.Co se týče zpomalení, např. vytvoření nového adresáře trvá několik vteřin.
Malwarebytes
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum události ochrany: 13.02.21
Čas události ochrany: 20:51
Logovací soubor: ce9b3206-6e34-11eb-af1b-3c58c2bf9860.json
-Informace o softwaru-
Verze: 4.3.0.98
Verze komponentů: 1.0.1173
Aktualizovat verzi balíku komponent: 1.0.37079
Licence: Zkušební
-Systémová informace-
OS: Windows 10 (Build 19041.804)
CPU: x64
Systém souborů: NTFS
Uživatel: System
-Podrobnosti o zablokovaném webu-
Škodlivý web: 1
, C:\Windows\System32\svchost.exe, Zablokováno, -1, -1, 0.0.0, ,
-Údaje o webu-
Kategorie: Trojský kůň
Doména:
IP Adresa: 89.22.66.2
Port: 53
Typ: Odchozí
Soubor: C:\Windows\System32\svchost.exe
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-02-2021
Ran by TL (administrator) on TL-ASUS (ASUSTeK COMPUTER INC. ZenBook UX534FTC_UX534FTC) (13-02-2021 21:23:06)
Running from C:\Users\TL\Downloads
Loaded Profiles: TL
Platform: Windows 10 Pro Version 20H2 19042.804 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Acronis International GmbH -> ) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Acronis\Agent\aakore.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Acronis\Agent\bin\bckp_amgr.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Acronis\Agent\bin\grpm-mini.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Acronis\Agent\bin\monitoring-mini.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Acronis\Agent\bin\task-manager.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe
(Acronis International GmbH -> Acronis International GmbH.) C:\Program Files (x86)\Acronis\Agent\bin\adp-agent.exe
(Acronis International GmbH -> Acronis International GmbH.) C:\Program Files (x86)\Acronis\Agent\bin\adp-rest-util.exe
(Acronis International GmbH -> Acronis International GmbH.) C:\Program Files (x86)\Acronis\Agent\bin\updater.exe
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <4>
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ASUSTek Computer Inc. -> ) C:\Windows\System32\DriverStore\FileRepository\asusscreenxpertbase.inf_amd64_fcddec6864a824db\AsusScreenXpertBase\AsusScreenPadService.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_51f81f063870aea7\ASUSLinkRemote\AsusLinkRemote.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_51f81f063870aea7\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe
(ASUSTek Computer Inc. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_51f81f063870aea7\ASUSLinkNear\AsusLinkNear.exe
(ASUSTek Computer Inc. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_51f81f063870aea7\ASUSLinkNear\AsusLinkNearExt.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_51f81f063870aea7\ASUSOptimization\AsusOptimization.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_51f81f063870aea7\ASUSOptimization\AsusOptimizationStartupTask.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_51f81f063870aea7\ASUSOptimization\AsusOSD.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_51f81f063870aea7\ASUSSoftwareManager\AsusSoftwareManager.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_51f81f063870aea7\ASUSSystemAnalysis\AsusSystemAnalysis.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asusscreenxpertbase.inf_amd64_fcddec6864a824db\AsusScreenXpertBase\AsusFeatureService.exe
(ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asusscreenxpertbase.inf_amd64_fcddec6864a824db\AsusScreenXpertBase\AsusInitialService.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asusscreenxpertbase.inf_amd64_fcddec6864a824db\AsusScreenXpertBase\AsusLinkToScreenXpert.exe
(ASUSTeK COMPUTER INC.) C:\Program Files\WindowsApps\B9ECED6F.ScreenPadMaster_2.1.10.0_x64__qmba6cd70vzyy\AsusScreenPad.exe
(FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe
(Ghisler Software GmbH -> Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <36>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(ICEpower a/s -> ICEpower A/S) C:\Windows\System32\DriverStore\FileRepository\icesoundapo64.inf_amd64_a5d3270da26fb113\ICEsoundService64.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3282.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3282.0_x64__8j3eq9eme6ctt\IGCC.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_f75fa513cf0ccec1\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_0b214be229a13e84\jhi_service.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_54b736e5be5b50b2\OneApp.IGCC.WinService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_956d83f9aed4e780\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_956d83f9aed4e780\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_5df9b820083f7f5c\RstMwService.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_47a3c840f4f369ff\Intel_PIE_Service.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2012.21.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_51f81f063870aea7\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\MsMpEng.exe
(NGWIN Software Co. -> NGWIN) C:\Program Files (x86)\PicPick\picpick.exe
(Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Node.js Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvam.inf_amd64_4b2f95ebe4bc99df\Display.NvContainer\NVDisplay.Container.exe <2>
(philandro Software GmbH -> philandro Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <2>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <3>
(Smart Sound Technology -> Intel) C:\Windows\System32\cAVS\IAS\IntelAudioService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [827200 2020-12-19] (Acronis International GmbH -> Acronis International GmbH)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-02-08] (Adobe Inc. -> )
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5237416 2021-02-02] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2095672 2021-01-09] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5678624 2020-12-19] (Acronis International GmbH -> )
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe [447520 2020-12-19] (Acronis International GmbH -> Acronis International GmbH)
HKU\S-1-5-21-104297404-645956107-3243886616-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32440376 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-104297404-645956107-3243886616-1002\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [50011008 2021-01-20] (Google LLC -> )
HKU\S-1-5-21-104297404-645956107-3243886616-1002\...\Run: [PicPick Start] => C:\Program Files (x86)\PicPick\picpick.exe [23988584 2020-06-10] (NGWIN Software Co. -> NGWIN)
HKU\S-1-5-21-104297404-645956107-3243886616-1002\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5537448 2021-02-02] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-104297404-645956107-3243886616-1002\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-02-08] (Adobe Inc. -> )
HKU\S-1-5-21-104297404-645956107-3243886616-1002\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\ZPS 19 CZ\Program32\ZPSTRAY.EXE [790512 2020-08-18] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-104297404-645956107-3243886616-1002\...\MountPoints2: {d06449eb-60e1-11eb-87bd-3c58c2bf9860} - "E:\RTK_NIC_DRIVER_INSTALLER.sfx.exe"
HKU\S-1-5-21-104297404-645956107-3243886616-1002\...\MountPoints2: {d0b5ed64-5af2-11eb-87bc-3c58c2bf9860} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-18\...\Run: [] => [X]
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [65496 2020-12-07] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\us008 Langmon: C:\Windows\system32\us008lm.dll [31256 2016-02-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.150\Installer\chrmstp.exe [2021-02-08] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2020-08-17]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00EF5897-2F40-4F92-B07C-CFF91B91C0B8} - System32\Tasks\Microsoft\Windows\PLA\AsusLinkNear => {FF679DA1-8FF2-4474-9C9E-52BBD409B557} C:\WINDOWS\system32\pla.dll [1493504 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {128090AC-4838-49C6-8FF2-19AAE3871E07} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5199272 2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {139ED133-5B78-4EC7-B60F-B2C4B9984AFD} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\System32\RtkAudUService64.exe [1140456 2020-08-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {14683535-8B4C-489B-BDF3-AC8EED29A9CA} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {1E2CC2CD-203B-4A9D-8643-DCA23C2106BD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {350A1269-00B0-4423-B328-4690DA65984B} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4047464 2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {35B5478E-C65B-4A3D-A1EB-1B8C814969BC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5199272 2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {36FF9C64-6ABA-41EC-9545-71A9DCAFCB28} - System32\Tasks\Microsoft\Windows\PLA\074C0539-0999-4DA9-9D0D-3D016B62F4E9 => {FF679DA1-8FF2-4474-9C9E-52BBD409B557} C:\WINDOWS\system32\pla.dll [1493504 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {46B0BE1A-94BB-4766-95AE-5A796BDE761C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {48575AFB-F696-48B4-A04B-66EFF2BE3F26} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [142184 2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {4989E7A7-2C08-4D9E-AB05-BB83DE7F3011} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26913848 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4D94B1AD-27C2-4631-A6BF-745C21B4F93C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {58C7619E-8C6F-47E4-950D-7B6F32EBDB0F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {58C9888D-7724-47DE-99FC-61E73E9C25D2} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_51f81f063870aea7\ASUSSystemAnalysis\AsusSystemAnalysis.exe [2162104 2021-01-13] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
Task: {6025B59B-2508-494D-AD52-D66F6D87EC97} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {619EAB89-9AFC-40E3-B7C3-3987984A8354} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {682FDBBB-021E-4170-983C-F119044557CB} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993288 2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {6E69C842-CB0B-443B-B53E-71273030478A} - System32\Tasks\McAfee\McAfee OOBE Patch Telemetry => C:\Program Files\Common Files\McAfee\ModuleCore\DayZeroOOBEFix_64.exe [3499728 2020-07-03] (McAfee, LLC -> McAfee, LLC)
Task: {829CAA56-C2AD-4FDE-BC6C-158A69872E0B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {86AFDF12-1944-4CF0-A214-C7CEF166D801} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {91A02E72-A734-4720-9C21-BE1E0199C076} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [142184 2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {9BEE512A-D8DD-4317-B810-CD162E78566E} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A6999AA7-9751-4520-B7F1-FCBDF8518784} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-08-17] (Google LLC -> Google LLC)
Task: {B071D706-4EBD-4B89-AEC5-5C029EE90161} - System32\Tasks\4Team updater => C:\Program Files\4Team Corporation\4Team-Updater\4Team-Updater.exe
Task: {B1843109-3B00-410D-8AC2-E2D59AC3AC42} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B1F78135-F8E6-48F3-9ABF-E683FD9FD05C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {B22549EB-F241-4920-B514-EFECE22E7D9E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-08-17] (Google LLC -> Google LLC)
Task: {B326313B-31DF-4EF6-A30B-37229D15699D} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_51f81f063870aea7\ASUSOptimization\AsusHotkeyExec.exe [228912 2021-01-13] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
Task: {D6C88D79-ADC4-4AAC-B501-3D41992142BE} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D7E5619C-CBEC-4405-965E-4CBBDD266DB7} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993288 2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {EFF3B8DD-6E77-481F-BFDF-B6510E4E7375} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1498520 2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {F2CE4866-DDFE-4693-B374-37ACABCEE913} - System32\Tasks\ASUS Update Checker 2.0 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_51f81f063870aea7\ASUSSoftwareManager\AsusUpdateChecker.exe [693176 2021-01-13] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
Task: {F3E5F180-2490-479F-BAB2-8C9739555850} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F7812EBF-68BB-4D96-B0B3-5E9C7FD0C862} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FCFB97DD-BCE5-4C83-872A-17D3D869B5A1} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 89.22.66.2 10.10.0.1
Tcpip\..\Interfaces\{024b80db-075c-4096-91ee-4c0d07de6299}: [DhcpNameServer] 89.22.66.2 10.10.0.1
Tcpip\..\Interfaces\{5220d38c-690b-4d03-8d18-4cce26f00a64}: [DhcpNameServer] 89.22.66.2 10.10.0.1
Tcpip\..\Interfaces\{f1d15346-150e-40aa-a0bf-abdcbd023b7d}: [DhcpNameServer] 192.168.88.1 172.23.76.1 172.23.76.2
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\TL\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-13]
Edge HomePage: Default -> hxxp://www.msn.com/?pc=ASTE
FireFox:
========
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2020-12-07]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2021-01-09] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @itstructures.com/ffactivex -> C:\WINDOWS\system32\AirLiveMediaControl\npffax.dll [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @surveillance.com/npnetsdkplayer -> C:\Program Files (x86)\Surveillance Viewer\Surveillance Viewer Unity\npnetsdkplayer.dll [2018-05-17] (Zhejiang Uniview Technologies Co.,Ltd. -> Surveillance Viewer)
FF Plugin-x32: @surveillance.com/npnetsdkplayer.ipc.un -> C:\Program Files (x86)\Surveillance Viewer\Surveillance Viewer IPC UN\npnetsdkplayer.dll [2018-06-19] (Zhejiang Uniview Technologies Co.,Ltd. -> Surveillance Viewer)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-02-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2021-01-09] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\TL\AppData\Local\Google\Chrome\User Data\Default [2021-02-13]
CHR Notifications: Default -> hxxps://business.facebook.com; hxxps://calendar.google.com; hxxps://www.kosik.cz
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/?clid=22668"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\TL\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-08-17]
CHR Extension: (Dokumenty) - C:\Users\TL\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-08-17]
CHR Extension: (Disk Google) - C:\Users\TL\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-30]
CHR Extension: (smartUp Gestures) - C:\Users\TL\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjfekefhjemchdeigphccilhncnjldn [2021-01-20]
CHR Extension: (YouTube) - C:\Users\TL\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-08-17]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\TL\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-02-07]
CHR Extension: (Image Downloader) - C:\Users\TL\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnpniohnfphhjihaiiggeabnkjhpaldj [2020-08-17]
CHR Extension: (Adobe Acrobat) - C:\Users\TL\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-01-03]
CHR Extension: (Tabulky) - C:\Users\TL\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-08-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\TL\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-25]
CHR Extension: (IE Tab) - C:\Users\TL\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2021-01-18]
CHR Extension: (Google Keep – poznámky a seznamy) - C:\Users\TL\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2021-02-12]
CHR Extension: (Ubiquiti Device Discovery Tool) - C:\Users\TL\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmpigflbjeapnknladcfphgkemopofig [2020-08-17]
CHR Extension: (FormApps Extension) - C:\Users\TL\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2021-01-20]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\TL\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-01-28]
CHR Extension: (Backspace to go Back) - C:\Users\TL\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlffgllnjjkheddehpolbanogdeaogbc [2020-08-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\TL\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-07]
CHR Extension: (Visualping) - C:\Users\TL\AppData\Local\Google\Chrome\User Data\Default\Extensions\pemhgklkefakciniebenbfclihhmmfcd [2020-08-17]
CHR Extension: (Gmail) - C:\Users\TL\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-30]
CHR Extension: (Chrome Media Router) - C:\Users\TL\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-20]
CHR HKU\S-1-5-21-104297404-645956107-3243886616-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aakore; C:\Program Files (x86)\Acronis\Agent\aakore.exe [15839648 2020-12-19] (Acronis International GmbH -> Acronis International GmbH)
R2 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [12905888 2020-12-19] (Acronis International GmbH -> )
S4 AcronisCyberProtectionService; C:\Program Files\Acronis\CyberProtect\cyber-protect-service.exe [1421352 2020-12-19] (Acronis International GmbH -> Acronis International GmbH)
R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1264400 2020-12-19] (Acronis International GmbH -> Acronis International GmbH)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [852024 2021-01-09] (Adobe Inc. -> Adobe Inc.)
R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6388072 2021-01-18] (Acronis International GmbH -> )
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3668944 2020-08-17] (philandro Software GmbH -> philandro Software GmbH)
R2 ASUSLinkNear; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_51f81f063870aea7\ASUSLinkNear\AsusLinkNear.exe [1098168 2021-01-13] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
R2 ASUSLinkNearExt; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_51f81f063870aea7\ASUSLinkNear\AsusLinkNearExt.exe [142264 2021-01-13] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
R2 ASUSLinkRemote; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_51f81f063870aea7\ASUSLinkRemote\AsusLinkRemote.exe [790968 2021-01-13] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R2 ASUSOptimization; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_51f81f063870aea7\ASUSOptimization\AsusOptimization.exe [325168 2021-01-13] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R2 AsusScreenXpert; C:\WINDOWS\System32\DriverStore\FileRepository\asusscreenxpertbase.inf_amd64_fcddec6864a824db\AsusScreenXpertBase\AsusInitialService.exe [991672 2020-11-18] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R2 ASUSSoftwareManager; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_51f81f063870aea7\ASUSSoftwareManager\AsusSoftwareManager.exe [796600 2021-01-13] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_51f81f063870aea7\ASUSSystemAnalysis\AsusSystemAnalysis.exe [2162104 2021-01-13] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_51f81f063870aea7\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [620448 2021-01-13] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8902024 2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe [1995184 2020-07-08] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-02-12] (Malwarebytes Inc -> Malwarebytes)
R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4808088 2020-12-19] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2020-12-19] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [2102096 2020-12-19] (Acronis International GmbH -> )
S3 OfficeSvcManagerAddons; C:\WINDOWS\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [21312 2020-10-15] (Microsoft Windows -> Microsoft Corporation)
S3 OfficeSvcManagerAddons; C:\WINDOWS\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [21312 2020-10-15] (Microsoft Windows -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5198064 2021-01-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7394008 2020-12-19] (Acronis International GmbH -> )
S3 Tib Mounter Service; C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe [5911456 2020-12-19] (Acronis International GmbH -> Acronis International GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\NisSrv.exe [2462960 2021-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MsMpEng.exe [128376 2021-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_4b2f95ebe4bc99df\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_4b2f95ebe4bc99df\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ANXUcmCxCD; C:\WINDOWS\System32\drivers\ANXUcmCxCD.sys [101592 2020-06-30] (Analogix Semiconductor, Inc. -> )
S3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [108232 2019-08-12] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R1 ASUSSAIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_51f81f063870aea7\ASUSSystemAnalysis\ASUSSAIO.sys [36792 2021-01-13] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R1 ATKWMIACPIIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_51f81f063870aea7\ASUSOptimization\atkwmiacpi64.sys [44696 2021-01-13] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [367096 2020-12-19] (Bitdefender SRL -> Bitdefender)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2021-02-12] (Malwarebytes Corporation -> Malwarebytes)
R2 file_protector; C:\WINDOWS\System32\DRIVERS\file_protector.sys [721536 2021-01-18] (Acronis International GmbH -> Acronis International GmbH)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [392840 2021-01-18] (Acronis International GmbH -> Acronis International GmbH)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220616 2021-02-12] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-02-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198248 2021-02-13] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-02-13] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-02-12] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [142416 2021-02-13] (Malwarebytes Inc -> Malwarebytes)
R1 ngscan; C:\WINDOWS\System32\DRIVERS\ngscan.sys [171312 2020-12-19] (Acronis International GmbH -> Acronis International GmbH)
S3 tapsurfshark; C:\WINDOWS\System32\drivers\tapsurfshark.sys [38728 2020-06-15] (WDKTestCert Lenovo,131775874531219913 -> The OpenVPN Project)
S3 tib; C:\WINDOWS\system32\DRIVERS\tib.sys [887032 2021-01-18] (Acronis International GmbH -> Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [176248 2021-01-18] (Acronis International GmbH -> Acronis International GmbH)
S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [694920 2021-01-18] (Acronis International GmbH -> Acronis International GmbH)
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [334984 2021-01-18] (Acronis International GmbH -> Acronis International GmbH)
R0 volume_tracker; C:\WINDOWS\System32\DRIVERS\volume_tracker.sys [251016 2021-01-18] (Acronis International GmbH -> Acronis International GmbH)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49552 2021-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [419040 2021-02-10] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2021-02-10] (Microsoft Windows -> Microsoft Corporation)
S3 wintunshark; C:\WINDOWS\system32\DRIVERS\wintunshark.sys [31096 2020-09-17] (WDKTestCert nikod,132409123292239223 -> Surfshark Ltd)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-02-13 21:23 - 2021-02-13 21:24 - 000042658 _____ C:\Users\TL\Downloads\FRST.txt
2021-02-13 21:19 - 2021-02-13 21:23 - 000000000 ____D C:\FRST
2021-02-13 21:18 - 2021-02-13 21:19 - 002297344 _____ (Farbar) C:\Users\TL\Downloads\FRST64.exe
2021-02-13 20:43 - 2021-02-13 20:43 - 030584912 _____ (Piriform Software Ltd) C:\Users\TL\Downloads\ccsetup576.exe
2021-02-13 20:24 - 2021-02-13 20:24 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-02-13 20:24 - 2021-02-13 20:24 - 000000000 ____D C:\Users\TL\AppData\LocalLow\IGDump
2021-02-13 20:23 - 2021-02-13 20:23 - 000198248 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-02-13 20:23 - 2021-02-13 20:23 - 000142416 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-02-12 18:42 - 2021-02-12 18:42 - 000589841 _____ C:\Users\TL\Downloads\UNV IPC2122LR3-PF40(60)M-D 2MP Mini Fixed Bullet Network Camera V2.0.pdf
2021-02-12 08:33 - 2021-02-12 08:33 - 000220616 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-02-12 08:33 - 2021-02-12 08:33 - 000002035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-02-12 08:33 - 2021-02-12 08:32 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-02-12 08:33 - 2021-02-12 08:32 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-02-10 16:10 - 2021-02-10 16:10 - 000231232 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-02-10 16:10 - 2021-02-10 16:10 - 000010892 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-02-09 14:02 - 2021-02-09 14:02 - 000197688 _____ C:\Users\TL\Downloads\2020.pdf
2021-02-09 14:01 - 2021-02-09 14:01 - 000202661 _____ C:\Users\TL\Downloads\2019.pdf
2021-02-09 12:55 - 2021-02-09 12:55 - 000245871 _____ C:\Users\TL\Downloads\Manifest_D20210209T125518.pdf
2021-02-09 12:55 - 2021-02-09 12:55 - 000119236 _____ C:\Users\TL\Downloads\ShipmentLabel_D20210209T125508.pdf
2021-02-07 18:44 - 2021-02-07 19:09 - 1673052160 _____ C:\Users\TL\Downloads\URNA.avi
2021-02-07 14:56 - 2021-02-07 14:56 - 000002495 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator 2021.lnk
2021-02-07 14:54 - 2021-02-07 14:54 - 000001066 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2021.lnk
2021-02-07 12:17 - 2021-02-07 12:17 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-07 12:16 - 2021-02-07 12:16 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-07 12:15 - 2021-02-07 12:15 - 001314112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-02-05 23:02 - 2021-02-05 23:02 - 000187604 _____ C:\Users\TL\Downloads\FakturaPrint_1000040184_9_7100005622_FA2020005337.pdf
2021-02-05 00:49 - 2021-02-05 00:49 - 001135972 _____ C:\Users\TL\Downloads\European-Coffee-Report-2018-2019.pdf
2021-02-04 19:28 - 2021-02-04 19:29 - 000093696 _____ C:\Users\TL\Downloads\wertf.msg
2021-02-04 13:37 - 2021-02-04 13:37 - 000086023 _____ C:\Users\TL\Downloads\formular (1).pdf
2021-02-03 19:39 - 2021-02-03 19:39 - 000774427 _____ C:\Users\TL\Downloads\2_Cetin - nabídka.pdf
2021-02-03 19:37 - 2021-02-03 19:37 - 000516208 _____ C:\Users\TL\Downloads\1_Cetin - průvodní dopis.pdf
2021-02-03 17:16 - 2020-08-20 01:09 - 001145480 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtCOM64.dll
2021-02-03 17:16 - 2020-08-20 01:09 - 000468792 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2021-02-03 17:16 - 2020-08-20 00:35 - 000854104 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64U.dll
2021-02-03 17:04 - 2020-08-20 01:09 - 003704480 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTKSpeechPP2.dll
2021-02-03 17:04 - 2020-08-20 00:22 - 041509677 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2021-02-03 11:29 - 2021-02-03 11:29 - 000224256 _____ C:\Users\TL\Downloads\css.msg
2021-02-03 10:49 - 2021-02-03 10:49 - 000281435 _____ C:\Users\TL\Downloads\Intrastat 2020 Miliimport.xlsx
2021-02-03 08:14 - 2021-02-03 08:14 - 000000000 ____D C:\Users\TL\AppData\Roaming\Teams
2021-02-02 21:54 - 2021-02-02 21:54 - 000245415 _____ C:\Users\TL\Downloads\Manifest_D20210202T215408.pdf
2021-02-02 21:53 - 2021-02-02 21:53 - 000118640 _____ C:\Users\TL\Downloads\ShipmentLabel_D20210202T215328.pdf
2021-02-02 14:52 - 2021-02-02 14:52 - 000145861 _____ C:\Users\TL\Downloads\stitek_Palety_18_020221_145228-1572_1487330.pdf
2021-02-02 14:52 - 2021-02-02 14:52 - 000080944 _____ C:\Users\TL\Downloads\predavaci_protokol_Palety_18_020221_145232-0309_1487330.pdf
2021-02-01 23:10 - 2021-02-01 23:10 - 000119261 _____ C:\Users\TL\Downloads\ShipmentLabel_D20210201T231029.pdf
2021-02-01 15:08 - 2021-02-01 15:08 - 000000000 ___RD C:\Users\TL\Documents\Scanned Documents
2021-02-01 15:08 - 2021-02-01 15:08 - 000000000 ____D C:\Users\TL\Documents\Fax
2021-01-31 20:01 - 2021-01-31 20:01 - 000365095 _____ C:\Users\TL\Downloads\31184942.pdf
2021-01-30 21:38 - 2020-09-03 04:56 - 000477328 _____ C:\WINDOWS\system32\Drivers\dsp_fw_release.bin
2021-01-30 10:55 - 2021-01-30 10:55 - 000370537 _____ C:\Users\TL\Downloads\hanes3.jpeg
2021-01-29 07:14 - 2021-01-29 07:14 - 000145960 _____ C:\Users\TL\Downloads\stitek_Palety_39_290121_071426-1474_5145124.pdf
2021-01-29 07:14 - 2021-01-29 07:14 - 000080518 _____ C:\Users\TL\Downloads\predavaci_protokol_Palety_20_290121_071427-5581_5145124.pdf
2021-01-29 07:04 - 2021-01-29 07:05 - 000001029 _____ C:\Users\TL\Downloads\AddressBook_13483094_D20210129T070453.csv
2021-01-27 18:32 - 2020-09-14 02:51 - 001790200 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-01-27 18:32 - 2020-09-14 02:51 - 001790200 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-01-27 18:32 - 2020-09-14 02:51 - 001386240 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-01-27 18:32 - 2020-09-14 02:51 - 001386240 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-01-27 18:32 - 2020-09-14 02:51 - 001096808 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-01-27 18:32 - 2020-09-14 02:51 - 001096808 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-01-27 18:32 - 2020-09-14 02:51 - 000949864 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-01-27 18:32 - 2020-09-14 02:51 - 000949864 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-01-27 18:32 - 2020-09-14 02:51 - 000462656 _____ C:\WINDOWS\system32\ze_loader.dll
2021-01-27 18:32 - 2020-09-14 02:51 - 000148792 _____ C:\WINDOWS\system32\ze_validation_layer.dll
2021-01-27 18:32 - 2020-09-14 02:50 - 026676032 _____ (Intel Corporation) C:\WINDOWS\system32\mfxplugin64_hw.dll
2021-01-27 18:32 - 2020-09-14 02:50 - 013519672 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\mfxplugin32_hw.dll
2021-01-27 18:32 - 2020-09-14 02:50 - 000507704 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-01-27 18:32 - 2020-09-14 02:50 - 000370488 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-01-27 18:32 - 2020-09-14 02:50 - 000306000 _____ C:\WINDOWS\system32\libmfxhw64.dll
2021-01-27 18:32 - 2020-09-14 02:50 - 000254528 _____ C:\WINDOWS\SysWOW64\libmfxhw32.dll
2021-01-27 18:32 - 2020-09-14 02:50 - 000171472 _____ (Intel Corporation) C:\WINDOWS\system32\intel_gfx_api-x64.dll
2021-01-27 18:32 - 2020-09-14 02:50 - 000146760 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll
2021-01-26 22:05 - 2021-01-26 22:05 - 000969358 _____ C:\Users\TL\Downloads\03_2021_01_01_MND_Proud_Cenik_2022_Online_CEZ.pdf
2021-01-26 11:31 - 2021-01-26 11:31 - 000429313 _____ C:\Users\TL\Downloads\000572.pdf
2021-01-25 11:15 - 2021-01-25 11:15 - 029914222 _____ ( ) C:\Users\TL\Downloads\setup.exe
2021-01-25 11:15 - 2021-01-25 11:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\kosys
2021-01-25 11:15 - 2021-01-25 11:15 - 000000000 ____D C:\ksoft
2021-01-25 11:15 - 2010-12-28 09:29 - 000137000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmapi32.ocx
2021-01-25 11:15 - 2009-04-03 13:45 - 003907584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vfp9t.dll
2021-01-25 11:15 - 2009-04-03 11:01 - 004734976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vfp9r.dll
2021-01-25 11:15 - 2007-10-15 09:47 - 001200128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vfp9rcsy.dll
2021-01-23 21:01 - 2021-01-23 21:01 - 000419469 _____ C:\Users\TL\Downloads\rf-pwm-vytapeci-aktory-xcomfort-nove-technologie-1a--10a-a-16a---letak-2020 (1).pdf
2021-01-23 21:00 - 2021-01-23 21:00 - 007452083 _____ C:\Users\TL\Downloads\rf-xcomfort-bridge---brozura-en.pdf
2021-01-23 20:53 - 2021-01-23 20:53 - 008209752 _____ C:\Users\TL\Downloads\katalog-sfc-cz-2019-nahled.pdf
2021-01-23 20:52 - 2021-01-23 20:53 - 005170782 _____ C:\Users\TL\Downloads\pl-z-70-z-90-cz-nahled-2020-05.pdf
2021-01-23 20:49 - 2021-01-23 20:49 - 010711158 _____ C:\Users\TL\Downloads\hrejive-teplo-v-koupelne-2020.pdf
2021-01-23 20:49 - 2021-01-23 20:49 - 005206813 _____ C:\Users\TL\Downloads\cenik-fenix-2020-ii.pdf
2021-01-23 20:49 - 2021-01-23 20:49 - 004526958 _____ C:\Users\TL\Downloads\katalog-venkovnich-aplikaci.pdf
2021-01-23 20:49 - 2021-01-23 20:49 - 003433619 _____ C:\Users\TL\Downloads\fenix-weber-navod.pdf
2021-01-23 20:48 - 2021-01-23 20:48 - 003932660 _____ C:\Users\TL\Downloads\v-system-elektro-katalog-zijeme-s-energii.pdf
2021-01-23 20:48 - 2021-01-23 20:48 - 000873162 _____ C:\Users\TL\Downloads\zijeme-podlahovkou.pdf
2021-01-23 20:47 - 2021-01-23 20:47 - 000073097 _____ C:\Users\TL\Downloads\7-2021-harmonogram-nelumbo.pdf
2021-01-23 20:46 - 2021-01-23 20:46 - 001008994 _____ C:\Users\TL\Downloads\prezentace-domu-u-prahy.pdf
2021-01-23 20:46 - 2021-01-23 20:46 - 000180468 _____ C:\Users\TL\Downloads\schema.pdf
2021-01-23 20:44 - 2021-01-23 20:44 - 007013884 _____ C:\Users\TL\Downloads\19-09-02-podlahove-systemy-850x2000.pdf
2021-01-23 20:43 - 2021-01-23 20:44 - 000774146 _____ C:\Users\TL\Downloads\letak-tepelneizolacni-profily-final-310819.pdf
2021-01-23 20:39 - 2021-01-23 20:39 - 001842770 _____ C:\Users\TL\Downloads\allstav-cz-patrove-domy.pdf
2021-01-23 20:38 - 2021-01-23 20:38 - 000697034 _____ C:\Users\TL\Downloads\2021-popis-stavby.pdf
2021-01-23 20:36 - 2021-01-23 20:36 - 019025682 _____ C:\Users\TL\Downloads\origis-katalog-origami.pdf
2021-01-23 20:36 - 2021-01-23 20:36 - 005870427 _____ C:\Users\TL\Downloads\origis-ukazkovy-dum-vinor.pdf
2021-01-23 20:36 - 2021-01-23 20:36 - 005870427 _____ C:\Users\TL\Downloads\origis-ukazkovy-dum-vinor (1).pdf
2021-01-23 20:35 - 2021-01-23 20:35 - 016912867 _____ C:\Users\TL\Downloads\katalog-hp.pdf
2021-01-22 19:25 - 2021-01-22 19:25 - 000042982 _____ C:\Users\TL\Downloads\airbank_1049636020_2021-01-22_19-25.csv
2021-01-22 19:09 - 2021-01-22 19:09 - 000048800 _____ C:\Users\TL\Downloads\782207170217_12_1132_20201211.pdf
2021-01-22 19:09 - 2021-01-22 19:09 - 000048503 _____ C:\Users\TL\Downloads\782207170217_11_1132_20201112.pdf
2021-01-22 19:08 - 2021-01-22 19:08 - 000069929 _____ C:\Users\TL\Downloads\782207170217_20201119_20210118.pdf
2021-01-22 19:08 - 2021-01-22 19:08 - 000063498 _____ C:\Users\TL\Downloads\782207170217_20210101_20210131.pdf
2021-01-22 15:06 - 2021-01-22 15:07 - 099539258 _____ C:\Users\TL\Downloads\wetransfer-7d3a4c.zip
2021-01-22 10:17 - 2021-01-22 10:17 - 000419469 _____ C:\Users\TL\Downloads\rf-pwm-vytapeci-aktory-xcomfort-nove-technologie-1a--10a-a-16a---letak-2020.pdf
2021-01-22 10:16 - 2021-01-22 10:16 - 005103453 _____ C:\Users\TL\Downloads\go-wireless-bezdratove-ovladani-cz.pdf
2021-01-22 10:16 - 2021-01-22 10:16 - 003749661 _____ C:\Users\TL\Downloads\ytong-cenik-2021-cz.pdf
2021-01-22 10:16 - 2021-01-22 10:16 - 003584341 _____ C:\Users\TL\Downloads\stavebni-postupy-ytong.pdf
2021-01-22 10:16 - 2021-01-22 10:16 - 001581240 _____ C:\Users\TL\Downloads\xella-kompletni-stavebni-system.pdf
2021-01-22 10:11 - 2021-01-22 10:11 - 003565011 _____ C:\Users\TL\Downloads\cti-info-3-4-2020-web.pdf
2021-01-22 10:06 - 2021-01-22 10:06 - 007569271 _____ C:\Users\TL\Downloads\prospekt-tisk.pdf
2021-01-22 10:06 - 2021-01-22 10:06 - 005944335 _____ C:\Users\TL\Downloads\produktove-listy-stinici-techniky-2017.pdf
2021-01-22 10:06 - 2021-01-22 10:06 - 003802989 _____ C:\Users\TL\Downloads\svt-01-2020.pdf
2021-01-21 14:06 - 2021-01-21 14:06 - 000625970 _____ C:\Users\TL\Downloads\Avízo o příchodu zásilky - vyplneno - Miliimport.pdf
2021-01-21 14:01 - 2021-01-21 14:01 - 000054438 _____ C:\Users\TL\Downloads\vypis-440519.pdf
2021-01-21 14:01 - 2021-01-21 14:01 - 000054208 _____ C:\Users\TL\Downloads\vypis-1004626.pdf
2021-01-20 17:31 - 2021-01-20 17:31 - 000286217 _____ C:\Users\TL\Downloads\mailpv.zip
2021-01-20 17:26 - 2021-01-20 17:26 - 000422943 _____ C:\Users\TL\Downloads\wakemeonlan-x64.zip
2021-01-20 10:37 - 2021-01-20 10:37 - 000002254 _____ C:\Users\TL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormApps Signing Extension.lnk
2021-01-20 10:37 - 2021-01-20 10:37 - 000000000 ____D C:\Users\TL\AppData\Local\Software602
2021-01-20 10:36 - 2021-01-20 10:36 - 002591048 _____ C:\Users\TL\Downloads\FormApps_Signing_Extension.exe
2021-01-19 22:39 - 2021-02-13 20:50 - 000000000 ____D C:\WINDOWS\Minidump
2021-01-19 19:34 - 2021-01-19 19:34 - 000005861 _____ C:\Users\TL\Downloads\23x59_cz_1.pdf
2021-01-18 22:01 - 2021-01-18 22:01 - 000727010 _____ C:\Users\TL\Downloads\export.csv
2021-01-18 21:35 - 2021-01-18 21:35 - 073347137 _____ C:\Users\TL\Downloads\ambient.zip
2021-01-18 13:27 - 2021-01-31 19:22 - 000000000 ____D C:\Users\TL\AppData\Local\cache
2021-01-18 13:15 - 2021-01-18 13:15 - 000477039 _____ C:\Users\TL\Downloads\311025824.pdf
2021-01-18 11:21 - 2021-01-18 11:21 - 000001737 _____ C:\Users\TL\Desktop\datovka – zástupce (2).lnk
2021-01-18 11:15 - 2021-01-31 22:05 - 000000000 ____D C:\Users\TL\AppData\Roaming\.dsgui
2021-01-18 11:15 - 2021-01-18 11:15 - 000001737 _____ C:\Users\TL\Desktop\datovka – zástupce.lnk
2021-01-18 11:13 - 2021-01-18 11:13 - 000000000 ____D C:\Users\TL\Downloads\CZ.NIC
2021-01-18 11:12 - 2021-01-18 11:12 - 000000000 ____D C:\Users\TL\AppData\Roaming\Acronis
2021-01-18 11:10 - 2021-01-18 11:10 - 000887032 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib.sys
2021-01-18 11:10 - 2021-01-18 11:10 - 000721536 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\file_protector.sys
2021-01-18 11:10 - 2021-01-18 11:10 - 000694920 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tnd.sys
2021-01-18 11:10 - 2021-01-18 11:10 - 000392840 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\file_tracker.sys
2021-01-18 11:10 - 2021-01-18 11:10 - 000389248 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\snapman.sys
2021-01-18 11:10 - 2021-01-18 11:10 - 000334984 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\virtual_file.sys
2021-01-18 11:10 - 2021-01-18 11:10 - 000251016 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\volume_tracker.sys
2021-01-18 11:10 - 2021-01-18 11:10 - 000183944 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\fltsrv.sys
2021-01-18 11:10 - 2021-01-18 11:10 - 000176248 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib_mounter.sys
2021-01-18 11:10 - 2021-01-18 11:10 - 000001288 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis True Image.lnk
2021-01-18 11:10 - 2021-01-18 11:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2021-01-18 11:10 - 2021-01-18 11:10 - 000000000 ____D C:\ProgramData\Apple
2021-01-18 11:10 - 2021-01-18 11:10 - 000000000 ____D C:\ProgramData\Acronis Mobile Backup Data
2021-01-18 11:10 - 2021-01-18 11:10 - 000000000 ____D C:\Program Files\Common Files\Acronis
2021-01-18 11:10 - 2021-01-18 11:10 - 000000000 ____D C:\Program Files\Bonjour
2021-01-18 11:10 - 2021-01-18 11:10 - 000000000 ____D C:\Program Files\Acronis
2021-01-18 11:10 - 2021-01-18 11:10 - 000000000 ____D C:\Program Files (x86)\Bonjour
2021-01-18 11:10 - 2021-01-18 11:10 - 000000000 ____D C:\Program Files (x86)\Acronis
2021-01-18 11:10 - 2020-12-19 15:36 - 000171312 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\ngscan.sys
2021-01-18 11:10 - 2020-12-19 15:35 - 000367096 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bddci.sys
2021-01-18 11:09 - 2021-01-18 11:11 - 000000000 ____D C:\ProgramData\Acronis
2021-01-18 11:06 - 2021-01-18 11:09 - 831836480 _____ C:\Users\TL\Downloads\AcronisTrueImage2021_35860.exe
2021-01-18 09:25 - 2021-02-13 20:50 - 000000000 ____D C:\Users\TL\AppData\Local\CrashDumps
2021-01-18 09:16 - 2020-10-19 06:42 - 000069608 _____ C:\WINDOWS\system32\FvSDK_x64.dll
2021-01-18 09:16 - 2020-10-19 06:42 - 000058344 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll
2021-01-18 09:16 - 2020-03-04 13:54 - 000050592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\NvModuleTracker.sys
2021-01-18 09:14 - 2021-01-18 09:14 - 000089392 _____ C:\Users\TL\Downloads\pdf.pdf
2021-01-18 09:11 - 2021-01-18 09:26 - 000000000 ____D C:\ProgramData\HP
2021-01-18 09:11 - 2018-06-19 06:30 - 004909664 _____ (HP Inc.) C:\WINDOWS\system32\HPScanTEDrv_LJM28-M31_x64.dll
2021-01-18 09:11 - 2018-06-19 06:30 - 003435104 _____ (HP Inc.) C:\WINDOWS\SysWOW64\HPScanTEDrv_LJM28-M31.dll
2021-01-18 09:11 - 2018-06-19 06:30 - 001329760 _____ (HP Inc.) C:\WINDOWS\system32\HPScanTEDrv_LJM28-M31_x64_DiscoveryLibDyn.dll
2021-01-18 09:11 - 2018-06-19 06:30 - 000648288 _____ (HP Inc., LP) C:\WINDOWS\system32\HPWia2_LJM28-M31.dll
2021-01-18 09:11 - 2018-06-19 06:30 - 000581728 _____ (HP Inc.) C:\WINDOWS\SysWOW64\HPScanTEDrv_LJM28-M31_DiscoveryLibDyn.dll
2021-01-18 09:10 - 2021-01-18 09:10 - 000201222 _____ C:\Users\TL\Downloads\id326_time1610898286.pdf
2021-01-18 09:09 - 2021-01-18 09:17 - 196730496 _____ C:\Users\TL\Downloads\LJM28-M31_U_Full_WebPack_46.2.2636.exe
2021-01-14 15:40 - 2021-01-14 15:40 - 000000000 ____D C:\Users\TL\AppData\Local\TeamViewer
2021-01-14 15:39 - 2021-01-14 15:39 - 029285264 _____ (TeamViewer Germany GmbH) C:\Users\TL\Downloads\TeamViewer_Setup.exe
2021-01-14 12:11 - 2021-01-14 12:11 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-14 12:11 - 2021-01-14 12:11 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-01-14 12:11 - 2021-01-14 12:11 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-14 12:11 - 2021-01-14 12:11 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-14 12:11 - 2021-01-14 12:11 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-14 12:11 - 2021-01-14 12:11 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-14 12:11 - 2021-01-14 12:11 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-14 12:11 - 2021-01-14 12:11 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-14 12:11 - 2021-01-14 12:11 - 000467968 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-01-14 12:11 - 2021-01-14 12:11 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-01-14 12:11 - 2021-01-14 12:11 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-14 12:11 - 2021-01-14 12:11 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-14 12:11 - 2021-01-14 12:11 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-14 12:11 - 2021-01-14 12:11 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-14 12:11 - 2021-01-14 12:11 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-14 12:11 - 2021-01-14 12:11 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-14 12:11 - 2021-01-14 12:11 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-14 12:11 - 2021-01-14 12:11 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-14 12:11 - 2021-01-14 12:11 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-14 12:11 - 2021-01-14 12:11 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll
2021-01-14 12:11 - 2021-01-14 12:11 - 000138056 _____ C:\WINDOWS\system32\HvsiManagementApi.dll
2021-01-14 12:11 - 2021-01-14 12:11 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-14 12:11 - 2021-01-14 12:11 - 000101704 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll
2021-01-14 12:11 - 2021-01-14 12:11 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-14 12:11 - 2021-01-14 12:11 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-14 12:11 - 2021-01-14 12:11 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-14 12:11 - 2021-01-14 12:11 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-14 12:11 - 2021-01-14 12:11 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-14 12:11 - 2021-01-14 12:11 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-14 12:11 - 2021-01-14 12:11 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-14 12:10 - 2021-01-14 12:10 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-14 12:10 - 2021-01-14 12:10 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-14 12:10 - 2021-01-14 12:10 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-01-14 12:10 - 2021-01-14 12:10 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-14 12:10 - 2021-01-14 12:10 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-14 12:10 - 2021-01-14 12:10 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-01-14 12:10 - 2021-01-14 12:10 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-14 12:10 - 2021-01-14 12:10 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-14 12:10 - 2021-01-14 12:10 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-14 12:10 - 2021-01-14 12:10 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-14 12:10 - 2021-01-14 12:10 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-14 12:10 - 2021-01-14 12:10 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-01-14 12:10 - 2021-01-14 12:10 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-02-13 20:56 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-13 20:56 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-02-13 20:51 - 2020-12-21 14:01 - 000000000 ____D C:\Users\TL\AppData\Roaming\TeamViewer
2021-02-13 20:51 - 2020-08-29 12:19 - 000000000 ____D C:\Users\TL\AppData\Roaming\uTorrent
2021-02-13 20:50 - 2020-08-21 05:38 - 000000000 ___DC C:\Users\TL\AppData\Local\MigWiz
2021-02-13 20:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-02-13 20:50 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-02-13 20:45 - 2020-12-29 09:01 - 000000000 ___HD C:\temp
2021-02-13 20:44 - 2020-08-18 08:56 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-02-13 20:44 - 2020-08-18 08:56 - 000000000 ____D C:\Program Files\CCleaner
2021-02-13 20:39 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-13 20:31 - 2020-08-18 08:30 - 001693776 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-13 20:31 - 2019-12-07 15:43 - 000718176 _____ C:\WINDOWS\system32\perfh005.dat
2021-02-13 20:31 - 2019-12-07 15:43 - 000145318 _____ C:\WINDOWS\system32\perfc005.dat
2021-02-13 20:30 - 2020-08-18 08:25 - 000003752 _____ C:\WINDOWS\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474
2021-02-13 20:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-02-13 20:25 - 2020-08-23 08:33 - 000000000 ___RD C:\Users\TL\Disk Google
2021-02-13 20:25 - 2020-07-03 03:23 - 000000000 ____D C:\ProgramData\NVIDIA
2021-02-13 20:24 - 2021-01-09 15:15 - 000000000 ___RD C:\Users\TL\Creative Cloud Files
2021-02-13 20:23 - 2020-08-18 08:25 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-13 20:23 - 2020-08-17 20:30 - 000008192 ___SH C:\DumpStack.log.tmp
2021-02-13 20:23 - 2020-08-17 15:23 - 000000000 __SHD C:\Users\TL\IntelGraphicsProfiles
2021-02-13 20:23 - 2020-07-03 03:19 - 000000000 ___HD C:\Intel
2021-02-13 20:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-02-13 20:23 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-02-13 20:05 - 2020-09-07 08:31 - 000000000 ____D C:\ProgramData\firebird
2021-02-13 19:59 - 2020-08-18 08:23 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-13 09:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-13 04:19 - 2020-08-22 03:02 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-13 04:19 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-12 21:35 - 2020-08-29 16:04 - 000002246 ____H C:\Users\TL\Documents\Default.rdp
2021-02-12 21:35 - 2020-08-17 15:23 - 000000000 ____D C:\Users\TL\AppData\Local\Packages
2021-02-12 09:18 - 2020-08-29 15:50 - 000000000 ____D C:\Users\TL\AppData\Roaming\vlc
2021-02-12 08:36 - 2020-08-18 08:23 - 000486248 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-12 08:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-02-12 08:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-02-12 08:35 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-12 08:33 - 2020-11-28 08:33 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-02-12 08:33 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-02-11 08:22 - 2020-08-22 03:02 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-11 08:22 - 2020-08-22 03:02 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-10 16:07 - 2020-08-17 16:42 - 000000000 ___HD C:\$WinREAgent
2021-02-10 16:06 - 2020-08-17 16:17 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-10 16:03 - 2020-08-17 16:16 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-10 13:33 - 2020-08-17 15:23 - 000000000 ____D C:\Users\TL\AppData\Roaming\Adobe
2021-02-10 10:05 - 2021-01-02 13:14 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-02-10 10:05 - 2021-01-02 13:14 - 000002116 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2021-02-10 10:05 - 2021-01-02 13:14 - 000002105 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2021-02-10 04:17 - 2019-10-23 02:08 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-02-09 09:32 - 2020-08-23 09:10 - 000000000 ____D C:\Users\TL\Documents\Grandum
2021-02-08 22:30 - 2020-08-17 15:26 - 000000000 ____D C:\Users\TL\AppData\Local\PlaceholderTileLogoFolder
2021-02-08 21:15 - 2020-08-17 15:37 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-08 14:57 - 2020-08-30 18:50 - 000000000 ____D C:\Program Files\Adobe
2021-02-08 11:46 - 2020-08-18 08:25 - 000003354 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-104297404-645956107-3243886616-1002
2021-02-08 11:46 - 2020-08-18 07:46 - 000002354 _____ C:\Users\TL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-08 11:46 - 2020-08-17 15:26 - 000000000 ___RD C:\Users\TL\OneDrive
2021-02-07 14:56 - 2020-08-30 18:50 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-02-07 14:47 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-02-07 14:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-02-07 14:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-07 14:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-02-07 14:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-07 14:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-07 14:47 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-02-07 11:12 - 2019-10-23 02:12 - 000000000 ____D C:\Program Files\Microsoft Office
2021-02-06 00:04 - 2020-08-18 08:25 - 000003472 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-06 00:04 - 2020-08-18 08:25 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-04 09:22 - 2020-08-19 05:32 - 000000000 ____D C:\Users\TL\AppData\Roaming\GHISLER
2021-02-03 08:14 - 2020-08-19 05:41 - 000002351 _____ C:\Users\TL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-02-03 08:14 - 2020-08-19 05:41 - 000002343 _____ C:\Users\TL\Desktop\Microsoft Teams.lnk
2021-02-02 10:48 - 2020-08-17 16:37 - 000000000 ____D C:\Users\TL\AppData\Local\ElevatedDiagnostics
2021-01-30 21:38 - 2020-08-18 07:29 - 000000000 ____D C:\WINDOWS\system32\Intel
2021-01-30 21:38 - 2020-08-18 07:29 - 000000000 ____D C:\WINDOWS\system32\cAVS
2021-01-27 21:53 - 2020-08-18 07:46 - 000000000 ____D C:\Users\TL
2021-01-26 21:09 - 2020-08-23 08:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2021-01-26 14:19 - 2020-08-23 09:05 - 000000000 ____D C:\1Projekty
2021-01-23 19:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-01-22 06:33 - 2020-08-18 08:25 - 000004122 _____ C:\WINDOWS\system32\Tasks\ASUS Update Checker 2.0
2021-01-22 06:32 - 2020-07-03 03:59 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-01-22 06:31 - 2020-08-18 08:25 - 000003764 _____ C:\WINDOWS\system32\Tasks\ASUS Optimization 36D18D69AFC3
2021-01-20 18:00 - 2020-09-06 18:55 - 000000000 ____D C:\ProgramData\boost_interprocess
2021-01-20 08:40 - 2020-08-17 16:09 - 000000000 ____D C:\Program Files (x86)\AnyDesk
2021-01-20 08:38 - 2020-08-17 16:18 - 000000000 ____D C:\Users\TL\AppData\Local\D3DSCache
2021-01-19 20:10 - 2020-09-04 11:42 - 000000000 ____D C:\Users\TL\Downloads\MailStore
2021-01-19 12:29 - 2019-03-02 14:03 - 000002376 _____ C:\Users\TL\Desktop\Palladium-kancelar.rdp
2021-01-18 11:12 - 2020-08-17 15:23 - 000000000 ____D C:\Users\TL\AppData\Local\VirtualStore
2021-01-18 09:30 - 2020-08-21 05:52 - 000004040 _____ C:\WINDOWS\system32\Tasks\4Team updater
2021-01-18 09:27 - 2020-10-18 19:04 - 000000000 ____D C:\Users\TL\AppData\Local\IE Tab
2021-01-18 09:16 - 2020-08-18 08:25 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-18 09:16 - 2020-08-18 08:25 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-18 09:16 - 2020-08-18 08:25 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-18 09:16 - 2020-08-18 08:25 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-18 09:16 - 2020-08-18 08:25 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-18 09:16 - 2020-08-18 08:25 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-18 09:16 - 2020-08-18 08:25 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-18 09:16 - 2020-08-18 08:25 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-18 09:16 - 2020-08-18 08:25 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-18 09:16 - 2020-08-18 08:25 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-18 09:16 - 2020-07-03 03:23 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-01-18 09:16 - 2020-07-03 03:23 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-01-18 09:16 - 2020-07-03 03:22 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-01-17 23:04 - 2019-12-07 15:45 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2021-01-17 04:17 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-17 04:17 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-17 04:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-17 04:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-17 04:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-01-17 04:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-17 04:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-17 04:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-17 04:16 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-17 04:16 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-01-17 04:16 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-17 04:16 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-17 04:16 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-17 04:16 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-17 04:16 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-17 04:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-17 04:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-17 04:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-01-17 04:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-17 04:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-17 04:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-17 04:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-17 04:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-17 04:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-17 04:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-17 04:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-17 04:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2021-01-17 04:16 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-16 21:20 - 2020-08-18 08:43 - 000000000 ___RD C:\Users\TL\Downloads\B9ECED6F.ASUSPCAssistant_qmba6cd70vzyy!App
2021-01-14 12:10 - 2020-08-18 08:23 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
==================== Files in the root of some directories ========
2020-10-24 17:54 - 2021-01-10 21:19 - 000001480 _____ () C:\Users\TL\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2020-08-31 04:29 - 2020-12-28 19:48 - 000000410 _____ () C:\Users\TL\AppData\Local\oobelibMkey.log
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-02-2021
Ran by TL (13-02-2021 21:28:41)
Running from C:\Users\TL\Downloads
Windows 10 Pro Version 20H2 19042.804 (X64) (2020-08-18 07:25:56)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-104297404-645956107-3243886616-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-104297404-645956107-3243886616-503 - Limited - Disabled)
Guest (S-1-5-21-104297404-645956107-3243886616-501 - Limited - Disabled)
prace (S-1-5-21-104297404-645956107-3243886616-1003 - Limited - Enabled)
TL (S-1-5-21-104297404-645956107-3243886616-1002 - Administrator - Enabled) => C:\Users\TL
WDAGUtilityAccount (S-1-5-21-104297404-645956107-3243886616-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
FW: McAfee Firewall (Disabled) {CEB92439-04C2-6B62-DF3F-10F42A719C72}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - )
4K Video Downloader (HKLM\...\{D893FFE8-D1C6-4F12-BBDE-0647A6992F47}) (Version: 4.14.1.4020 - Open Media LLC)
Acronis Drivers (HKLM\...\{29FB6899-5B83-4A82-BAE9-8CF4ECEC5BCD}) (Version: 25.6.35860 - Acronis) Hidden
Acronis True Image (HKLM-x32\...\{D503788D-85E5-4050-AF48-0E271A5CF42B}) (Version: 25.6.35860 - Acronis) Hidden
Acronis True Image (HKLM-x32\...\{D503788D-85E5-4050-AF48-0E271A5CF42B}Visible) (Version: 25.6.35860 - Acronis)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 21.001.20135 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.3.1.470 - Adobe Inc.)
Adobe Dreamweaver 2021 (HKLM-x32\...\DRWV_21_0) (Version: 21.0 - Adobe Inc.)
Adobe Illustrator 2021 (HKLM-x32\...\ILST_25_1) (Version: 25.1 - Adobe Inc.)
Adobe Photoshop 2021 (HKLM-x32\...\PHSP_22_1_1) (Version: 22.1.1.138 - Adobe Inc.)
Aktualizace NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden
AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 6.0.7 - philandro Software GmbH)
Backup and Sync from Google (HKLM\...\{00BA5D43-DC76-4DF2-A38C-5D3B8FABF5E4}) (Version: 3.54.3529.0458 - Google, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.76 - Piriform)
FORM studio (HKLM-x32\...\FSCZ_is1) (Version: - KASTNER software s.r.o.)
FormApps Signing Extension (HKLM-x32\...\{35C42D1D-32DC-404F-8978-A30B0D64DD26}) (Version: 2.24.0.43 - Software602 a.s.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 10.0.1.35811 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.150 - Google LLC)
Image Resizer for Windows (64 bit) (HKLM\...\{6026BD89-5CCA-4A47-8012-08FDA0EF935A}) (Version: 3.1.2.0 - Brice Lambson) Hidden
Image Resizer for Windows (HKLM-x32\...\{0903AF19-2041-4EBB-81CB-7A1506EC9868}) (Version: 3.1.2.0 - Brice Lambson) Hidden
Image Resizer for Windows (HKLM-x32\...\{e798dcc8-a5a5-424e-9f9a-8148e824ab13}) (Version: 3.1.2.0 - Brice Lambson)
KOSYS verze 31-04-6 (HKLM-x32\...\KOSYS®_is1) (Version: - )
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.13628.20274 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.68 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.59 - )
Microsoft OneDrive (HKU\S-1-5-21-104297404-645956107-3243886616-1002\...\OneDriveSetup.exe) (Version: 21.002.0104.0005 - Microsoft Corporation)
Microsoft SharePoint Designer 2010 (HKLM\...\Office14.SharePointDesigner) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-104297404-645956107-3243886616-1002\...\Teams) (Version: 1.3.00.34662 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 451.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 451.67 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
PCmover (HKLM-x32\...\{554987cc-80d2-464d-8263-a33ec33104cf}) (Version: 11.1.1010.404 - Laplink Software, Inc.) Hidden
PicPick (HKLM-x32\...\PicPick) (Version: 5.1.1 - NGWIN)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 5.0.3.377 - Jan Fiala)
ROSSMANN CEWE fotosvet (HKLM-x32\...\ROSSMANN CEWE fotosvet) (Version: 7.0.4 - CEWE Stiftung u Co. KGaA)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0017-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{98223B6C-F59E-4928-B553-43605D52ED19}) (Version: - Microsoft)
Streaming Audio Recorder V4.3.4.0 (HKLM-x32\...\{B6D9D06B-4B4D-4B41-B963-C056B627F704}_is1) (Version: 4.3.4.0 - Apowersoft LIMITED)
Surveillance Viewer IPC UN version 0.2.6.3 (HKLM-x32\...\{2EB12956-BBDA-4108-BF35-0C3744607E32}_is1) (Version: 0.2.6.3 - Surveillance Viewer)
Surveillance Viewer Unity version 0.7.0.40 (HKLM-x32\...\{16BC1DFD-F2D4-4E25-8E84-500CBE058F9F}_is1) (Version: 0.7.0.40 - Surveillance Viewer)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.13565 - Microsoft Corporation)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH)
Vector Magic (HKLM-x32\...\Vector Magic) (Version: 1.15 - Vector Magic, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Zoom (HKU\S-1-5-21-104297404-645956107-3243886616-1002\...\ZoomUMX) (Version: 5.4.1 (58698.1027) - Zoom Video Communications, Inc.)
ZPS 19 CZ (HKU\S-1-5-21-104297404-645956107-3243886616-1002\...\{E83AA227-7862-F115-2E87-46DCA9E3D879}) (Version: v.19.2004.2.262 - 18.08.2020 - libbi)
Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2021-01-02] (Adobe Systems Incorporated)
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2021-01-09] (Adobe Systems Incorporated)
AudioWizard -> C:\Program Files\WindowsApps\ICEpower.AudioWizard_1.5.28.0_x64__dxp88312j1fgj [2021-01-22] (ICEpower)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-09-28] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2021-01-02] (Microsoft Corporation)
Evernote -> C:\Program Files\WindowsApps\Evernote.Evernote_10.7.6.0_x86__q4d96b2w5wcc2 [2021-02-04] (Evernote)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_122.2.834.0_x64__v10z8vjag6ke6 [2021-02-11] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-08-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-08-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-01-30] (Microsoft Studios) [MS Ad]
MyASUS -> C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_2.3.13.0_x64__qmba6cd70vzyy [2021-02-10] (ASUSTeK COMPUTER INC.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-01-19] (NVIDIA Corp.)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3282.0_x64__8j3eq9eme6ctt [2021-01-27] (INTEL CORP) [Startup Task]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.15.227.0_x64__dt26b99r8h8gj [2021-02-03] (Realtek Semiconductor Corp)
ScreenXpert -> C:\Program Files\WindowsApps\B9ECED6F.ScreenPadMaster_2.1.10.0_x64__qmba6cd70vzyy [2021-01-17] (ASUSTeK COMPUTER INC.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0 [2021-02-07] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-104297404-645956107-3243886616-1002_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-FC2C1E2AE544} -> [Creative Cloud Files] => C:\Users\TL\Creative Cloud Files [2021-01-09 15:15]
CustomCLSID: HKU\S-1-5-21-104297404-645956107-3243886616-1002_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\TL\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20289.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-104297404-645956107-3243886616-1002_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\TL\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20240.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-104297404-645956107-3243886616-1002_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AcronisDrive] -> {5D74FD4B-4EFB-4586-8022-8637BBE40970} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_25_6_35860.dll [2020-12-19] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_25_6_35860.dll [2020-12-19] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_25_6_35860.dll [2020-12-19] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_25_6_35860.dll [2020-12-19] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-02-03] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-02-03] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-02-03] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-01-20] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-01-20] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-01-20] (Google LLC -> Google)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-02-03] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-02-02] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-01-20] (Google LLC -> Google)
ContextMenuHandlers1: [Image Resizer] -> {51B4D7E5-7568-4234-B4BB-47FB3C016A69} => C:\Program Files\Image Resizer for Windows\ShellExtensions.dll [2019-12-23] (Open Source Developer, Brice Lambson -> Brice Lambson)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-02-12] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-01-20] (Google LLC -> Google)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_4b2f95ebe4bc99df\nvshext.dll [2020-08-07] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-02-03] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-02-02] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-02-12] (Malwarebytes Corporation -> Malwarebytes)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\TL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Google Keep – poznámky a seznamy.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\TL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Ubiquiti Device Discovery Tool.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hmpigflbjeapnknladcfphgkemopofig
==================== Loaded Modules (Whitelisted) =============
2021-02-13 20:24 - 2021-02-13 20:24 - 000114176 _____ () [File not signed] C:\Users\TL\AppData\Local\Temp\_MEI41442\_ctypes.pyd
2021-02-13 20:24 - 2021-02-13 20:24 - 000172544 _____ () [File not signed] C:\Users\TL\AppData\Local\Temp\_MEI41442\_elementtree.pyd
2021-02-13 20:24 - 2021-02-13 20:24 - 002255872 _____ () [File not signed] C:\Users\TL\AppData\Local\Temp\_MEI41442\_hashlib.pyd
2021-02-13 20:24 - 2021-02-13 20:24 - 000032256 _____ () [File not signed] C:\Users\TL\AppData\Local\Temp\_MEI41442\_multiprocessing.pyd
2021-02-13 20:24 - 2021-02-13 20:24 - 000046080 _____ () [File not signed] C:\Users\TL\AppData\Local\Temp\_MEI41442\_psutil_windows.pyd
2021-02-13 20:24 - 2021-02-13 20:24 - 000047616 _____ () [File not signed] C:\Users\TL\AppData\Local\Temp\_MEI41442\_socket.pyd
2021-02-13 20:24 - 2021-02-13 20:24 - 002824704 _____ () [File not signed] C:\Users\TL\AppData\Local\Temp\_MEI41442\_ssl.pyd
2021-02-13 20:24 - 2021-02-13 20:24 - 000026112 _____ () [File not signed] C:\Users\TL\AppData\Local\Temp\_MEI41442\_yappi.pyd
2021-02-13 20:24 - 2021-02-13 20:24 - 000080896 _____ () [File not signed] C:\Users\TL\AppData\Local\Temp\_MEI41442\bz2.pyd
2021-02-13 20:24 - 2021-02-13 20:24 - 000015872 _____ () [File not signed] C:\Users\TL\AppData\Local\Temp\_MEI41442\common.time34.pyd
2021-02-13 20:24 - 2021-02-13 20:24 - 000007680 _____ () [File not signed] C:\Users\TL\AppData\Local\Temp\_MEI41442\hashobjs_ext.pyd
2021-02-13 20:24 - 2021-02-13 20:24 - 000301568 _____ () [File not signed] C:\Users\TL\AppData\Local\Temp\_MEI41442\PIL._imaging.pyd
2021-02-13 20:24 - 2021-02-13 20:24 - 000168448 _____ () [File not signed] C:\Users\TL\AppData\Local\Temp\_MEI41442\pyexpat.pyd
2021-02-13 20:24 - 2021-02-13 20:24 - 001084416 _____ () [File not signed] C:\Users\TL\AppData\Local\Temp\_MEI41442\pysqlite2._sqlite.pyd
2021-02-13 20:24 - 2021-02-13 20:24 - 000548864 _____ () [File not signed] C:\Users\TL\AppData\Local\Temp\_MEI41442\pythoncom27.dll
2021-02-13 20:24 - 2021-02-13 20:24 - 000137728 _____ () [File not signed] C:\Users\TL\AppData\Local\Temp\_MEI41442\pywintypes27.dll
2021-02-13 20:24 - 2021-02-13 20:24 - 000010752 _____ () [File not signed] C:\Users\TL\AppData\Local\Temp\_MEI41442\select.pyd
2021-02-13 20:24 - 2021-02-13 20:24 - 000020992 _____ () [File not signed] C:\Users\TL\AppData\Local\Temp\_MEI41442\thumbnails_ext.pyd
2021-02-13 20:24 - 2021-02-13 20:24 - 000689664 _____ () [File not signed] C:\Users\TL\AppData\Local\Temp\_MEI41442\unicodedata.pyd
2021-02-13 20:24 - 2021-02-13 20:24 - 000119808 _____ () [File not signed] C:\Users\TL\AppData\Local\Temp\_MEI41442\usb_ext.pyd
2021-02-13 20:24 - 2021-02-13 20:24 - 000128512 _____ () [File not signed] C:\Users\TL\AppData\Local\Temp\_MEI41442\win32api.pyd
2021-02-13 20:24 - 2021-02-13 20:24 - 000438784 _____ () [File not signed] C:\Users\TL\AppData\Local\Temp\_MEI41442\win32com.shell.shell.pyd
2021-02-13 20:24 - 2021-02-13 20:24 - 000011776 _____ () [File not signed] C:\Users\TL\AppData\Local\Temp\_MEI41442\win32crypt.pyd
2021-02-13 20:24 - 2021-02-13 20:24 - 000023040 _____ () [File not signed] C:\Users\TL\AppData\Local\Temp\_MEI41442\win32event.pyd
2021-02-13 20:24 - 2021-02-13 20:24 - 000149504 _____ () [File not signed] C:\Users\TL\AppData\Local\Temp\_MEI41442\win32file.pyd
2021-02-13 20:24 - 2021-02-13 20:24 - 000223232 _____ () [File not signed] C:\Users\TL\AppData\Local\Temp\_MEI41442\win32gui.pyd
2021-02-13 20:24 - 2021-02-13 20:24 - 000048128 _____ () [File not signed] C:\Users\TL\AppData\Local\Temp\_MEI41442\win32inet.pyd
2021-02-13 20:24 - 2021-02-13 20:24 - 000029696 _____ () [File not signed] C:\Users\TL\AppData\Local\Temp\_MEI41442\win32pdh.pyd
2021-02-13 20:24 - 2021-02-13 20:24 - 000027648 _____ () [File not signed] C:\Users\TL\AppData\Local\Temp\_MEI41442\win32pipe.pyd
2021-02-13 20:24 - 2021-02-13 20:24 - 000044032 _____ () [File not signed] C:\Users\TL\AppData\Local\Temp\_MEI41442\win32process.pyd
2021-02-13 20:24 - 2021-02-13 20:24 - 000020480 _____ () [File not signed] C:\Users\TL\AppData\Local\Temp\_MEI41442\win32profile.pyd
2021-02-13 20:24 - 2021-02-13 20:24 - 000136192 _____ () [File not signed] C:\Users\TL\AppData\Local\Temp\_MEI41442\win32security.pyd
2021-02-13 20:24 - 2021-02-13 20:24 - 000026624 _____ () [File not signed] C:\Users\TL\AppData\Local\Temp\_MEI41442\win32ts.pyd
2021-02-13 20:24 - 2021-02-13 20:24 - 000034304 _____ () [File not signed] C:\Users\TL\AppData\Local\Temp\_MEI41442\windows.conditional.pyd
2021-02-13 20:24 - 2021-02-13 20:24 - 000037888 _____ () [File not signed] C:\Users\TL\AppData\Local\Temp\_MEI41442\windows.connectivity.pyd
2021-02-13 20:24 - 2021-02-13 20:24 - 000071680 _____ () [File not signed] C:\Users\TL\AppData\Local\Temp\_MEI41442\windows.device_monitor.pyd
2021-02-13 20:24 - 2021-02-13 20:24 - 000103936 _____ () [File not signed] C:\Users\TL\AppData\Local\Temp\_MEI41442\windows.volumes.pyd
2021-02-13 20:24 - 2021-02-13 20:24 - 000019968 _____ () [File not signed] C:\Users\TL\AppData\Local\Temp\_MEI41442\windows.winwrap.pyd
2021-02-13 20:24 - 2021-02-13 20:24 - 001325056 _____ () [File not signed] C:\Users\TL\AppData\Local\Temp\_MEI41442\wx._controls_.pyd
2021-02-13 20:24 - 2021-02-13 20:24 - 001489408 _____ () [File not signed] C:\Users\TL\AppData\Local\Temp\_MEI41442\wx._core_.pyd
2021-02-13 20:24 - 2021-02-13 20:24 - 001007104 _____ () [File not signed] C:\Users\TL\AppData\Local\Temp\_MEI41442\wx._gdi_.pyd
2021-02-13 20:24 - 2021-02-13 20:24 - 000103424 _____ () [File not signed] C:\Users\TL\AppData\Local\Temp\_MEI41442\wx._html2.pyd
2021-02-13 20:24 - 2021-02-13 20:24 - 000916992 _____ () [File not signed] C:\Users\TL\AppData\Local\Temp\_MEI41442\wx._misc_.pyd
2021-02-13 20:24 - 2021-02-13 20:24 - 001039872 _____ () [File not signed] C:\Users\TL\AppData\Local\Temp\_MEI41442\wx._windows_.pyd
2020-12-31 10:51 - 2020-12-31 10:52 - 042499072 _____ (Intel Corporation) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3282.0_x64__8j3eq9eme6ctt\IGCC.dll
2021-02-13 20:24 - 2021-02-13 20:24 - 003043328 _____ (Python Software Foundation) [File not signed] C:\Users\TL\AppData\Local\Temp\_MEI41442\python27.dll
2020-12-19 15:44 - 2020-12-19 15:44 - 025338368 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Acronis\TrueImageHome\icudt54.dll
2020-12-19 15:44 - 2020-12-19 15:44 - 002056704 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Acronis\TrueImageHome\icuin54.dll
2020-12-19 15:44 - 2020-12-19 15:44 - 001425408 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Acronis\TrueImageHome\icuuc54.dll
2013-05-11 04:47 - 2013-05-11 04:47 - 000061440 _____ (VMProtect Software) [File not signed] C:\Program Files (x86)\PicPick\ppkgr.dll
2021-02-13 20:24 - 2021-02-13 20:24 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\TL\AppData\Local\Temp\_MEI41442\wxbase30u_net_vc90_x64.dll
2021-02-13 20:24 - 2021-02-13 20:24 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\TL\AppData\Local\Temp\_MEI41442\wxbase30u_vc90_x64.dll
2021-02-13 20:24 - 2021-02-13 20:24 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\TL\AppData\Local\Temp\_MEI41442\wxmsw30u_adv_vc90_x64.dll
2021-02-13 20:24 - 2021-02-13 20:24 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\TL\AppData\Local\Temp\_MEI41442\wxmsw30u_core_vc90_x64.dll
2021-02-13 20:24 - 2021-02-13 20:24 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\TL\AppData\Local\Temp\_MEI41442\wxmsw30u_html_vc90_x64.dll
2021-02-13 20:24 - 2021-02-13 20:24 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\TL\AppData\Local\Temp\_MEI41442\wxmsw30u_webview_vc90_x64.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-104297404-645956107-3243886616-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=ASTE
HKU\S-1-5-21-104297404-645956107-3243886616-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msn.com/?pc=ASTE
SearchScopes: HKU\S-1-5-21-104297404-645956107-3243886616-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-104297404-645956107-3243886616-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-12-07] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-12-07] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-12-07] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-12-07] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-12-07] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-12-07] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
DPF: HKLM-x32 {79EE81BD-6194-4240-A04F-131A81513DCB} hxxp://185.131.60.230:7008/Media.CAB
DPF: HKLM-x32 {87D48502-D1FF-4D25-B66C-9DA4F7CB2722} hxxp://185.243.126.147:7000/classes/CamV_H264.cab
DPF: HKLM-x32 {B4CB8358-ABDB-47EE-BC2D-437B5DEBABCB} hxxp://62.209.202.134:7000/AxViewer/AxMediaControl.cab
DPF: HKLM-x32 {C3FCA0AC-91C5-4015-BE70-9E036D01A89A} hxxp://195.122.223.85:7000/MediaControl
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2020-12-29 09:07 - 2021-01-09 15:11 - 000000859 _____ C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.0 account.zoner.com
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-104297404-645956107-3243886616-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\TL\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 89.22.66.2 - 10.10.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-104297404-645956107-3243886616-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-104297404-645956107-3243886616-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-104297404-645956107-3243886616-1002\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-104297404-645956107-3243886616-1002\...\StartupApproved\Run: => "PSTMover"
HKU\S-1-5-21-104297404-645956107-3243886616-1002\...\StartupApproved\Run: => "Surfshark"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{1B2A7AB5-550C-4260-B909-58F0D7F3B732}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0F75FF8C-121F-43BE-854A-69FA034B7C20}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{52215319-B1B8-44E6-9FD2-CF0FA03E73E1}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CC2EBB6D-3C53-45CD-AA20-57B27E8E518B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A2A6E3E1-D864-4316-9755-BCB2D9A74DDC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0A65CA8F-7255-4D6D-92BB-A27DCC2F0100}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{10DBBA4E-7F52-46C7-931B-AD6D9A713991}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{A78DB82F-0080-4056-BEC2-D80D310E60FE}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [TCP Query User{62264DF0-0C31-4A6F-A2BD-635CBB761D68}C:\users\tl\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\tl\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{1A3B234E-5CF1-4068-98B0-247D1BD86DD1}C:\users\tl\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\tl\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{26DADC15-A5A7-4147-880D-F8ACC88ADC8A}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{8A7754B6-E59F-4476-AE03-E5126DA9F505}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F5ED3D64-38AC-41EF-9FAE-376BFB459DBF}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\Streaming Audio Recorder.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{B865739A-274E-4206-ACAD-E0992F5756E5}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\Streaming Audio Recorder.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{50D23E1E-154C-491A-B687-D481BCF2AFD0}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\ApowersoftVideoHelper.dll () [File not signed]
FirewallRules: [{55BA9132-C4B5-4FC1-8B6F-A7DAC08B687F}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\ApowersoftVideoHelper.dll () [File not signed]
FirewallRules: [TCP Query User{BA9A0A6A-8944-4A74-A994-6268B8D68322}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{20A11952-2C48-4A6F-A714-45652BF6D049}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{010CBE7F-A440-4E5B-865F-DB07B7B2E607}] => (Allow) C:\Users\TL\AppData\Roaming\Zoom\bin\Zoom.exe (Access Denied)
FirewallRules: [TCP Query User{66191E78-5841-48DE-83BD-4877DDC9A8ED}C:\users\tl\downloads\winbox64.exe] => (Allow) C:\users\tl\downloads\winbox64.exe (Mikrotikls SIA -> )
FirewallRules: [UDP Query User{88EEAC3A-0981-4BA3-ADE2-BB4D76FA9073}C:\users\tl\downloads\winbox64.exe] => (Allow) C:\users\tl\downloads\winbox64.exe (Mikrotikls SIA -> )
FirewallRules: [TCP Query User{BCC8AC7B-28C5-406F-8D02-5E8D26C6A1C2}C:\users\tl\downloads\winbox64.exe] => (Allow) C:\users\tl\downloads\winbox64.exe (Mikrotikls SIA -> )
FirewallRules: [UDP Query User{DE68C838-4764-4B3A-86DA-BEA784E32AD5}C:\users\tl\downloads\winbox64.exe] => (Allow) C:\users\tl\downloads\winbox64.exe (Mikrotikls SIA -> )
FirewallRules: [TCP Query User{6ADB86A2-8A0F-4AEF-B3B5-189B5D420428}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{3BEFB765-5412-4CAF-9B32-6FFF32C392F0}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{B39104CC-BAB9-43CB-9B97-809DEA59BC28}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{84C97EA7-F4D2-4CC0-8783-77D546F04DB2}C:\program files\adobe\adobe dreamweaver 2021\node\node.exe] => (Block) C:\program files\adobe\adobe dreamweaver 2021\node\node.exe (Adobe Inc. -> Node.js)
FirewallRules: [UDP Query User{B1DA525D-5748-42C9-9AD6-768DF169CDC5}C:\program files\adobe\adobe dreamweaver 2021\node\node.exe] => (Block) C:\program files\adobe\adobe dreamweaver 2021\node\node.exe (Adobe Inc. -> Node.js)
FirewallRules: [{FBDFEC11-BB06-4F52-A9FE-74EE8C2C9B73}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3B46BCB6-4DFA-44B0-AE89-6D39E8D0FF6A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{37523CA5-8577-421F-A381-35CB48581327}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E802D234-E68C-4A90-A2A7-62828F1A4EF9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4FD570D8-5E97-452E-829F-66C0FC31B292}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> )
FirewallRules: [{126ECD5C-717E-4101-9DB6-98C5B4E0846D}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{490BD382-8DA3-4DCF-A302-F064D0707F06}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImage.exe (Acronis International GmbH -> )
FirewallRules: [{699673C4-B9E1-4195-84B2-62F92AF4EAA8}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis International GmbH -> )
FirewallRules: [{022F02EB-EB94-4285-9363-3B7CA31BF280}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageTools.exe (Acronis International GmbH -> )
FirewallRules: [{1D81DB46-2F78-4268-B686-180D7DA211B1}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeService.exe (Acronis International GmbH -> )
FirewallRules: [{26C44CA4-D761-47F2-969C-5D69A65F7A04}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\MediaBuilder.exe (Acronis International GmbH -> )
FirewallRules: [{892006B2-1818-41D5-9BA7-1F8AD07A22DD}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\SystemReport.exe (Acronis International GmbH -> )
FirewallRules: [{617B2010-CABE-433A-946A-DA29BC23274B}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\acronis_drive.exe (Acronis International GmbH -> )
FirewallRules: [{82187BF3-6CAC-46EF-AE87-C3AE01F7B0C4}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{325679F6-3F4D-4A8B-B34D-C679AAFE5B24}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe (Acronis International GmbH -> )
FirewallRules: [{16987432-1DB5-4680-BCE0-E15ED5CEEB1D}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\ga_service.exe (Acronis International GmbH -> )
FirewallRules: [{2E56065E-B49A-4696-9E21-E8BD1E3E5263}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\LicenseActivator.exe (Acronis International GmbH -> )
FirewallRules: [{3C96EB86-E22C-453C-86AF-0069B8B13F95}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Home\report_sender.exe (Acronis International GmbH -> )
FirewallRules: [{707A5861-4268-4C26-AB28-FC98C2FE8E19}] => (Allow) C:\Program Files (x86)\Acronis\Agent\bin\bckp_amgr.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{E887666E-A2E1-43C1-9EDB-C499C41EAB44}] => (Allow) C:\Program Files (x86)\Acronis\Agent\bin\task-manager.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{09069DDD-328D-45D7-BFDD-B9C980546ACB}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe (Acronis International GmbH -> )
FirewallRules: [{1B0EBAB6-BB44-49A9-8889-15A99E07C395}] => (Allow) C:\Program Files (x86)\Acronis\Agent\aakore.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{924502F8-B768-4F19-A712-7469D2A992C3}] => (Allow) C:\Program Files\Acronis\CyberProtect\cyber-protect-service.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{051E9B42-0087-46CC-A770-70E3535BFD0F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{ADEB7141-B70F-46F8-8544-144EFD5050A7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C0BC9E76-44BC-451E-9398-BD20B32A140F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8E070F35-CF97-44FB-AFDE-0A452C82056E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2F627D7F-44F3-4A8E-99A1-4A1623FB4215}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EDB2F89F-4E24-479A-89B9-0BBF97BE3E06}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C85C0DC9-FC60-4773-B4EA-94DAE25E844A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{592D1E91-7EBC-4538-873F-4F8FF09FCFEA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9107A06E-2486-40CA-9B10-F98366027D97}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{00A30969-937D-4F13-9FE2-19873CC538C6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B76A1366-41D4-41FE-92CA-196D03BC3E0B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{57B8C20F-2C9B-4ED9-B81D-EBF779A4BE17}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2742E264-8029-4F5E-8B2C-3E9EFD11FB31}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CB5C6D27-2A07-430B-8356-9B491632C683}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A2998006-54CC-4D18-9CC3-B5CEAE875F5E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F7502756-CEAC-49DD-8805-1C20F8EA698A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8E2B8B82-E321-4537-8A22-B570559BB434}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{DA4418B6-E7DA-4720-AE61-9F525EAEB416}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{550E89FD-AA50-4715-8740-41DD58B2B373}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{9FAD3CDD-4CEB-4489-A7CE-A50219DB3177}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{7C2D64C0-E95C-4ADA-BBD8-ECD352EB9586}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{8D2677B9-18DC-4A13-9B0A-A6C67339F9D1}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_51f81f063870aea7\ASUSLinkNear\AsusLinkNear.exe (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
FirewallRules: [{6B94AE8E-DF3A-4C69-97B5-2C62555FE1EA}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{3C8D99BD-F656-44B2-B08E-1DD1200DE205}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{23DD3097-6BD5-4EDB-88E7-4B0EA87B6568}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_51f81f063870aea7\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{23333BF5-3641-4065-B780-5A2DE4D4A04E}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_51f81f063870aea7\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
==================== Restore Points =========================
10-02-2021 16:06:13 Instalační služba modulů systému Windows
10-02-2021 16:07:31 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (02/13/2021 09:34:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: uTorrent.exe, verze: 2.2.1.25302, časové razítko: 0x4dd301c8
Název chybujícího modulu: GDI32.dll, verze: 10.0.19041.746, časové razítko: 0x1baae673
Kód výjimky: 0xc000041d
Posun chyby: 0x00005d67
ID chybujícího procesu: 0x1c64
Čas spuštění chybující aplikace: 0x01d70247875dc3df
Cesta k chybující aplikaci: C:\Program Files (x86)\uTorrent\uTorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: 15ecf90b-b747-4c33-8737-8ec03494ee70
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/13/2021 06:52:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname TL-ASUS.local already in use; will try TL-ASUS-2.local instead
Error: (02/13/2021 06:52:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 1; will deregister 4 TL-ASUS.local. Addr 169.254.165.136
Error: (02/13/2021 06:52:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.64:5353 4 TL-ASUS.local. Addr 192.168.1.64
Error: (02/13/2021 03:45:56 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (02/13/2021 08:58:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: WLANExt.exe, verze: 10.0.19041.1, časové razítko: 0x45c477dd
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.804, časové razítko: 0x4544b4a1
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000460f6
ID chybujícího procesu: 0x659c
Čas spuštění chybující aplikace: 0x01d701b6e5d9364c
Cesta k chybující aplikaci: C:\WINDOWS\system32\WLANExt.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 983516f9-97a2-45d5-bf68-a632e018513b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/12/2021 02:58:08 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (02/12/2021 08:35:48 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
System errors:
=============
Error: (02/13/2021 08:25:20 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby AcronisActiveProtectionService bylo dosaženo časového limitu (30000 ms).
Error: (02/13/2021 08:24:50 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby AcronisActiveProtectionService bylo dosaženo časového limitu (30000 ms).
Error: (02/13/2021 08:24:20 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby AcronisActiveProtectionService bylo dosaženo časového limitu (30000 ms).
Error: (02/13/2021 08:23:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba kontroly sítě v Antivirové ochraně v programu Microsoft Defender neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (02/13/2021 06:52:31 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Publikování prostředků rozpoznávání funkcí byla ukončena s následující chybou:
%%2147952449 = Požadovaná adresa není v tomto kontextu platná.
Error: (02/13/2021 08:58:03 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\system32\IntelIHVRouter08.dll
Error: (02/12/2021 12:22:28 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\system32\IntelIHVRouter08.dll
Error: (02/12/2021 12:22:28 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\system32\IntelIHVRouter08.dll
Windows Defender:
================
Date: 2021-02-11 11:44:16
Description:
Antivirov� ochrana v programu Microsoft Defender zjistil malware nebo jin� potenci�ln� ne��douc� software.
Dal�� informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
N�zev: Trojan:MSIL/Renerez.AKV!MTB
ID: 2147752803
Z�va�nost: V�n�
Kategorie: Trojsk� k��
Cesta: file:_C:\Users\TL\Downloads\Freemake Video Converter 4.1.10.152\Keygen\Freemake Products Keygen.exe
P�vod detekce: M�stn� po��ta�
Typ detekce: Konkr�tn�
Zdroj detekce: Ochrana v re�ln�m �ase
U�ivatel: TL-ASUS\TL
N�zev procesu: C:\Program Files\totalcmd\TOTALCMD64.EXE
Verze bezpe�nostn�ch informac�: AV: 1.331.708.0, AS: 1.331.708.0, NIS: 1.331.708.0
Verze modulu: AM: 1.1.17800.5, NIS: 1.1.17800.5
Date: 2021-02-11 11:43:22
Description:
Antivirov� ochrana v programu Microsoft Defender zjistil malware nebo jin� potenci�ln� ne��douc� software.
Dal�� informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
N�zev: PUA:Win32/InstallCore
ID: 213927
Z�va�nost: N�zk�
Kategorie: Potenci�ln� ne��douc� software
Cesta: file:_C:\Users\TL\Downloads\utorrent_4142463481.exe
P�vod detekce: M�stn� po��ta�
Typ detekce: Konkr�tn�
Zdroj detekce: Ochrana v re�ln�m �ase
U�ivatel: TL-ASUS\TL
N�zev procesu: C:\Program Files\totalcmd\TOTALCMD64.EXE
Verze bezpe�nostn�ch informac�: AV: 1.331.708.0, AS: 1.331.708.0, NIS: 1.331.708.0
Verze modulu: AM: 1.1.17800.5, NIS: 1.1.17800.5
Date: 2021-02-11 11:43:03
Description:
Antivirov� ochrana v programu Microsoft Defender zjistil malware nebo jin� potenci�ln� ne��douc� software.
Dal�� informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
N�zev: PUA:Win32/Presenoker
ID: 242420
Z�va�nost: N�zk�
Kategorie: Potenci�ln� ne��douc� software
Cesta: file:_C:\Users\TL\Downloads\mailpv.zip; webfile:_C:\Users\TL\Downloads\mailpv.zip|https://www.nirsoft.net/toolsdownload/m ... 8671337542
P�vod detekce: Internet
Typ detekce: Konkr�tn�
Zdroj detekce: Soubory ke sta�en� a p��lohy
U�ivatel:
N�zev procesu: C:\Program Files\totalcmd\TOTALCMD64.EXE
Verze bezpe�nostn�ch informac�: AV: 1.331.708.0, AS: 1.331.708.0, NIS: 1.331.708.0
Verze modulu: AM: 1.1.17800.5, NIS: 1.1.17800.5
Date: 2021-02-11 11:35:49
Description:
Antivirov� ochrana v programu Microsoft Defender zjistil malware nebo jin� potenci�ln� ne��douc� software.
Dal�� informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
N�zev: HackTool:Win32/Passview
ID: 2147597639
Z�va�nost: Vysok�
Kategorie: N�stroj
Cesta: file:_C:\Users\TL\AppData\Local\Temp\Temp1_mailpv.zip\mailpv.exe
P�vod detekce: M�stn� po��ta�
Typ detekce: FastPath
Zdroj detekce: Ochrana v re�ln�m �ase
U�ivatel: TL-ASUS\TL
N�zev procesu: C:\Program Files\totalcmd\TOTALCMD64.EXE
Verze bezpe�nostn�ch informac�: AV: 1.331.708.0, AS: 1.331.708.0, NIS: 1.331.708.0
Verze modulu: AM: 1.1.17800.5, NIS: 1.1.17800.5
Date: 2021-02-11 08:30:29
Description:
Prohled�v�n� Antivirov� ochrana v programu Microsoft Defender bylo zastaveno p�ed dokon�en�m.
ID prohled�v�n�: {0E5166DC-C276-4EFD-BDDB-2A6AA28D05C6}
Typ prohled�v�n�: Antimalwarov� program
Parametry prohled�v�n�: Rychl� prohled�v�n�
U�ivatel: NT AUTHORITY\SYSTEM
Date: 2021-02-13 20:23:24
Description:
Funkce Ochrana v re�ln�m �ase u prohled�v�n� Antivirov� ochrana v programu Microsoft Defender zjistila chybu a do�lo k jej�mu selh�n�.
Funkce: Syst�m kontroly s�t�
K�d chyby: 0x8007041d
Popis chyby: Slu�ba neodpov�d�la na ��dic� nebo zahajovac� po�adavek dostate�n� v�as.
D�vod: V syst�mu chyb� aktualizace pot�ebn� ke spu�t�n� syst�mu kontroly s�t�. Nainstalujte pot�ebn� aktualizace a restartujte za��zen�.
Date: 2021-01-25 16:16:18
Description:
Antivirov� ochrana v programu Microsoft Defender narazil na chybu p�i pokusu o aktualizaci bezpe�nostn�ch informac�.
Nov� verze bezpe�nostn�ch informac�:
P�edchoz� verze bezpe�nostn�ch informac�: 1.329.2803.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpe�nostn�ch informac�: Antivirov� program
Typ aktualizace: �pln�
U�ivatel: NT AUTHORITY\SYSTEM
Aktu�ln� verze modulu:
P�edchoz� verze modulu: 1.1.17700.4
K�d chyby: 0x8024402c
Popis chyby: P�i zji��ov�n� aktualizac� do�lo k neo�ek�van�m pot��m. Informace o instalaci nebo �e�en� pot�� s aktualizacemi naleznete v n�pov�d� a podpo�e.
Date: 2021-01-25 08:16:17
Description:
Antivirov� ochrana v programu Microsoft Defender narazil na chybu p�i pokusu o aktualizaci bezpe�nostn�ch informac�.
Nov� verze bezpe�nostn�ch informac�:
P�edchoz� verze bezpe�nostn�ch informac�: 1.329.2793.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpe�nostn�ch informac�: Antivirov� program
Typ aktualizace: �pln�
U�ivatel: NT AUTHORITY\SYSTEM
Aktu�ln� verze modulu:
P�edchoz� verze modulu: 1.1.17700.4
K�d chyby: 0x8024402c
Popis chyby: P�i zji��ov�n� aktualizac� do�lo k neo�ek�van�m pot��m. Informace o instalaci nebo �e�en� pot�� s aktualizacemi naleznete v n�pov�d� a podpo�e.
Date: 2021-01-22 16:43:37
Description:
Antivirov� ochrana v programu Microsoft Defender narazil na chybu p�i pokusu o aktualizaci bezpe�nostn�ch informac�.
Nov� verze bezpe�nostn�ch informac�:
P�edchoz� verze bezpe�nostn�ch informac�: 1.329.2627.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpe�nostn�ch informac�: Antivirov� program
Typ aktualizace: �pln�
U�ivatel: NT AUTHORITY\SYSTEM
Aktu�ln� verze modulu:
P�edchoz� verze modulu: 1.1.17700.4
K�d chyby: 0x80240438
Popis chyby: P�i zji��ov�n� aktualizac� do�lo k neo�ek�van�m pot��m. Informace o instalaci nebo �e�en� pot�� s aktualizacemi naleznete v n�pov�d� a podpo�e.
Date: 2021-01-19 17:17:11
Description:
Antivirov� ochrana v programu Microsoft Defender narazil na chybu p�i pokusu o aktualizaci bezpe�nostn�ch informac�.
Nov� verze bezpe�nostn�ch informac�:
P�edchoz� verze bezpe�nostn�ch informac�: 1.329.2400.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpe�nostn�ch informac�: Antivirov� program
Typ aktualizace: �pln�
U�ivatel: NT AUTHORITY\SYSTEM
Aktu�ln� verze modulu:
P�edchoz� verze modulu: 1.1.17700.4
K�d chyby: 0x8024402c
Popis chyby: P�i zji��ov�n� aktualizac� do�lo k neo�ek�van�m pot��m. Informace o instalaci nebo �e�en� pot�� s aktualizacemi naleznete v n�pov�d� a podpo�e.
CodeIntegrity:
==============
Date: 2021-02-13 21:38:40
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2021-02-13 21:38:40
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2021-02-13 21:38:39
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2021-02-13 21:38:39
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2021-02-13 21:38:01
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2021-02-13 21:38:01
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2021-02-13 21:37:57
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2021-02-13 21:37:57
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. UX534FTC.305 04/13/2020
Motherboard: ASUSTeK COMPUTER INC. UX534FTC
Processor: Intel(R) Core(TM) i7-10510U CPU @ 1.80GHz
Percentage of memory in use: 57%
Total physical RAM: 16182.28 MB
Available physical RAM: 6907.39 MB
Total Virtual: 36662.28 MB
Available Virtual: 24251.34 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:952.23 GB) (Free:502.37 GB) NTFS
\\?\Volume{bfa1850b-49b8-4c58-82d4-632b616e0564}\ (RECOVERY) (Fixed) (Total:1.37 GB) (Free:0.7 GB) NTFS
\\?\Volume{cd6a8d42-46e6-4cb8-8eda-f30ffc6ccd00}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 953.9 GB) (Disk ID: CD4E5359)
Partition: GPT.
==================== End of Addition.txt =======================
Přispějete na provoz fóra?