Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Kontrola Logu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Maroš
Návštěvník
Návštěvník
Příspěvky: 173
Registrován: 29 črc 2011 13:32

Kontrola Logu

#1 Příspěvek od Maroš »

Dobrý večer, prosím o kontrolu Logu, notebook se chová nestandardně, je pomalejší, seka se,

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-06-2022 01
Ran by magic (administrator) on MAROSASUS2 (ASUSTeK COMPUTER INC. X751LB) (30-06-2022 21:54:23)
Running from C:\Users\magic\Desktop
Loaded Profiles: magic
Platform: Microsoft Windows 10 Home Version 21H2 19044.1766 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe ->) (ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(C:\Program Files (x86)\Sticky Password\stpass.exe ->) (Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\spUIAManager.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\Opera\opera.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
(C:\Program Files\Opera\opera.exe ->) (Opera Software AS -> Opera Software) C:\Program Files\Opera\87.0.4390.45\opera_crashreporter.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCopyAccelerator.exe
(cmd.exe ->) (Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\spNMHost.exe <2>
(explorer.exe ->) (Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <14>
(explorer.exe ->) (Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\stpass.exe
(Intel Corporation -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(MIXBYTE, INC. -> ) C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\opera.exe <23>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (CyberLink Corp. -> CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(services.exe ->) (ICEpower a/s -> ICEpower A/S) C:\Windows\System32\ICEsoundService64.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_82419944dda69b12\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_531cf42fcad619f7\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RTUWPSrvcMain.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.722.5052.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.722.5052.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.22031.10091.0_x64__8wekyb3d8bbwe\Music.UI.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(TeamViewer Germany GmbH -> ) C:\Windows\Temp\nsfA32F.tmp\TvUpdateInfo.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Služba Acronis Scheduler2] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [383624 2015-12-25] (Acronis International GmbH -> Acronis)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [189320 2021-11-30] (MIXBYTE, INC. -> )
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files\Opera\assistant\browser_assistant.exe [4137216 2022-06-07] (Opera Software AS -> Opera Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-3200854963-3717341606-596258127-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [371304 2019-12-25] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-3200854963-3717341606-596258127-1001\...\Run: [StickyPassword] => C:\Program Files (x86)\Sticky Password\stpass.exe [68824 2022-04-21] (Lamantine Software a.s. -> Lamantine Software a.s.)
HKU\S-1-5-21-3200854963-3717341606-596258127-1001\...\Run: [Spotify] => C:\Users\magic\AppData\Roaming\Spotify\Spotify.exe [19065272 2022-06-09] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3200854963-3717341606-596258127-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35320448 2022-01-25] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3200854963-3717341606-596258127-1001\...\Run: [HP DeskJet 4530 series (NET)] => C:\Program Files\HP\HP DeskJet 4530 series\Bin\ScanToPCActivationApp.exe [3770528 2021-11-17] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-3200854963-3717341606-596258127-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\magic\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3200854963-3717341606-596258127-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\magic\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3200854963-3717341606-596258127-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKLM\...\Print\Monitors\HP D811 Status Monitor: C:\Windows\system32\hpinkstsD811LM.dll [393352 2017-04-05] (Hewlett Packard -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\103.0.5060.66\Installer\chrmstp.exe [2022-06-30] (Google LLC -> Google LLC)
BootExecute: autocheck autochk /r \??\C:autocheck autochk *
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07CABACB-466D-4E71-83CA-22C78657F6D7} - System32\Tasks\Sump Task (One-Time) => C:\Program Files (x86)\IObit\Driver Booster\9.4.0\sump.exe [1792904 2022-06-25] (IObit CO., LTD -> IObit)
Task: {1C21AB42-872F-483E-8D06-8752A42A35E0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2018-02-05] (Google Inc -> Google Inc.)
Task: {1DB4FABB-1DB5-4660-A944-A9D27670F546} - System32\Tasks\Driver Booster SkipUAC (magic) => C:\Program Files (x86)\IObit\Driver Booster\9.4.0\DriverBooster.exe [8662112 2022-06-06] (IObit CO., LTD -> IObit)
Task: {2B61D338-45D4-447A-9FAD-DFF06B945E96} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\9.4.0\AutoUpdate.exe [2476640 2022-06-06] (IObit CO., LTD -> IObit)
Task: {36ABB328-73B5-4817-A72E-5C7747EFB4CA} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617880 2021-07-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {36B594BC-405A-41B3-A772-B2D6E5085846} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {36DFBCF6-CEB9-495B-9DED-A9DDB63157F6} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23246768 2022-06-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {3845EF6F-8E31-4133-8A16-9404461BB9C6} - System32\Tasks\HPCustParticipation HP DeskJet 4530 series => C:\Program Files\HP\HP DeskJet 4530 series\Bin\HPCustPartic.exe [6439072 2021-11-17] (HP Inc. -> HP Inc.)
Task: {4877D9D2-BE06-4961-B928-35D116291778} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646344 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {4D162338-BD31-4B6B-842C-6631982ADA57} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\9.4.0\Scheduler.exe [157784 2022-04-19] (IObit CO., LTD -> IObit)
Task: {507374A3-37AF-419B-94F0-7CFA97F11D52} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-21] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5B7EF1E0-C106-481C-AE7E-B27E47261157} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-01-25] (Piriform Software Ltd -> Piriform)
Task: {5D7C409F-379F-41E0-B0DE-416A70AA45DB} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {603D3D76-E2CE-496D-BB7E-7D5AB59758DB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-21] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {610FD76B-9ED9-45D9-ABED-10A429FFEA2E} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-01] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {66E65347-85B4-48FC-812C-07929D6B96B4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {7567BD5C-5A38-4C21-B76B-3C98B4ABE15B} - System32\Tasks\Opera scheduled assistant Autoupdate 1582788523 => C:\Program Files\Opera\launcher.exe [2518000 2022-06-23] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files\Opera\assistant" $(Arg0)
Task: {885C903B-8F4F-4BD3-8111-848B76828871} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115624 2022-06-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {91CEB175-29AD-4226-A586-6BFC205094AA} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {960506F4-7785-4E9A-B319-370168FCB707} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23246768 2022-06-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {98D83AF9-7388-406C-A916-43CF239FA977} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115624 2022-06-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {A7A7132A-FD78-418A-B664-58B0EA9B5A0B} - System32\Tasks\CCleanerSkipUAC - magic => C:\Program Files\CCleaner\CCleaner.exe [29453952 2022-01-25] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {BF5309D9-E7A6-45D0-86E9-BF5DF47D89FD} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation)
Task: {C5A6FA95-8BC4-4AC0-AE19-2B0A71CF9E16} - System32\Tasks\Opera scheduled Autoupdate 1517511580 => C:\Program Files\Opera\launcher.exe [2518000 2022-06-23] (Opera Norway AS -> Opera Software)
Task: {C5BF43F2-9397-4A41-9018-D94A1FAFA7DB} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {CE1B5F7F-4C4F-45BD-A7CF-E4193D9C06A1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-21] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CE84EC45-1D75-4AF1-B41A-076C713AE0F1} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342080 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {D4D704E7-407D-4104-BFD5-01254F5DB804} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2018-02-05] (Google Inc -> Google Inc.)
Task: {E4C505B5-3CD0-4DE1-BF05-7E25DD57664C} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617880 2021-07-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {EB9F5CF6-8464-405C-9C89-3CBE5CF5A6CD} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {ED83D27C-05C0-4B7A-8F8E-092ACFC29253} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6470640 2022-06-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {EE9081BB-196E-4210-B084-B66BA0C7642D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6470640 2022-06-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {EF852016-6485-40CD-9099-D05CF8ADEE37} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {F8D3B94B-15B2-40A7-A02F-09F8F733FBC9} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18392 2017-12-12] (ASUSTeK Computer Inc. -> AsusTek)
Task: {FEE97087-6BBA-43A1-B32B-F16887CDA584} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-21] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{03ee4b61-ba34-4df4-9925-8e4966f485ab}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{78a52ea8-a769-4549-bec7-058386d199d8}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{f849261d-4f20-412d-ba52-7fe6a4f734ae}: [DhcpNameServer] 192.168.2.1

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\magic\AppData\Local\Microsoft\Edge\User Data\Default [2022-06-30]
Edge HomePage: Default -> hxxp://www.msn.com/

FireFox:
========
FF DefaultProfile: z63v4xqh.default
FF ProfilePath: C:\Users\magic\AppData\Roaming\Mozilla\Firefox\Profiles\z63v4xqh.default [2022-06-21]
FF user.js: detected! => C:\Users\magic\AppData\Roaming\Mozilla\Firefox\Profiles\z63v4xqh.default\user.js [2020-03-16]
FF Extension: (Советник Яндекс.Маркета) - C:\Users\magic\AppData\Roaming\Mozilla\Firefox\Profiles\z63v4xqh.default\Extensions\sovetnik-yandex@yandex.ru.xpi [2018-03-11] [UpdateUrl:hxxps://static.sovetnik.yandex.net/sovetnik/extension/firefox-webextension-yandex-update.json]
FF Extension: (Visual Bookmarks) - C:\Users\magic\AppData\Roaming\Mozilla\Firefox\Profiles\z63v4xqh.default\Extensions\vb@yandex.ru.xpi [2018-03-11] [Legacy]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin HKU\S-1-5-21-3200854963-3717341606-596258127-1001: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\magic\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-11-15] (RocketLife -> RocketLife, LLP)

Chrome:
=======
CHR Profile: C:\Users\magic\AppData\Local\Google\Chrome\User Data\Default [2022-06-30]
CHR Notifications: Default -> hxxps://fastshare.cz; hxxps://www.kinobox.cz; hxxps://www.netflix.com
CHR Extension: (Sticky Password - správce hesel) - C:\Users\magic\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnfdmghkeppfadphbnkjcicejfepnbfe [2022-06-30]
CHR Extension: (Plná Peněženka Lištička) - C:\Users\magic\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecmgkhgjmodembdmiimbacpjgcdimiek [2022-06-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\magic\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-06-21]
CHR Extension: (IE Tab) - C:\Users\magic\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2022-05-13]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\magic\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-01-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\magic\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR HKU\S-1-5-21-3200854963-3717341606-596258127-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

Opera:
=======
OPR Profile: C:\Users\magic\AppData\Roaming\Opera Software\Opera Stable [2022-06-30]
OPR Notifications: Opera Stable -> hxxps://calendar.google.com; hxxps://fastshare.cz; hxxps://p6.regardensy.mobi; hxxps://prokliky.cz; hxxps://svetsatelitu.cz; hxxps://wcontentdelivery.info; hxxps://www.facebook.com; hxxps://www.papirnictvipavlik.cz; hxxps://ytop1.com
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Sticky Password - správce hesel) - C:\Users\magic\AppData\Roaming\Opera Software\Opera Stable\Extensions\bnfdmghkeppfadphbnkjcicejfepnbfe [2022-06-30]
OPR Extension: (Rich Hints Agent) - C:\Users\magic\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-06-30]
OPR Extension: (Opera Crypto Wallet) - C:\Users\magic\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-06-30]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\magic\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-17]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [943280 2015-12-25] (Acronis International GmbH -> Acronis)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11988384 2022-06-15] (Microsoft Corporation -> Microsoft Corporation)
S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\Dfsdks.exe [544768 2009-08-24] (mst software GmbH, Germany) [File not signed]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4452456 2019-12-25] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2020-12-03] (EasyAntiCheat Oy -> Epic Games, Inc)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [87432 2021-11-30] (MIXBYTE, INC. -> Freemake)
S2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [223904 2022-05-01] (HP Inc. -> HP Inc.)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2016-09-08] (CyberLink Corp. -> CyberLink)
R2 RTUsbSwSrvc; C:\WINDOWS\RTUWPSrvcMain.exe [924640 2021-08-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [14585248 2022-06-23] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe [3120992 2022-06-21] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe [133544 2022-06-21] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_531cf42fcad619f7\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_531cf42fcad619f7\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 arusb_win7x; C:\WINDOWS\System32\drivers\arusb_win7x.sys [769024 2010-02-23] (Atheros Communications, Inc.) [File not signed]
R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [102144 2019-08-19] (ASUSTek Computer Inc. -> ASUS Corporation)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2019-12-25] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2019-12-25] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [42616 2017-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
R0 fltsrv; C:\WINDOWS\System32\DRIVERS\fltsrv.sys [160600 2018-02-03] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
R3 MpKsl2af3165d; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E88DFC61-67BE-4779-A6C9-E1CFF829B32E}\MpKslDrv.sys [141568 2022-06-30] (Microsoft Windows -> Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [12152784 2021-08-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
S3 VClone; C:\WINDOWS\System32\drivers\VClone.sys [44544 2020-02-22] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-06-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [452856 2022-06-21] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [91384 2022-06-21] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-06-30 21:54 - 2022-06-30 21:56 - 000031613 _____ C:\Users\magic\Desktop\FRST.txt
2022-06-30 21:52 - 2022-06-30 21:52 - 002369024 _____ (Farbar) C:\Users\magic\Desktop\FRST64.exe
2022-06-30 21:33 - 2022-06-30 21:33 - 000003346 _____ C:\WINDOWS\system32\Tasks\Sump Task (One-Time)
2022-06-30 21:31 - 2022-06-30 21:31 - 000003948 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1517511580
2022-06-30 21:31 - 2022-06-30 21:31 - 000001113 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2022-06-30 21:26 - 2022-06-30 21:26 - 000003368 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3200854963-3717341606-596258127-1001
2022-06-30 21:26 - 2022-06-30 21:26 - 000002417 _____ C:\Users\magic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-06-30 21:23 - 2022-06-30 21:23 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2022-06-30 21:16 - 2022-06-30 21:16 - 000003840 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification
2022-06-30 17:55 - 2022-06-30 17:55 - 000000000 ____D C:\Users\magic\.ms-ad
2022-06-30 17:02 - 2022-06-30 17:05 - 1787320468 _____ C:\Users\magic\Downloads\Sestra v akci ~ (1992) HD cz.avi
2022-06-30 16:59 - 2022-06-30 17:02 - 1577621350 _____ C:\Users\magic\Downloads\Sestra v akci 1 (1992) CZdabing.avi
2022-06-29 12:31 - 2022-06-29 12:36 - 2805399069 _____ C:\Users\magic\Downloads\Laska pres okno - Through.My.Window.2022.1080p.WEBRip.CZ.dabing.5.1.mkv
2022-06-29 12:29 - 2022-06-29 12:33 - 1992158183 _____ C:\Users\magic\Downloads\Ubal a zmiz (komedie - 2021) FullHD.mkv
2022-06-28 11:19 - 2022-06-28 11:19 - 000190368 _____ C:\Users\magic\Downloads\LoanPurchaseContract.pdf
2022-06-28 11:16 - 2022-06-28 11:16 - 000189734 _____ C:\Users\magic\Downloads\LoanParticipationContract.pdf
2022-06-28 11:11 - 2022-06-28 11:11 - 000188556 _____ C:\Users\magic\Downloads\Vypis z uctu 1125722052 za 05-2022.pdf
2022-06-27 09:45 - 2022-06-27 09:46 - 000127449 _____ C:\Users\magic\Downloads\Potvrzení pro zaměstnavatele PP 0162268817.pdf
2022-06-27 09:45 - 2022-06-27 09:45 - 000682418 _____ C:\Users\magic\Downloads\Aktuální přehled sjednaných údajů 0162268817 (1).pdf
2022-06-23 17:23 - 2022-06-23 17:23 - 000178767 _____ C:\Users\magic\Documents\Mon02.pdf
2022-06-23 17:22 - 2022-06-23 17:22 - 000259668 _____ C:\Users\magic\Documents\Mon01.pdf
2022-06-21 16:52 - 2022-06-21 16:52 - 000003294 _____ C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (magic)
2022-06-21 16:52 - 2022-06-21 16:52 - 000003182 _____ C:\WINDOWS\system32\Tasks\Driver Booster Scheduler
2022-06-21 16:52 - 2022-06-21 16:52 - 000003168 _____ C:\WINDOWS\system32\Tasks\Driver Booster Update
2022-06-17 18:26 - 2022-06-17 18:26 - 000011787 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-06-17 17:56 - 2022-06-17 17:56 - 000000000 ___HD C:\$WinREAgent
2022-06-15 09:16 - 2022-06-15 09:16 - 000688858 _____ C:\Users\magic\Downloads\85006031 (3).pdf
2022-06-15 07:22 - 2022-06-15 07:22 - 000137387 _____ C:\Users\magic\Downloads\85006031 (2).pdf
2022-06-09 11:08 - 2022-06-09 11:08 - 000004160 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1582788523
2022-06-08 09:05 - 2022-06-08 09:05 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-06-08 09:05 - 2022-06-08 09:05 - 000104448 _____ C:\WINDOWS\system32\nettraceex.dll
2022-06-08 09:04 - 2022-06-08 09:04 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-06-08 09:04 - 2022-06-08 09:04 - 000232288 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2022-06-08 08:43 - 2022-06-08 08:43 - 000059500 _____ C:\Users\magic\Downloads\Vyp11fcargo_2022-05_0____159801__084312002.pdf
2022-06-08 08:38 - 2022-06-08 08:38 - 000093490 _____ C:\Users\magic\Downloads\85006031 (1).pdf
2022-06-08 08:36 - 2022-06-08 08:36 - 000107057 _____ C:\Users\magic\Downloads\85006031.pdf
2022-06-05 09:56 - 2022-06-05 09:56 - 000017653 _____ C:\Users\magic\Downloads\Opis smluvních údajů.PDF
2022-06-04 07:47 - 2022-06-04 07:47 - 000113368 _____ C:\Users\magic\Downloads\upvest-agreement.pdf
2022-06-04 07:13 - 2022-06-04 07:13 - 009899960 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll
2022-06-04 07:13 - 2022-06-04 07:13 - 001334200 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\Drivers\RtsPer.sys
2022-06-04 07:13 - 2022-06-04 07:13 - 000084187 _____ C:\Users\magic\Downloads\Ramcova smlouva o platebnich sluzbach a participaci na spotrebitelskych uverech.pdf
2022-06-04 06:50 - 2022-05-21 05:26 - 001905912 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-06-04 06:50 - 2022-05-21 05:26 - 001905912 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-06-04 06:50 - 2022-05-21 05:26 - 001478384 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-06-04 06:50 - 2022-05-21 05:26 - 001478384 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-06-04 06:50 - 2022-05-21 05:26 - 001467080 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-06-04 06:50 - 2022-05-21 05:26 - 001432304 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-06-04 06:50 - 2022-05-21 05:26 - 001432304 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-06-04 06:50 - 2022-05-21 05:26 - 001209408 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-06-04 06:50 - 2022-05-21 05:26 - 001145584 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-06-04 06:50 - 2022-05-21 05:26 - 001145584 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-06-04 06:50 - 2022-05-21 05:23 - 000587336 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-06-04 06:50 - 2022-05-21 05:23 - 000460496 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-06-04 06:50 - 2022-05-21 05:22 - 002120896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-06-04 06:50 - 2022-05-21 05:22 - 001603144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-06-04 06:50 - 2022-05-21 05:22 - 001530456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-06-04 06:50 - 2022-05-21 05:22 - 001177312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-06-04 06:50 - 2022-05-21 05:22 - 000730320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-06-04 06:50 - 2022-05-21 05:22 - 000724688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-06-04 06:50 - 2022-05-21 05:22 - 000712416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-06-04 06:50 - 2022-05-21 05:21 - 006964824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-06-04 06:50 - 2022-05-21 05:21 - 006226640 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-06-04 06:50 - 2022-05-21 05:21 - 005100752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-06-04 06:50 - 2022-05-21 05:21 - 002932952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-06-04 06:50 - 2022-05-21 05:21 - 000582712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-06-04 06:50 - 2022-05-21 05:21 - 000457944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-06-04 06:50 - 2022-05-21 05:20 - 005730880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-06-04 06:50 - 2022-05-21 05:19 - 000851136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-06-04 06:50 - 2022-05-21 05:18 - 007618584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2022-06-04 06:50 - 2022-05-21 05:18 - 006465200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-06-04 06:50 - 2022-05-20 02:51 - 000089337 _____ C:\WINDOWS\system32\nvinfo.pb
2022-06-03 17:29 - 2022-06-03 17:29 - 000993542 _____ C:\Users\magic\Downloads\Obchodni podminky Zonky Rentier.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-06-30 21:55 - 2022-01-19 09:20 - 000000000 ____D C:\FRST
2022-06-30 21:53 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-06-30 21:50 - 2018-02-01 21:04 - 000000000 ___SD C:\Users\magic\Documents\Sticky Passwords
2022-06-30 21:42 - 2018-02-18 17:37 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-06-30 21:40 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-06-30 21:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-06-30 21:37 - 2018-02-14 13:05 - 000000000 ____D C:\Users\magic\AppData\Local\CrashDumps
2022-06-30 21:33 - 2018-02-01 21:56 - 000000000 ____D C:\ProgramData\NVIDIA
2022-06-30 21:31 - 2018-02-01 20:56 - 000000000 ____D C:\Program Files\Opera
2022-06-30 21:26 - 2022-01-28 10:57 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3200854963-3717341606-596258127-1001
2022-06-30 21:26 - 2018-02-01 20:44 - 000000000 ___RD C:\Users\magic\OneDrive
2022-06-30 21:24 - 2020-02-28 10:00 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2022-06-30 21:23 - 2018-02-05 15:24 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-06-30 21:23 - 2018-02-05 15:24 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-06-30 21:23 - 2018-02-05 15:22 - 000000000 ____D C:\Program Files (x86)\Google
2022-06-30 21:23 - 2018-02-01 21:00 - 000000000 __SHD C:\Users\magic\IntelGraphicsProfiles
2022-06-30 21:21 - 2022-01-19 16:37 - 000000000 ____D C:\Program Files\CCleaner
2022-06-30 21:20 - 2020-11-08 13:40 - 000008192 ___SH C:\DumpStack.log.tmp
2022-06-30 21:19 - 2022-01-28 10:49 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-06-30 21:19 - 2019-12-07 16:41 - 000719322 _____ C:\WINDOWS\system32\perfh005.dat
2022-06-30 21:19 - 2019-12-07 16:41 - 000145448 _____ C:\WINDOWS\system32\perfc005.dat
2022-06-30 21:19 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-06-30 21:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-06-30 21:14 - 2022-01-28 10:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-06-30 19:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-06-30 19:09 - 2022-01-28 10:35 - 000000000 ____D C:\WINDOWS\system32\lxss
2022-06-30 19:09 - 2022-01-28 09:40 - 000000000 ____D C:\Users\magic
2022-06-30 19:09 - 2018-12-21 22:14 - 000000000 ____D C:\Users\magic\AppData\LocalLow\IObit
2022-06-30 19:09 - 2018-12-21 22:14 - 000000000 ____D C:\ProgramData\ProductData
2022-06-30 19:09 - 2018-11-24 13:41 - 000000000 ____D C:\ProgramData\DAEMON Tools Lite
2022-06-30 19:09 - 2018-02-13 15:56 - 000000000 ____D C:\Users\magic\AppData\Roaming\GHISLER
2022-06-30 19:09 - 2018-02-05 14:17 - 000000000 ____D C:\Users\magic\AppData\Roaming\vlc
2022-06-30 19:09 - 2018-02-01 23:03 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2022-06-30 18:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\registration
2022-06-30 18:15 - 2018-02-01 21:57 - 000000000 ____D C:\Users\magic\AppData\Local\NVIDIA
2022-06-30 18:15 - 2018-02-01 21:20 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-06-30 17:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-06-30 17:47 - 2018-02-21 17:22 - 000000000 ____D C:\Users\magic\AppData\Local\ElevatedDiagnostics
2022-06-30 17:40 - 2022-01-28 10:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-06-25 17:33 - 2020-09-27 09:55 - 000000000 ____D C:\ProgramData\Packages
2022-06-25 17:33 - 2020-09-27 09:53 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-06-25 17:33 - 2020-09-27 09:53 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-06-23 14:27 - 2022-01-12 13:42 - 000000000 ____D C:\Users\magic\AppData\Roaming\MP3Studio
2022-06-23 14:26 - 2022-01-12 13:42 - 000000000 ____D C:\Users\magic\Documents\YouTubeDownloads
2022-06-21 18:52 - 2020-09-27 09:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-06-17 20:45 - 2022-01-28 10:30 - 000447192 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-06-17 20:43 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-06-17 20:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-06-17 20:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-06-17 20:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-06-17 18:30 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-06-17 17:56 - 2018-02-01 22:36 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-06-17 17:48 - 2018-02-01 22:36 - 145918784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-06-16 13:27 - 2018-02-24 08:27 - 000000000 ____D C:\Program Files (x86)\FastShare
2022-06-16 11:26 - 2022-03-10 17:58 - 000003546 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d81423182743d9
2022-06-16 11:26 - 2022-01-28 10:57 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-06-15 19:49 - 2019-03-20 16:41 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-06-09 10:59 - 2020-12-13 16:15 - 000000000 ____D C:\Users\magic\AppData\Roaming\Spotify
2022-06-09 10:49 - 2020-12-13 16:15 - 000000000 ____D C:\Users\magic\AppData\Local\Spotify
2022-06-09 10:47 - 2022-04-17 17:22 - 000000000 ____D C:\WINDOWS\system32\Tasks\NCH Software
2022-06-08 09:22 - 2022-02-02 15:01 - 000000000 ____D C:\WINDOWS\RTUWPSrvcMain
2022-06-08 09:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-06-08 09:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-06-08 09:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-06-08 09:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-06-08 09:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-06-08 09:19 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-06-08 09:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-06-08 09:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-06-08 09:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-06-08 09:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-06-08 09:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-06-08 09:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-06-08 09:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-06-08 09:19 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2022-06-08 09:03 - 2022-01-28 10:34 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-06-08 07:39 - 2022-01-28 12:28 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update

==================== Files in the root of some directories ========

2018-11-28 14:22 - 2018-11-28 14:22 - 000003584 _____ () C:\Users\magic\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-08-02 20:46 - 2019-08-02 20:48 - 000007605 _____ () C:\Users\magic\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-06-2022 01
Ran by magic (30-06-2022 21:58:43)
Running from C:\Users\magic\Desktop
Microsoft Windows 10 Home Version 21H2 19044.1766 (X64) (2022-01-28 08:59:34)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3200854963-3717341606-596258127-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3200854963-3717341606-596258127-503 - Limited - Disabled)
Guest (S-1-5-21-3200854963-3717341606-596258127-501 - Limited - Disabled)
magic (S-1-5-21-3200854963-3717341606-596258127-1001 - Administrator - Enabled) => C:\Users\magic
WDAGUtilityAccount (S-1-5-21-3200854963-3717341606-596258127-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acronis Disk Director (HKLM-x32\...\{AE372858-B1BD-49EF-8308-648322846008}) (Version: 12.0.3270 - Acronis)
Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.001.20117 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-001824458876}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AIMP (HKLM-x32\...\AIMP) (Version: v4.70.2251, 23.05.2021 - AIMP DevTeam)
Any Video Converter 6.2.2 (HKLM-x32\...\Any Video Converter) (Version: 6.2.2 - Anvsoft)
Ashampoo WinOptimizer FREE (HKLM-x32\...\{4209F371-8668-980C-19C9-F8698AB75135}_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.20 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0050 - ASUS)
Balíček ovladače systému Windows - ASUS (HIDSwitch) System (08/18/2015 1.0.0.5) (HKLM\...\6D6063B1EDBCB582F1E596B1EB8BBFAAA100B1BD) (Version: 08/18/2015 1.0.0.5 - ASUS)
Balíček ovladače systému Windows - Intel (MEIx64) System (10/03/2017 11.7.0.1045) (HKLM\...\623E6BEBFE0E32D8AD88825BDC5B643D996BCA93) (Version: 10/03/2017 11.7.0.1045 - Intel)
Balíček ovladače systému Windows - Intel Corporation (iaStorA) HDC (04/10/2017 14.8.16.1063) (HKLM\...\1956B72D229BA5E262A8828A81DB9133B5F111B2) (Version: 04/10/2017 14.8.16.1063 - Intel Corporation)
Balíček ovladače systému Windows - Intel Corporation (iaStorA) SCSIAdapter (04/10/2017 14.8.16.1063) (HKLM\...\7B099E88B288543F1ED20B3C3332D4B1B2E6A621) (Version: 04/10/2017 14.8.16.1063 - Intel Corporation)
Balíček ovladače systému Windows - Qualcomm Atheros Communications (BtFilter) Bluetooth (05/18/2016 10.0.1.7) (HKLM\...\9196235C47040428607C47455891A82EB6B04203) (Version: 05/18/2016 10.0.1.7 - Qualcomm Atheros Communications)
Balíček ovladače systému Windows - Realtek Semiconductor Corp. (RTSPER) MTD (12/04/2017 10.0.16299.21304) (HKLM\...\30643CED791BBDA850B1D497B0BD7EF6DFBAD4FE) (Version: 12/04/2017 10.0.16299.21304 - Realtek Semiconductor Corp.)
CCleaner (HKLM\...\CCleaner) (Version: 5.89 - Piriform)
CyberLink PowerDirector 15 (HKLM-x32\...\{FA285575-B543-4E6E-A573-A4F534AC9965}) (Version: 15.0.3223.0 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.11.0.1001 - Disc Soft Ltd)
Data Lifeguard Diagnostic for Windows 1.31 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version: - Western Digital Corporation)
Driver Booster 9 (HKLM-x32\...\Driver Booster_is1) (Version: 9.4.0 - IObit)
EAX4 Unified Redist (HKLM-x32\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Farming Simulator 19 (HKLM-x32\...\Farming Simulator 19_is1) (Version: - )
FastShare.cz verze 2.3.1 (HKLM-x32\...\FastShare.cz_is1) (Version: 2.3.1 - )
FlipPDF to ePUB (freeware) (HKLM-x32\...\FlipPDF to ePUB (freeware)_is1) (Version: - FlipPDF Solution)
Freemake Video Converter verze 4.1.13 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.13 - Mixbyte Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 103.0.5060.66 - Google LLC)
HP Dropbox Plugin (HKLM-x32\...\{D58993B3-BA5F-4181-8D1C-05D0302398EB}) (Version: 40.13.54.81239 - HP)
HP Google Drive Plugin (HKLM-x32\...\{C777EAED-CEE8-4AF4-A2DE-2A0FC510481A}) (Version: 40.13.54.81239 - HP)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5107 - Intel Corporation)
IPC360 (HKLM-x32\...\InstallShield_{C89E22AC-0603-466A-88A2-242694F28E98}) (Version: 1.0.0.1 - _)
KC Softwares BATExpert (HKLM-x32\...\KC Softwares BATExpert_is1) (Version: 1.13.1.20 - KC Softwares)
K-Lite Mega Codec Pack 13.7.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.7.5 - KLCP)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{E496AFB7-CB04-46CF-8FBB-5D665BC8811B}) (Version: 3.3.2110.22002 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft Access database engine 2010 (English) (HKLM-x32\...\{90140000-00D1-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 103.0.1264.37 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.15225.20288 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3200854963-3717341606-596258127-1001\...\OneDriveSetup.exe) (Version: 22.121.0605.0002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.30.30704 (HKLM-x32\...\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}) (Version: 14.30.30704.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.30.30704 (HKLM-x32\...\{4d8dcf8c-a72a-43e1-9833-c12724db736e}) (Version: 14.30.30704.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.30.30704 (HKLM\...\{6DB765A8-05AF-49A1-A71D-6F645EE3CE41}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.30.30704 (HKLM\...\{662A0088-6FCD-45DD-9EA7-68674058AED5}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.30.30704 (HKLM-x32\...\{BF08E976-B92E-4336-B56F-2171179476C4}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.30.30704 (HKLM-x32\...\{F6080405-9FA8-4CAA-9982-14E95D1A3DAC}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft Visual C++ Run Time Lib Setup (HKLM-x32\...\{AAF4238F-7C29-451D-9925-C753271A5728}) (Version: 1.0.0 - Microsoft)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MP3Studio YouTube Downloader (HKLM-x32\...\{3AB59E5E-AADB-4F45-8741-DCA2BDF0F1DD}) (Version: 2.0.10.0 - MP3Studio/) Hidden
MP3Studio YouTube Downloader (HKLM-x32\...\{a17fa95e-ee4e-4c87-b026-5a550246b3a2}) (Version: 2.0.10.0 - MP3Studio)
NAS Starter Utility (HKLM-x32\...\NAS Starter Utility) (Version: - ZyXEL)
NVIDIA FrameView SDK 1.2.7521.31103277 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.7521.31103277 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.25.1.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.25.1.27 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 512.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 512.95 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.15225.20150 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.15128.20178 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.15225.20288 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera Stable 87.0.4390.45 (HKLM-x32\...\Opera 87.0.4390.45) (Version: 87.0.4390.45 - Opera Software)
Opera Stable 88.0.4412.53 (HKLM-x32\...\Opera 88.0.4412.53) (Version: 88.0.4412.53 - Opera Software)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.2.10 - Prolific Technology INC)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.19041.1375 - Microsoft Corporation)
PosteRazor (HKLM-x32\...\PosteRazor_is1) (Version: 1.5.2 - Alessandro Portale)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.21300 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.24.1208.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9205.1 - Realtek Semiconductor Corp.)
Sniper Ghost Warrior Contracts - STURM BODYGUARD 9 (HKLM-x32\...\2060028353_is1) (Version: 1.04 - GOG.com)
Sniper Ghost Warrior Contracts - SV - AMUR (HKLM-x32\...\1297892886_is1) (Version: 1.04 - GOG.com)
Sniper Ghost Warrior Contracts (HKLM-x32\...\1708301722_is1) (Version: 1.04 - GOG.com)
Spotify (HKU\S-1-5-21-3200854963-3717341606-596258127-1001\...\Spotify) (Version: 1.1.74.631.g0b24d9ad - Spotify AB)
Sticky Password 8.4.4.920 (HKLM-x32\...\Sticky Password_is1) (Version: 8.4 - Lamantine Software)
Studie vylepšování produktu HP DeskJet 4530 series (HKLM\...\{79C4417A-70A3-44B3-98BE-CC38A8AEDCDE}) (Version: 40.15.1231.21321 - HP Inc.)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.31.5 - TeamViewer)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.10 - Ghisler Software GmbH)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 97.0 - Ubisoft)
Ulož.to FileManager verze 2.76 (HKLM-x32\...\{7DE5EA5D-C933-4549-9A44-5BC671F23BBF}_is1) (Version: 2.76 - Uloz.to cloud a.s.)
USB Bridge Installer (HKLM\...\USB Bridge Installer_is1) (Version: - )
Veroval® medi.connect (HKLM-x32\...\{3D84DEBB-7913-4DC3-9AE7-7CF05CE48E9B}) (Version: 1.9.5.9 - Název společnosti:) Hidden
Veroval® medi.connect (HKLM-x32\...\Veroval MediConnect) (Version: 1.9.5.9 - Název společnosti:)
VirtualDJ 2018 (HKLM-x32\...\{FBCC4640-0D91-45B8-90B6-CFA1D0031EB2}) (Version: 8.3.4675.0 - Atomix Productions)
VirtualDJ 2021 (HKLM\...\{8F666AF4-949F-4DDB-8F97-197BC147435C}) (Version: 8.5.6242.0 - Atomix Productions)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Webshare klient (HKLM-x32\...\Webshare klient) (Version: - )
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 4.1 - Sysprogs)
WinDirStat 1.1.2 (HKU\S-1-5-21-3200854963-3717341606-596258127-1001\...\WinDirStat) (Version: - )
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Youtube-DLG version 0.4 (HKLM-x32\...\{3C455028-FC99-4846-8E04-4FCD87D85613}_is1) (Version: 0.4 - Sotiris Papadopoulos)
Základní software zařízení HP DeskJet 4530 series (HKLM\...\{B46461A1-5DE6-484A-A1F2-79DA628FC4E2}) (Version: 40.15.1231.21321 - HP Inc.)

Packages:
=========
2D Audio Mixer -> C:\Program Files\WindowsApps\5626PanosKarabelas.2DAudioMixer_1.1.0.1_x86__qj94rv5hrx17w [2022-06-30] (Panos Karabelas)
City Lights by Talha Tariq -> C:\Program Files\WindowsApps\Microsoft.CityLightsbyTalhaTariq_1.0.0.0_neutral__8wekyb3d8bbwe [2022-06-30] (Microsoft Corporation)
Community Showcase Natural Landscapes 3 -> C:\Program Files\WindowsApps\Microsoft.CommunityShowcaseNaturalLandscapes3_1.0.0.0_neutral__8wekyb3d8bbwe [2022-06-30] (Microsoft Corporation)
Converter for YouTube by Flvto.com -> C:\Program Files\WindowsApps\Hotger.com.YouTubeConverterbywww.flvto.com_2.0.58.0_x64__cg7p2qfgefa1a [2022-06-30] (Белов Кирилл Леонидович) [MS Ad]
Dj Mixer -> C:\Program Files\WindowsApps\27576KetoLabs.DjMixer_1.10.11.1000_x64__6nansvgt4vxt0 [2022-06-30] (KetoLabs)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-06-30] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2022-06-30] (Microsoft Corporation)
edjing 5: DJ turntable to mix and record music -> C:\Program Files\WindowsApps\DJiT.edjing-DJmixerconsolestudio-PlayMixRecordShar_5.1.12.0_x64__3nf5xjt6s13jt [2022-06-30] (DJiT) [MS Ad]
Fish and Corals -> C:\Program Files\WindowsApps\Microsoft.FishandCorals_1.0.0.0_neutral__8wekyb3d8bbwe [2022-06-30] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_136.1.269.0_x64__v10z8vjag6ke6 [2022-06-30] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-06-30] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-06-30] (Microsoft Corporation) [MS Ad]
Microsoft Jackpot -> C:\Program Files\WindowsApps\Microsoft.MicrosoftJackpot_1.9.1110.0_x86__8wekyb3d8bbwe [2022-06-30] (Microsoft Studios) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.5310.0_x64__8wekyb3d8bbwe [2022-06-30] (Microsoft Studios) [MS Ad]
Mixfader dj - digital vinyl -> C:\Program Files\WindowsApps\DJiT.edjingScratchvinyledigital_1.2.12.0_x64__3nf5xjt6s13jt [2022-06-30] (DJiT)
MyASUS -> C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.5.0_x64__qmba6cd70vzyy [2022-06-30] (ASUSTeK COMPUTER INC.)
myTube! -> C:\Program Files\WindowsApps\59750RYKENAPPS.435307C335C44_4.0.19.0_x64__zd92nzxdcatqw [2022-06-30] (Ryken Studio)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-06-30] (NVIDIA Corp.)
Rambling Pathways -> C:\Program Files\WindowsApps\Microsoft.RamblingPathways_1.0.0.0_neutral__8wekyb3d8bbwe [2022-06-30] (Microsoft Corporation)
Raw Image Extension -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.0.31391.0_x64__8wekyb3d8bbwe [2022-06-30] (Microsoft Corporation)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-06-30] (Microsoft Corporation)
Speedtest by Ookla -> C:\Program Files\WindowsApps\Ookla.SpeedtestbyOokla_1.15.163.0_x64__43tkc6nmykmb6 [2022-06-30] (Ookla)
WavePad Audio Editor Free -> C:\Program Files\WindowsApps\NCHSoftware.WavePadAudioEditorFree_16.5.2.0_x86__7kedsbyvzns34 [2022-06-30] (NCH Software)
WiFi Analyzer -> C:\Program Files\WindowsApps\19965MATTHAFNER.WIFIANALYZER_2.6.1.0_x64__gs5k5vmxr2ste [2022-06-30] (Matt Hafner)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2021-07-01] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_104.dll [2018-03-19] (Free Time) [File not signed]
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => -> No File
ContextMenuHandlers1: [WinCDEmu] -> {D0E37FD2-F675-426F-B09A-2CF37BA46FD5} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-12-25] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers2: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed]
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-12-25] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2021-07-01] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_104.dll [2018-03-19] (Free Time) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2020-01-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_531cf42fcad619f7\nvshext.dll [2022-05-21] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [309248 2015-12-18] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [282112 2015-12-18] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\magic\Downloads\lexia3 pp2000\lexia3 pp2000\PP2000_09B\client_OGD\ppdiag\Peugeot Planet Diag.lnk -> C:\app\ppdiag\ppd.bat (No File)
Shortcut: C:\Users\magic\Downloads\lexia3 pp2000\lexia3 pp2000\PP2000_09B\client_OGD\ppdiag\Start PPD (Console Mode).lnk -> C:\app\ppdiag\ppd.bat (No File)
Shortcut: C:\Users\magic\Downloads\lexia3 pp2000\lexia3 pp2000\PP2000_09B\client_OGD\ppdiag\Start PPD.lnk -> C:\app\ppdiag\ppd.bat (No File)
Shortcut: C:\Users\magic\Downloads\lexia3 pp2000\lexia3 pp2000\PP2000_09B\client_OGD\ppdiag\Stop PPD.lnk -> C:\app\ppdiag\ppd.bat (No File)
Shortcut: C:\Users\magic\Downloads\lexia3 pp2000\lexia3 pp2000\PP2000_09B\client_OGD\ppdiag\Utils\ppd_restart.lnk -> C:\app\ppdiag\Utils\ppd_restart.bat (No File)

==================== Loaded Modules (Whitelisted) =============

2022-05-09 11:53 - 2022-04-21 11:56 - 001101824 _____ () [File not signed] C:\Program Files (x86)\Sticky Password\DLLs\_hashlib.pyd
2015-09-25 23:34 - 2015-09-28 20:08 - 000255488 _____ (Sysprogs OU) [File not signed] C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:1AAB2E68 [183]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2022-04-02] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-05-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-05-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-05-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-05-29] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 15:46 - 2017-09-29 15:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3200854963-3717341606-596258127-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\magic\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKU\S-1-5-21-3200854963-3717341606-596258127-1001\...\StartupApproved\Run: => "HP DeskJet 4530 series (NET)"
HKU\S-1-5-21-3200854963-3717341606-596258127-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3200854963-3717341606-596258127-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3200854963-3717341606-596258127-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{8D438082-EE7B-46B2-9456-6DA1B1C68DBE}C:\program files\opera\opera.exe] => (Block) C:\program files\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [TCP Query User{A1745927-8243-4886-8B05-E48EA939DADD}C:\program files\opera\opera.exe] => (Block) C:\program files\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{40E49982-6738-4C97-9999-5E184C7F9130}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D5FF532D-F60C-40AC-8715-EDDD729922BC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{61A09B1E-7ED4-43A0-B200-CA1800D1FA0A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{AE5956BD-A224-4106-ABF5-CEAAF19B5051}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{F8AC96AB-FAD2-4AAF-8142-83496821072F}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{F0CD54C6-1EB5-4640-B11C-E8A01EFE213B}C:\users\magic\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\magic\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{2EE98752-F881-4127-A0ED-9A81515CC68B}C:\users\magic\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\magic\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{05BD1FAD-AE4B-4773-B387-876000FF1B8B}C:\users\magic\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\magic\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{69BC2D85-55F7-42A1-A2C9-DC6AA302E233}C:\users\magic\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\magic\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{03D4BAD7-26CB-417A-9692-B013EC096D7D}] => (Allow) LPort=53
FirewallRules: [{A8020BC6-AD0D-48C0-96C7-A4A2B6681283}] => (Allow) LPort=53
FirewallRules: [{3BFF2FD7-FCF1-4E57-82DE-76D2A7D8B2F1}] => (Allow) LPort=68
FirewallRules: [{A3B6940A-E110-4529-9AF7-B7CFCF4BE866}] => (Allow) LPort=67
FirewallRules: [{25AEDD2A-DB18-4D58-99E7-38D767445201}] => (Allow) LPort=53
FirewallRules: [{24105CC4-2ACF-4B85-962E-E296AC0AFA79}] => (Allow) LPort=1542
FirewallRules: [{2D0D1AD5-2DA9-4806-AFF8-ECBD1F9E2E12}] => (Allow) LPort=1542
FirewallRules: [UDP Query User{E9B1CA3E-4969-45A1-8FB1-00C761B58594}C:\program files (x86)\ipc360\ipc360.exe] => (Allow) C:\program files (x86)\ipc360\ipc360.exe () [File not signed]
FirewallRules: [TCP Query User{CC6BC8DB-9A30-4C76-83B5-7A626C9A8A0A}C:\program files (x86)\ipc360\ipc360.exe] => (Allow) C:\program files (x86)\ipc360\ipc360.exe () [File not signed]
FirewallRules: [UDP Query User{0D876EC0-8ACB-4D68-A27C-02B15A6E379A}C:\program files (x86)\searchtool\searchtool.exe] => (Allow) C:\program files (x86)\searchtool\searchtool.exe () [File not signed]
FirewallRules: [TCP Query User{818FF721-EED1-477A-89C8-985912074970}C:\program files (x86)\searchtool\searchtool.exe] => (Allow) C:\program files (x86)\searchtool\searchtool.exe () [File not signed]
FirewallRules: [UDP Query User{21EE41A5-4DFE-4B20-9366-C820322ECB3E}C:\users\magic\downloads\cms\cms\cms.exe] => (Allow) C:\users\magic\downloads\cms\cms\cms.exe () [File not signed]
FirewallRules: [TCP Query User{593BAFF5-3CB0-4A9F-B5EC-AB73EC8E3065}C:\users\magic\downloads\cms\cms\cms.exe] => (Allow) C:\users\magic\downloads\cms\cms\cms.exe () [File not signed]
FirewallRules: [{74065532-0CAD-4EFA-940B-9180E73CC8F3}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{B7EFA839-5232-47C8-83FE-2FED917B291A}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{ED3D90A4-1E39-439A-A109-76CF29886AD2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2CAFF5DD-6965-4DCF-A65B-F0C1C752C56D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{2EB8DB99-528F-4326-AD4C-11124E10D452}C:\users\magic\onedrive\dokumenty\odorik.exe] => (Allow) C:\users\magic\onedrive\dokumenty\odorik.exe (Odorik.cz) [File not signed]
FirewallRules: [TCP Query User{FCFE6141-69A9-4F90-8A3C-EF131EBAAE23}C:\users\magic\onedrive\dokumenty\odorik.exe] => (Allow) C:\users\magic\onedrive\dokumenty\odorik.exe (Odorik.cz) [File not signed]
FirewallRules: [{6143B0B3-7BA4-4C9C-B05D-6050C9288ED8}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{A765F971-FE7B-4FF3-933B-DD3EC1F53FA9}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [UDP Query User{11218CAD-3EEF-4727-9A12-7F5B20979926}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{AB12CF31-0082-46BD-BD7C-9D5F8A46F80D}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{FE7D3932-2550-4415-BA72-59A78882616B}C:\program files (x86)\zyxel\nas starter utility\nas starter utility.exe] => (Allow) C:\program files (x86)\zyxel\nas starter utility\nas starter utility.exe () [File not signed]
FirewallRules: [TCP Query User{9A0FEC17-8388-4BB1-92E1-2CBABE2EC3CB}C:\program files (x86)\zyxel\nas starter utility\nas starter utility.exe] => (Allow) C:\program files (x86)\zyxel\nas starter utility\nas starter utility.exe () [File not signed]
FirewallRules: [{82B8A8F2-97A5-403D-BB74-99BB49B1A800}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{FDCFDB0C-55D5-4099-A64E-F11111E23C77}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{0DD17A2F-7FBC-42BC-A75E-A47F7C343BEC}C:\program files (x86)\zyxel\nas starter utility\nas starter utility.exe] => (Allow) C:\program files (x86)\zyxel\nas starter utility\nas starter utility.exe () [File not signed]
FirewallRules: [TCP Query User{34D3420A-4704-4186-8C23-935E1C82F288}C:\program files (x86)\zyxel\nas starter utility\nas starter utility.exe] => (Allow) C:\program files (x86)\zyxel\nas starter utility\nas starter utility.exe () [File not signed]
FirewallRules: [TCP Query User{50E176F4-F8A7-4276-AF1F-DAFD8535DB31}D:\games\farming simulator 19\x64\farmingsimulator2019game.exe] => (Block) D:\games\farming simulator 19\x64\farmingsimulator2019game.exe (GIANTS Software GmbH -> GIANTS Software GmbH) [File not signed]
FirewallRules: [UDP Query User{A839851B-DCBA-4FCD-A1CC-B420F495BC09}D:\games\farming simulator 19\x64\farmingsimulator2019game.exe] => (Block) D:\games\farming simulator 19\x64\farmingsimulator2019game.exe (GIANTS Software GmbH -> GIANTS Software GmbH) [File not signed]
FirewallRules: [{922CAA0D-AFC7-48FF-A84D-9A8C53EC5F60}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{50DE2E3B-1237-47D7-8252-3B2D40F25180}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [TCP Query User{021FE1B9-95F5-4307-BAD2-C1AD4764612F}C:\program files\opera\opera.exe] => (Allow) C:\program files\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{FAC12F82-3263-41AA-A287-171FBA0C8423}C:\program files\opera\opera.exe] => (Allow) C:\program files\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{32EE9053-9550-4F48-B888-F32FE272E9FC}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{27B3A3F7-0186-48D0-A50A-98E1468DEF14}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{51D3F9C5-851B-44A1-9D49-1BA2F2315FAB}] => (Allow) C:\Users\magic\AppData\Local\Temp\7zS549B\HP.EasyStart.exe => No File
FirewallRules: [{0E10302C-C457-45FF-B20E-D9E6E8FED49C}] => (Allow) C:\Users\magic\AppData\Local\Temp\7zS2B96\HP.EasyStart.exe => No File
FirewallRules: [{D4BC720E-57FF-45BB-9C53-B3D0E5261FDF}] => (Allow) C:\Users\magic\AppData\Local\Temp\7zS30CD\HP.EasyStart.exe => No File
FirewallRules: [{0DF200B9-6342-4DEF-A06D-E6BD12FF58E2}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{BE900228-274A-46E5-81EA-2E3B40204FDB}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{9CAFAA7C-6D4B-4B92-AD7B-576DC4FF8C76}] => (Allow) C:\Program Files\HP\HP DeskJet 4530 series\Bin\DeviceSetup.exe (HP Inc. -> HP Inc.)
FirewallRules: [{5FC2E1A4-EFB9-4CCE-8E2A-0E1E01A2607F}] => (Allow) LPort=5357
FirewallRules: [{1804CA84-E24E-461B-8113-4810F860E374}] => (Allow) C:\Program Files\HP\HP DeskJet 4530 series\Bin\HPNetworkCommunicatorCom.exe (HP Inc. -> HP Inc.)
FirewallRules: [{D7E202A4-564D-46A5-B338-62B0A1218EC8}] => (Allow) C:\Users\magic\AppData\Local\Temp\7zS40F8\HP.EasyStart.exe => No File
FirewallRules: [{883030B2-C96D-458E-AED8-78C8B437D06D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{433EFD7D-E512-4CFB-A217-1784BD86F6A5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{2317472E-3A99-459A-B6AA-44CC06FB867A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{A3C7D679-F5B2-42A5-9F8A-7AE5FB51D6D1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{DC1FCAD4-23D1-43E5-9CCA-1727E2F2A49F}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe (Lamantine Software a.s. -> Lamantine Software a.s.)
FirewallRules: [{A3B49641-F0C0-4D5C-A8E4-D5726B21604B}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe (Lamantine Software a.s. -> Lamantine Software a.s.)
FirewallRules: [{730DB51E-4613-4D2A-8D75-4121A9551472}] => (Allow) C:\Program Files\Opera\87.0.4390.36\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{FBA8D246-8D35-4523-8969-06625D47737C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{B1D70761-2A8E-464F-8A12-204E3C3D44C0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DD279D3F-6DA9-4F64-B0EB-F35A9EEA3169}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1143C714-0997-4C21-8325-4D00EDEC32BB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D62D23EF-2C60-4B20-8C6B-D72F40778907}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A8E6F730-4F35-40B5-AC1F-7CAA80FA107B}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.5.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{6127C18E-9088-48A7-9A32-130320F486AF}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.5.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{A66A46D7-0510-47FC-B825-045BE9C2F91F}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.5.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{7B0E023E-D089-48DD-91AE-D253726912A7}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.5.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{997758BF-6FB8-4E2F-A703-C94085E93307}] => (Allow) C:\Program Files\Opera\88.0.4412.53_0\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{E7C73055-978A-46EB-8820-78634C3A824E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{6D38A9E9-B63C-4749-BE2A-42AB402C81DA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{6A1F1F56-D3EE-4479-AEFC-AE3D21667E43}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C45AB184-743E-401F-B8C3-3A3230477A92}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

==================== Restore Points =========================

26-06-2022 19:46:32 Naplánovaný kontrolní bod
28-06-2022 10:56:58 Driver Booster : Intel(R) Management Engine Interface #1
30-06-2022 18:06:47 Operace obnovení

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (06/30/2022 09:37:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Acrobat.exe, verze: 22.1.20117.0, časové razítko: 0x624e8510
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.1741, časové razítko: 0x77755782
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000063416
ID chybujícího procesu: 0x7e8
Čas spuštění chybující aplikace: 0x01d88cb89fbc84d1
Cesta k chybující aplikaci: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 3d5cfef9-dfdd-48b5-b428-314986f035ce
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/30/2022 09:15:24 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4164,R,98) SRUJet: Při otevírání souboru protokolu C:\WINDOWS\system32\SRU\SRU03779.log došlo k chybě -1811 (0xfffff8ed).

Error: (06/30/2022 06:09:12 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (06/30/2022 06:09:12 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (06/30/2022 05:05:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.19041.1766 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 2728

Čas spuštění: 01d88c9259662793

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\explorer.exe

ID hlášení: 1c1b8c53-06b6-44d3-aff5-0c89f950fc3b

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (06/30/2022 05:02:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.19041.1766 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1510

Čas spuštění: 01d88be0720bf37a

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\explorer.exe

ID hlášení: ac9287e8-86c4-4f0a-a717-e211f1eab44e

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (06/29/2022 02:12:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.19041.1766 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1a5c

Čas spuštění: 01d88baa27b81d66

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\explorer.exe

ID hlášení: d3416f2e-f42b-41e6-a2f0-64ae6e837efd

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Cross-thread

Error: (06/29/2022 01:49:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program GameBar.exe verze 5.722.5052.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 2990

Čas spuštění: 01d88bae48259870

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.722.5052.0_x64__8wekyb3d8bbwe\GameBar.exe

ID hlášení: f2ead277-f16e-458a-b84d-8c3c8394a005

Úplný název balíčku s chybou: Microsoft.XboxGamingOverlay_5.722.5052.0_x64__8wekyb3d8bbwe

ID aplikace relativní podle balíčku s chybou: App

Typ zablokování: Quiesce


System errors:
=============
Error: (06/30/2022 09:34:28 PM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk1\DR1 má chybný blok.

Error: (06/30/2022 09:33:17 PM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk1\DR1 má chybný blok.

Error: (06/30/2022 09:31:42 PM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk1\DR1 má chybný blok.

Error: (06/30/2022 09:30:07 PM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk1\DR1 má chybný blok.

Error: (06/30/2022 09:28:32 PM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk1\DR1 má chybný blok.

Error: (06/30/2022 09:26:56 PM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk1\DR1 má chybný blok.

Error: (06/30/2022 09:25:21 PM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk1\DR1 má chybný blok.

Error: (06/30/2022 09:23:46 PM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk1\DR1 má chybný blok.


Windows Defender:
================
Date: 2022-06-30 21:57:51
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Script/Ulthar.A!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\magic\Downloads\canspy.zip
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: MAROSASUS2\magic
Název procesu: C:\Users\magic\Desktop\FRST64.exe
Verze bezpečnostních informací: AV: 1.369.521.0, AS: 1.369.521.0, NIS: 1.369.521.0
Verze modulu: AM: 1.1.19300.2, NIS: 1.1.19300.2

Date: 2022-06-30 21:46:15
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {EE0654D4-E2A6-4522-9BE9-C727315642AA}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-06-29 11:51:51
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1C566AA0-89F8-47AF-A023-3C14D7E843FC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-06-27 19:36:13
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {90AF2A2A-1128-4AFD-AAE2-BA8E03312084}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-06-26 19:38:30
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {98B788F0-9376-4B4F-A7E2-1F0BD74F6289}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2022-06-30 21:16:24
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o načtení bezpečnostních informací a pokusí se o obnovení poslední známé funkční verze.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80070003
Popis chyby: Systém nemůže nalézt uvedenou cestu.
Verze bezpečnostních informací: 0.0.0.0;0.0.0.0
Verze modulu: 0.0.0.0

CodeIntegrity:
===============
Date: 2022-06-30 21:40:59
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-06-19 10:56:44
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-06-15 19:40:48
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.4-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-06-09 11:15:10
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. X751LB.606 12/07/2015
Motherboard: ASUSTeK COMPUTER INC. X751LB
Processor: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz
Percentage of memory in use: 42%
Total physical RAM: 12158.74 MB
Available physical RAM: 7010.63 MB
Total Virtual: 14014.74 MB
Available Virtual: 8687.15 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:371.34 GB) (Free:75.71 GB) (Model: HGST HTS721010A9E630) NTFS
Drive d: (DATA) (Fixed) (Total:558.91 GB) (Free:148.76 GB) (Model: HGST HTS721010A9E630) NTFS

\\?\Volume{b8ad5f01-9320-4ecc-a0b2-a510539bdebf}\ () (Fixed) (Total:0.51 GB) (Free:0.05 GB) NTFS
\\?\Volume{c96f2a6d-f7b0-4c04-a316-6804b8e2e672}\ (RECOVERY) (Fixed) (Total:0.49 GB) (Free:0.09 GB) NTFS
\\?\Volume{204186a3-78d2-464a-8b9c-deecd474f9b1}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: F9E46227)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118152
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kontrola Logu

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Maroš
Návštěvník
Návštěvník
Příspěvky: 173
Registrován: 29 črc 2011 13:32

Re: Kontrola Logu

#3 Příspěvek od Maroš »

Děkuji,
jsou tam tři logy, přidávám všechny.

# -------------------------------
# Malwarebytes AdwCleaner 8.3.2.0
# -------------------------------
# Build: 03-23-2022
# Database: 2022-06-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 07-01-2022
# Duration: 00:00:34
# OS: Windows 10 Home
# Scanned: 32057
# Detected: 66


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.AdvancedSystemCare C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\ProgramData\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Users\magic\AppData\LocalLow\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Users\magic\AppData\Roaming\IObit\Advanced SystemCare
PUP.Optional.DriverPack C:\Users\magic\AppData\Roaming\DRPSu
PUP.Optional.DriverPack C:\Users\magic\AppData\Roaming\DriverPack Notifier

***** [ Files ] *****

PUP.Optional.Reimage C:\Windows\Reimage.ini

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

PUP.Optional.Legacy C:\Windows\System32\Tasks\DRIVER BOOSTER SCHEDULER

***** [ Registry ] *****

PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\IOBIT\ASC
PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\\Google\Chrome\NativeMessagingHosts\com.ascplugin.protect
PUP.Optional.DriverPack HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\drp.su
PUP.Optional.DriverPack HKCU\Software\drpsu
PUP.Optional.DriverPack HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|DriverPack Notifier
PUP.Optional.DriverPack HKLM\Software\Wow6432Node\drpsu
PUP.Optional.DriverPack HKLM\Software\drpsu
PUP.Optional.FreeMakeConverter HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ProductUpdater
PUP.Optional.FreeMakeConverter HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|ProductUpdater
PUP.Optional.InstallCore HKCU\Software\csastats
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\AppID\NCTAudioCompress3.DLL
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\AppID\NCTAudioFormatSettings3.DLL
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D162338-BD31-4B6B-842C-6631982ADA57}
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler
PUP.Optional.Legacy HKLM\Software\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
PUP.Optional.Legacy HKLM\Software\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}
PUP.Optional.Legacy HKLM\Software\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}
PUP.Optional.Legacy HKLM\Software\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
PUP.Optional.Legacy HKLM\Software\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
PUP.Optional.Legacy HKLM\Software\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}
PUP.Optional.Legacy HKLM\Software\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}
PUP.Optional.Legacy HKLM\Software\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\NCTAudioCompress3.DLL
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\NCTAudioFormatSettings3.DLL
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\REI_AxControl.DLL
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{6BC38BF4-E84D-46E1-920B-42D31AEA617E}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
PUP.Optional.ProductSetup.A HKCU\Software\PRODUCTSETUP
PUP.Optional.Reimage HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
PUP.Optional.Reimage HKCU\Software\Reimage
PUP.Optional.Reimage HKLM\Software\Classes\REI_AxControl.ReiEngine
PUP.Optional.Reimage HKLM\Software\Classes\REI_AxControl.ReiEngine.1
PUP.Optional.Reimage HKLM\Software\Reimage

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.ASUSSmartGesture Folder C:\Program Files (x86)\ASUS\ASUS SMART GESTURE
Preinstalled.ASUSSmartGesture Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F8D3B94B-15B2-40A7-A02F-09F8F733FBC9}
Preinstalled.ASUSSmartGesture Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS Smart Gesture Launcher
Preinstalled.ASUSSmartGesture Registry HKLM\Software\Classes\CLSID\{F31B5912-07D6-4895-B4BA-5486CF3B18B1}
Preinstalled.ASUSSmartGesture Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}
Preinstalled.ASUSSmartGesture Task C:\Windows\System32\Tasks\ASUS SMART GESTURE LAUNCHER
Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Folder C:\Users\magic\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Folder C:\Windows\System32\config\systemprofile\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK


########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########


# -------------------------------
# Malwarebytes AdwCleaner 8.3.2.0
# -------------------------------
# Build: 03-23-2022
# Database: 2022-06-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 07-01-2022
# Duration: 00:00:10
# OS: Windows 10 Home
# Scanned: 32044
# Detected: 66


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.AdvancedSystemCare C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\ProgramData\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Users\magic\AppData\LocalLow\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Users\magic\AppData\Roaming\IObit\Advanced SystemCare
PUP.Optional.DriverPack C:\Users\magic\AppData\Roaming\DRPSu
PUP.Optional.DriverPack C:\Users\magic\AppData\Roaming\DriverPack Notifier

***** [ Files ] *****

PUP.Optional.Reimage C:\Windows\Reimage.ini

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

PUP.Optional.Legacy C:\Windows\System32\Tasks\DRIVER BOOSTER SCHEDULER

***** [ Registry ] *****

PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\IOBIT\ASC
PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\\Google\Chrome\NativeMessagingHosts\com.ascplugin.protect
PUP.Optional.DriverPack HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\drp.su
PUP.Optional.DriverPack HKCU\Software\drpsu
PUP.Optional.DriverPack HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|DriverPack Notifier
PUP.Optional.DriverPack HKLM\Software\Wow6432Node\drpsu
PUP.Optional.DriverPack HKLM\Software\drpsu
PUP.Optional.FreeMakeConverter HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ProductUpdater
PUP.Optional.FreeMakeConverter HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|ProductUpdater
PUP.Optional.InstallCore HKCU\Software\csastats
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\AppID\NCTAudioCompress3.DLL
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\AppID\NCTAudioFormatSettings3.DLL
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D162338-BD31-4B6B-842C-6631982ADA57}
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler
PUP.Optional.Legacy HKLM\Software\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
PUP.Optional.Legacy HKLM\Software\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}
PUP.Optional.Legacy HKLM\Software\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}
PUP.Optional.Legacy HKLM\Software\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
PUP.Optional.Legacy HKLM\Software\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
PUP.Optional.Legacy HKLM\Software\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}
PUP.Optional.Legacy HKLM\Software\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}
PUP.Optional.Legacy HKLM\Software\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\NCTAudioCompress3.DLL
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\NCTAudioFormatSettings3.DLL
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\REI_AxControl.DLL
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{6BC38BF4-E84D-46E1-920B-42D31AEA617E}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
PUP.Optional.ProductSetup.A HKCU\Software\PRODUCTSETUP
PUP.Optional.Reimage HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
PUP.Optional.Reimage HKCU\Software\Reimage
PUP.Optional.Reimage HKLM\Software\Classes\REI_AxControl.ReiEngine
PUP.Optional.Reimage HKLM\Software\Classes\REI_AxControl.ReiEngine.1
PUP.Optional.Reimage HKLM\Software\Reimage

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.ASUSSmartGesture Folder C:\Program Files (x86)\ASUS\ASUS SMART GESTURE
Preinstalled.ASUSSmartGesture Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F8D3B94B-15B2-40A7-A02F-09F8F733FBC9}
Preinstalled.ASUSSmartGesture Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS Smart Gesture Launcher
Preinstalled.ASUSSmartGesture Registry HKLM\Software\Classes\CLSID\{F31B5912-07D6-4895-B4BA-5486CF3B18B1}
Preinstalled.ASUSSmartGesture Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}
Preinstalled.ASUSSmartGesture Task C:\Windows\System32\Tasks\ASUS SMART GESTURE LAUNCHER
Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Folder C:\Users\magic\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Folder C:\Windows\System32\config\systemprofile\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK


AdwCleaner[S00].txt - [7898 octets] - [01/07/2022 13:27:20]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########



# -------------------------------
# Malwarebytes AdwCleaner 8.3.2.0
# -------------------------------
# Build: 03-23-2022
# Database: 2022-06-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-01-2022
# Duration: 00:00:51
# OS: Windows 10 Home
# Cleaned: 66
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
Deleted C:\ProgramData\IObit\Advanced SystemCare
Deleted C:\Users\magic\AppData\LocalLow\IObit\Advanced SystemCare
Deleted C:\Users\magic\AppData\Roaming\DRPSu
Deleted C:\Users\magic\AppData\Roaming\DriverPack Notifier
Deleted C:\Users\magic\AppData\Roaming\IObit\Advanced SystemCare

***** [ Files ] *****

Deleted C:\Windows\Reimage.ini

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\DRIVER BOOSTER SCHEDULER

***** [ Registry ] *****

Deleted HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\drp.su
Deleted HKCU\Software\PRODUCTSETUP
Deleted HKCU\Software\Reimage
Deleted HKCU\Software\csastats
Deleted HKCU\Software\drpsu
Deleted HKLM\SOFTWARE\Classes\AppID\NCTAudioCompress3.DLL
Deleted HKLM\SOFTWARE\Classes\AppID\NCTAudioFormatSettings3.DLL
Deleted HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D162338-BD31-4B6B-842C-6631982ADA57}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler
Deleted HKLM\Software\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Deleted HKLM\Software\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}
Deleted HKLM\Software\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}
Deleted HKLM\Software\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Deleted HKLM\Software\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Deleted HKLM\Software\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted HKLM\Software\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted HKLM\Software\Classes\REI_AxControl.ReiEngine
Deleted HKLM\Software\Classes\REI_AxControl.ReiEngine.1
Deleted HKLM\Software\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}
Deleted HKLM\Software\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}
Deleted HKLM\Software\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|DriverPack Notifier
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ProductUpdater
Deleted HKLM\Software\Reimage
Deleted HKLM\Software\Wow6432Node\IOBIT\ASC
Deleted HKLM\Software\Wow6432Node\IObit\Advanced SystemCare
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\NCTAudioCompress3.DLL
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\NCTAudioFormatSettings3.DLL
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\REI_AxControl.DLL
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{6BC38BF4-E84D-46E1-920B-42D31AEA617E}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Deleted HKLM\Software\Wow6432Node\\Google\Chrome\NativeMessagingHosts\com.ascplugin.protect
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|ProductUpdater
Deleted HKLM\Software\Wow6432Node\drpsu
Deleted HKLM\Software\drpsu

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.ASUSSmartGesture Folder C:\Program Files (x86)\ASUS\ASUS SMART GESTURE
Deleted Preinstalled.ASUSSmartGesture Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F8D3B94B-15B2-40A7-A02F-09F8F733FBC9}
Deleted Preinstalled.ASUSSmartGesture Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS Smart Gesture Launcher
Deleted Preinstalled.ASUSSmartGesture Registry HKLM\Software\Classes\CLSID\{F31B5912-07D6-4895-B4BA-5486CF3B18B1}
Deleted Preinstalled.ASUSSmartGesture Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}
Deleted Preinstalled.ASUSSmartGesture Task C:\Windows\System32\Tasks\ASUS SMART GESTURE LAUNCHER
Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Users\magic\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Windows\System32\config\systemprofile\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [7898 octets] - [01/07/2022 13:27:20]
AdwCleaner[S01].txt - [7959 octets] - [01/07/2022 13:30:43]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118152
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kontrola Logu

#4 Příspěvek od Rudy »

OK. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Maroš
Návštěvník
Návštěvník
Příspěvky: 173
Registrován: 29 črc 2011 13:32

Re: Kontrola Logu

#5 Příspěvek od Maroš »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-06-2022 01
Ran by magic (administrator) on MAROSASUS2 (ASUSTeK COMPUTER INC. X751LB) (01-07-2022 14:29:18)
Running from C:\Users\magic\Desktop
Loaded Profiles: magic
Platform: Microsoft Windows 10 Home Version 21H2 19044.1766 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(C:\Program Files (x86)\Sticky Password\stpass.exe ->) (Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\spUIAManager.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(cmd.exe ->) (Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\spNMHost.exe
(explorer.exe ->) (Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <11>
(explorer.exe ->) (Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\stpass.exe
(Intel Corporation -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (CyberLink Corp. -> CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (ICEpower a/s -> ICEpower A/S) C:\Windows\System32\ICEsoundService64.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_82419944dda69b12\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_531cf42fcad619f7\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RTUWPSrvcMain.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.722.5052.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.722.5052.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.22031.10091.0_x64__8wekyb3d8bbwe\Music.UI.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Služba Acronis Scheduler2] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [383624 2015-12-25] (Acronis International GmbH -> Acronis)
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files\Opera\assistant\browser_assistant.exe [4137216 2022-06-07] (Opera Software AS -> Opera Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-3200854963-3717341606-596258127-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [371304 2019-12-25] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-3200854963-3717341606-596258127-1001\...\Run: [StickyPassword] => C:\Program Files (x86)\Sticky Password\stpass.exe [68824 2022-04-21] (Lamantine Software a.s. -> Lamantine Software a.s.)
HKU\S-1-5-21-3200854963-3717341606-596258127-1001\...\Run: [Spotify] => C:\Users\magic\AppData\Roaming\Spotify\Spotify.exe [19065272 2022-06-09] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3200854963-3717341606-596258127-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35320448 2022-01-25] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3200854963-3717341606-596258127-1001\...\Run: [HP DeskJet 4530 series (NET)] => C:\Program Files\HP\HP DeskJet 4530 series\Bin\ScanToPCActivationApp.exe [3770528 2021-11-17] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-3200854963-3717341606-596258127-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKLM\...\Print\Monitors\HP D811 Status Monitor: C:\Windows\system32\hpinkstsD811LM.dll [393352 2017-04-05] (Hewlett Packard -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\103.0.5060.66\Installer\chrmstp.exe [2022-06-30] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1C21AB42-872F-483E-8D06-8752A42A35E0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2018-02-05] (Google Inc -> Google Inc.)
Task: {1DB4FABB-1DB5-4660-A944-A9D27670F546} - System32\Tasks\Driver Booster SkipUAC (magic) => C:\Program Files (x86)\IObit\Driver Booster\9.4.0\DriverBooster.exe [8662112 2022-06-06] (IObit CO., LTD -> IObit)
Task: {2B61D338-45D4-447A-9FAD-DFF06B945E96} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\9.4.0\AutoUpdate.exe [2476640 2022-06-06] (IObit CO., LTD -> IObit)
Task: {36ABB328-73B5-4817-A72E-5C7747EFB4CA} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617880 2021-07-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {36B594BC-405A-41B3-A772-B2D6E5085846} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {36DFBCF6-CEB9-495B-9DED-A9DDB63157F6} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23246768 2022-06-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {3845EF6F-8E31-4133-8A16-9404461BB9C6} - System32\Tasks\HPCustParticipation HP DeskJet 4530 series => C:\Program Files\HP\HP DeskJet 4530 series\Bin\HPCustPartic.exe [6439072 2021-11-17] (HP Inc. -> HP Inc.)
Task: {4877D9D2-BE06-4961-B928-35D116291778} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646344 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {507374A3-37AF-419B-94F0-7CFA97F11D52} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-21] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5B7EF1E0-C106-481C-AE7E-B27E47261157} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-01-25] (Piriform Software Ltd -> Piriform)
Task: {5D7C409F-379F-41E0-B0DE-416A70AA45DB} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {603D3D76-E2CE-496D-BB7E-7D5AB59758DB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-21] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {610FD76B-9ED9-45D9-ABED-10A429FFEA2E} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-01] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {66E65347-85B4-48FC-812C-07929D6B96B4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {7567BD5C-5A38-4C21-B76B-3C98B4ABE15B} - System32\Tasks\Opera scheduled assistant Autoupdate 1582788523 => C:\Program Files\Opera\launcher.exe [2518000 2022-06-23] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files\Opera\assistant" $(Arg0)
Task: {885C903B-8F4F-4BD3-8111-848B76828871} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115624 2022-06-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {91CEB175-29AD-4226-A586-6BFC205094AA} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {960506F4-7785-4E9A-B319-370168FCB707} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23246768 2022-06-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {98D83AF9-7388-406C-A916-43CF239FA977} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115624 2022-06-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {A7A7132A-FD78-418A-B664-58B0EA9B5A0B} - System32\Tasks\CCleanerSkipUAC - magic => C:\Program Files\CCleaner\CCleaner.exe [29453952 2022-01-25] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C050954C-58C6-4374-80BC-D639822035B6} - System32\Tasks\Sump Task (One-Time) => C:\Program Files (x86)\IObit\Driver Booster\9.4.0\sump.exe [1795832 2022-07-01] (IObit CO., LTD -> IObit)
Task: {C5A6FA95-8BC4-4AC0-AE19-2B0A71CF9E16} - System32\Tasks\Opera scheduled Autoupdate 1517511580 => C:\Program Files\Opera\launcher.exe [2518000 2022-06-23] (Opera Norway AS -> Opera Software)
Task: {C5BF43F2-9397-4A41-9018-D94A1FAFA7DB} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {CE1B5F7F-4C4F-45BD-A7CF-E4193D9C06A1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-21] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CE84EC45-1D75-4AF1-B41A-076C713AE0F1} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342080 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {D4D704E7-407D-4104-BFD5-01254F5DB804} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2018-02-05] (Google Inc -> Google Inc.)
Task: {E4C505B5-3CD0-4DE1-BF05-7E25DD57664C} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617880 2021-07-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {EB9F5CF6-8464-405C-9C89-3CBE5CF5A6CD} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {ED83D27C-05C0-4B7A-8F8E-092ACFC29253} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6470640 2022-06-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {EE9081BB-196E-4210-B084-B66BA0C7642D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6470640 2022-06-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {EF852016-6485-40CD-9099-D05CF8ADEE37} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {FEE97087-6BBA-43A1-B32B-F16887CDA584} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-21] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{03ee4b61-ba34-4df4-9925-8e4966f485ab}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{78a52ea8-a769-4549-bec7-058386d199d8}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{f849261d-4f20-412d-ba52-7fe6a4f734ae}: [DhcpNameServer] 192.168.2.1

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\magic\AppData\Local\Microsoft\Edge\User Data\Default [2022-06-30]
Edge HomePage: Default -> hxxp://www.msn.com/

FireFox:
========
FF DefaultProfile: z63v4xqh.default
FF ProfilePath: C:\Users\magic\AppData\Roaming\Mozilla\Firefox\Profiles\z63v4xqh.default [2022-06-21]
FF user.js: detected! => C:\Users\magic\AppData\Roaming\Mozilla\Firefox\Profiles\z63v4xqh.default\user.js [2020-03-16]
FF Extension: (Советник Яндекс.Маркета) - C:\Users\magic\AppData\Roaming\Mozilla\Firefox\Profiles\z63v4xqh.default\Extensions\sovetnik-yandex@yandex.ru.xpi [2018-03-11] [UpdateUrl:hxxps://static.sovetnik.yandex.net/sovetnik/extension/firefox-webextension-yandex-update.json]
FF Extension: (Visual Bookmarks) - C:\Users\magic\AppData\Roaming\Mozilla\Firefox\Profiles\z63v4xqh.default\Extensions\vb@yandex.ru.xpi [2018-03-11] [Legacy]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin HKU\S-1-5-21-3200854963-3717341606-596258127-1001: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\magic\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-11-15] (RocketLife -> RocketLife, LLP)

Chrome:
=======
CHR Profile: C:\Users\magic\AppData\Local\Google\Chrome\User Data\Default [2022-07-01]
CHR Notifications: Default -> hxxps://fastshare.cz; hxxps://www.kinobox.cz; hxxps://www.netflix.com
CHR Extension: (Sticky Password - správce hesel) - C:\Users\magic\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnfdmghkeppfadphbnkjcicejfepnbfe [2022-06-30]
CHR Extension: (Plná Peněženka Lištička) - C:\Users\magic\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecmgkhgjmodembdmiimbacpjgcdimiek [2022-06-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\magic\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-06-21]
CHR Extension: (IE Tab) - C:\Users\magic\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2022-05-13]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\magic\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-01-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\magic\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR HKU\S-1-5-21-3200854963-3717341606-596258127-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

Opera:
=======
OPR Profile: C:\Users\magic\AppData\Roaming\Opera Software\Opera Stable [2022-07-01]
OPR Notifications: Opera Stable -> hxxps://calendar.google.com; hxxps://fastshare.cz; hxxps://p6.regardensy.mobi; hxxps://prokliky.cz; hxxps://svetsatelitu.cz; hxxps://wcontentdelivery.info; hxxps://www.facebook.com; hxxps://www.papirnictvipavlik.cz; hxxps://ytop1.com
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Sticky Password - správce hesel) - C:\Users\magic\AppData\Roaming\Opera Software\Opera Stable\Extensions\bnfdmghkeppfadphbnkjcicejfepnbfe [2022-07-01]
OPR Extension: (Rich Hints Agent) - C:\Users\magic\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-06-30]
OPR Extension: (Opera Crypto Wallet) - C:\Users\magic\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-07-01]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\magic\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-17]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [943280 2015-12-25] (Acronis International GmbH -> Acronis)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11988384 2022-06-15] (Microsoft Corporation -> Microsoft Corporation)
S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\Dfsdks.exe [544768 2009-08-24] (mst software GmbH, Germany) [File not signed]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4452456 2019-12-25] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2020-12-03] (EasyAntiCheat Oy -> Epic Games, Inc)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [87432 2021-11-30] (MIXBYTE, INC. -> Freemake)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [223904 2022-05-01] (HP Inc. -> HP Inc.)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2016-09-08] (CyberLink Corp. -> CyberLink)
R2 RTUsbSwSrvc; C:\WINDOWS\RTUWPSrvcMain.exe [924640 2021-08-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [14585248 2022-06-23] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe [3120992 2022-06-21] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe [133544 2022-06-21] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_531cf42fcad619f7\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_531cf42fcad619f7\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 arusb_win7x; C:\WINDOWS\System32\drivers\arusb_win7x.sys [769024 2010-02-23] (Atheros Communications, Inc.) [File not signed]
R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [102144 2019-08-19] (ASUSTek Computer Inc. -> ASUS Corporation)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2019-12-25] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2019-12-25] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [42616 2017-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
R0 fltsrv; C:\WINDOWS\System32\DRIVERS\fltsrv.sys [160600 2018-02-03] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
R3 MpKsla424b5f5; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{44D0CE45-33FE-48BA-93F3-67D8DF893F1F}\MpKslDrv.sys [141568 2022-07-01] (Microsoft Windows -> Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [12152784 2021-08-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
S3 VClone; C:\WINDOWS\System32\drivers\VClone.sys [44544 2020-02-22] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-06-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [452856 2022-06-21] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [91384 2022-06-21] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-07-01 14:29 - 2022-07-01 14:30 - 000029319 _____ C:\Users\magic\Desktop\FRST.txt
2022-07-01 13:45 - 2022-07-01 13:45 - 000003346 _____ C:\WINDOWS\system32\Tasks\Sump Task (One-Time)
2022-07-01 13:35 - 2022-07-01 13:35 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2022-07-01 13:29 - 2022-07-01 13:29 - 008551608 _____ (Malwarebytes) C:\Users\magic\Downloads\AdwCleaner (1).exe
2022-07-01 13:26 - 2022-07-01 13:32 - 000000000 ____D C:\AdwCleaner
2022-07-01 13:25 - 2022-07-01 13:25 - 008551608 _____ (Malwarebytes) C:\Users\magic\Downloads\adwcleaner.exe
2022-06-30 21:52 - 2022-06-30 21:52 - 002369024 _____ (Farbar) C:\Users\magic\Desktop\FRST64.exe
2022-06-30 21:31 - 2022-06-30 21:31 - 000003948 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1517511580
2022-06-30 21:31 - 2022-06-30 21:31 - 000001113 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2022-06-30 21:26 - 2022-06-30 21:26 - 000003368 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3200854963-3717341606-596258127-1001
2022-06-30 21:26 - 2022-06-30 21:26 - 000002417 _____ C:\Users\magic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-06-30 17:55 - 2022-06-30 17:55 - 000000000 ____D C:\Users\magic\.ms-ad
2022-06-30 17:02 - 2022-06-30 17:05 - 1787320468 _____ C:\Users\magic\Downloads\Sestra v akci ~ (1992) HD cz.avi
2022-06-30 16:59 - 2022-06-30 17:02 - 1577621350 _____ C:\Users\magic\Downloads\Sestra v akci 1 (1992) CZdabing.avi
2022-06-29 12:31 - 2022-06-29 12:36 - 2805399069 _____ C:\Users\magic\Downloads\Laska pres okno - Through.My.Window.2022.1080p.WEBRip.CZ.dabing.5.1.mkv
2022-06-29 12:29 - 2022-06-29 12:33 - 1992158183 _____ C:\Users\magic\Downloads\Ubal a zmiz (komedie - 2021) FullHD.mkv
2022-06-28 11:19 - 2022-06-28 11:19 - 000190368 _____ C:\Users\magic\Downloads\LoanPurchaseContract.pdf
2022-06-28 11:16 - 2022-06-28 11:16 - 000189734 _____ C:\Users\magic\Downloads\LoanParticipationContract.pdf
2022-06-28 11:11 - 2022-06-28 11:11 - 000188556 _____ C:\Users\magic\Downloads\Vypis z uctu 1125722052 za 05-2022.pdf
2022-06-27 09:45 - 2022-06-27 09:46 - 000127449 _____ C:\Users\magic\Downloads\Potvrzení pro zaměstnavatele PP 0162268817.pdf
2022-06-27 09:45 - 2022-06-27 09:45 - 000682418 _____ C:\Users\magic\Downloads\Aktuální přehled sjednaných údajů 0162268817 (1).pdf
2022-06-23 17:23 - 2022-06-23 17:23 - 000178767 _____ C:\Users\magic\Documents\Mon02.pdf
2022-06-23 17:22 - 2022-06-23 17:22 - 000259668 _____ C:\Users\magic\Documents\Mon01.pdf
2022-06-21 16:52 - 2022-06-21 16:52 - 000003294 _____ C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (magic)
2022-06-21 16:52 - 2022-06-21 16:52 - 000003168 _____ C:\WINDOWS\system32\Tasks\Driver Booster Update
2022-06-17 18:26 - 2022-06-17 18:26 - 000011787 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-06-17 17:56 - 2022-06-17 17:56 - 000000000 ___HD C:\$WinREAgent
2022-06-15 09:16 - 2022-06-15 09:16 - 000688858 _____ C:\Users\magic\Downloads\85006031 (3).pdf
2022-06-15 07:22 - 2022-06-15 07:22 - 000137387 _____ C:\Users\magic\Downloads\85006031 (2).pdf
2022-06-09 11:08 - 2022-06-09 11:08 - 000004160 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1582788523
2022-06-08 09:05 - 2022-06-08 09:05 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-06-08 09:05 - 2022-06-08 09:05 - 000104448 _____ C:\WINDOWS\system32\nettraceex.dll
2022-06-08 09:04 - 2022-06-08 09:04 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-06-08 09:04 - 2022-06-08 09:04 - 000232288 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2022-06-08 08:43 - 2022-06-08 08:43 - 000059500 _____ C:\Users\magic\Downloads\Vyp11fcargo_2022-05_0____159801__084312002.pdf
2022-06-08 08:38 - 2022-06-08 08:38 - 000093490 _____ C:\Users\magic\Downloads\85006031 (1).pdf
2022-06-08 08:36 - 2022-06-08 08:36 - 000107057 _____ C:\Users\magic\Downloads\85006031.pdf
2022-06-05 09:56 - 2022-06-05 09:56 - 000017653 _____ C:\Users\magic\Downloads\Opis smluvních údajů.PDF
2022-06-04 07:47 - 2022-06-04 07:47 - 000113368 _____ C:\Users\magic\Downloads\upvest-agreement.pdf
2022-06-04 07:13 - 2022-06-04 07:13 - 009899960 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll
2022-06-04 07:13 - 2022-06-04 07:13 - 001334200 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\Drivers\RtsPer.sys
2022-06-04 07:13 - 2022-06-04 07:13 - 000084187 _____ C:\Users\magic\Downloads\Ramcova smlouva o platebnich sluzbach a participaci na spotrebitelskych uverech.pdf
2022-06-04 06:50 - 2022-05-21 05:26 - 001905912 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-06-04 06:50 - 2022-05-21 05:26 - 001905912 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-06-04 06:50 - 2022-05-21 05:26 - 001478384 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-06-04 06:50 - 2022-05-21 05:26 - 001478384 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-06-04 06:50 - 2022-05-21 05:26 - 001467080 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-06-04 06:50 - 2022-05-21 05:26 - 001432304 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-06-04 06:50 - 2022-05-21 05:26 - 001432304 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-06-04 06:50 - 2022-05-21 05:26 - 001209408 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-06-04 06:50 - 2022-05-21 05:26 - 001145584 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-06-04 06:50 - 2022-05-21 05:26 - 001145584 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-06-04 06:50 - 2022-05-21 05:23 - 000587336 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-06-04 06:50 - 2022-05-21 05:23 - 000460496 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-06-04 06:50 - 2022-05-21 05:22 - 002120896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-06-04 06:50 - 2022-05-21 05:22 - 001603144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-06-04 06:50 - 2022-05-21 05:22 - 001530456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-06-04 06:50 - 2022-05-21 05:22 - 001177312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-06-04 06:50 - 2022-05-21 05:22 - 000730320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-06-04 06:50 - 2022-05-21 05:22 - 000724688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-06-04 06:50 - 2022-05-21 05:22 - 000712416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-06-04 06:50 - 2022-05-21 05:21 - 006964824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-06-04 06:50 - 2022-05-21 05:21 - 006226640 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-06-04 06:50 - 2022-05-21 05:21 - 005100752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-06-04 06:50 - 2022-05-21 05:21 - 002932952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-06-04 06:50 - 2022-05-21 05:21 - 000582712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-06-04 06:50 - 2022-05-21 05:21 - 000457944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-06-04 06:50 - 2022-05-21 05:20 - 005730880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-06-04 06:50 - 2022-05-21 05:19 - 000851136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-06-04 06:50 - 2022-05-21 05:18 - 007618584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2022-06-04 06:50 - 2022-05-21 05:18 - 006465200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-06-04 06:50 - 2022-05-20 02:51 - 000089337 _____ C:\WINDOWS\system32\nvinfo.pb
2022-06-03 17:29 - 2022-06-03 17:29 - 000993542 _____ C:\Users\magic\Downloads\Obchodni podminky Zonky Rentier.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-07-01 14:29 - 2022-01-19 09:20 - 000000000 ____D C:\FRST
2022-07-01 14:28 - 2022-01-28 10:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-07-01 14:28 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-07-01 14:02 - 2018-02-05 15:22 - 000000000 ____D C:\Program Files (x86)\Google
2022-07-01 13:42 - 2018-02-01 21:56 - 000000000 ____D C:\ProgramData\NVIDIA
2022-07-01 13:41 - 2022-01-19 16:37 - 000000000 ____D C:\Program Files\CCleaner
2022-07-01 13:39 - 2018-02-01 20:44 - 000000000 ___RD C:\Users\magic\OneDrive
2022-07-01 13:36 - 2018-02-01 21:00 - 000000000 __SHD C:\Users\magic\IntelGraphicsProfiles
2022-07-01 13:35 - 2022-01-28 10:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-07-01 13:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-07-01 13:35 - 2018-02-18 17:37 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-07-01 13:34 - 2020-11-08 13:40 - 000008192 ___SH C:\DumpStack.log.tmp
2022-07-01 13:34 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-07-01 13:33 - 2022-02-22 13:48 - 000000000 ____D C:\Users\magic\AppData\Roaming\Hewlett-Packard
2022-07-01 13:33 - 2022-02-22 13:37 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2022-07-01 13:32 - 2018-12-21 22:14 - 000000000 ____D C:\Users\magic\AppData\LocalLow\IObit
2022-07-01 13:32 - 2018-12-21 22:13 - 000000000 ____D C:\Users\magic\AppData\Roaming\IObit
2022-07-01 13:32 - 2018-12-21 22:13 - 000000000 ____D C:\ProgramData\IObit
2022-07-01 13:32 - 2018-03-11 12:32 - 000000000 ____D C:\Program Files (x86)\ASUS
2022-07-01 13:24 - 2018-02-01 21:04 - 000000000 ___SD C:\Users\magic\Documents\Sticky Passwords
2022-07-01 13:22 - 2020-02-28 10:00 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2022-07-01 13:18 - 2018-02-01 20:56 - 000000000 ____D C:\Program Files\Opera
2022-06-30 21:40 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-06-30 21:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-06-30 21:37 - 2018-02-14 13:05 - 000000000 ____D C:\Users\magic\AppData\Local\CrashDumps
2022-06-30 21:26 - 2022-01-28 10:57 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3200854963-3717341606-596258127-1001
2022-06-30 21:23 - 2018-02-05 15:24 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-06-30 21:23 - 2018-02-05 15:24 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-06-30 21:19 - 2022-01-28 10:49 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-06-30 21:19 - 2019-12-07 16:41 - 000719322 _____ C:\WINDOWS\system32\perfh005.dat
2022-06-30 21:19 - 2019-12-07 16:41 - 000145448 _____ C:\WINDOWS\system32\perfc005.dat
2022-06-30 21:19 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-06-30 19:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-06-30 19:09 - 2022-01-28 10:35 - 000000000 ____D C:\WINDOWS\system32\lxss
2022-06-30 19:09 - 2022-01-28 09:40 - 000000000 ____D C:\Users\magic
2022-06-30 19:09 - 2018-12-21 22:14 - 000000000 ____D C:\ProgramData\ProductData
2022-06-30 19:09 - 2018-11-24 13:41 - 000000000 ____D C:\ProgramData\DAEMON Tools Lite
2022-06-30 19:09 - 2018-02-13 15:56 - 000000000 ____D C:\Users\magic\AppData\Roaming\GHISLER
2022-06-30 19:09 - 2018-02-05 14:17 - 000000000 ____D C:\Users\magic\AppData\Roaming\vlc
2022-06-30 19:09 - 2018-02-01 23:03 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2022-06-30 18:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\registration
2022-06-30 18:15 - 2018-02-01 21:57 - 000000000 ____D C:\Users\magic\AppData\Local\NVIDIA
2022-06-30 18:15 - 2018-02-01 21:20 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-06-30 17:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-06-30 17:47 - 2018-02-21 17:22 - 000000000 ____D C:\Users\magic\AppData\Local\ElevatedDiagnostics
2022-06-25 17:33 - 2020-09-27 09:55 - 000000000 ____D C:\ProgramData\Packages
2022-06-25 17:33 - 2020-09-27 09:53 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-06-25 17:33 - 2020-09-27 09:53 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-06-23 14:27 - 2022-01-12 13:42 - 000000000 ____D C:\Users\magic\AppData\Roaming\MP3Studio
2022-06-23 14:26 - 2022-01-12 13:42 - 000000000 ____D C:\Users\magic\Documents\YouTubeDownloads
2022-06-21 18:52 - 2020-09-27 09:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-06-17 20:45 - 2022-01-28 10:30 - 000447192 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-06-17 20:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-06-17 20:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-06-17 20:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-06-17 18:30 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-06-17 17:56 - 2018-02-01 22:36 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-06-17 17:48 - 2018-02-01 22:36 - 145918784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-06-16 13:27 - 2018-02-24 08:27 - 000000000 ____D C:\Program Files (x86)\FastShare
2022-06-16 11:26 - 2022-03-10 17:58 - 000003546 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d81423182743d9
2022-06-16 11:26 - 2022-01-28 10:57 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-06-15 19:49 - 2019-03-20 16:41 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-06-09 10:59 - 2020-12-13 16:15 - 000000000 ____D C:\Users\magic\AppData\Roaming\Spotify
2022-06-09 10:49 - 2020-12-13 16:15 - 000000000 ____D C:\Users\magic\AppData\Local\Spotify
2022-06-09 10:47 - 2022-04-17 17:22 - 000000000 ____D C:\WINDOWS\system32\Tasks\NCH Software
2022-06-08 09:22 - 2022-02-02 15:01 - 000000000 ____D C:\WINDOWS\RTUWPSrvcMain
2022-06-08 09:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-06-08 09:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-06-08 09:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-06-08 09:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-06-08 09:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-06-08 09:19 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-06-08 09:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-06-08 09:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-06-08 09:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-06-08 09:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-06-08 09:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-06-08 09:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-06-08 09:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-06-08 09:19 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2022-06-08 09:03 - 2022-01-28 10:34 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-06-08 07:39 - 2022-01-28 12:28 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update

==================== Files in the root of some directories ========

2018-11-28 14:22 - 2018-11-28 14:22 - 000003584 _____ () C:\Users\magic\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-08-02 20:46 - 2019-08-02 20:48 - 000007605 _____ () C:\Users\magic\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================



Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-06-2022 01
Ran by magic (01-07-2022 14:32:26)
Running from C:\Users\magic\Desktop
Microsoft Windows 10 Home Version 21H2 19044.1766 (X64) (2022-01-28 08:59:34)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3200854963-3717341606-596258127-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3200854963-3717341606-596258127-503 - Limited - Disabled)
Guest (S-1-5-21-3200854963-3717341606-596258127-501 - Limited - Disabled)
magic (S-1-5-21-3200854963-3717341606-596258127-1001 - Administrator - Enabled) => C:\Users\magic
WDAGUtilityAccount (S-1-5-21-3200854963-3717341606-596258127-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acronis Disk Director (HKLM-x32\...\{AE372858-B1BD-49EF-8308-648322846008}) (Version: 12.0.3270 - Acronis)
Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.001.20117 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-001824458876}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AIMP (HKLM-x32\...\AIMP) (Version: v4.70.2251, 23.05.2021 - AIMP DevTeam)
Any Video Converter 6.2.2 (HKLM-x32\...\Any Video Converter) (Version: 6.2.2 - Anvsoft)
Ashampoo WinOptimizer FREE (HKLM-x32\...\{4209F371-8668-980C-19C9-F8698AB75135}_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0050 - ASUS)
Balíček ovladače systému Windows - ASUS (HIDSwitch) System (08/18/2015 1.0.0.5) (HKLM\...\6D6063B1EDBCB582F1E596B1EB8BBFAAA100B1BD) (Version: 08/18/2015 1.0.0.5 - ASUS)
Balíček ovladače systému Windows - Intel (MEIx64) System (10/03/2017 11.7.0.1045) (HKLM\...\623E6BEBFE0E32D8AD88825BDC5B643D996BCA93) (Version: 10/03/2017 11.7.0.1045 - Intel)
Balíček ovladače systému Windows - Intel Corporation (iaStorA) HDC (04/10/2017 14.8.16.1063) (HKLM\...\1956B72D229BA5E262A8828A81DB9133B5F111B2) (Version: 04/10/2017 14.8.16.1063 - Intel Corporation)
Balíček ovladače systému Windows - Intel Corporation (iaStorA) SCSIAdapter (04/10/2017 14.8.16.1063) (HKLM\...\7B099E88B288543F1ED20B3C3332D4B1B2E6A621) (Version: 04/10/2017 14.8.16.1063 - Intel Corporation)
Balíček ovladače systému Windows - Qualcomm Atheros Communications (BtFilter) Bluetooth (05/18/2016 10.0.1.7) (HKLM\...\9196235C47040428607C47455891A82EB6B04203) (Version: 05/18/2016 10.0.1.7 - Qualcomm Atheros Communications)
Balíček ovladače systému Windows - Realtek Semiconductor Corp. (RTSPER) MTD (12/04/2017 10.0.16299.21304) (HKLM\...\30643CED791BBDA850B1D497B0BD7EF6DFBAD4FE) (Version: 12/04/2017 10.0.16299.21304 - Realtek Semiconductor Corp.)
CCleaner (HKLM\...\CCleaner) (Version: 5.89 - Piriform)
CyberLink PowerDirector 15 (HKLM-x32\...\{FA285575-B543-4E6E-A573-A4F534AC9965}) (Version: 15.0.3223.0 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.11.0.1001 - Disc Soft Ltd)
Data Lifeguard Diagnostic for Windows 1.31 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version: - Western Digital Corporation)
Driver Booster 9 (HKLM-x32\...\Driver Booster_is1) (Version: 9.4.0 - IObit)
EAX4 Unified Redist (HKLM-x32\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Farming Simulator 19 (HKLM-x32\...\Farming Simulator 19_is1) (Version: - )
FastShare.cz verze 2.3.1 (HKLM-x32\...\FastShare.cz_is1) (Version: 2.3.1 - )
FlipPDF to ePUB (freeware) (HKLM-x32\...\FlipPDF to ePUB (freeware)_is1) (Version: - FlipPDF Solution)
Freemake Video Converter verze 4.1.13 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.13 - Mixbyte Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 103.0.5060.66 - Google LLC)
HP Dropbox Plugin (HKLM-x32\...\{D58993B3-BA5F-4181-8D1C-05D0302398EB}) (Version: 40.13.54.81239 - HP)
HP Google Drive Plugin (HKLM-x32\...\{C777EAED-CEE8-4AF4-A2DE-2A0FC510481A}) (Version: 40.13.54.81239 - HP)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5107 - Intel Corporation)
IPC360 (HKLM-x32\...\InstallShield_{C89E22AC-0603-466A-88A2-242694F28E98}) (Version: 1.0.0.1 - _)
KC Softwares BATExpert (HKLM-x32\...\KC Softwares BATExpert_is1) (Version: 1.13.1.20 - KC Softwares)
K-Lite Mega Codec Pack 13.7.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.7.5 - KLCP)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{E496AFB7-CB04-46CF-8FBB-5D665BC8811B}) (Version: 3.3.2110.22002 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft Access database engine 2010 (English) (HKLM-x32\...\{90140000-00D1-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 103.0.1264.37 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.15225.20288 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3200854963-3717341606-596258127-1001\...\OneDriveSetup.exe) (Version: 22.121.0605.0002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.30.30704 (HKLM-x32\...\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}) (Version: 14.30.30704.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.30.30704 (HKLM-x32\...\{4d8dcf8c-a72a-43e1-9833-c12724db736e}) (Version: 14.30.30704.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.30.30704 (HKLM\...\{6DB765A8-05AF-49A1-A71D-6F645EE3CE41}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.30.30704 (HKLM\...\{662A0088-6FCD-45DD-9EA7-68674058AED5}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.30.30704 (HKLM-x32\...\{BF08E976-B92E-4336-B56F-2171179476C4}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.30.30704 (HKLM-x32\...\{F6080405-9FA8-4CAA-9982-14E95D1A3DAC}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft Visual C++ Run Time Lib Setup (HKLM-x32\...\{AAF4238F-7C29-451D-9925-C753271A5728}) (Version: 1.0.0 - Microsoft)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MP3Studio YouTube Downloader (HKLM-x32\...\{3AB59E5E-AADB-4F45-8741-DCA2BDF0F1DD}) (Version: 2.0.10.0 - MP3Studio/) Hidden
MP3Studio YouTube Downloader (HKLM-x32\...\{a17fa95e-ee4e-4c87-b026-5a550246b3a2}) (Version: 2.0.10.0 - MP3Studio)
NAS Starter Utility (HKLM-x32\...\NAS Starter Utility) (Version: - ZyXEL)
NVIDIA FrameView SDK 1.2.7521.31103277 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.7521.31103277 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.25.1.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.25.1.27 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 512.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 512.95 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.15225.20150 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.15128.20178 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.15225.20288 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera Stable 87.0.4390.45 (HKLM-x32\...\Opera 87.0.4390.45) (Version: 87.0.4390.45 - Opera Software)
Opera Stable 88.0.4412.53 (HKLM-x32\...\Opera 88.0.4412.53) (Version: 88.0.4412.53 - Opera Software)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.2.10 - Prolific Technology INC)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.19041.1375 - Microsoft Corporation)
PosteRazor (HKLM-x32\...\PosteRazor_is1) (Version: 1.5.2 - Alessandro Portale)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.21300 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.24.1208.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9205.1 - Realtek Semiconductor Corp.)
Sniper Ghost Warrior Contracts - STURM BODYGUARD 9 (HKLM-x32\...\2060028353_is1) (Version: 1.04 - GOG.com)
Sniper Ghost Warrior Contracts - SV - AMUR (HKLM-x32\...\1297892886_is1) (Version: 1.04 - GOG.com)
Sniper Ghost Warrior Contracts (HKLM-x32\...\1708301722_is1) (Version: 1.04 - GOG.com)
Spotify (HKU\S-1-5-21-3200854963-3717341606-596258127-1001\...\Spotify) (Version: 1.1.74.631.g0b24d9ad - Spotify AB)
Sticky Password 8.4.4.920 (HKLM-x32\...\Sticky Password_is1) (Version: 8.4 - Lamantine Software)
Studie vylepšování produktu HP DeskJet 4530 series (HKLM\...\{79C4417A-70A3-44B3-98BE-CC38A8AEDCDE}) (Version: 40.15.1231.21321 - HP Inc.)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.31.5 - TeamViewer)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.10 - Ghisler Software GmbH)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 97.0 - Ubisoft)
Ulož.to FileManager verze 2.76 (HKLM-x32\...\{7DE5EA5D-C933-4549-9A44-5BC671F23BBF}_is1) (Version: 2.76 - Uloz.to cloud a.s.)
USB Bridge Installer (HKLM\...\USB Bridge Installer_is1) (Version: - )
Veroval® medi.connect (HKLM-x32\...\{3D84DEBB-7913-4DC3-9AE7-7CF05CE48E9B}) (Version: 1.9.5.9 - Název společnosti:) Hidden
Veroval® medi.connect (HKLM-x32\...\Veroval MediConnect) (Version: 1.9.5.9 - Název společnosti:)
VirtualDJ 2018 (HKLM-x32\...\{FBCC4640-0D91-45B8-90B6-CFA1D0031EB2}) (Version: 8.3.4675.0 - Atomix Productions)
VirtualDJ 2021 (HKLM\...\{8F666AF4-949F-4DDB-8F97-197BC147435C}) (Version: 8.5.6242.0 - Atomix Productions)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Webshare klient (HKLM-x32\...\Webshare klient) (Version: - )
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 4.1 - Sysprogs)
WinDirStat 1.1.2 (HKU\S-1-5-21-3200854963-3717341606-596258127-1001\...\WinDirStat) (Version: - )
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Youtube-DLG version 0.4 (HKLM-x32\...\{3C455028-FC99-4846-8E04-4FCD87D85613}_is1) (Version: 0.4 - Sotiris Papadopoulos)
Základní software zařízení HP DeskJet 4530 series (HKLM\...\{B46461A1-5DE6-484A-A1F2-79DA628FC4E2}) (Version: 40.15.1231.21321 - HP Inc.)

Packages:
=========
2D Audio Mixer -> C:\Program Files\WindowsApps\5626PanosKarabelas.2DAudioMixer_1.1.0.1_x86__qj94rv5hrx17w [2022-06-30] (Panos Karabelas)
City Lights by Talha Tariq -> C:\Program Files\WindowsApps\Microsoft.CityLightsbyTalhaTariq_1.0.0.0_neutral__8wekyb3d8bbwe [2022-06-30] (Microsoft Corporation)
Community Showcase Natural Landscapes 3 -> C:\Program Files\WindowsApps\Microsoft.CommunityShowcaseNaturalLandscapes3_1.0.0.0_neutral__8wekyb3d8bbwe [2022-06-30] (Microsoft Corporation)
Converter for YouTube by Flvto.com -> C:\Program Files\WindowsApps\Hotger.com.YouTubeConverterbywww.flvto.com_2.0.58.0_x64__cg7p2qfgefa1a [2022-06-30] (Белов Кирилл Леонидович) [MS Ad]
Dj Mixer -> C:\Program Files\WindowsApps\27576KetoLabs.DjMixer_1.10.11.1000_x64__6nansvgt4vxt0 [2022-06-30] (KetoLabs)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-06-30] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2022-06-30] (Microsoft Corporation)
edjing 5: DJ turntable to mix and record music -> C:\Program Files\WindowsApps\DJiT.edjing-DJmixerconsolestudio-PlayMixRecordShar_5.1.12.0_x64__3nf5xjt6s13jt [2022-06-30] (DJiT) [MS Ad]
Fish and Corals -> C:\Program Files\WindowsApps\Microsoft.FishandCorals_1.0.0.0_neutral__8wekyb3d8bbwe [2022-06-30] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_136.1.269.0_x64__v10z8vjag6ke6 [2022-06-30] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-06-30] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-06-30] (Microsoft Corporation) [MS Ad]
Microsoft Jackpot -> C:\Program Files\WindowsApps\Microsoft.MicrosoftJackpot_1.9.1110.0_x86__8wekyb3d8bbwe [2022-06-30] (Microsoft Studios) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.5310.0_x64__8wekyb3d8bbwe [2022-06-30] (Microsoft Studios) [MS Ad]
Mixfader dj - digital vinyl -> C:\Program Files\WindowsApps\DJiT.edjingScratchvinyledigital_1.2.12.0_x64__3nf5xjt6s13jt [2022-06-30] (DJiT)
MyASUS -> C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.5.0_x64__qmba6cd70vzyy [2022-06-30] (ASUSTeK COMPUTER INC.)
myTube! -> C:\Program Files\WindowsApps\59750RYKENAPPS.435307C335C44_4.0.19.0_x64__zd92nzxdcatqw [2022-06-30] (Ryken Studio)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-06-30] (NVIDIA Corp.)
Rambling Pathways -> C:\Program Files\WindowsApps\Microsoft.RamblingPathways_1.0.0.0_neutral__8wekyb3d8bbwe [2022-06-30] (Microsoft Corporation)
Raw Image Extension -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.0.31391.0_x64__8wekyb3d8bbwe [2022-06-30] (Microsoft Corporation)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-06-30] (Microsoft Corporation)
Speedtest by Ookla -> C:\Program Files\WindowsApps\Ookla.SpeedtestbyOokla_1.15.163.0_x64__43tkc6nmykmb6 [2022-06-30] (Ookla)
WavePad Audio Editor Free -> C:\Program Files\WindowsApps\NCHSoftware.WavePadAudioEditorFree_16.5.2.0_x86__7kedsbyvzns34 [2022-06-30] (NCH Software)
WiFi Analyzer -> C:\Program Files\WindowsApps\19965MATTHAFNER.WIFIANALYZER_2.6.1.0_x64__gs5k5vmxr2ste [2022-06-30] (Matt Hafner)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2021-07-01] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_104.dll [2018-03-19] (Free Time) [File not signed]
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => -> No File
ContextMenuHandlers1: [WinCDEmu] -> {D0E37FD2-F675-426F-B09A-2CF37BA46FD5} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-12-25] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers2: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed]
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-12-25] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2021-07-01] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_104.dll [2018-03-19] (Free Time) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2020-01-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_531cf42fcad619f7\nvshext.dll [2022-05-21] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [309248 2015-12-18] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [282112 2015-12-18] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\magic\Downloads\lexia3 pp2000\lexia3 pp2000\PP2000_09B\client_OGD\ppdiag\Peugeot Planet Diag.lnk -> C:\app\ppdiag\ppd.bat (No File)
Shortcut: C:\Users\magic\Downloads\lexia3 pp2000\lexia3 pp2000\PP2000_09B\client_OGD\ppdiag\Start PPD (Console Mode).lnk -> C:\app\ppdiag\ppd.bat (No File)
Shortcut: C:\Users\magic\Downloads\lexia3 pp2000\lexia3 pp2000\PP2000_09B\client_OGD\ppdiag\Start PPD.lnk -> C:\app\ppdiag\ppd.bat (No File)
Shortcut: C:\Users\magic\Downloads\lexia3 pp2000\lexia3 pp2000\PP2000_09B\client_OGD\ppdiag\Stop PPD.lnk -> C:\app\ppdiag\ppd.bat (No File)
Shortcut: C:\Users\magic\Downloads\lexia3 pp2000\lexia3 pp2000\PP2000_09B\client_OGD\ppdiag\Utils\ppd_restart.lnk -> C:\app\ppdiag\Utils\ppd_restart.bat (No File)

==================== Loaded Modules (Whitelisted) =============

2022-05-09 11:53 - 2022-04-21 11:56 - 001101824 _____ () [File not signed] C:\Program Files (x86)\Sticky Password\DLLs\_hashlib.pyd
2018-03-19 11:40 - 2018-03-19 11:40 - 000101376 _____ (Free Time) [File not signed] C:\Program Files (x86)\FormatFactory\ShellEx64_104.dll
2015-09-25 23:34 - 2015-09-28 20:08 - 000255488 _____ (Sysprogs OU) [File not signed] C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:1AAB2E68 [183]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2022-04-02] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-05-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-05-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-05-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-05-29] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 15:46 - 2017-09-29 15:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3200854963-3717341606-596258127-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\magic\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKU\S-1-5-21-3200854963-3717341606-596258127-1001\...\StartupApproved\Run: => "HP DeskJet 4530 series (NET)"
HKU\S-1-5-21-3200854963-3717341606-596258127-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3200854963-3717341606-596258127-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3200854963-3717341606-596258127-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{8D438082-EE7B-46B2-9456-6DA1B1C68DBE}C:\program files\opera\opera.exe] => (Block) C:\program files\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [TCP Query User{A1745927-8243-4886-8B05-E48EA939DADD}C:\program files\opera\opera.exe] => (Block) C:\program files\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{40E49982-6738-4C97-9999-5E184C7F9130}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D5FF532D-F60C-40AC-8715-EDDD729922BC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{61A09B1E-7ED4-43A0-B200-CA1800D1FA0A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{AE5956BD-A224-4106-ABF5-CEAAF19B5051}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{F8AC96AB-FAD2-4AAF-8142-83496821072F}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{F0CD54C6-1EB5-4640-B11C-E8A01EFE213B}C:\users\magic\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\magic\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{2EE98752-F881-4127-A0ED-9A81515CC68B}C:\users\magic\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\magic\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{05BD1FAD-AE4B-4773-B387-876000FF1B8B}C:\users\magic\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\magic\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{69BC2D85-55F7-42A1-A2C9-DC6AA302E233}C:\users\magic\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\magic\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{03D4BAD7-26CB-417A-9692-B013EC096D7D}] => (Allow) LPort=53
FirewallRules: [{A8020BC6-AD0D-48C0-96C7-A4A2B6681283}] => (Allow) LPort=53
FirewallRules: [{3BFF2FD7-FCF1-4E57-82DE-76D2A7D8B2F1}] => (Allow) LPort=68
FirewallRules: [{A3B6940A-E110-4529-9AF7-B7CFCF4BE866}] => (Allow) LPort=67
FirewallRules: [{25AEDD2A-DB18-4D58-99E7-38D767445201}] => (Allow) LPort=53
FirewallRules: [{24105CC4-2ACF-4B85-962E-E296AC0AFA79}] => (Allow) LPort=1542
FirewallRules: [{2D0D1AD5-2DA9-4806-AFF8-ECBD1F9E2E12}] => (Allow) LPort=1542
FirewallRules: [UDP Query User{E9B1CA3E-4969-45A1-8FB1-00C761B58594}C:\program files (x86)\ipc360\ipc360.exe] => (Allow) C:\program files (x86)\ipc360\ipc360.exe () [File not signed]
FirewallRules: [TCP Query User{CC6BC8DB-9A30-4C76-83B5-7A626C9A8A0A}C:\program files (x86)\ipc360\ipc360.exe] => (Allow) C:\program files (x86)\ipc360\ipc360.exe () [File not signed]
FirewallRules: [UDP Query User{0D876EC0-8ACB-4D68-A27C-02B15A6E379A}C:\program files (x86)\searchtool\searchtool.exe] => (Allow) C:\program files (x86)\searchtool\searchtool.exe () [File not signed]
FirewallRules: [TCP Query User{818FF721-EED1-477A-89C8-985912074970}C:\program files (x86)\searchtool\searchtool.exe] => (Allow) C:\program files (x86)\searchtool\searchtool.exe () [File not signed]
FirewallRules: [UDP Query User{21EE41A5-4DFE-4B20-9366-C820322ECB3E}C:\users\magic\downloads\cms\cms\cms.exe] => (Allow) C:\users\magic\downloads\cms\cms\cms.exe () [File not signed]
FirewallRules: [TCP Query User{593BAFF5-3CB0-4A9F-B5EC-AB73EC8E3065}C:\users\magic\downloads\cms\cms\cms.exe] => (Allow) C:\users\magic\downloads\cms\cms\cms.exe () [File not signed]
FirewallRules: [{74065532-0CAD-4EFA-940B-9180E73CC8F3}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{B7EFA839-5232-47C8-83FE-2FED917B291A}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{ED3D90A4-1E39-439A-A109-76CF29886AD2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2CAFF5DD-6965-4DCF-A65B-F0C1C752C56D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{2EB8DB99-528F-4326-AD4C-11124E10D452}C:\users\magic\onedrive\dokumenty\odorik.exe] => (Allow) C:\users\magic\onedrive\dokumenty\odorik.exe (Odorik.cz) [File not signed]
FirewallRules: [TCP Query User{FCFE6141-69A9-4F90-8A3C-EF131EBAAE23}C:\users\magic\onedrive\dokumenty\odorik.exe] => (Allow) C:\users\magic\onedrive\dokumenty\odorik.exe (Odorik.cz) [File not signed]
FirewallRules: [{6143B0B3-7BA4-4C9C-B05D-6050C9288ED8}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{A765F971-FE7B-4FF3-933B-DD3EC1F53FA9}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [UDP Query User{11218CAD-3EEF-4727-9A12-7F5B20979926}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{AB12CF31-0082-46BD-BD7C-9D5F8A46F80D}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{FE7D3932-2550-4415-BA72-59A78882616B}C:\program files (x86)\zyxel\nas starter utility\nas starter utility.exe] => (Allow) C:\program files (x86)\zyxel\nas starter utility\nas starter utility.exe () [File not signed]
FirewallRules: [TCP Query User{9A0FEC17-8388-4BB1-92E1-2CBABE2EC3CB}C:\program files (x86)\zyxel\nas starter utility\nas starter utility.exe] => (Allow) C:\program files (x86)\zyxel\nas starter utility\nas starter utility.exe () [File not signed]
FirewallRules: [{82B8A8F2-97A5-403D-BB74-99BB49B1A800}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{FDCFDB0C-55D5-4099-A64E-F11111E23C77}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{0DD17A2F-7FBC-42BC-A75E-A47F7C343BEC}C:\program files (x86)\zyxel\nas starter utility\nas starter utility.exe] => (Allow) C:\program files (x86)\zyxel\nas starter utility\nas starter utility.exe () [File not signed]
FirewallRules: [TCP Query User{34D3420A-4704-4186-8C23-935E1C82F288}C:\program files (x86)\zyxel\nas starter utility\nas starter utility.exe] => (Allow) C:\program files (x86)\zyxel\nas starter utility\nas starter utility.exe () [File not signed]
FirewallRules: [TCP Query User{50E176F4-F8A7-4276-AF1F-DAFD8535DB31}D:\games\farming simulator 19\x64\farmingsimulator2019game.exe] => (Block) D:\games\farming simulator 19\x64\farmingsimulator2019game.exe (GIANTS Software GmbH -> GIANTS Software GmbH) [File not signed]
FirewallRules: [UDP Query User{A839851B-DCBA-4FCD-A1CC-B420F495BC09}D:\games\farming simulator 19\x64\farmingsimulator2019game.exe] => (Block) D:\games\farming simulator 19\x64\farmingsimulator2019game.exe (GIANTS Software GmbH -> GIANTS Software GmbH) [File not signed]
FirewallRules: [{922CAA0D-AFC7-48FF-A84D-9A8C53EC5F60}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{50DE2E3B-1237-47D7-8252-3B2D40F25180}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [TCP Query User{021FE1B9-95F5-4307-BAD2-C1AD4764612F}C:\program files\opera\opera.exe] => (Allow) C:\program files\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{FAC12F82-3263-41AA-A287-171FBA0C8423}C:\program files\opera\opera.exe] => (Allow) C:\program files\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{32EE9053-9550-4F48-B888-F32FE272E9FC}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{27B3A3F7-0186-48D0-A50A-98E1468DEF14}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{51D3F9C5-851B-44A1-9D49-1BA2F2315FAB}] => (Allow) C:\Users\magic\AppData\Local\Temp\7zS549B\HP.EasyStart.exe => No File
FirewallRules: [{0E10302C-C457-45FF-B20E-D9E6E8FED49C}] => (Allow) C:\Users\magic\AppData\Local\Temp\7zS2B96\HP.EasyStart.exe => No File
FirewallRules: [{D4BC720E-57FF-45BB-9C53-B3D0E5261FDF}] => (Allow) C:\Users\magic\AppData\Local\Temp\7zS30CD\HP.EasyStart.exe => No File
FirewallRules: [{0DF200B9-6342-4DEF-A06D-E6BD12FF58E2}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{BE900228-274A-46E5-81EA-2E3B40204FDB}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{9CAFAA7C-6D4B-4B92-AD7B-576DC4FF8C76}] => (Allow) C:\Program Files\HP\HP DeskJet 4530 series\Bin\DeviceSetup.exe (HP Inc. -> HP Inc.)
FirewallRules: [{5FC2E1A4-EFB9-4CCE-8E2A-0E1E01A2607F}] => (Allow) LPort=5357
FirewallRules: [{1804CA84-E24E-461B-8113-4810F860E374}] => (Allow) C:\Program Files\HP\HP DeskJet 4530 series\Bin\HPNetworkCommunicatorCom.exe (HP Inc. -> HP Inc.)
FirewallRules: [{D7E202A4-564D-46A5-B338-62B0A1218EC8}] => (Allow) C:\Users\magic\AppData\Local\Temp\7zS40F8\HP.EasyStart.exe => No File
FirewallRules: [{883030B2-C96D-458E-AED8-78C8B437D06D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{433EFD7D-E512-4CFB-A217-1784BD86F6A5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{2317472E-3A99-459A-B6AA-44CC06FB867A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{A3C7D679-F5B2-42A5-9F8A-7AE5FB51D6D1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{DC1FCAD4-23D1-43E5-9CCA-1727E2F2A49F}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe (Lamantine Software a.s. -> Lamantine Software a.s.)
FirewallRules: [{A3B49641-F0C0-4D5C-A8E4-D5726B21604B}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe (Lamantine Software a.s. -> Lamantine Software a.s.)
FirewallRules: [{730DB51E-4613-4D2A-8D75-4121A9551472}] => (Allow) C:\Program Files\Opera\87.0.4390.36\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{FBA8D246-8D35-4523-8969-06625D47737C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{B1D70761-2A8E-464F-8A12-204E3C3D44C0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DD279D3F-6DA9-4F64-B0EB-F35A9EEA3169}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1143C714-0997-4C21-8325-4D00EDEC32BB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D62D23EF-2C60-4B20-8C6B-D72F40778907}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A8E6F730-4F35-40B5-AC1F-7CAA80FA107B}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.5.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{6127C18E-9088-48A7-9A32-130320F486AF}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.5.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{A66A46D7-0510-47FC-B825-045BE9C2F91F}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.5.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{7B0E023E-D089-48DD-91AE-D253726912A7}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.5.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{997758BF-6FB8-4E2F-A703-C94085E93307}] => (Allow) C:\Program Files\Opera\88.0.4412.53_0\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{E7C73055-978A-46EB-8820-78634C3A824E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{6D38A9E9-B63C-4749-BE2A-42AB402C81DA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{6A1F1F56-D3EE-4479-AEFC-AE3D21667E43}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C45AB184-743E-401F-B8C3-3A3230477A92}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

==================== Restore Points =========================

30-06-2022 18:06:47 Operace obnovení
01-07-2022 13:31:33 AdwCleaner_BeforeCleaning_01/07/2022_13:31:31

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (06/30/2022 09:37:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Acrobat.exe, verze: 22.1.20117.0, časové razítko: 0x624e8510
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.1741, časové razítko: 0x77755782
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000063416
ID chybujícího procesu: 0x7e8
Čas spuštění chybující aplikace: 0x01d88cb89fbc84d1
Cesta k chybující aplikaci: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 3d5cfef9-dfdd-48b5-b428-314986f035ce
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/30/2022 09:15:24 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4164,R,98) SRUJet: Při otevírání souboru protokolu C:\WINDOWS\system32\SRU\SRU03779.log došlo k chybě -1811 (0xfffff8ed).

Error: (06/30/2022 06:09:12 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (06/30/2022 06:09:12 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (06/30/2022 05:05:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.19041.1766 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 2728

Čas spuštění: 01d88c9259662793

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\explorer.exe

ID hlášení: 1c1b8c53-06b6-44d3-aff5-0c89f950fc3b

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (06/30/2022 05:02:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.19041.1766 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1510

Čas spuštění: 01d88be0720bf37a

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\explorer.exe

ID hlášení: ac9287e8-86c4-4f0a-a717-e211f1eab44e

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (06/29/2022 02:12:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.19041.1766 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1a5c

Čas spuštění: 01d88baa27b81d66

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\explorer.exe

ID hlášení: d3416f2e-f42b-41e6-a2f0-64ae6e837efd

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Cross-thread

Error: (06/29/2022 01:49:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program GameBar.exe verze 5.722.5052.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 2990

Čas spuštění: 01d88bae48259870

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.722.5052.0_x64__8wekyb3d8bbwe\GameBar.exe

ID hlášení: f2ead277-f16e-458a-b84d-8c3c8394a005

Úplný název balíčku s chybou: Microsoft.XboxGamingOverlay_5.722.5052.0_x64__8wekyb3d8bbwe

ID aplikace relativní podle balíčku s chybou: App

Typ zablokování: Quiesce


System errors:
=============
Error: (07/01/2022 01:36:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Freemake Improver neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (07/01/2022 01:36:06 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Freemake Improver bylo dosaženo časového limitu (45000 ms).

Error: (07/01/2022 01:34:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Microsoft Passport Container neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.

Error: (07/01/2022 01:34:05 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba NgcCtnrSvc se nemohla přihlásit jako NT AUTHORITY\LocalService s aktuálně konfigurovaným heslem z důvodu následující chyby:
Požadavek není podporován.


Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (07/01/2022 01:32:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (07/01/2022 01:32:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (07/01/2022 01:32:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Disc Soft Lite Bus Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/01/2022 01:32:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Cyberlink RichVideo64 Service(CRVS) byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
================
Date: 2022-06-30 21:57:51
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Script/Ulthar.A!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\magic\Downloads\canspy.zip
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: MAROSASUS2\magic
Název procesu: C:\Users\magic\Desktop\FRST64.exe
Verze bezpečnostních informací: AV: 1.369.521.0, AS: 1.369.521.0, NIS: 1.369.521.0
Verze modulu: AM: 1.1.19300.2, NIS: 1.1.19300.2

Date: 2022-06-30 21:46:15
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {EE0654D4-E2A6-4522-9BE9-C727315642AA}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-06-29 11:51:51
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1C566AA0-89F8-47AF-A023-3C14D7E843FC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-06-27 19:36:13
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {90AF2A2A-1128-4AFD-AAE2-BA8E03312084}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-06-26 19:38:30
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {98B788F0-9376-4B4F-A7E2-1F0BD74F6289}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2022-06-30 21:16:24
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o načtení bezpečnostních informací a pokusí se o obnovení poslední známé funkční verze.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80070003
Popis chyby: Systém nemůže nalézt uvedenou cestu.
Verze bezpečnostních informací: 0.0.0.0;0.0.0.0
Verze modulu: 0.0.0.0

CodeIntegrity:
===============
Date: 2022-06-30 21:40:59
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-06-19 10:56:44
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-06-15 19:40:48
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.4-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-06-09 11:15:10
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. X751LB.606 12/07/2015
Motherboard: ASUSTeK COMPUTER INC. X751LB
Processor: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz
Percentage of memory in use: 32%
Total physical RAM: 12158.74 MB
Available physical RAM: 8147.09 MB
Total Virtual: 14014.74 MB
Available Virtual: 9090.96 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:371.34 GB) (Free:75.56 GB) (Model: HGST HTS721010A9E630) NTFS
Drive d: (DATA) (Fixed) (Total:558.91 GB) (Free:148.76 GB) (Model: HGST HTS721010A9E630) NTFS

\\?\Volume{b8ad5f01-9320-4ecc-a0b2-a510539bdebf}\ () (Fixed) (Total:0.51 GB) (Free:0.05 GB) NTFS
\\?\Volume{c96f2a6d-f7b0-4c04-a316-6804b8e2e672}\ (RECOVERY) (Fixed) (Total:0.49 GB) (Free:0.09 GB) NTFS
\\?\Volume{204186a3-78d2-464a-8b9c-deecd474f9b1}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: F9E46227)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118152
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kontrola Logu

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\Users\magic\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Shortcut: C:\Users\magic\Downloads\lexia3 pp2000\lexia3 pp2000\PP2000_09B\client_OGD\ppdiag\Peugeot Planet Diag.lnk -> C:\app\ppdiag\ppd.bat (No File)
Shortcut: C:\Users\magic\Downloads\lexia3 pp2000\lexia3 pp2000\PP2000_09B\client_OGD\ppdiag\Start PPD (Console Mode).lnk -> C:\app\ppdiag\ppd.bat (No File)
Shortcut: C:\Users\magic\Downloads\lexia3 pp2000\lexia3 pp2000\PP2000_09B\client_OGD\ppdiag\Start PPD.lnk -> C:\app\ppdiag\ppd.bat (No File)
Shortcut: C:\Users\magic\Downloads\lexia3 pp2000\lexia3 pp2000\PP2000_09B\client_OGD\ppdiag\Stop PPD.lnk -> C:\app\ppdiag\ppd.bat (No File)
Shortcut: C:\Users\magic\Downloads\lexia3 pp2000\lexia3 pp2000\PP2000_09B\client_OGD\ppdiag\Utils\ppd_restart.lnk -> C:\app\ppdiag\Utils\ppd_restart.bat (No File)
AlternateDataStreams: C:\ProgramData\TEMP:1AAB2E68 [183]
FirewallRules: [{51D3F9C5-851B-44A1-9D49-1BA2F2315FAB}] => (Allow) C:\Users\magic\AppData\Local\Temp\7zS549B\HP.EasyStart.exe => No File
FirewallRules: [{0E10302C-C457-45FF-B20E-D9E6E8FED49C}] => (Allow) C:\Users\magic\AppData\Local\Temp\7zS2B96\HP.EasyStart.exe => No File
FirewallRules: [{D4BC720E-57FF-45BB-9C53-B3D0E5261FDF}] => (Allow) C:\Users\magic\AppData\Local\Temp\7zS30CD\HP.EasyStart.exe => No File
FirewallRules: [{D7E202A4-564D-46A5-B338-62B0A1218EC8}] => (Allow) C:\Users\magic\AppData\Local\Temp\7zS40F8\HP.EasyStart.exe => No File
C:\Users\magic\Downloads\canspy.zip

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Maroš
Návštěvník
Návštěvník
Příspěvky: 173
Registrován: 29 črc 2011 13:32

Re: Kontrola Logu

#7 Příspěvek od Maroš »

Dobrý den,
po ukončení byl požadován restart, po restartu se žádný log neobjevil.
Mám provést znova?

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118152
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kontrola Logu

#8 Příspěvek od Rudy »

Někdy se to stane. Log bxy měl být na ploše v souboru fixlog.txt.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Maroš
Návštěvník
Návštěvník
Příspěvky: 173
Registrován: 29 črc 2011 13:32

Re: Kontrola Logu

#9 Příspěvek od Maroš »

Děkuji za info,,, tady je:

Fix result of Farbar Recovery Scan Tool (x64) Version: 30-06-2022 01
Ran by magic (01-07-2022 15:50:29) Run:1
Running from C:\Users\magic\Desktop
Loaded Profiles: magic
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\Users\magic\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Shortcut: C:\Users\magic\Downloads\lexia3 pp2000\lexia3 pp2000\PP2000_09B\client_OGD\ppdiag\Peugeot Planet Diag.lnk -> C:\app\ppdiag\ppd.bat (No File)
Shortcut: C:\Users\magic\Downloads\lexia3 pp2000\lexia3 pp2000\PP2000_09B\client_OGD\ppdiag\Start PPD (Console Mode).lnk -> C:\app\ppdiag\ppd.bat (No File)
Shortcut: C:\Users\magic\Downloads\lexia3 pp2000\lexia3 pp2000\PP2000_09B\client_OGD\ppdiag\Start PPD.lnk -> C:\app\ppdiag\ppd.bat (No File)
Shortcut: C:\Users\magic\Downloads\lexia3 pp2000\lexia3 pp2000\PP2000_09B\client_OGD\ppdiag\Stop PPD.lnk -> C:\app\ppdiag\ppd.bat (No File)
Shortcut: C:\Users\magic\Downloads\lexia3 pp2000\lexia3 pp2000\PP2000_09B\client_OGD\ppdiag\Utils\ppd_restart.lnk -> C:\app\ppdiag\Utils\ppd_restart.bat (No File)
AlternateDataStreams: C:\ProgramData\TEMP:1AAB2E68 [183]
FirewallRules: [{51D3F9C5-851B-44A1-9D49-1BA2F2315FAB}] => (Allow) C:\Users\magic\AppData\Local\Temp\7zS549B\HP.EasyStart.exe => No File
FirewallRules: [{0E10302C-C457-45FF-B20E-D9E6E8FED49C}] => (Allow) C:\Users\magic\AppData\Local\Temp\7zS2B96\HP.EasyStart.exe => No File
FirewallRules: [{D4BC720E-57FF-45BB-9C53-B3D0E5261FDF}] => (Allow) C:\Users\magic\AppData\Local\Temp\7zS30CD\HP.EasyStart.exe => No File
FirewallRules: [{D7E202A4-564D-46A5-B338-62B0A1218EC8}] => (Allow) C:\Users\magic\AppData\Local\Temp\7zS40F8\HP.EasyStart.exe => No File
C:\Users\magic\Downloads\canspy.zip

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate => removed successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\Users\magic\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\IObitUnstaler => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
C:\Users\magic\Downloads\lexia3 pp2000\lexia3 pp2000\PP2000_09B\client_OGD\ppdiag\Peugeot Planet Diag.lnk => moved successfully
C:\Users\magic\Downloads\lexia3 pp2000\lexia3 pp2000\PP2000_09B\client_OGD\ppdiag\Start PPD (Console Mode).lnk => moved successfully
C:\Users\magic\Downloads\lexia3 pp2000\lexia3 pp2000\PP2000_09B\client_OGD\ppdiag\Start PPD.lnk => moved successfully
C:\Users\magic\Downloads\lexia3 pp2000\lexia3 pp2000\PP2000_09B\client_OGD\ppdiag\Stop PPD.lnk => moved successfully
C:\Users\magic\Downloads\lexia3 pp2000\lexia3 pp2000\PP2000_09B\client_OGD\ppdiag\Utils\ppd_restart.lnk => moved successfully
C:\ProgramData\TEMP => ":1AAB2E68" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{51D3F9C5-851B-44A1-9D49-1BA2F2315FAB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0E10302C-C457-45FF-B20E-D9E6E8FED49C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D4BC720E-57FF-45BB-9C53-B3D0E5261FDF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D7E202A4-564D-46A5-B338-62B0A1218EC8}" => removed successfully
"C:\Users\magic\Downloads\canspy.zip" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 274587155 B
Java, Discord, Steam htmlcache => 0 B
Windows/system/drivers => 7737844 B
Edge => 189146 B
Chrome => 476238860 B
Firefox => 122354 B
Opera => 431931306 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 3398 B
NetworkService => 385874 B
magic => 276498438 B

RecycleBin => 16554668611 B
EmptyTemp: => 16.8 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 15:52:17 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118152
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kontrola Logu

#10 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Maroš
Návštěvník
Návštěvník
Příspěvky: 173
Registrován: 29 črc 2011 13:32

Re: Kontrola Logu

#11 Příspěvek od Maroš »

Děkuji za pomoc, vypadá že je to v pořádku.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118152
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kontrola Logu

#12 Příspěvek od Rudy »

To jsem rád a nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno