Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Otevřená stránka s reklamou po startu PC

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
martin06
Návštěvník
Návštěvník
Příspěvky: 163
Registrován: 07 říj 2006 22:46

Otevřená stránka s reklamou po startu PC

#1 Příspěvek od martin06 »

Dobrý den,
dnes k večeru jsem zapnul počítač a nečekaně se mi otevřela webový prohlážeč s reklamou. Děkuji za odstranění.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-06-2021
Ran by Martin (administrator) on DESKTOP-69LFJ66 (03-06-2021 21:22:30)
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin & postgres
Platform: Windows 10 Home Version 20H2 19042.985 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\HidesterVPN\hidester-svc.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
(ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\FANRGBHEADER\FanLEDCtrl.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\LightingService\1.00.39\AsRogAuraGpuDllServer.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.31\aaHMSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\1.00.39\LightingService.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(ESET, spol. s r.o. -> ESET) C:\Users\Martin\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
(ESET, spol. s r.o. -> ESET) C:\Users\Martin\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScannerBTS.exe
(ESET, spol. s r.o. -> ESET) D:\BMW\17\esetonlinescanner.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(Locktime Software s.r.o. -> Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLClientApp.exe
(Locktime Software s.r.o. -> Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
(Mediafour Corporation -> Mediafour Corporation) C:\Program Files\Mediafour\MacDrive 10\MacDrive10Service.exe
(Mediafour Corporation -> Mediafour Corporation) C:\Program Files\Mediafour\MacDrive 10\MDHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Martin\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2105.19601.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.3-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.3-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <11>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvaki.inf_amd64_58d2286fd3bf2b8d\Display.NvContainer\NVDisplay.Container.exe <2>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\9.5\bin\pg_ctl.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\9.5\bin\postgres.exe <7>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Samsung Electronics CO., LTD. -> ) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [519912 2017-12-01] (Acronis International GmbH -> )
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9246656 2018-01-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] (Samsung Electronics CO., LTD. -> )
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\...\Run: [WSVCUUpdateHelper.exe] => C:\Program Files\Wondershare\Wondershare UniConverter\WSVCUUpdateHelper.exe
HKLM\...\Run: [MacDrive 10 helper] => C:\Program Files\Mediafour\MacDrive 10\MDHelper.exe [299872 2017-09-28] (Mediafour Corporation -> Mediafour Corporation)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [425864 2017-12-01] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [3770736 2017-12-01] (Acronis International GmbH -> )
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [706192 2021-04-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [Speechtech TTS 32-bit preload] => C:\Program Files (x86)\Speechtech TTS\TTSGui.exe [2636616 2020-08-05] (SpeechTech, s.r.o. -> SpeechTech, s.r.o. (www.speechtech.cz))
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [731240 2018-12-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\Run: [Steam] => D:\Steam\steam.exe [3424032 2020-10-29] (Valve -> Valve Corporation)
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32414392 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\Run: [Discord] => C:\Users\Martin\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [153136 2007-03-12] (Nero AG -> Nero AG)
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\Run: [Google Update] => C:\Users\Martin\AppData\Local\Google\Update\1.3.36.82\GoogleUpdateCore.exe [217432 2021-04-21] (Google LLC -> Google LLC)
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\Run: [Zoner Photo Studio Autoupdate] => C:\Users\Martin\AppData\Local\Programs\Zoner\ZPS X\binary\Program32\ZPSTRAY.EXE [804336 2020-12-02] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\Run: [NetLimiter] => C:\Program Files\Locktime Software\NetLimiter 4\nlclientapp.exe [96840 2021-05-06] (Locktime Software s.r.o. -> Locktime Software)
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\MountPoints2: {c75b6ffe-132a-11e9-88c9-0c9d9262121a} - "E:\setup.exe"
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\MountPoints2: {c75b7132-132a-11e9-88c9-0c9d9262121a} - "F:\setup.exe"
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\MountPoints2: {c75b7991-132a-11e9-88c9-0c9d9262121a} - "G:\setup.exe"
HKLM\...\Windows x64\Print Processors\Canon MP630 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9C.DLL [27648 2009-12-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\sxj2mPC: C:\Windows\System32\spool\prtprocs\x64\sxj2mpc.dll [43520 2014-02-20] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP630 series: C:\Windows\system32\CNMLM9C.DLL [279040 2009-12-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\sxj2m Langmon: C:\Windows\system32\sxj2mlm.dll [34304 2013-12-10] (Microsoft Windows Hardware Compatibility Publisher -> )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat [2019-12-29] () [File not signed]
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {10B44675-5D30-4BCC-B6CA-7A738518EC20} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1952709571-807798404-1509361630-1003UA => C:\Users\Martin\AppData\Local\Google\Update\GoogleUpdate.exe [155592 2020-11-05] (Google LLC -> Google LLC)
Task: {2CCAC4DB-5B8A-45E6-9714-34355ADA3830} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1907712 2021-04-12] () [File not signed]
Task: {354F394F-637D-417D-AC5B-3DCA03622C42} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3A03289B-7FAD-4E10-B1B6-E1AF73AFEE7D} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3336560 2021-04-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {486D5A86-E43F-4ACE-A6FF-70CBA670D2FF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4E6F28EB-791C-4C8E-B84C-EDA770500230} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {570A8D51-ADB0-4C7C-83C1-0F6612D36B30} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {66B7EEEA-9777-4CFC-ADBD-25890248E9B2} - System32\Tasks\Zoner.Updater.S-1-5-21-1952709571-807798404-1509361630-1003 => C:\ProgramData\Zoner\Zoner.Installer.Core\Updater.exe [1602464 2021-05-24] (ZONER software, a.s. -> ZONER software, a.s.)
Task: {66BA1A9F-46DA-44E2-9E70-06D495F50986} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe [69512 2018-04-25] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {7E8ACBB9-F305-461C-9BAB-AB783FB6EF75} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {7FF54325-CBBE-4092-9A30-7456F4B32A6A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.3-0\MpCmdRun.exe [644872 2021-06-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {848B3368-4FCD-44F7-AC25-D1B75021B74C} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2072536 2017-07-16] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {8E9129E1-F4EB-413D-9B88-6EB25DFFB3D7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.3-0\MpCmdRun.exe [644872 2021-06-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {905D3276-18DC-44D0-9307-CBBD31963648} - \Adobe Acrobat Update Task -> No File <==== ATTENTION
Task: {9226B98D-FF26-4311-835E-77B86A525C1E} - System32\Tasks\ASUS\AsRogAuraGpuDllServer => C:\Program Files (x86)\LightingService\1.00.39\AsRogAuraGpuDllServer.exe [280536 2018-02-06] (ASUSTeK Computer Inc. -> )
Task: {9278EFB4-CF62-4F13-A99D-5E9672159CE0} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {99DE3827-F205-4BF4-8569-0FDC650F8A3E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1952709571-807798404-1509361630-1003Core => C:\Users\Martin\AppData\Local\Google\Update\GoogleUpdate.exe [155592 2020-11-05] (Google LLC -> Google LLC)
Task: {A0C36A0E-1D7E-4AD2-8DB6-56415BAE90B3} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A24E69C6-9C4A-409C-AD39-26010D24280A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.3-0\MpCmdRun.exe [644872 2021-06-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AED8C40E-6018-4F9B-88DC-48B1036643E1} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [49544 2018-04-25] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {AF076AD9-9661-4835-9B64-183F9B8CC142} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.3-0\MpCmdRun.exe [644872 2021-06-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B10BC551-BA95-4E41-A057-50FA806324CC} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D96C02DF-A5EA-4F5E-A40F-2D850270933A} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-29] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {E3FE644F-2189-4C96-9988-E7FBEB718364} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-29] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {E519CF16-AEFF-4E8D-BF3F-FBCBBBCE64C8} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E5AB2829-5A65-4444-8A9B-8F138EBE1235} - System32\Tasks\ASUS\ASUS FanLEDCtrl => C:\Program Files (x86)\ASUS\AI Suite III\FANRGBHEADER\FanLEDCtrl.exe [1147352 2017-07-17] (ASUSTeK Computer Inc. -> )
Task: {FA9EE9EC-066F-44F5-A82F-0D77E413FBEF} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.1.138
Tcpip\..\Interfaces\{3a02d8cd-2a78-44ef-8d18-583f066a34a9}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{883c3a9e-efd9-4b96-bcb7-1911c521d092}: [DhcpNameServer] 172.18.0.1 172.18.0.1
Tcpip\..\Interfaces\{f2956a0e-93dd-4030-b3ea-f4e0c6c893b9}: [DhcpNameServer] 10.0.1.138

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Martin\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-03]

FireFox:
========
FF DefaultProfile: dzgrn46h.default
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\dzgrn46h.default [2021-06-03]
FF DownloadDir: D:\BMW\17
FF Homepage: Mozilla\Firefox\Profiles\dzgrn46h.default -> hxxps://www.seznam.cz/
FF Notifications: Mozilla\Firefox\Profiles\dzgrn46h.default -> hxxps://www.kupi.cz; hxxps://drive.google.com
FF Extension: (SetupVPN - Lifetime Free VPN) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\dzgrn46h.default\Extensions\@setupvpncom.xpi [2021-05-02]
FF Extension: (Komponenta I.CA PKI Service) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\dzgrn46h.default\Extensions\icapkiservice@ica.cz.xpi [2020-06-16]
FF Extension: (Avira Password Manager) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\dzgrn46h.default\Extensions\passwordmanager@avira.com.xpi [2021-03-18]
FF Extension: (Block Site) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\dzgrn46h.default\Extensions\{07046613-1993-4b66-9dd1-9dd1ce581cb7}.xpi [2020-07-13]
FF Extension: (Whoer VPN) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\dzgrn46h.default\Extensions\{ee47f82c-1872-4053-badf-cc675093f81e}.xpi [2020-07-14]
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-02-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-02-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-02-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems Incorporated -> Adobe Systems)

Chrome:
=======
CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default [2021-06-03]
CHR Extension: (Prezentace) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-04-23]
CHR Extension: (Safe Torrent Scanner) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2021-01-24]
CHR Extension: (Dokumenty) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-04-23]
CHR Extension: (Disk Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-05]
CHR Extension: (YouTube) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-23]
CHR Extension: (Tabulky) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-04-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-05]
CHR Extension: (Chrome Media Router) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-22]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [2723872 2017-12-01] (Acronis International GmbH -> Acronis International GmbH)
R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1133728 2017-12-01] (Acronis International GmbH -> )
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6096688 2018-05-10] (Acronis International GmbH -> )
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe [382424 2018-02-06] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.31\aaHMSvc.exe [975832 2017-06-01] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [634768 2021-04-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [383976 2021-05-06] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8402648 2019-12-08] (BattlEye Innovations e.K. -> )
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3644008 2018-12-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [777856 2019-10-24] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-18] (Hewlett-Packard Co.) [File not signed]
R2 HstService; C:\Program Files (x86)\HidesterVPN\hidester-svc.exe [445952 2017-10-23] () [File not signed]
S3 I.CA Maintenance Service; C:\Program Files (x86)\I.CA\I.CA Maintenance\ICAMaintenance.exe [283904 2019-08-02] (Prvni certifikacni autorita, a.s. -> I.CA, a.s.)
R2 LightingService; C:\Program Files (x86)\LightingService\1.00.39\LightingService.exe [1244632 2018-02-06] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R2 MacDrive10Service; C:\Program Files\Mediafour\MacDrive 10\MacDrive10Service.exe [223088 2018-03-21] (Mediafour Corporation -> Mediafour Corporation)
R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4808088 2017-12-01] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2017-12-01] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1706080 2017-12-01] (Acronis International GmbH -> )
S3 NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [774144 2007-01-15] (Nero AG) [File not signed]
R2 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [19016 2021-05-06] (Locktime Software s.r.o. -> Locktime Software)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-03-12] (Nero AG -> Nero AG)
R2 postgresql-x64-9.5; C:\Program Files\PostgreSQL\9.5\bin\pg_ctl.exe [94208 2016-08-09] (PostgreSQL Global Development Group) [File not signed]
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1314448 2020-03-11] (Rockstar Games, Inc. -> Rockstar Games)
R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7003048 2017-12-01] (Acronis International GmbH -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13172752 2020-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.3-0\NisSrv.exe [2644776 2021-06-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.3-0\MsMpEng.exe [136648 2021-06-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvaki.inf_amd64_58d2286fd3bf2b8d\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvaki.inf_amd64_58d2286fd3bf2b8d\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2017-06-01] (ASUSTeK Computer Inc. -> )
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R1 CBDisk; C:\WINDOWS\system32\drivers\CBDisk.sys [70344 2015-06-09] (EldoS Corporation -> EldoS Corporation)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2019-01-08] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2019-01-08] (Disc Soft Ltd -> Disc Soft Ltd)
R2 file_protector; C:\WINDOWS\System32\DRIVERS\file_protector.sys [564304 2018-05-10] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [379664 2018-05-10] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S3 GLCKIO; C:\Program Files (x86)\ASUS\AURA\690b33e1-0462-4e84-9bea-c7552b45432a.sys [14976 2021-04-05] (ASUSTeK Computer Inc. -> )
R0 MDAPFS; C:\Windows\System32\Drivers\MDAPFS.sys [458728 2019-11-04] (Mediafour Corporation -> Other World Computing)
R0 MDAPFSCT; C:\Windows\System32\Drivers\MDAPFSCT.sys [47872 2019-11-04] (Mediafour Corporation -> Other World Computing)
R0 MDDISK; C:\Windows\System32\Drivers\MDDISK.sys [37744 2019-11-04] (Mediafour Corporation -> Other World Computing)
R0 MDFSYSNT; C:\Windows\System32\Drivers\MDFSYSNT.sys [320672 2019-11-04] (Other World Computing, Inc -> Other World Computing)
R0 MDMOUNT; C:\Windows\System32\Drivers\MDMOUNT.sys [29000 2019-11-04] (Mediafour Corporation -> Other World Computing)
R0 MDRAID; C:\WINDOWS\System32\drivers\MDRAID.sys [205576 2019-11-04] (Mediafour Corporation -> Other World Computing)
R0 nldrv; C:\WINDOWS\System32\drivers\nldrv.sys [192656 2021-05-06] (Locktime Software s.r.o. -> Locktime Software)
R3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [50248 2020-12-01] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
R3 RtsUpx; C:\Windows\system32\drivers\RtsUpx.sys [30328 2018-11-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-10-09] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project)
R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [1310552 2018-05-10] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [213336 2018-05-10] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [690520 2018-05-10] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [326416 2018-05-10] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R0 volume_tracker; C:\WINDOWS\System32\DRIVERS\volume_tracker.sys [243472 2018-05-10] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-06-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [425208 2021-06-02] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76024 2021-06-02] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-06-03 21:22 - 2021-06-03 21:22 - 000000000 ____D C:\Users\Martin\Desktop\FRST-OlderVersion
2021-06-03 15:07 - 2021-06-03 15:07 - 016679912 _____ C:\Users\Martin\Downloads\turbo_1.psd
2021-06-02 17:16 - 2021-06-02 17:16 - 000000000 ____D C:\Users\Martin\AppData\Roaming\Dying Light Enhanced Edition Čeština
2021-06-02 17:16 - 2021-06-02 17:16 - 000000000 ____D C:\Users\Martin\AppData\Roaming\BonusWeb
2021-06-02 17:16 - 2021-06-02 17:16 - 000000000 ____D C:\ProgramData\Caphyon
2021-06-02 17:08 - 2021-05-29 23:15 - 002383360 _____ (Home of Gamehacking) C:\Users\Martin\Desktop\dlv1420+22tr.exe
2021-06-01 22:31 - 2021-06-01 22:31 - 000000736 _____ C:\Users\Martin\Desktop\Dying Light Platinum Edition.lnk
2021-06-01 22:31 - 2021-06-01 22:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dying Light Platinum Edition
2021-05-31 11:41 - 2021-05-31 11:41 - 000000000 ____D C:\Users\Martin\AppData\Local\Fairlight Studio Utility
2021-05-29 16:09 - 2021-05-29 16:09 - 000000000 ____D C:\ProgramData\Unknown Worlds
2021-05-29 16:06 - 2021-05-29 16:06 - 000000000 ____D C:\Users\Martin\AppData\LocalLow\Unknown Worlds
2021-05-29 15:42 - 2021-05-29 15:42 - 000000531 _____ C:\Users\Public\Desktop\Subnautica - Below Zero.lnk
2021-05-29 15:42 - 2021-05-29 15:42 - 000000531 _____ C:\ProgramData\Desktop\Subnautica - Below Zero.lnk
2021-05-29 09:48 - 2021-05-29 09:49 - 000073521 _____ C:\WINDOWS\unins001.dat
2021-05-29 09:48 - 2021-05-29 09:48 - 003097697 _____ (ask4pc ) C:\WINDOWS\unins001.exe
2021-05-29 09:08 - 2021-05-29 09:13 - 000000000 ____D C:\ProgramData\Wondershare Video Editor
2021-05-29 08:49 - 2021-05-29 08:49 - 000790693 _____ C:\WINDOWS\unins000.exe
2021-05-29 08:49 - 2021-05-29 08:49 - 000121025 _____ C:\WINDOWS\unins000.dat
2021-05-28 01:33 - 2021-05-28 01:33 - 016771323 _____ C:\Users\Martin\Downloads\autodrom_slomczynpsd.psd
2021-05-27 10:32 - 2021-05-27 10:32 - 016745357 _____ C:\Users\Martin\Downloads\autodrom_most.psd
2021-05-26 21:47 - 2021-05-26 21:47 - 019573133 _____ C:\Users\Martin\Downloads\gymkhana_tynec.psd
2021-05-26 21:40 - 2021-05-26 21:40 - 019564195 _____ C:\Users\Martin\Downloads\onboard1.psd
2021-05-26 20:26 - 2021-05-26 20:26 - 000000000 ____D C:\Users\Martin\AppData\Local\Corel
2021-05-26 12:53 - 2021-05-26 12:53 - 000001269 _____ C:\Users\Public\Desktop\NetLimiter 4 (x64).lnk
2021-05-26 12:53 - 2021-05-26 12:53 - 000001269 _____ C:\ProgramData\Desktop\NetLimiter 4 (x64).lnk
2021-05-26 12:53 - 2021-05-26 12:53 - 000000000 ____D C:\Users\Martin\AppData\Roaming\Locktime
2021-05-26 12:53 - 2021-05-26 12:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetLimiter 4
2021-05-26 12:53 - 2021-05-26 12:53 - 000000000 ____D C:\ProgramData\Locktime
2021-05-26 12:53 - 2021-05-26 12:53 - 000000000 ____D C:\Program Files\Locktime Software
2021-05-25 20:31 - 2021-05-25 21:13 - 000000000 ____D C:\Users\Martin\Documents\Pinnacle
2021-05-25 20:28 - 2021-05-25 21:13 - 000000000 ____D C:\Users\Martin\temp
2021-05-25 20:28 - 2021-05-25 20:30 - 000000000 ____D C:\Users\Public\Documents\Triple Scoop Music
2021-05-25 20:28 - 2021-05-25 20:30 - 000000000 ____D C:\ProgramData\Documents\Triple Scoop Music
2021-05-25 20:28 - 2021-05-25 20:28 - 000003584 _____ C:\Users\Martin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2021-05-25 20:28 - 2021-05-25 20:28 - 000000208 _____ C:\Users\Martin\AppData\Roaming\DESKTOP-69LFJ66.MTBF.txt
2021-05-25 20:28 - 2021-05-25 20:28 - 000000000 ____D C:\Users\Martin\Documents\Projekty aplikace Pinnacle
2021-05-25 20:28 - 2021-05-25 20:28 - 000000000 ____D C:\Users\Martin\AppData\Local\Pinnacle
2021-05-25 20:28 - 2021-05-25 20:28 - 000000000 ____D C:\ProgramData\Corel
2021-05-25 20:27 - 2021-05-31 08:26 - 000000349 _____ C:\Users\Public\Documents\PCLECHAL.INI
2021-05-25 20:27 - 2021-05-31 08:26 - 000000349 _____ C:\ProgramData\Documents\PCLECHAL.INI
2021-05-25 20:27 - 2021-05-25 20:28 - 000000000 ____D C:\Users\Martin\AppData\Local\Pinnacle_Studio_24
2021-05-25 20:27 - 2021-05-25 20:27 - 000000000 ____D C:\Program Files (x86)\Pinnacle
2021-05-25 20:26 - 2021-05-31 11:26 - 000000000 ____D C:\Program Files\Pinnacle
2021-05-25 20:25 - 2021-05-25 20:25 - 000000000 ____D C:\ProgramData\Pinnacle
2021-05-25 18:30 - 2021-05-25 18:31 - 000000000 ____D C:\Users\Martin\Documents\CyberLink
2021-05-25 18:29 - 2021-05-25 18:36 - 000000000 ____D C:\Users\Public\CyberLink
2021-05-25 18:29 - 2021-05-25 18:30 - 000000000 ____D C:\Users\Martin\AppData\Roaming\CyberLink
2021-05-25 18:27 - 2021-05-25 18:45 - 000000000 ____D C:\ProgramData\install_clap
2021-05-25 18:27 - 2021-05-25 18:44 - 000000000 ____D C:\ProgramData\CLSK
2021-05-25 18:21 - 2021-05-25 18:44 - 000000000 ___HD C:\ProgramData\CyberLink
2021-05-24 13:07 - 2021-05-24 13:07 - 000000000 ____D C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FVC
2021-05-24 13:07 - 2021-05-24 13:07 - 000000000 ____D C:\Users\Martin\AppData\Local\FVC Studio
2021-05-24 13:04 - 2021-05-24 13:05 - 000000000 ____D C:\Users\Martin\AppData\Roaming\SKYBOX
2021-05-24 13:04 - 2021-05-24 13:05 - 000000000 ____D C:\Program Files\skybox
2021-05-24 12:27 - 2021-05-24 12:27 - 000002005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MacDrive 10.lnk
2021-05-24 12:27 - 2021-05-24 12:27 - 000001993 _____ C:\Users\Public\Desktop\MacDrive 10.lnk
2021-05-24 12:27 - 2021-05-24 12:27 - 000001993 _____ C:\ProgramData\Desktop\MacDrive 10.lnk
2021-05-24 12:27 - 2021-05-24 12:27 - 000000000 ____D C:\ProgramData\Mediafour
2021-05-24 12:27 - 2021-05-24 12:27 - 000000000 ____D C:\Program Files\Mediafour
2021-05-24 12:27 - 2021-05-24 12:27 - 000000000 ____D C:\Program Files\Common Files\Mediafour
2021-05-24 12:27 - 2021-05-24 12:27 - 000000000 ____D C:\Program Files (x86)\Mediafour
2021-05-24 12:27 - 2015-06-09 12:12 - 000070344 _____ (EldoS Corporation) C:\WINDOWS\system32\Drivers\CBDisk.sys
2021-05-23 15:10 - 2021-05-23 15:12 - 000000000 ____D C:\Users\Martin\AppData\Roaming\GoPro
2021-05-23 15:10 - 2021-05-23 15:11 - 000000000 ____D C:\Users\Public\CineForm
2021-05-23 15:10 - 2021-05-23 15:10 - 000000000 ____D C:\Users\Martin\AppData\Local\GoPro
2021-05-23 14:57 - 2021-05-23 14:57 - 000000000 ____D C:\Program Files (x86)\WondershareUpdate
2021-05-23 14:56 - 2021-05-23 14:56 - 000000000 ____D C:\Users\Martin\AppData\Roaming\Wondershare
2021-05-23 14:55 - 2021-05-23 14:55 - 000000000 ____D C:\ProgramData\GraphicsType
2021-05-23 14:37 - 2021-05-23 14:37 - 000000000 ____D C:\Users\Martin\AppData\Roaming\IsolatedStorage
2021-05-23 14:37 - 2021-05-23 14:37 - 000000000 ____D C:\Users\Martin\AppData\Local\Solvusoft_Corporation
2021-05-23 14:37 - 2021-05-23 14:37 - 000000000 ____D C:\ProgramData\IsolatedStorage
2021-05-23 12:49 - 2021-05-23 12:49 - 016765198 _____ C:\Users\Martin\Downloads\7d.psd
2021-05-20 19:11 - 2021-05-20 19:11 - 019893069 _____ C:\Users\Martin\Downloads\samec.psd
2021-05-19 13:27 - 2021-05-19 13:29 - 000000000 ____D C:\Users\Martin\Desktop\partneři_michal
2021-05-19 00:37 - 2021-05-19 00:37 - 016752950 _____ C:\Users\Martin\Downloads\5d.psd
2021-05-18 21:41 - 2021-05-18 21:41 - 000000000 ____D C:\Users\Martin\AppData\Local\Mediafour
2021-05-18 21:40 - 2021-05-18 21:40 - 007150040 _____ (Other World Computing, Inc.) C:\Users\Martin\Downloads\MacDrive 10.5.7.6 Pro Setup.exe
2021-05-18 20:22 - 2021-05-18 20:22 - 000000000 ____D C:\Users\Public\Documents\Blackmagic Design
2021-05-18 20:22 - 2021-05-18 20:22 - 000000000 ____D C:\Users\Martin\Documents\Blackmagic Design
2021-05-18 20:22 - 2021-05-18 20:22 - 000000000 ____D C:\ProgramData\Reprise
2021-05-18 20:22 - 2021-05-18 20:22 - 000000000 ____D C:\ProgramData\Documents\Blackmagic Design
2021-05-18 20:21 - 2021-05-18 20:21 - 000000000 ____D C:\Users\Martin\AppData\Roaming\Blackmagic Design
2021-05-18 20:19 - 2021-05-18 20:19 - 000000000 ____D C:\ProgramData\Blackmagic Design
2021-05-18 20:19 - 2021-05-18 20:19 - 000000000 ____D C:\Program Files\Blackmagic Design
2021-05-18 20:18 - 2021-05-18 20:18 - 000000020 ___SH C:\Users\postgres\ntuser.ini
2021-05-18 20:18 - 2021-05-18 20:18 - 000000000 _SHDL C:\Users\postgres\Šablony
2021-05-18 20:18 - 2021-05-18 20:18 - 000000000 _SHDL C:\Users\postgres\Soubory cookie
2021-05-18 20:18 - 2021-05-18 20:18 - 000000000 _SHDL C:\Users\postgres\Poslední
2021-05-18 20:18 - 2021-05-18 20:18 - 000000000 _SHDL C:\Users\postgres\Okolní tiskárny
2021-05-18 20:18 - 2021-05-18 20:18 - 000000000 _SHDL C:\Users\postgres\Okolní síť
2021-05-18 20:18 - 2021-05-18 20:18 - 000000000 _SHDL C:\Users\postgres\Nabídka Start
2021-05-18 20:18 - 2021-05-18 20:18 - 000000000 _SHDL C:\Users\postgres\Dokumenty
2021-05-18 20:18 - 2021-05-18 20:18 - 000000000 _SHDL C:\Users\postgres\Documents\Obrázky
2021-05-18 20:18 - 2021-05-18 20:18 - 000000000 _SHDL C:\Users\postgres\Documents\Hudba
2021-05-18 20:18 - 2021-05-18 20:18 - 000000000 _SHDL C:\Users\postgres\Documents\Filmy
2021-05-18 20:18 - 2021-05-18 20:18 - 000000000 _SHDL C:\Users\postgres\Data aplikací
2021-05-18 20:18 - 2021-05-18 20:18 - 000000000 _SHDL C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2021-05-18 20:18 - 2021-05-18 20:18 - 000000000 _SHDL C:\Users\postgres\AppData\Local\Data aplikací
2021-05-18 20:18 - 2021-05-18 20:18 - 000000000 ____D C:\Users\postgres
2021-05-18 20:18 - 2021-05-18 20:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 9.5
2021-05-18 20:18 - 2019-01-10 00:31 - 000000000 ____D C:\Users\postgres\AppData\Local\Microsoft Help
2021-05-18 20:17 - 2021-05-18 20:17 - 000000000 ____D C:\Program Files\PostgreSQL
2021-05-18 19:51 - 2021-05-18 19:51 - 000000000 ____D C:\WINDOWS\system32\lxss
2021-05-18 19:49 - 2021-05-13 12:38 - 000037656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2021-05-18 19:47 - 2021-05-13 20:22 - 001855184 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-05-18 19:47 - 2021-05-13 20:22 - 001855184 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-05-18 19:47 - 2021-05-13 20:22 - 001453360 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-05-18 19:47 - 2021-05-13 20:22 - 001435880 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-05-18 19:47 - 2021-05-13 20:22 - 001435880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-05-18 19:47 - 2021-05-13 20:22 - 001192752 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-05-18 19:47 - 2021-05-13 20:22 - 001094864 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-05-18 19:47 - 2021-05-13 20:22 - 001094864 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-05-18 19:47 - 2021-05-13 20:22 - 000948968 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-05-18 19:47 - 2021-05-13 20:22 - 000948968 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-05-18 19:47 - 2021-05-13 20:19 - 001514800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-05-18 19:47 - 2021-05-13 20:19 - 001166112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-05-18 19:47 - 2021-05-13 20:19 - 000715544 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-05-18 19:47 - 2021-05-13 20:19 - 000675104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-05-18 19:47 - 2021-05-13 20:19 - 000626968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-05-18 19:47 - 2021-05-13 20:19 - 000575768 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-05-18 19:47 - 2021-05-13 20:19 - 000564000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-05-18 19:47 - 2021-05-13 20:18 - 002106144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-05-18 19:47 - 2021-05-13 20:18 - 001590576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-05-18 19:47 - 2021-05-13 20:18 - 000811824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-05-18 19:47 - 2021-05-13 20:18 - 000689952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-05-18 19:47 - 2021-05-13 20:18 - 000656176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-05-18 19:47 - 2021-05-13 20:18 - 000445744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-05-18 19:47 - 2021-05-13 20:17 - 008317232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-05-18 19:47 - 2021-05-13 20:17 - 007434032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-05-18 19:47 - 2021-05-13 20:17 - 005678360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2021-05-18 19:47 - 2021-05-13 20:17 - 004795184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-05-18 19:47 - 2021-05-13 20:17 - 002823472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-05-18 19:47 - 2021-05-13 20:16 - 000848688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-05-18 19:47 - 2021-05-13 12:38 - 000087164 _____ C:\WINDOWS\system32\nvinfo.pb
2021-05-18 19:37 - 2020-08-14 09:59 - 000043416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\NvModuleTracker.sys
2021-05-18 00:43 - 2021-05-18 00:43 - 000001150 _____ C:\Users\Public\Desktop\EPS File Viewer.lnk
2021-05-18 00:43 - 2021-05-18 00:43 - 000001150 _____ C:\ProgramData\Desktop\EPS File Viewer.lnk
2021-05-18 00:43 - 2021-05-18 00:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPS File Viewer
2021-05-18 00:43 - 2021-05-18 00:43 - 000000000 ____D C:\Program Files (x86)\EPS File Viewer
2021-05-17 14:36 - 2021-05-17 14:36 - 024358648 _____ C:\Users\Martin\Downloads\brzda.psd
2021-05-17 10:41 - 2021-05-17 14:35 - 028514405 _____ C:\Users\Martin\Downloads\iveco.psd
2021-05-16 15:07 - 2021-05-16 15:07 - 016958856 _____ C:\Users\Martin\Downloads\3dbillet.psd
2021-05-14 21:20 - 2021-05-14 21:20 - 001720012 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2021-05-14 10:06 - 2021-05-14 10:06 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-05-14 10:06 - 2021-05-14 10:06 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-05-14 10:06 - 2021-05-14 10:06 - 001823816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-05-14 10:06 - 2021-05-14 10:06 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-05-14 10:06 - 2021-05-14 10:06 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-05-14 10:06 - 2021-05-14 10:06 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-05-14 10:06 - 2021-05-14 10:06 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-05-14 10:06 - 2021-05-14 10:06 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-05-14 10:06 - 2021-05-14 10:06 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-05-14 10:06 - 2021-05-14 10:06 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-05-14 10:06 - 2021-05-14 10:06 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-05-14 10:06 - 2021-05-14 10:06 - 000011351 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-05-13 12:28 - 2021-05-13 12:28 - 019605070 _____ C:\Users\Martin\Downloads\E92.psd
2021-05-11 16:21 - 2021-05-19 13:28 - 000000000 ____D C:\Users\Martin\Desktop\Sponzoři
2021-05-07 16:18 - 2021-06-02 17:07 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-05-06 12:33 - 2021-05-06 12:33 - 000192656 _____ (Locktime Software) C:\WINDOWS\system32\Drivers\nldrv.sys
2021-05-05 21:11 - 2021-06-03 02:46 - 000000000 ____D C:\ProgramData\Wondershare Filmora
2021-05-05 21:11 - 2021-06-02 20:10 - 000000000 ____D C:\Program Files\Wondershare Filmora
2021-05-05 21:11 - 2021-05-12 18:15 - 000001176 _____ C:\Users\Public\Desktop\Wondershare Filmora X.lnk
2021-05-05 21:11 - 2021-05-12 18:15 - 000001176 _____ C:\ProgramData\Desktop\Wondershare Filmora X.lnk
2021-05-05 21:01 - 2021-05-05 21:01 - 000000000 ____H C:\Users\Martin\Documents\Default.rdp
2021-05-05 20:51 - 2021-05-28 17:19 - 000000000 ____D C:\Program Files\Wondershare
2021-05-05 19:11 - 2021-05-05 19:11 - 000001342 _____ C:\Users\Public\Desktop\HitPaw Watermark Remover.lnk
2021-05-05 19:11 - 2021-05-05 19:11 - 000001342 _____ C:\ProgramData\Desktop\HitPaw Watermark Remover.lnk
2021-05-05 19:11 - 2021-05-05 19:11 - 000000000 ____D C:\Users\Martin\AppData\Local\Tenorshare
2021-05-05 19:11 - 2021-05-05 19:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitPaw Watermark Remover
2021-05-05 19:09 - 2021-05-05 19:09 - 000000000 ____D C:\Program Files (x86)\HitPaw
2021-05-04 17:02 - 2021-05-17 21:50 - 000000333 _____ C:\Users\Martin\Desktop\Prace hodiny.txt

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-06-03 21:23 - 2021-02-10 14:36 - 000034165 _____ C:\Users\Martin\Desktop\FRST.txt
2021-06-03 21:22 - 2021-02-10 14:35 - 002300416 _____ (Farbar) C:\Users\Martin\Desktop\FRST64.exe
2021-06-03 21:22 - 2020-01-19 20:57 - 000000000 ____D C:\FRST
2021-06-03 21:18 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-06-03 21:02 - 2020-11-01 02:26 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-06-03 20:21 - 2021-01-01 22:25 - 000001424 _____ C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2021-06-03 20:21 - 2020-01-17 18:52 - 000001318 _____ C:\Users\Martin\Desktop\ESET Online Scanner.lnk
2021-06-03 20:16 - 2019-02-08 11:59 - 000000000 ____D C:\Program Files\CCleaner
2021-06-03 20:12 - 2021-01-31 19:22 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-06-03 20:12 - 2021-01-31 19:22 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2021-06-03 20:09 - 2019-01-08 12:06 - 000000000 ____D C:\Users\Martin\AppData\LocalLow\Mozilla
2021-06-03 20:09 - 2018-11-18 19:48 - 000000000 ____D C:\ProgramData\NVIDIA
2021-06-03 20:07 - 2021-03-29 01:07 - 000000000 ____D C:\ProgramData\Speechtech TTS
2021-06-03 13:27 - 2019-01-08 12:24 - 000000000 ____D C:\Users\Martin\AppData\Local\D3DSCache
2021-06-03 11:57 - 2019-01-12 03:30 - 000000000 ____D C:\Users\Martin\AppData\Roaming\vlc
2021-06-02 17:07 - 2019-02-04 20:05 - 000000000 ____D C:\ProgramData\Mozilla
2021-06-02 17:07 - 2019-01-08 12:06 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-06-02 17:07 - 2019-01-08 12:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-06-02 09:18 - 2019-01-08 12:43 - 000000000 ____D C:\Users\Martin\AppData\Roaming\uTorrent
2021-06-02 09:18 - 2019-01-08 12:42 - 000000000 ____D C:\Users\Martin\AppData\Local\CrashDumps
2021-06-02 08:55 - 2018-05-10 08:38 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-06-01 22:00 - 2020-10-31 01:50 - 000000000 ___DC C:\WINDOWS\Panther
2021-06-01 15:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-05-31 12:08 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-05-30 09:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-05-29 19:10 - 2020-06-05 08:48 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-05-29 19:10 - 2020-06-05 08:48 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-05-29 19:10 - 2020-06-05 08:48 - 000002274 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-05-29 19:10 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-05-29 17:51 - 2019-05-23 17:25 - 000134888 _____ C:\Users\Martin\AppData\Local\GDIPFONTCACHEV1.DAT
2021-05-29 15:57 - 2020-11-17 12:11 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2021-05-28 17:19 - 2021-01-30 20:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2021-05-28 17:14 - 2021-01-30 20:32 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2021-05-28 17:14 - 2021-01-30 20:32 - 000000000 ____D C:\ProgramData\Documents\Wondershare
2021-05-26 12:49 - 2020-11-01 15:15 - 001701824 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-05-26 12:49 - 2019-12-07 16:41 - 000720062 _____ C:\WINDOWS\system32\perfh005.dat
2021-05-26 12:49 - 2019-12-07 16:41 - 000146176 _____ C:\WINDOWS\system32\perfc005.dat
2021-05-26 09:37 - 2020-11-01 02:31 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-05-26 09:37 - 2020-11-01 02:26 - 000555216 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-05-26 09:37 - 2020-11-01 02:25 - 000008192 ___SH C:\DumpStack.log.tmp
2021-05-26 09:37 - 2019-05-21 12:39 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-05-26 01:45 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-05-25 20:28 - 2020-10-31 14:00 - 000000000 ____D C:\Users\Martin
2021-05-25 18:45 - 2018-05-10 08:52 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-05-24 23:32 - 2020-11-19 17:30 - 000000000 ____D C:\ProgramData\Zoner
2021-05-24 13:26 - 2020-12-28 19:48 - 000000000 ____D C:\Program Files (x86)\MOV Player
2021-05-24 11:56 - 2018-05-10 08:48 - 000000000 ____D C:\ProgramData\Package Cache
2021-05-23 17:34 - 2019-01-08 11:51 - 000000000 ____D C:\Users\Martin\AppData\Local\Packages
2021-05-23 15:10 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-05-23 14:56 - 2021-01-30 20:31 - 000000000 ____D C:\Users\Martin\AppData\Local\Wondershare
2021-05-23 14:55 - 2021-01-30 20:31 - 000000000 ____D C:\ProgramData\Wondershare
2021-05-23 14:45 - 2019-01-16 18:15 - 000000000 ____D C:\ProgramData\Packages
2021-05-23 14:45 - 2019-01-08 12:05 - 000000000 ____D C:\Users\Martin\AppData\Local\PlaceholderTileLogoFolder
2021-05-20 19:37 - 2020-11-01 02:31 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1952709571-807798404-1509361630-1003
2021-05-20 19:37 - 2020-10-31 14:00 - 000002409 _____ C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-05-20 19:37 - 2019-01-08 11:52 - 000000000 ___RD C:\Users\Martin\OneDrive
2021-05-18 20:23 - 2019-01-08 13:25 - 000000000 ____D C:\Users\Martin\AppData\Local\NVIDIA
2021-05-18 19:51 - 2018-11-18 19:48 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2021-05-18 19:50 - 2018-11-18 19:46 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-05-18 19:38 - 2018-11-18 19:49 - 000001443 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2021-05-18 19:38 - 2018-11-18 19:49 - 000001443 _____ C:\ProgramData\Desktop\GeForce Experience.lnk
2021-05-18 19:38 - 2018-11-18 19:47 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-05-18 19:37 - 2020-11-01 02:31 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-05-18 19:37 - 2020-11-01 02:31 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-05-18 19:37 - 2020-11-01 02:31 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-05-18 19:37 - 2020-11-01 02:31 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-05-18 19:37 - 2020-11-01 02:31 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-05-18 19:37 - 2020-11-01 02:31 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-05-18 19:37 - 2020-11-01 02:31 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-05-18 19:37 - 2020-11-01 02:31 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-05-18 19:37 - 2020-11-01 02:31 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-05-18 19:37 - 2020-11-01 02:31 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-05-18 19:37 - 2018-11-18 19:48 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-05-16 22:28 - 2021-01-05 12:40 - 000000000 ____D C:\Users\Martin\Documents\Reels
2021-05-16 15:11 - 2019-01-08 11:51 - 000000000 ____D C:\Users\Martin\AppData\Roaming\Adobe
2021-05-14 19:14 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-05-14 19:12 - 2019-12-07 16:42 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-05-14 19:12 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-05-14 19:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-05-14 19:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-05-14 19:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-05-14 19:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-05-14 19:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-05-14 19:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-05-14 19:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-05-14 19:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-05-14 19:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-05-14 19:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-05-14 19:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-05-14 19:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-05-14 19:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-05-14 19:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-05-14 19:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-05-14 19:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-05-14 10:08 - 2019-12-07 16:44 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-05-14 10:00 - 2018-05-10 09:03 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-05-14 09:58 - 2018-05-10 09:03 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-05-13 21:32 - 2021-02-12 17:44 - 000000000 ____D C:\Games
2021-05-13 20:15 - 2020-08-22 11:20 - 007212224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-05-13 20:15 - 2020-08-22 11:20 - 006159152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-05-13 12:38 - 2020-08-22 11:20 - 000136472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2021-05-12 23:34 - 2020-04-23 19:52 - 000002548 _____ C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-05-12 23:34 - 2020-04-23 19:52 - 000002511 _____ C:\Users\Martin\Desktop\Google Chrome.lnk
2021-05-12 14:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-05-12 14:48 - 2019-03-22 19:19 - 000000000 ____D C:\Users\Martin\AppData\Local\ElevatedDiagnostics
2021-05-11 23:24 - 2020-11-01 02:31 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-05-11 21:13 - 2021-01-22 12:15 - 000001113 _____ C:\Users\Public\Desktop\Avira Phantom VPN.lnk
2021-05-11 21:13 - 2021-01-22 12:15 - 000001113 _____ C:\ProgramData\Desktop\Avira Phantom VPN.lnk
2021-05-11 21:13 - 2021-01-22 12:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2021-05-09 17:30 - 2019-01-09 02:10 - 000000000 ____D C:\Users\Martin\Documents\Euro Truck Simulator 2
2021-05-08 22:02 - 2019-03-02 15:35 - 000000000 ____D C:\Users\Martin\AppData\Roaming\obs-studio
2021-05-08 21:59 - 2019-03-22 23:54 - 000000000 ____D C:\Users\Martin\AppData\Roaming\slobs-client
2021-05-05 19:11 - 2020-01-18 22:07 - 000000000 ____D C:\Users\Martin\AppData\Local\cache
2021-05-05 17:04 - 2020-11-01 15:13 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6afe655bc307f
2021-05-05 17:04 - 2020-11-01 02:31 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA

==================== Files in the root of some directories ========

2021-05-25 20:28 - 2021-05-25 20:28 - 000000208 _____ () C:\Users\Martin\AppData\Roaming\DESKTOP-69LFJ66.MTBF.txt
2019-03-28 23:14 - 2021-01-19 02:31 - 000000002 _____ () C:\Users\Martin\AppData\Roaming\ExplorerFavorites.txt
2019-03-22 15:08 - 2002-08-29 19:33 - 000319488 _____ () C:\Users\Martin\AppData\Roaming\MafiaSetup.exe
2019-09-16 23:26 - 2019-09-16 23:26 - 000000027 _____ () C:\Users\Martin\AppData\Local\.sdpl-system-config4
2021-05-25 20:28 - 2021-05-25 20:28 - 000003584 _____ () C:\Users\Martin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2021-02-01 10:06 - 2021-02-01 10:06 - 000000000 _____ () C:\Users\Martin\AppData\Local\oobelibMkey.log
2019-07-28 01:07 - 2019-07-28 01:07 - 000000017 _____ () C:\Users\Martin\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================





Log z Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-06-2021
Ran by Martin (03-06-2021 21:23:35)
Running from C:\Users\Martin\Desktop
Windows 10 Home Version 20H2 19042.985 (X64) (2020-11-01 00:31:44)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1952709571-807798404-1509361630-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1952709571-807798404-1509361630-503 - Limited - Disabled)
Guest (S-1-5-21-1952709571-807798404-1509361630-501 - Limited - Disabled)
Martin (S-1-5-21-1952709571-807798404-1509361630-1003 - Administrator - Enabled) => C:\Users\Martin
postgres (S-1-5-21-1952709571-807798404-1509361630-1004 - Limited - Enabled) => C:\Users\postgres
WDAGUtilityAccount (S-1-5-21-1952709571-807798404-1509361630-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 3.1.3.26837 - emc, uTorrent.CZ)
µTorrent (HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\uTorrent) (Version: 3.5.5.45966 - BitTorrent Inc.)
Acronis True Image OEM (HKLM-x32\...\{52497ECE-588E-41F3-8233-E0749ED085F7}) (Version: 22.0.10510 - Acronis)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20135 - Adobe Systems Incorporated)
Adobe Ae (HKLM\...\{B910FB1A-0B9D-412D-A735-28AF88A52FF1}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_10_0) (Version: 10.0 - Adobe Inc.)
Adobe Photoshop 2021 (HKLM-x32\...\PHSP_22_0) (Version: 22.0.0.35 - Adobe Inc.)
AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 2.00.12 - ASUSTeK Computer Inc.)
AIDA64 Extreme v6.00 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 6.00 - FinalWire Ltd.)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 18.4.1 - Advanced Micro Devices, Inc.)
ApowerPDF V4.1.0.124 (HKLM-x32\...\{99A1CF84-3154-433D-9F73-0A4D4DACBA1A}_is1) (Version: 4.1.0.124 - Apowersoft LIMITED)
Apowersoft Online Launcher verze 1.7.1 (HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.7.1 - APOWERSOFT LIMITED)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.50.1 - Asmedia Technology)
AURA (HKLM-x32\...\{5899CD4F-8764-4303-A0D9-C60A62CFC24F}) (Version: 1.05.38 - ASUSTeK Computer Inc.)
Avira (HKLM-x32\...\{21098ed5-59e9-4203-b79e-63f3c373e022}) (Version: 1.2.155.4877 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{2CA8B2E7-B4B7-4553-83E6-448A543EA5AD}) (Version: 1.2.155.4877 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.37.4.17510 - Avira Operations GmbH & Co. KG)
Balanced (HKLM-x32\...\{EFD0705E-598B-46D4-8D5B-4539431764B8}) (Version: 2.02.0000 - Název společnosti:) Hidden
Canon MP630 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP630_series) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.75 - Piriform)
Cities: Skylines (HKLM-x32\...\Cities: Skylines_is1) (Version: - )
Common Desktop Agent (HKLM\...\{A38002C3-BA08-466A-A813-7F9D578B13A1}) (Version: 1.62.0 - OEM) Hidden
CPUID CPU-Z 1.95 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.95 - CPUID, Inc.)
CPUID HWMonitor 1.41 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.41 - CPUID, Inc.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.9.0.0677 - Disc Soft Ltd)
Dazzle Video Capture DVC100 X64 Driver 1.08 (HKLM-x32\...\{FB4B9EB9-68B2-4C42-8C38-B65F8FE5A5CA}) (Version: 1.08.0000 - Pinnacle)
Discord (HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\Discord) (Version: 0.0.305 - Discord Inc.)
DIY Set version 9.1 (HKLM-x32\...\{7E37B885-1632-4490-8D82-EA9CD6BB7145}_is1) (Version: 9.1 - ask4pc)
Dying Light Enhanced Edition Čeština (HKLM-x32\...\Dying Light Enhanced Edition Čeština 1.23.0) (Version: 1.23.0 - BonusWeb)
Dying Light Platinum Edition (HKLM-x32\...\Dying Light Platinum Edition_is1) (Version: - )
EPS File Viewer (HKLM-x32\...\{35B4B5ED-41DE-4CAB-A757-F967474819DC}_is1) (Version: - epsfileviewer.com)
Euro Truck Simulator 2 Beyond the Baltic Sea (HKLM-x32\...\Euro Truck Simulator 2 Beyond the Baltic Sea_is1) (Version: - )
Euro Truck Simulator 2 Iberia (HKLM-x32\...\Euro Truck Simulator 2 Iberia_is1) (Version: - )
Excla WAVclean 1.9.3 (HKLM-x32\...\{4A64D33C-289E-4D32-8079-DA46A4FEBC2D}) (Version: 1.9.3 - Excla Inc)
FIFA 19 (HKLM-x32\...\{3391E07D-8484-4124-817E-FCBDA859FD62}) (Version: 1.0.58.64628 - Electronic Arts)
Forza Horizon 4 v. 1.460.859.2 (HKLM-x32\...\Forza Horizon 4_is1) (Version: - )
FVC Launcher 1.1.6 (HKLM-x32\...\{958C825E-694D-4316-A8A9-A5DB5CA27875}_is1) (Version: 1.1.6 - FVC Studio)
Google Chrome (HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\Google Chrome) (Version: 90.0.4430.212 - Google LLC)
HGTV Flipper (HKLM-x32\...\1689378242_is1) (Version: 1.20173 (e87af) - GOG.com)
HidesterVPN (HKLM-x32\...\HidesterVPN 0.5.4) (Version: 0.5.4 - Hidester Limited)
HitPaw Watermark Remover 1.1.1.1 (HKLM-x32\...\{459C720F-1489-46C9-8FBD-43B2B18C2E8E}_is1) (Version: 1.1.1.1 - Copyright (c) 2021 HitPaw Co., Ltd.)
House Flipper (HKLM-x32\...\1140907376_is1) (Version: 1.20173 (e87af) - GOG.com)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Scanjet 2400 (HKLM\...\{7B604AC7-B496-473F-A17C-489398E38BEA}) (Version: 13.0 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
I.CA Maintenance (HKLM-x32\...\{A26EE07C-9196-4BB9-BB81-1608D0A99887}) (Version: 1.3.2.0 - První certifikační autorita, a.s.) Hidden
I.CA Maintenance (HKLM-x32\...\I.CA Maintenance 1.3.2.0) (Version: 1.3.2.0 - První certifikační autorita, a.s.)
I.CA PKIServiceHost (HKLM\...\{A14460AC-0A70-4AE6-B159-1D4EEA921896}) (Version: 1.4.0.0 - První certifikační autorita, a.s.) Hidden
I.CA PKIServiceHost (HKLM-x32\...\I.CA PKIServiceHost 1.4.0.0) (Version: 1.4.0.0 - První certifikační autorita, a.s.)
InfraRecorder 0.53 (x64 edition) (HKLM\...\{2C22EA92-CB30-4932-0053-000001000000}) (Version: 0.53.00.00 - Christian Kindahl)
Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
Kits Configuration Installer (HKLM-x32\...\{C690B2D9-0AA8-8CDA-965D-FED648C3EF9C}) (Version: 10.1.17134.1 - Microsoft) Hidden
K-Lite Codec Pack 16.1.2 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 16.1.2 - KLCP)
MacDrive 10 Pro by Team V.R (HKLM\...\{04CECB6A-8466-43CA-B0B2-4AC5C1417361}) (Version: 10.5.6.0 - Mediafour Corporation)
Mafia - Definitve Edition v.1.0.1 (HKLM-x32\...\Mafia - Definitve Edition_is1) (Version: - )
Mafia Game (HKLM-x32\...\Mafia Game) (Version: - )
Max Payne (HKLM-x32\...\{39930321-4C58-4B8B-BCBF-342698C9801D}) (Version: - )
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.37 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\OneDriveSetup.exe) (Version: 21.083.0425.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
MOV Player 1.0.2 (HKLM-x32\...\MOV Player_is1) (Version: - vsevensoft.com)
Mozilla Firefox 89.0 (x64 cs) (HKLM\...\Mozilla Firefox 89.0 (x64 cs)) (Version: 89.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0 - Mozilla)
Nero 7 Ultra Edition (HKLM-x32\...\{4F2CE68F-EDBB-4592-BF07-5AC930A51029}) (Version: 7.02.6446 - Nero AG)
NetLimiter 4 (HKLM\...\{C09084F5-D11C-4E0D-8D11-DFBB24072CB9}) (Version: 4.1.9.0 - Locktime Software) Hidden
NetLimiter 4 (HKLM-x32\...\NetLimiter 4 4.1.9.0) (Version: 4.1.9.0 - Locktime Software)
NVIDIA FrameView SDK 1.1.4923.29781331 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29781331 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.22.0.32 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.22.0.32 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 466.47 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 466.47 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 23.0.1 - OBS Project)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OEM Application Profile (HKLM-x32\...\{7F5DCD33-1039-C3B2-9538-B645B65BBA63}) (Version: 1.00.0000 - Název společnosti:)
OPRAVA PC ONLINE (HKLM-x32\...\{5E71387E-2CF7-1F26-C919-7FACFF27D2EF}) (Version: 7.11.760 - LogMeIn, Inc.)
PostgreSQL 9.5 (HKLM\...\PostgreSQL 9.5) (Version: 9.5 - PostgreSQL Global Development Group)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.23.1003.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8339 - Realtek Semiconductor Corp.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.19.234 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.5.2 - Rockstar Games)
SetupVPN 0.5.5 (HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\0c41bdd5-320c-5c9f-9756-e4ba5ac777ba) (Version: 0.5.5 - VPN1 LLC, USA)
Sniper Ghost Warrior Contracts (HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\Sniper Ghost Warrior Contracts) (Version: - HOODLUM)
Speechtech TTS 3.9.2 (HKLM-x32\...\{74A7ABF2-011F-41C0-AC8E-4B255EC2BD45}_is1) (Version: 3.9.2 - Speechtech s.r.o.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs OBS 0.12.1 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.12.1 - General Workings, Inc.)
Subnautica: Below Zero (HKLM-x32\...\Subnautica: Below Zero_is1) (Version: - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.3.2 - TeamSpeak Systems GmbH)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.2.2756 - TeamViewer)
Thumbnail me 3.0 (HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\Thumbnail me 3.0) (Version: - )
Toolkit Documentation (HKLM-x32\...\{563689A6-D95B-EA6D-665F-97959643E0DB}) (Version: 10.1.17134.1 - Microsoft) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
VEGAS Pro 14.0 (64-bit) (HKLM\...\{4C79D80F-79F9-11E6-8402-BB95F5A309BD}) (Version: 14.0.161 - VEGAS)
VEGAS Pro 16.0 (HKLM\...\{0D090E4F-12A2-11E9-A3DD-00155D6302F2}) (Version: 16.0.361 - VEGAS)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
WhatsApp (HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\WhatsApp) (Version: 2.2049.10 - WhatsApp)
Windows Assessment and Deployment Kit - Windows 10 (HKLM-x32\...\{d794748d-72e9-45d7-9ab7-83d6c4c80f7f}) (Version: 10.1.17134.1 - Microsoft Corporation)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
Wondershare Filmora X(Build 10.0.0.94) (HKLM\...\Wondershare Filmora X_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Xerox Easy Printer Manager (HKLM-x32\...\Xerox Easy Printer Manager) (Version: 1.03.97.00(21.04.2014) - Xerox Corporation.)
Xerox Easy Wireless Setup (HKLM-x32\...\Xerox Easy Wireless Setup) (Version: 3.70.18.0 - Xerox Corporation)
Xerox Phaser 3020 (HKLM-x32\...\Xerox Phaser 3020) (Version: 1.01 (20.05.2014) - Xerox Corporation)
Xerox Phaser 3020 XPS (Windows 8) (HKLM-x32\...\Xerox Phaser 3020 XPS (Windows 8)) (Version: 3.03.13.02:11 - Xerox Corporation)
Zoner Photo Studio X CS (HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\ZPS X) (Version: 19.2009.2.286 - ZONER software)

Packages:
=========
AV1 Video Extension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.41301.0_x64__8wekyb3d8bbwe [2021-05-23] (Microsoft Corporation)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2030.2.0_x86__kgqvnymyfvs32 [2021-05-28] (king.com)
Cooking Fever -> C:\Program Files\WindowsApps\NORDCURRENT.COOKINGFEVER_12.0.2.0_x86__m9bz608c1b9ra [2021-04-09] (Nordcurrent)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.8.1108.0_x64__rz1tebttyb220 [2021-05-24] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-05] (Microsoft Corporation)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2019-01-08] (Fitbit)
GoPro Player -> C:\Program Files\WindowsApps\GoPro.GoProPlayer_1.1.2.0_x64__1h9vz9xjm6b8c [2021-05-23] (GoPro)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-22] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-22] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5170.0_x64__8wekyb3d8bbwe [2021-05-24] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-05-28] (NVIDIA Corp.)
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_3.27.1.0_x64__nfy108tqq3p12 [2021-02-20] (Thumbmunkeys Ltd)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1952709571-807798404-1509361630-1003_Classes\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32 -> C:\Users\Martin\AppData\Local\Google\Update\1.3.36.82\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-1952709571-807798404-1509361630-1003_Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\localserver32 -> C:\Users\Martin\AppData\Local\Google\Chrome\Application\90.0.4430.212\notification_helper.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-1952709571-807798404-1509361630-1003_Classes\CLSID\{CA8FA699-91CD-412F-9D13-9B1222F4370E}\InprocServer32 -> C:\Users\Martin\AppData\Local\Google\Update\1.3.36.82\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-1952709571-807798404-1509361630-1003_Classes\CLSID\{CA919489-0396-4164-A6E7-94CDED45A707}\InprocServer32 -> C:\Users\Martin\AppData\Local\Google\Update\1.3.36.52\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1952709571-807798404-1509361630-1003_Classes\CLSID\{DEDF773D-E27B-485E-8E7D-85C5B0EB5A67}\InprocServer32 -> C:\Users\Martin\AppData\Local\Google\Update\1.3.36.72\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1952709571-807798404-1509361630-1003_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-1952709571-807798404-1509361630-1003_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Martin\AppData\Local\Google\Update\1.3.36.82\psuser_64.dll (Google LLC -> Google LLC)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AcronisDrive] -> {5D74FD4B-4EFB-4586-8022-8637BBE40970} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-12-01] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-12-01] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-12-01] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-12-01] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [MacDrive10VolumeIcon] -> {2D8107D0-B8BD-4517-A467-D1816FBB29CB} => C:\Program Files\Mediafour\MacDrive 10\MDVolumeIcons.dll [2017-09-28] (Mediafour Corporation) [File not signed]
ShellIconOverlayIdentifiers: [MacDrive10VolumeIconReadOnly] -> {34916EDE-C357-419A-BD17-AB27153474E1} => C:\Program Files\Mediafour\MacDrive 10\MDVolumeIcons.dll [2017-09-28] (Mediafour Corporation) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [2007-02-28] (Nero AG -> Nero AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-12-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-12-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2018-04-25] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvaki.inf_amd64_58d2286fd3bf2b8d\nvshext.dll [2021-05-13] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Martin\Desktop\install Forza Horizon 4.lnk -> D:\Forza Horizon 4\install.bat (No File)

==================== Loaded Modules (Whitelisted) =============

2018-05-10 08:55 - 2015-06-03 01:17 - 000147456 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2017-12-01 15:44 - 2017-12-01 15:44 - 000277538 _____ () [File not signed] C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\LIBMAGIC.dll
2021-01-30 20:31 - 2016-07-21 11:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2021-01-30 20:31 - 2017-09-12 11:34 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2021-03-18 15:24 - 2015-12-29 00:25 - 000120334 _____ () [File not signed] C:\Program Files (x86)\HidesterVPN\libgcc_s_dw2-1.dll
2021-03-18 15:24 - 2015-12-29 00:25 - 001540622 _____ () [File not signed] C:\Program Files (x86)\HidesterVPN\libstdc++-6.dll
2021-03-18 15:24 - 2017-08-24 03:07 - 000083456 _____ () [File not signed] C:\Program Files (x86)\HidesterVPN\QtSolutions_Service.dll
2021-03-18 15:24 - 2017-05-09 03:58 - 000022016 _____ () [File not signed] C:\Program Files (x86)\HidesterVPN\WinDivert.dll
2018-11-18 19:46 - 2018-02-06 20:48 - 000073728 _____ () [File not signed] C:\Program Files (x86)\LightingService\1.00.39\ClaymoreProtocol.dll
2018-11-18 19:46 - 2018-02-06 20:43 - 000053248 _____ () [File not signed] C:\Program Files (x86)\LightingService\1.00.39\cpuutil.dll
2018-11-18 19:46 - 2018-02-06 20:48 - 000073728 _____ () [File not signed] C:\Program Files (x86)\LightingService\1.00.39\CharmProtocol.dll
2018-11-18 19:46 - 2018-02-06 20:48 - 001951232 _____ () [File not signed] C:\Program Files (x86)\LightingService\1.00.39\R2Clib.dll
2018-11-18 19:46 - 2018-02-06 20:48 - 000073728 _____ () [File not signed] C:\Program Files (x86)\LightingService\1.00.39\RogNewmouseProtocol.dll
2018-11-18 19:46 - 2018-02-06 20:48 - 001777664 _____ () [File not signed] C:\Program Files (x86)\LightingService\1.00.39\Vender.dll
2018-04-24 22:55 - 2018-04-24 22:55 - 000015360 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2018-04-24 22:55 - 2018-04-24 22:55 - 002519040 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2021-05-18 20:17 - 2016-08-09 07:13 - 000183296 _____ () [File not signed] C:\Program Files\PostgreSQL\9.5\bin\LIBPQ.dll
2021-05-18 20:18 - 2016-07-27 10:08 - 002264576 _____ () [File not signed] C:\Program Files\PostgreSQL\9.5\bin\libxml2.dll
2021-03-11 11:50 - 2021-03-11 11:50 - 003155968 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DotNetCommon\e2a4afc671bb6a8b670f532f5e109e2f\DotNetCommon.ni.dll
2018-05-10 08:55 - 2017-06-01 22:24 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.31\ASACPI.DLL
2018-05-10 08:55 - 2015-06-03 01:17 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsAcpi.dll
2018-05-10 08:55 - 2017-06-01 22:24 - 000676864 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.31\asacpiEx.dll
2018-05-10 08:55 - 2015-06-03 01:17 - 000676864 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\asacpiex.dll
2018-05-10 08:55 - 2015-06-03 01:17 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsMultiLang.dll
2018-11-18 19:46 - 2018-02-06 20:48 - 000081920 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\LightingService\1.00.39\AudioLEDCtrl.dll
2021-03-11 11:50 - 2021-03-11 11:50 - 004811776 _____ (Disc Soft Ltd) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DiscSoft.NET.Common\f1f1bd95fb3d47b4b5925a372658a10e\DiscSoft.NET.Common.ni.dll
2020-01-17 18:52 - 2021-01-01 22:25 - 000913920 _____ (ESET) [File not signed] C:\Users\Martin\AppData\Local\ESET\ESETOnlineScanner\esets_apiW.DLL
2020-01-17 18:52 - 2021-06-03 20:21 - 001195008 _____ (ESET) [File not signed] C:\Users\Martin\AppData\Local\ESET\ESETOnlineScanner\esets_apiW_a.DLL
2021-05-18 20:18 - 2015-08-26 10:40 - 001687930 _____ (Free Software Foundation) [File not signed] C:\Program Files\PostgreSQL\9.5\bin\libiconv-2.dll
2021-05-18 20:18 - 2015-08-26 10:40 - 000685350 _____ (Free Software Foundation) [File not signed] C:\Program Files\PostgreSQL\9.5\bin\libintl-8.dll
2018-03-29 16:27 - 2018-03-29 16:27 - 000702840 _____ (Mediafour Corporation -> Mediafour Corporation) [File not signed] C:\Program Files\Common Files\Mediafour\M4LIC2.DLL
2017-09-22 10:17 - 2017-09-22 10:17 - 000162304 _____ (Mediafour Corporation) [File not signed] C:\Program Files\Common Files\Mediafour\M4ProductUpdates.dll
2015-06-09 12:12 - 2015-06-09 12:12 - 000093184 _____ (Mediafour Corporation) [File not signed] C:\Program Files\Mediafour\MacDrive 10\MACDRAPI.DLL
2017-09-28 13:47 - 2017-09-28 13:47 - 000280576 _____ (Mediafour Corporation) [File not signed] C:\Program Files\Mediafour\MacDrive 10\MDVolumeIcons.dll
2021-03-18 15:24 - 2015-12-29 00:25 - 000079360 _____ (MingW-W64 Project. All rights reserved.) [File not signed] C:\Program Files (x86)\HidesterVPN\libwinpthread-1.dll
2017-12-01 15:44 - 2017-12-01 15:44 - 025338368 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Acronis\TrueImageHome\icudt54.dll
2017-12-01 15:44 - 2017-12-01 15:44 - 002056704 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Acronis\TrueImageHome\icuin54.dll
2017-12-01 15:44 - 2017-12-01 15:44 - 001425408 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Acronis\TrueImageHome\icuuc54.dll
2021-05-18 20:18 - 2016-05-05 08:35 - 001655808 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\PostgreSQL\9.5\bin\LIBEAY32.dll
2021-05-18 20:18 - 2016-05-05 08:35 - 000349696 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\PostgreSQL\9.5\bin\SSLEAY32.dll
2021-03-18 15:24 - 2017-08-21 10:17 - 006091776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\HidesterVPN\Qt5Core.dll
2021-03-18 15:24 - 2017-06-28 13:47 - 001797120 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\HidesterVPN\Qt5Network.dll
2018-04-24 22:55 - 2018-04-24 22:55 - 000032256 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2018-04-24 22:55 - 2018-04-24 22:55 - 000039936 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2018-04-24 22:55 - 2018-04-24 22:55 - 000034304 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2018-04-24 22:55 - 2018-04-24 22:55 - 000237056 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2018-04-24 22:55 - 2018-04-24 22:55 - 000025600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2018-04-24 22:55 - 2018-04-24 22:55 - 000025600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2018-04-24 22:55 - 2018-04-24 22:55 - 000024064 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2018-04-24 22:55 - 2018-04-24 22:55 - 000481792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2018-04-24 22:55 - 2018-04-24 22:55 - 001336320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2018-04-25 00:01 - 2018-04-25 00:01 - 005766144 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2018-04-24 22:55 - 2018-04-24 22:55 - 006045184 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2018-04-24 22:55 - 2018-04-24 22:55 - 000964096 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2018-04-24 22:55 - 2018-04-24 22:55 - 000279552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2018-04-24 22:55 - 2018-04-24 22:55 - 003233792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2018-04-24 22:55 - 2018-04-24 22:55 - 003406848 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2018-04-24 22:55 - 2018-04-24 22:55 - 000328704 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2018-04-24 22:55 - 2018-04-24 22:55 - 000325632 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2018-04-24 22:55 - 2018-04-24 22:55 - 069968896 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2018-04-24 22:55 - 2018-04-24 22:55 - 000109568 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2018-04-24 22:55 - 2018-04-24 22:55 - 005523456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2018-04-24 22:55 - 2018-04-24 22:55 - 000282624 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2018-04-24 22:55 - 2018-04-24 22:55 - 000194560 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2018-04-24 22:55 - 2018-04-24 22:55 - 003281408 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2018-04-24 22:55 - 2018-04-24 22:55 - 000049152 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2018-04-24 22:55 - 2018-04-24 22:55 - 000018432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2018-04-24 22:55 - 2018-04-24 22:55 - 000018432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2018-04-24 22:55 - 2018-04-24 22:55 - 000311296 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2018-04-24 22:55 - 2018-04-24 22:55 - 000089600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2018-04-24 22:55 - 2018-04-24 22:55 - 000018432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2018-11-18 19:46 - 2018-02-06 20:48 - 002039296 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\LightingService\1.00.39\LED_DLL_forMB.dll
2018-11-18 19:46 - 2018-02-06 20:48 - 001628672 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\LightingService\1.00.39\VGA_Extra.dll
2021-01-30 20:31 - 2017-09-12 11:36 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-1952709571-807798404-1509361630-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=BT170603&iDate=2021-01-05 07:53:01&iid=ba45a4b4-96ed-4baa-b779-5d62b391a06d&bName=
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-02-07] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-02-07] (Oracle America, Inc. -> Oracle Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\*.capgemini.com -> hxxp://*.capgemini.com
IE trusted site: HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\*.capgemini.com -> hxxps://*.capgemini.com
IE trusted site: HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\*.csob.cz -> hxxps://*.csob.cz
IE trusted site: HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\*.csob.sk -> hxxps://*.csob.sk
IE trusted site: HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\*.erasvet.cz -> hxxps://*.erasvet.cz
IE trusted site: HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\*.ica.cz -> hxxp://*.ica.cz
IE trusted site: HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\*.ica.cz -> hxxps://*.ica.cz
IE trusted site: HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\*.postovnisporitelna.cz -> hxxps://*.postovnisporitelna.cz
IE trusted site: HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\*.proebiz.com -> hxxp://*.proebiz.com
IE trusted site: HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\*.proebiz.com -> hxxps://*.proebiz.com
IE trusted site: HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 01:38 - 2021-02-11 23:19 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

2020-02-15 14:37 - 2020-03-13 10:29 - 000000509 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.0.102 DESKTOP-69LFJ66.mshome.net # 2025 3 3 12 8 29 43 70
192.168.137.209 Lenovo-PC.mshome.net # 2020 3 0 15 13 52 45 222

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile64\;C:\Program Files (x86)\Common Files\Acronis\FileProtector\;C:\Program Files (x86)\Common Files\Acronis\FileProtector64\;C:\Program Files (x86)\Common Files\Acronis\SnapAPI\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\QuickTime\QTSystem\
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
HKU\S-1-5-21-1952709571-807798404-1509361630-1004\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 10.0.1.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: off)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "WinZip Preloader.lnk"
HKLM\...\StartupApproved\Run: => "WinZip UN"
HKLM\...\StartupApproved\Run: => "WinZip FAH"
HKLM\...\StartupApproved\Run: => "MacDrive 10 helper"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "WSVCUUpdateHelper.exe"
HKLM\...\StartupApproved\Run32: => "Speechtech TTS 32-bit preload"
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\StartupApproved\Run: => "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{8F238540-D13D-4E59-9409-A859A6A2472E}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [TCP Query User{E59FC280-9D0C-4804-94FB-D012306B2127}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{EC285A85-F1C1-4BDD-BB9D-4FF660018146}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E7AA1EA3-EAD5-4DFD-B706-450B25EA6715}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{6E1E5B3E-C109-47FC-AAA6-D5EB20411FA7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{6B7DA4E2-C54C-4084-86BB-6C9635EF5EDF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [UDP Query User{9E2A7824-88DB-476C-AD55-7A6CE6E7859E}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{964AEB1A-0FDD-494E-A4C5-7FFF3A54B680}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{E0B385EF-13F8-43C0-9461-0E4A0DFD270C}D:\sniper ghost warrior contracts\win_x64\sgwcontracts.exe] => (Allow) D:\sniper ghost warrior contracts\win_x64\sgwcontracts.exe => No File
FirewallRules: [TCP Query User{EC4ACF0B-20CA-432E-8E69-CD38F92213D5}D:\sniper ghost warrior contracts\win_x64\sgwcontracts.exe] => (Allow) D:\sniper ghost warrior contracts\win_x64\sgwcontracts.exe => No File
FirewallRules: [{14308295-25F2-4901-8DF5-530EA628C62A}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{D539D077-22F1-4A4E-ACD9-B12F91403590}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [UDP Query User{0F973F44-95F7-4528-8411-25F4524A2A9C}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{76E8F8CA-9108-43BE-ABC3-D2320E8D8B01}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{B2E7890C-F611-4EC4-9DF8-2C8DFEE1AA37}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{7E6F36FB-A838-4B9F-9A5F-D5D6A21E1075}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{36AE5206-19B4-4270-9ACA-6AD17B077E6A}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (PUBG CORPORATION -> Bluehole GinnoGames, Inc.)
FirewallRules: [TCP Query User{4658BD78-E5DA-4434-BD0F-FD3D026338DE}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (PUBG CORPORATION -> Bluehole GinnoGames, Inc.)
FirewallRules: [{B4C8B6B1-77FD-4D0E-88FA-C6453FC19371}] => (Allow) D:\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG CORPORATION -> PUBG Corporation)
FirewallRules: [{2EE9FF7D-B819-49D3-AE13-9E3CA0D05551}] => (Allow) D:\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG CORPORATION -> PUBG Corporation)
FirewallRules: [{A481F9AF-A0A7-455A-B8C5-B578AE560DBA}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> )
FirewallRules: [{4053D2D5-87E6-4EB0-BBA4-458F744FFF52}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{08647957-8047-41E1-A2D7-37F4A6DAA28F}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImage.exe (Acronis International GmbH -> )
FirewallRules: [{632CA24B-495C-451D-B330-035B5C1F65B6}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis International GmbH -> )
FirewallRules: [{5059776B-7F65-40DE-B9FB-668486167F1B}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageTools.exe (Acronis International GmbH -> )
FirewallRules: [{EC11AA58-02DE-48FC-80D0-00EAAD7C3EA5}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeService.exe (Acronis International GmbH -> )
FirewallRules: [{E813B00A-98EB-4E01-AEA8-943623762734}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\MediaBuilder.exe (Acronis International GmbH -> )
FirewallRules: [{4D5EC006-4E5D-45BA-9DA9-03033A677DF5}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\SystemReport.exe (Acronis International GmbH -> )
FirewallRules: [{22E3BC61-97EA-40E2-96A3-C23FCA3C8593}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\acronis_drive.exe (Acronis International GmbH -> )
FirewallRules: [{B79D168C-2CF6-4F63-84CE-2F795E51EE06}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{EF1678BC-75D2-4960-A9A1-58735A01AE4B}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe (Acronis International GmbH -> )
FirewallRules: [{CDBB2A6F-ECD5-4F4A-AD6B-49EC29146CE0}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\ga_service.exe (Acronis International GmbH -> )
FirewallRules: [{562552BB-7272-4269-8CF1-579CABB87AE7}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{927C3AFE-EA8B-47BA-88F9-BE2E3C8997E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D2D65BC2-DEA7-44EA-AF90-BC0F37D35799}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D64CF47A-2578-44EB-86DD-A1DA917FB732}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0D33FFEB-3307-4E4F-8B7E-41B7BF00B9B7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{7E8C9265-1C5B-4B70-B8F4-3C16615CB6F3}C:\users\martin\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\martin\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{CFBD22A8-8B0F-41A1-87D9-EA558BF4D856}C:\users\martin\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\martin\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{D1771151-2481-4654-B7BA-EB0E413A1EE8}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{15DCDB1C-7028-4F71-884B-3840CDE704CE}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{C30C0CFF-04A7-4DFF-ABCD-9AF87D6153AE}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{27063BC7-EC0F-4F08-BCCA-57EF139A618E}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{2DC00B46-1878-4D94-B58E-DE1CB622374F}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{4DE6C839-0421-40DD-A107-F4D93AF5151A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{7C1634F2-EE1D-468A-B0ED-5BB3F1DC956F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{C633A48E-625F-4A21-89AA-9341DD0CFD7F}] => (Allow) D:\FIFA19\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{6DC3FF49-0F57-476B-B377-E4E39110F36B}] => (Allow) D:\FIFA19\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{C01D4D4E-962C-4754-B154-C9113E81053A}] => (Allow) D:\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [{A3C2A781-2DB4-4BAA-8614-504F5379DB76}] => (Allow) D:\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [{33ACD65F-1B0E-4BC8-95AB-A83A4F3CA441}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{813997DD-A021-4CD9-B632-07B03270DF9E}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{B0C36551-5C28-47C5-A3FB-65A9DF0E63DE}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{388CAAAC-D744-4350-930E-DDBCBA1BCDD5}C:\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [UDP Query User{67BEDAEB-6055-42DD-8BD6-2BA22442935E}C:\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [{866BB5FC-0472-406B-A264-B537EDCF4ECE}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{99B6FAFB-62C9-43A1-817A-9CB1B1D072A1}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{8449ABDE-C618-40CA-9EF0-9B2415C02D7C}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Application.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{DEA70D0D-B5A6-44E7-9480-61ABD650222D}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Application.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{838801C3-CD72-41A3-A573-505BBD3E7218}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.OrderSupplies.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{E67434A5-0E92-4A63-80D7-65EE2350E71B}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.OrderSupplies.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{64772DFF-1278-41CD-B97E-D8AF617B1546}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Alert.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{0A4492FA-6A59-4B8E-9DDA-E3927FD9581F}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Alert.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{F1C71E61-13D0-4357-9D43-816E193ECC66}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\uninstall.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{B7628C83-9659-49DB-A171-1220B4381A4C}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\uninstall.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{7376F86B-CDCF-42C4-84EB-F0C1106326AC}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\CDAS2PC\Xerox.CDAS2PC.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{B9ADA6E4-5DCC-4E90-B45C-F8330A83DB9A}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\CDAS2PC\Xerox.CDAS2PC.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{18E83BA8-DA89-4CF5-9A56-081D68A2536A}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{18A23B19-459A-4903-82AF-F40A6239F6C1}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{781DAF4A-459B-4005-BC8D-95DD135C3F34}] => (Allow) C:\Users\Martin\AppData\Roaming\uTorrent\uTorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{6E1A2B98-1001-4279-8218-ACA2955A6DD2}] => (Allow) C:\Users\Martin\AppData\Roaming\uTorrent\uTorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{6896169F-8B4F-44D4-8624-51549816EBFA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D2EF2A0D-C009-4284-90D3-171F041D66B3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3DC17ADD-2ED0-4053-889C-A6AE11484B59}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6F7E535D-44D7-416C-807C-3BFA890AD38F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{5FFC3780-70DC-4B5C-8AB5-9F6C421BBA48}C:\forza horizon 4 ultimate edition\forzahorizon4.exe] => (Allow) C:\forza horizon 4 ultimate edition\forzahorizon4.exe => No File
FirewallRules: [UDP Query User{EFE236A3-1E2A-43A1-886B-2C2DE01EE43D}C:\forza horizon 4 ultimate edition\forzahorizon4.exe] => (Allow) C:\forza horizon 4 ultimate edition\forzahorizon4.exe => No File
FirewallRules: [{C390FE52-1D80-4786-9C02-9D07E5BABF4C}] => (Allow) C:\Users\Martin\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{2A7D7710-0883-449D-9F2C-622CA82A4874}] => (Allow) C:\Users\Martin\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{7347B2DF-5264-4F1B-8285-0FF6AF1FC82F}] => (Allow) D:\BMW\3dil billet\9 start\hitpaw-watermark-remover.exe (Adoreshare Co.,Limited -> HitPaw Co., Ltd.)
FirewallRules: [{99DF7F34-9FB9-4A57-B86D-4FB4AB1617E8}] => (Allow) D:\BMW\3dil billet\9 start\hitpaw-watermark-remover.exe (Adoreshare Co.,Limited -> HitPaw Co., Ltd.)
FirewallRules: [{F5395AF1-4E18-41A4-936A-5C82EB04D7E4}] => (Allow) C:\Program Files (x86)\HitPaw\HitPaw Watermark Remover\RemoveWatermark.exe (Adoreshare Co.,Limited -> HitPaw Software)
FirewallRules: [{C64EE62F-25D4-4949-B67C-4CC79BE712BA}] => (Allow) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{CC9F5606-35F9-40A1-B825-F3BA57C00025}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E30ED3CE-39AB-4A30-8245-37CF8FF28CEE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CECEFF73-7929-497A-A129-91EC45C4F41E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0115C1B4-59D4-45E9-BDD9-DE2DEA4F5A18}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5E4AA530-8740-40FB-B0E4-53A059A5134A}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe => No File
FirewallRules: [{F27890F6-911D-49C0-AF9B-EE0F7065E171}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe => No File
FirewallRules: [{E0757E9F-5E7E-4D6D-A475-2D9ECE272B48}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe => No File
FirewallRules: [{8C79C50C-A1D7-4375-AECE-82890AE63BE4}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe => No File
FirewallRules: [{99EACBFE-CE70-4E57-9ED7-9C14617FF667}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe => No File
FirewallRules: [{3E49504C-57A5-46B4-9414-F7B15B98BE14}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe => No File
FirewallRules: [{79F81DF7-D78E-4D96-AD7C-D44E04AB69E3}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File
FirewallRules: [{5117B106-0206-4D52-AD50-3C2B6B9459A0}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\OxygenPanelDaemon.exe => No File
FirewallRules: [{C4A54EAA-B329-49B4-BF3D-69CD6875DB37}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe => No File
FirewallRules: [{8CBB5B11-97FC-4116-874B-ED373E7659A0}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe => No File
FirewallRules: [{E357A79D-2858-4757-BC9B-EFFFBCD4EEC3}] => (Allow) C:\Program Files\Pinnacle\Studio 24\programs\RM.exe => No File
FirewallRules: [{21809EA9-C793-4562-B26F-F226FA6A7149}] => (Allow) C:\Program Files\Pinnacle\Studio 24\programs\RM.exe => No File
FirewallRules: [{C2360229-61DF-4799-8647-1207DAA034E3}] => (Allow) C:\Program Files\Pinnacle\Studio 24\programs\NGStudio.exe => No File
FirewallRules: [{D9E3A80E-6525-4D21-B976-5A244EA9BD17}] => (Allow) C:\Program Files\Pinnacle\Studio 24\programs\NGStudio.exe => No File
FirewallRules: [{1001E57C-EC0C-4686-9409-D0B6C7CDDB24}] => (Allow) C:\Program Files\Pinnacle\Studio 24\programs\UMI.exe => No File
FirewallRules: [{917723DD-A4E8-4E52-B88A-312F45785CA0}] => (Allow) C:\Program Files\Pinnacle\Studio 24\programs\UMI.exe => No File

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (06/02/2021 09:18:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 3.1.3.26837, časové razítko: 0x4f5934c0
Název chybujícího modulu: GDI32.dll, verze: 10.0.19041.746, časové razítko: 0x1baae673
Kód výjimky: 0xc000041d
Posun chyby: 0x00005d67
ID chybujícího procesu: 0x1fec
Čas spuštění chybující aplikace: 0x01d7577ed0e8bee3
Cesta k chybující aplikaci: C:\Users\Martin\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: d2c227b8-2bed-4959-860a-87de92cdf08c
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/01/2021 05:23:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 3.1.3.26837, časové razítko: 0x4f5934c0
Název chybujícího modulu: GDI32.dll, verze: 10.0.19041.746, časové razítko: 0x1baae673
Kód výjimky: 0xc000041d
Posun chyby: 0x00005d67
ID chybujícího procesu: 0x3a9c
Čas spuštění chybující aplikace: 0x01d756c1e48fd8b7
Cesta k chybující aplikaci: C:\Users\Martin\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: e726ff2f-ac6a-45ff-ae49-a2a8c5844f10
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/01/2021 09:00:17 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Elements (I:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (06/01/2021 08:52:03 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Nový svazek (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (06/01/2021 08:36:04 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Nový svazek (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (05/31/2021 06:16:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 3.1.3.26837, časové razítko: 0x4f5934c0
Název chybujícího modulu: GDI32.dll, verze: 10.0.19041.746, časové razítko: 0x1baae673
Kód výjimky: 0xc000041d
Posun chyby: 0x00005d67
ID chybujícího procesu: 0x43b0
Čas spuštění chybující aplikace: 0x01d75635bdd9bfd9
Cesta k chybující aplikaci: C:\Users\Martin\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: 08c07bec-2715-429b-9425-b7e6815ca596
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/31/2021 05:14:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 3.1.3.26837, časové razítko: 0x4f5934c0
Název chybujícího modulu: GDI32.dll, verze: 10.0.19041.746, časové razítko: 0x1baae673
Kód výjimky: 0xc000041d
Posun chyby: 0x00005d67
ID chybujícího procesu: 0x10e0
Čas spuštění chybující aplikace: 0x01d75620fdfe0e49
Cesta k chybující aplikaci: C:\Users\Martin\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: 56a4103c-9c4f-4037-b636-8b033c14aedf
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/31/2021 12:01:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 3.1.3.26837, časové razítko: 0x4f5934c0
Název chybujícího modulu: GDI32.dll, verze: 10.0.19041.746, časové razítko: 0x1baae673
Kód výjimky: 0xc000041d
Posun chyby: 0x00005d67
ID chybujícího procesu: 0x1368
Čas spuštění chybující aplikace: 0x01d755f6a9c3e116
Cesta k chybující aplikaci: C:\Users\Martin\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: 930f60b5-f37b-4892-acda-b3cfbc139a8a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (06/03/2021 09:19:49 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (06/03/2021 08:24:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (06/03/2021 08:24:21 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Martin\AppData\Local\Temp\ehdrv.sys

Error: (06/03/2021 08:24:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (06/03/2021 08:24:20 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Martin\AppData\Local\Temp\ehdrv.sys

Error: (06/03/2021 08:24:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (06/03/2021 08:24:20 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Martin\AppData\Local\Temp\ehdrv.sys

Error: (06/03/2021 08:24:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.


Windows Defender:
================
Date: 2021-06-03 20:46:06
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Tiggre!rfn
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\ProgramData\SalFisher47\AutoUWP Launcher\Use developer features\developer_mode.exe; file:_C:\ProgramData\SalFisher47\AutoUWP Launcher\Use developer features\microsoft_store_apps.exe; file:_C:\ProgramData\SalFisher47\AutoUWP Launcher\Use developer features\sideload_apps.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-69LFJ66\Martin
Název procesu: C:\Users\Martin\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
Verze bezpečnostních informací: AV: 1.339.1926.0, AS: 1.339.1926.0, NIS: 1.339.1926.0
Verze modulu: AM: 1.1.18200.4, NIS: 1.1.18200.4

Date: 2021-06-03 20:46:06
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Tiggre!rfn
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\ProgramData\SalFisher47\AutoUWP Launcher\Use developer features\developer_mode.exe; file:_C:\ProgramData\SalFisher47\AutoUWP Launcher\Use developer features\microsoft_store_apps.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-69LFJ66\Martin
Název procesu: C:\Users\Martin\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
Verze bezpečnostních informací: AV: 1.339.1926.0, AS: 1.339.1926.0, NIS: 1.339.1926.0
Verze modulu: AM: 1.1.18200.4, NIS: 1.1.18200.4

Date: 2021-06-03 20:46:05
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Tiggre!rfn
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\ProgramData\SalFisher47\AutoUWP Launcher\Use developer features\developer_mode.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-69LFJ66\Martin
Název procesu: C:\Users\Martin\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
Verze bezpečnostních informací: AV: 1.339.1926.0, AS: 1.339.1926.0, NIS: 1.339.1926.0
Verze modulu: AM: 1.1.18200.4, NIS: 1.1.18200.4

Date: 2021-06-03 11:17:00
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {C0E2DEA3-538D-41A0-810A-3581582D74F7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-06-01 22:09:40
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {82CC2AD3-2234-438D-AC58-B16271DE014E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2020-12-19 14:47:00
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\WWAHost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 0409 08/24/2018
Motherboard: ASUSTeK COMPUTER INC. TUF B450M-PLUS GAMING
Processor: AMD Ryzen 5 1600X Six-Core Processor
Percentage of memory in use: 56%
Total physical RAM: 16318.82 MB
Available physical RAM: 7035.39 MB
Total Virtual: 26046.82 MB
Available Virtual: 11031.14 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.52 GB) (Free:13.72 GB) NTFS
Drive d: (Nový svazek) (Fixed) (Total:931.5 GB) (Free:26.24 GB) NTFS
Drive e: (2020 záloha plochy) (Fixed) (Total:1862.66 GB) (Free:4.89 GB) HFSJ
Drive f: (Dying Light Platinum Edition) (CDROM) (Total:27.06 GB) (Free:0 GB) UDF
Drive g: (Euro Truck Simulator 2 Iberia) (CDROM) (Total:11.16 GB) (Free:0 GB) UDF
Drive i: (Elements) (Fixed) (Total:698.6 GB) (Free:36.19 GB) NTFS

\\?\Volume{eefd00c4-824a-4bda-82d2-b0270ebff817}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.43 GB) NTFS
\\?\Volume{4b740878-0fc8-4a30-a5a9-05aa90f50aad}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{cbbc910d-1694-45ed-b3e9-76e61563b606}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
\\?\Volume{59fa1fdc-7a9b-46e6-a50c-555d3e4323a5}\ (EFI) (Fixed) (Total:0.19 GB) (Free:0.19 GB) FAT32
\\?\Volume{c75b6ffe-132a-11e9-88c9-0c9d9262121a}\ () (CDROM) (Total:0 GB) (Free:0 GB)

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 2 (Size: 698.6 GB) (Disk ID: 16F2A91F)

Partition: GPT.

==========================================================
Disk: 3 (Size: 1863 GB) (Disk ID: 16F2A91F)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Otevřená stránka s reklamou po startu PC

#2 Příspěvek od Rudy »

Zdravím!
Smažte tento soubor: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat a restartujte PC.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

martin06
Návštěvník
Návštěvník
Příspěvky: 163
Registrován: 07 říj 2006 22:46

Re: Otevřená stránka s reklamou po startu PC

#3 Příspěvek od martin06 »

Dobrý den,
vypadá to, že to pomohlo.

Velice moc děkuji :) a ať se daří !

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Otevřená stránka s reklamou po startu PC

#4 Příspěvek od Rudy »

Já děkuji za přání a vy nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno