exe] => (Allow) C:\users\markovic\appdata\local\programs\opera\78.0.4093.184\opera.exe => No File
FirewallRules: [TCP Query User{9F76E07A-BAC6-42E8-9245-9333F77BC707}C:\users\markovic\appdata\local\programs\opera\78.0.4093.184\opera.exe] => (Allow) C:\users\markovic\appdata\local\programs\opera\78.0.4093.184\opera.exe => No File
FirewallRules: [UDP Query User{16B57A8D-E6B6-40D6-B23F-63582B9B2480}C:\users\markovic\appdata\local\programs\opera\78.0.4093.184\opera.exe] => (Allow) C:\users\markovic\appdata\local\programs\opera\78.0.4093.184\opera.exe => No File
FirewallRules: [{44EF3D2F-0FF4-4589-9C8C-A7300C1A664C}] => (Allow) C:\Steam Library\steamapps\common\Railway Empire\RailwayEmpire.exe (Kalypso Media Group -> Gaming Minds Studios GmbH)
FirewallRules: [{CD637AD7-F755-438E-AA23-5E6AA1D917E2}] => (Allow) C:\Steam Library\steamapps\common\Railway Empire\RailwayEmpire.exe (Kalypso Media Group -> Gaming Minds Studios GmbH)
FirewallRules: [{A40C0460-8A86-4123-9123-8BAE34FF5C45}] => (Allow) C:\Steam Library\steamapps\common\AoW3\AoW3Launcher.exe () [File not signed]
FirewallRules: [{9BA33528-25B5-404B-9C8B-17A2FD3C3B45}] => (Allow) C:\Steam Library\steamapps\common\AoW3\AoW3Launcher.exe () [File not signed]
FirewallRules: [{29F78221-0797-460E-8048-66474CF62C71}] => (Allow) C:\Steam Library\steamapps\common\AoW3\AoW3.exe () [File not signed]
FirewallRules: [{33C27051-B0C9-4BB5-BBE9-505D487C928A}] => (Allow) C:\Steam Library\steamapps\common\AoW3\AoW3.exe () [File not signed]
FirewallRules: [{4BC86D77-E9F0-4914-89D2-878096391772}] => (Allow) C:\Steam Library\steamapps\common\AoW3\AoW3_Debug.exe () [File not signed]
FirewallRules: [{4C92DFEE-69E0-47E1-B9F7-69661F5F0DF0}] => (Allow) C:\Steam Library\steamapps\common\AoW3\AoW3_Debug.exe () [File not signed]
FirewallRules: [{EDF64522-7A7E-47B9-8ED6-48E34FB89FE6}] => (Allow) C:\Users\markovic\Desktop\Hotové\S t e a m\Steam.exe => No File
FirewallRules: [{8F436225-780C-4A4E-8DF0-F03AFB294C01}] => (Allow) C:\Users\markovic\Desktop\Hotové\S t e a m\Steam.exe => No File
FirewallRules: [{147F940E-31A3-4581-A6F5-6247F2A1872E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{881A62EC-0897-4C5F-971C-6D344AEA0282}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{E0636631-46E1-4D29-AF19-222C599707AB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{FC1FB727-2B83-4871-A044-540647A7C73E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{76AE42CB-57B1-41A3-B6CF-4DBAD14A7743}C:\users\markovic\appdata\local\programs\opera\78.0.4093.231\opera.exe] => (Block) C:\users\markovic\appdata\local\programs\opera\78.0.4093.231\opera.exe => No File
FirewallRules: [UDP Query User{944AB789-4F9F-4D6C-B638-70AD4ED8C7C6}C:\users\markovic\appdata\local\programs\opera\78.0.4093.231\opera.exe] => (Block) C:\users\markovic\appdata\local\programs\opera\78.0.4093.231\opera.exe => No File
FirewallRules: [TCP Query User{E0EC304C-3675-4397-98AC-73F666079504}C:\users\markovic\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\markovic\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{C1977839-72B9-4BB2-802E-DF731F9DCA15}C:\users\markovic\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\markovic\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{DC87FA5F-C79D-4D43-AE9B-5A840D48FFE7}C:\users\markovic\appdata\local\programs\opera\78.0.4093.231\opera.exe] => (Block) C:\users\markovic\appdata\local\programs\opera\78.0.4093.231\opera.exe => No File
FirewallRules: [UDP Query User{76491FEA-DACF-47AC-9AEB-7A73A7E5B305}C:\users\markovic\appdata\local\programs\opera\78.0.4093.231\opera.exe] => (Block) C:\users\markovic\appdata\local\programs\opera\78.0.4093.231\opera.exe => No File
FirewallRules: [TCP Query User{8F666011-790E-4B2A-AD82-46B6221B2F00}C:\users\markovic\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\markovic\appdata\local\programs\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{4C8BAC95-77E8-4A94-A354-19CD2D74593C}C:\users\markovic\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\markovic\appdata\local\programs\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [TCP Query User{44E998F9-CAC2-43C8-A4CD-070BC1ED0158}C:\users\markovic\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\markovic\appdata\local\programs\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{B38EB183-1F80-460E-9286-DDF1B2541953}C:\users\markovic\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\markovic\appdata\local\programs\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{1DE6BCD2-F43E-45A0-8A5F-19E8F3A946B5}] => (Allow) C:\Users\markovic\AppData\Local\Temp\7zS2530\HP.EasyStart.exe => No File
FirewallRules: [{5FE027B3-23EF-4E0E-B3BB-EE448B8E1573}] => (Allow) C:\Program Files\HP\HP Ink Tank Wireless 410 series\bin\DigitalWizards.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{484B7A81-6B38-4697-9A20-BB3B154DD83F}] => (Allow) C:\Program Files\HP\HP Ink Tank Wireless 410 series\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{922BD26A-CF12-42EB-AD56-F45D57D37256}] => (Allow) LPort=5357
FirewallRules: [{3378C7B8-DEA4-4C59-AFE7-D4C9F333ABF9}] => (Allow) C:\Program Files\HP\HP Ink Tank Wireless 410 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{3ED91688-7221-40A9-8879-3075BBFA6AF7}] => (Allow) C:\Users\markovic\AppData\Local\Temp\7zS6574\HP.EasyStart.exe => No File
FirewallRules: [{13333D03-DF98-4E4F-9585-ABCA82B6FAC2}] => (Allow) C:\Program Files (x86)\NCSOFT\NC Launcher 2\NCLauncher2.exe => No File
FirewallRules: [{954CC91B-2E19-4F14-9A48-AC0FAA64B57A}] => (Allow) C:\Program Files (x86)\NCSOFT\NC Launcher 2\NCLauncher2.exe => No File
FirewallRules: [{208A089F-7B11-48A1-9AE1-F41AD716C758}] => (Allow) C:\Program Files\Sophos\Sophos UI\Sophos UI.exe (Sophos Ltd -> Sophos Limited)
FirewallRules: [{5B388AFC-8C0B-454E-8B38-469DCDCAA920}] => (Allow) C:\Program Files\Sophos\Sophos UI\Sophos UI.exe (Sophos Ltd -> Sophos Limited)
FirewallRules: [{1B941D7E-28BD-4457-BC69-A45CCE7BA0E5}] => (Allow) C:\Users\markovic\Downloads\L 2\Infinite Elmore\LineageII.exe (NCSoft) [File not signed]
FirewallRules: [{B1327921-7D96-4604-B438-1EEB7B7A8303}] => (Allow) C:\Users\markovic\Downloads\L 2\Infinite Elmore\LineageII.exe (NCSoft) [File not signed]
FirewallRules: [{D67BAB52-91E1-4BD4-B30D-6C90F437B4C8}] => (Allow) C:\Users\markovic\Downloads\L 2\Infinite Elmore\system\L2.exe (Eikonect Software SL -> )
FirewallRules: [{6CF28E61-16A9-47FC-A448-02C00EDEFABA}] => (Allow) C:\Users\markovic\Downloads\L 2\Infinite Elmore\system\L2.exe (Eikonect Software SL -> )
FirewallRules: [{35134688-D3FB-4BDC-A57A-2A4299772FE9}] => (Allow) C:\Users\markovic\Downloads\L 2\Infinite Elmore\system\LineageII.exe (NCSoft) [File not signed]
FirewallRules: [{3F75AB3B-AB1D-4EFF-A3CA-9403E16EB05B}] => (Allow) C:\Users\markovic\Downloads\L 2\Infinite Elmore\system\LineageII.exe (NCSoft) [File not signed]
FirewallRules: [TCP Query User{731FA7AE-8AF2-4FE6-97DD-4659FC440F92}C:\users\markovic\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\markovic\appdata\local\gamecenter\gamecenter.exe => No File
FirewallRules: [UDP Query User{14146A85-7147-4FA4-897C-24F887979E9C}C:\users\markovic\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\markovic\appdata\local\gamecenter\gamecenter.exe => No File
FirewallRules: [TCP Query User{0A024627-F580-40CD-B96F-E3D0B1B9C558}C:\users\markovic\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\markovic\appdata\local\gamecenter\gamecenter.exe => No File
FirewallRules: [UDP Query User{BB2F1B14-AD4C-4F78-854B-9C47E031BDFF}C:\users\markovic\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\markovic\appdata\local\gamecenter\gamecenter.exe => No File
FirewallRules: [TCP Query User{F72A0821-4C56-4F47-B29F-5637026B99A8}E:\conq. blade\conqueror`s blade my.games\game\x64\ship\client\proven_ground_client.exe] => (Allow) E:\conq. blade\conqueror`s blade my.games\game\x64\ship\client\proven_ground_client.exe => No File
FirewallRules: [UDP Query User{EFB52148-835A-4E86-9CBD-4C4581E8A2AB}E:\conq. blade\conqueror`s blade my.games\game\x64\ship\client\proven_ground_client.exe] => (Allow) E:\conq. blade\conqueror`s blade my.games\game\x64\ship\client\proven_ground_client.exe => No File
FirewallRules: [TCP Query User{30252FCF-D68B-48A8-9AD3-E19D9ABB80B4}E:\conq. blade\conqueror`s blade my.games\game\x64\ship\client\cc\ccmini.exe] => (Allow) E:\conq. blade\conqueror`s blade my.games\game\x64\ship\client\cc\ccmini.exe => No File
FirewallRules: [UDP Query User{231FA04A-00B0-4D6B-95B5-436A41FC597B}E:\conq. blade\conqueror`s blade my.games\game\x64\ship\client\cc\ccmini.exe] => (Allow) E:\conq. blade\conqueror`s blade my.games\game\x64\ship\client\cc\ccmini.exe => No File
StandardProfile\GloballyOpenPorts: [139:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22004
StandardProfile\GloballyOpenPorts: [445:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22005
StandardProfile\GloballyOpenPorts: [137:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22001
StandardProfile\GloballyOpenPorts: [138:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22002
StandardProfile\GloballyOpenPorts: [5900:TCP] => Enabled:vnc5900
StandardProfile\GloballyOpenPorts: [5800:TCP] => Enabled:vnc5800

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (06/11/2022 03:54:43 PM) (Source: OCS Inventory Service) (EventID: 20) (User: )
Description: Service encounter error <OCS Inventory NG Agent encounter an error (exit code is 4 => Failed to talk with Communication Server)>.

Error: (06/11/2022 02:23:11 PM) (Source: Sophos Management Communications System) (EventID: 8001) (User: )
Description: The Sophos Management Communications System client service has received an HTTP status 401 from the server. This might indicate that action is necessary.

Error: (06/11/2022 02:09:33 PM) (Source: OCS Inventory Service) (EventID: 20) (User: )
Description: Service encounter error <OCS Inventory NG Agent encounter an error (exit code is 4 => Failed to talk with Communication Server)>.

Error: (06/11/2022 01:30:14 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Služba Windows Search byla zastavena, protože došlo k problému s indexovacím modulem The catalog is corrupt.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/11/2022 01:30:14 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vyhledávací služby zjistila, že index {id=4400} obsahuje poškozené datové soubory. Služba se pokusí tyto potíže automaticky odstranit vytvořením nového indexu.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/11/2022 01:30:14 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Index nebyl inicializován.

Podrobnosti:
Databáze indexu obsahu je poškozená. (HRESULT : 0xc0041800) (0xc0041800)

Error: (06/11/2022 01:30:14 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Aplikace nebyla inicializována.

Kontext: aplikace Windows

Podrobnosti:
Databáze indexu obsahu je poškozená. (HRESULT : 0xc0041800) (0xc0041800)

Error: (06/11/2022 01:30:14 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Objekt indexování nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Databáze indexu obsahu je poškozená. (HRESULT : 0xc0041800) (0xc0041800)


System errors:
=============
Error: (06/11/2022 03:29:32 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Byla vygenerována následující výstraha o závažné chybě: 70. Stav interní chyby: 11

Error: (06/11/2022 03:29:32 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (06/11/2022 03:29:09 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Byla vygenerována následující výstraha o závažné chybě: 70. Stav interní chyby: 11

Error: (06/11/2022 03:29:08 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (06/11/2022 03:29:08 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Byla vygenerována následující výstraha o závažné chybě: 70. Stav interní chyby: 11

Error: (06/11/2022 03:29:08 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (06/11/2022 03:28:58 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Byla vygenerována následující výstraha o závažné chybě: 70. Stav interní chyby: 11

Error: (06/11/2022 03:28:58 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.


==================== Memory info ===========================

BIOS: Dell Inc. A16 08/19/2014
Motherboard: Dell Inc. 0CPWYR
Processor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Percentage of memory in use: 78%
Total physical RAM: 4001.26 MB
Available physical RAM: 879.34 MB
Total Virtual: 9085 MB
Available Virtual: 3314.16 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:294.62 GB) (Free:34.08 GB) (Model: ST320LT009-9WC142) NTFS

\\?\Volume{cd1bb2b8-6811-11e9-b3e0-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.49 GB) (Free:0.46 GB) NTFS
\\?\Volume{cd1bb2ba-6811-11e9-b3e0-806e6f6e6963}\ (Recovery) (Fixed) (Total:2.98 GB) (Free:2.9 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 9268AC98)
Partition 1: (Active) - (Size=499 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=294.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=3 GB) - (Type=27)

==================== End of Addition.txt =======================

[Pytlík]

To snad nemyslíš vážně!

[Kony123]

Chyba je v

Microsoft Windows 7 Professional Service Pack 1

[Milanr1]

Extrémně vysoký výskyt bezpečnostních systémů.

[memart]

No, tak co nemyslim vazne, ci je ve vysokem vyskitu?
Jsem jen posledni uzivatel toho notasu, kdo vi co predemnou bylo.
Pouzivam Sophos a je to podnikuv DELL ktery jsem odkoupil.
Zadny jiny AV tam nemam, tak co vidite?
------ PS ------
( Kony, ti si opravdu kolemjedouci, ani vetu si nedokoncil DD )

[meda2016]

Zkusím to přeložit.
Pytlík: "Na analyzu 700 řádků jsme málo placeni."
Kony: "Máš nízkou úroveň bezpečnostních balíčků. <W7 SP3 a další."
Milanr1 ...Tady jsem vzdal kontrolu, jestli nemáš víc AV programů, blokerů a pod.

Banky obvykle varují před používáním nepodporovaného neaktualizovaného SW. Většinou stránky nic opravdu nekontrolují, pouze mohou fungovat špatně nebo vůbec. Například s MS Internet Explorer. Podporované jsou FireFox a Chrome. Ještě Edge.

...Jsem jen posledni uzivatel toho notasu, kdo vi co predemnou bylo. ...

***Pokud jsi odkoupil podnikový počítač, měl jsi jej dostat vyčištěny (SW) a přeinstalovaný. Máte podnikového ajťáka?

[memart]

Dekuji Medo!
----------------------------
Pytliku, IT-ci jsou dobre placeny, ale takove, ktery nekde pracuji, ale jsou nespokojny, asi nechteji
Kdyz pracujes, delej to, kdyz nechces, dej vypoved!
Moje vina neni, ze jsi malo placen...

[milsimr]

@memart: Nepochopil si. Tohle je fórum, kde případné rady místní uživatelé píší pouze ve svém volném čase a bez jakékoliv kompenzace. A teď sem hodíš nějakejch 700 řádků logu a očekáváš, že se tím někdo bude probírat...?

[m.kv]

Memart "vyskit" neznám ani vysoký, ani nízký. Vlastně žádný.
Tvá rada na Pytlíka přečti si pořádně kdo co napsal a pak si ještě pohledej rozdíl mezi placeným supportem a neplaceným fórem

Hmm pomalej

[milsimr]

Nevadí, taktéž si to napsal hezky

[memart]

U vas jsem zde, protoze jsem zde uz 10 let.
Ale jen 3x jsem mel problem, tak jsem psal.
Poprve zdejsi servis fungoval perfektne, vse jak ma.
Podruhe se uz kuckane citilo, ale jsem si vybojoval to co jsem potreboval.
Tad uz vidite, ze VY nefungujete, i kdyz jste mi par podstatnych informaci dali, par z vas.
Nemuzu si odskocit a koupit novy PC jen tak, tak jsem napsal a kouknete (objektivne, zkuste s kouknut nestranne), vzdy si muzete zavrit takovy portal, ale stejne ho realita zavre, protoze, uprimne, nemate a ni dobrou vuli ani svezost, a kdo je tady podstatny, mel by to probrat a dostat se na nejaky smysl.

Mam pravdu?

-- 19. 6. 2022 16:08 --

Jste vetsinou mlady kluci. Nejde o penize, jde o smysl. Funguje to, nebo ne. Kdybych jsem nevedel ze to tady (nekdy) fungovalo, neobjevil bych se.
Ted uz to asi nebude mit smysl, tak parto, k cemu pak budete kdyz vas vsichni opusti???

Vzdyt, mne je jasno, nema smysla zde hledat to co potrebuji, mam jit nekde a dat penize za servis (spis si koupit novy). A co je vami jasno? Mate nejake pouceni, nebo nemam pravdu?

-- 19. 6. 2022 16:25 --

...a abych pochopil to co ste psali, musim mit vase vedomosti, to nemam. To kde ste a co nabizite, asi to uz ani vy neznate?

[m.kv]

Pořád jsi to nepochopil.

[meda2016]

@memart - Potom rada. Registruj se, pokud nejsi, na fórum PC Help CNews. Je tam sekce Bezpečnost, kde si přečti PRAVIDLA sekce HijackThis.
https://pc-help.cnews.cz/viewtopic.php?f=70&t=29204
Z plochy spustíš a vyrobíš Logfile of Trend Micro HijackThis v.(jakou stáhneš)
C:\Users\markovic\Desktop\HijackThis.exe
Vložíš do nového tématu např. Prosím o kontrolu logu, kde zmíníš problém. Co ještě budou potřebovat ti napíší.

[milsimr]

U vas jsem zde, protoze jsem zde uz 10 let.
Ale jen 3x jsem mel problem, tak jsem psal.
Poprve zdejsi servis fungoval perfektne, vse jak ma.
Podruhe se uz kuckane citilo, ale jsem si vybojoval to co jsem potreboval.
Tad uz vidite, ze VY nefungujete, i kdyz jste mi par podstatnych informaci dali, par z vas.

To je fajn; já se na tomto fóru pohybuji např. už od roku 2006. A na tomto fóru nefunguje žádný servis - je čistě jenom fórum. Nikoliv support. Natož placený support. Na rozumné dotazy tu vesměs každý dostane odpověď.

Nemuzu si odskocit a koupit novy PC jen tak, tak jsem napsal a kouknete (objektivne, zkuste s kouknut nestranne), vzdy si muzete zavrit takovy portal, ale stejne ho realita zavre, protoze, uprimne, nemate a ni dobrou vuli ani svezost, a kdo je tady podstatny, mel by to probrat a dostat se na nejaky smysl.

Mam pravdu?

Pro nákup nového PC tu nikdo nevidí důvod, když přeinstalace operačního systému zabere nanejvýš hodinu. Nikdo ti nebere, že sem chodíš s dotazem. Ovšem, objektivně a nestranně snad ani ty neočekáváš, že když někde nableješ 700 řádků textu, že se tím bude někdo probírat? Pokud ano, tak ti nerad kazím iluzi, ale ve světě, kde ani slepice nehrabe zadarmo se ti na něco takového každej vyprdne a raději tě odkáže na reinstalaci OS; čímž ve finále se všem ušetří hafo času a tobě to vyřeší problém.

Pravdu tedy nemáš.

Jste vetsinou mlady kluci.

Další omyl; platilo tak možná před 15 lety.

Nejde o penize, jde o smysl.

Vyjímečně souhlasím.

Funguje to, nebo ne. Kdybych jsem nevedel ze to tady (nekdy) fungovalo, neobjevil bych se.
Ted uz to asi nebude mit smysl, tak parto, k cemu pak budete kdyz vas vsichni opusti???

Psal jsem výše; vesměs fórum jako takové funguje, byť nepopírám, že spousta lidí odešla (z různých důvodů). A znova opakuji; rozumný dotaz dostane i rozumnou odpověď.

Vzdyt, mne je jasno, nema smysla zde hledat to co potrebuji, mam jit nekde a dat penize za servis (spis si koupit novy). A co je vami jasno? Mate nejake pouceni, nebo nemam pravdu?

V servise ti řeknou, to co jsem ti psal už výše; dáš jim pětikilo za přeinstalaci OS, kterou jistě zvládneš svépomocí. Na čtení 700 řádků dlouhýho logu se ti leckdo vybodne, protože tolik $$$ z kapsy ve finále nezaplatíš, aby to stálo za ten čas, kterej by nad tím technik musel strávit. Tak vo co ti tedy jde? Chceš poučení? Už jsem ti ho napsal; ani kuře nehrabe zadarmo. A nějakou svojí pravdu - kde ani pořádně nechápu, co tím básník myslel - ... nechám bez komentáře.

...a abych pochopil to co ste psali, musim mit vase vedomosti, to nemam. To kde ste a co nabizite, asi to uz ani vy neznate?

Co je k nepochopení na tom, že zeď textu nikdo nebude zkoumat, když:
1. Používáš zastaralý a již nepodporovaný systém? (W7)
2. Na tom zastaralém OS máš xyz antivirových nástrojů (Sophos Anti-Virus \ Spybot \ ... atd., log jsem dál nezkoumal).

Chceš řešení?
- přeinstaluj OS na W10 či novější, aktuálnost driverů a firmwaru zkontroluj přes nástroj DELL Command.
- s OS W10 neinstaluj žádné zbytečné antivirové systémy, stačí ti integrovaný Defender.
- s OS W10 používej aktuální verze prohlížečů.

Tvůj problém solved.

[Yarda]

Připomněl jsem si, jak jsem kdysi měl nějaký technický problém, snad s reproduktory. Napadlo mne, že by o tom mohli něco vědět v místní pobočce HiFi klubu, tak jsem se jednoho člena zeptal. Dostala se mi odpověď:
"Vstup do Hifi klubu, zjisti si to a bude ti to připsané k dobru jako aktivita člena".