Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Napadený účet Netflix prosím o kontrolu NB

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
lubo52
Návštěvník
Návštěvník
Příspěvky: 90
Registrován: 05 zář 2012 14:03

Napadený účet Netflix prosím o kontrolu NB

#1 Příspěvek od lubo52 »

byl jsem v Itálii a byl mi tam napaden účet Netflixu. Začali mi chodit divné emaily s it koncovkou. Poprosím o kontrolu notasu.
Děkuji moc Luboš

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-10-2021
Ran by uzivatel (administrator) on LUBOS_NOTE (LENOVO 80RV) (09-10-2021 01:25:44)
Running from D:\users\lkos\Downloads
Loaded Profiles: uzivatel & postgres
Platform: Windows 10 Home Version 21H1 19043.1237 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\acrocef_1\RdrCEF.exe <7>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe <2>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Discord Inc. -> Discord Inc.) C:\Users\uzivatel\AppData\Local\Discord\app-1.0.9003\Discord.exe <6>
(Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(Epic Games Inc. -> Epic Games, Inc.) D:\Games\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(Epic Games Inc. -> Epic Games, Inc.) D:\Games\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(Google LLC -> ) C:\Program Files\Google\Drive File Stream\51.0.15.0\crashpad_handler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <54>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(HiTi Digital, Inc.) [File not signed] C:\Program Files (x86)\HiTi\HtService\HTService2.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt\IGCC.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_69d915519e0a2ac8\aesm_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_dd5d08598ac3d75d\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_dd5d08598ac3d75d\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_dd5d08598ac3d75d\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_dd5d08598ac3d75d\IntelCpHeciSvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2108.25001.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20436.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20436.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1220_none_7e21bc567c7ed16b\TiWorker.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\9.5\bin\pg_ctl.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\9.5\bin\postgres.exe <7>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Wargaming.net Limited -> Wargaming.net) D:\Wargaming.net\GameCenter\dlls\wgc_renderer_host.exe <3>
(Wargaming.net Limited -> Wargaming.net) D:\Wargaming.net\GameCenter\wargamingerrormonitor.exe
(Wargaming.net Limited -> Wargaming.net) D:\Wargaming.net\GameCenter\wgc.exe
(windowgrid.net) [File not signed] C:\Program Files\WindowGrid\WindowGrid.exe
(windowgrid.net) [File not signed] C:\Program Files\WindowGrid\WindowGridOverlay.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [134936 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18384352 2017-10-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493984 2017-10-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493984 2017-10-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2015-01-09] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [779504 2021-06-29] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [EventDesireeDeluxe] => C:\Program Files (x86)\HiTi\EveDsirDeluxe\HTPntSplr.exe [176128 2011-06-14] () [File not signed]
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\51.0.15.0\GoogleDriveFS.exe [54124376 2021-09-09] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\51.0.15.0\GoogleDriveFS.exe [54124376 2021-09-09] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [190280 2021-08-17] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\Run: [Wargaming.net Game Center] => D:\Wargaming.net\GameCenter\wgc.exe [2147776 2021-10-08] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35093120 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91591032 2020-04-14] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\Run: [EpicGamesLauncher] => D:\Games\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33435616 2021-10-08] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\Run: [Discord] => C:\Users\uzivatel\AppData\Local\Discord\Update.exe [1512040 2021-03-18] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\Run: [Zoner Photo Studio Autoupdate] => D:\programy\Photo Studio 18\Photo Studio 18\Program32\ZPSTRAY.EXE [680520 2017-01-09] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\51.0.15.0\GoogleDriveFS.exe [54124376 2021-09-09] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\MountPoints2: {34ab0ae3-04cc-11ec-897a-ac2b6ef875f6} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2675956952-4226471559-2940555150-1006\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\51.0.15.0\GoogleDriveFS.exe [54124376 2021-09-09] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\51.0.15.0\GoogleDriveFS.exe [54124376 2021-09-09] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\Canon MG5700 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCS.DLL [30208 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5700 series: C:\Windows\system32\CNMLMCS.DLL [406528 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [375296 2015-03-17] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\HiTi P510 Language Monitor: C:\Windows\system32\LMonhrak.dll [129024 2015-10-07] (HiTi Digital, Inc. -> HiTi Digital, Inc.)
HKLM\...\Print\Monitors\Software602 XPS port monitor: C:\Windows\system32\602localmon.dll [54864 2018-05-31] (Software602 a.s. -> Windows (R) Win 7 DDK provider)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\94.0.4606.81\Installer\chrmstp.exe [2021-10-08] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\88.0.7842.105\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Startup: C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk [2019-03-18]
ShortcutTarget: EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon Inc. -> Canon INC.)
Startup: C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2019-12-29]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\uzivatel\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook, Inc. -> Facebook)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {055673F3-2BC0-4636-B174-74ACA81F2B57} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1790184 2021-04-29] (Avast Software s.r.o. -> Avast Software)
Task: {07E1EB51-AE9E-4856-9D1D-E1F204F90459} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {0A88B552-1E5C-4E00-9F2B-D49575E52411} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0B2B404D-95C7-46EE-BF4B-EA2FB85D9F19} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {161B1EC9-C18A-439C-9B86-BB4B53767248} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [64920 2019-12-29] (Microsoft Corporation -> Microsoft)
Task: {1ABD4B52-42B5-4521-B07F-0B2836162F18} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1B9D9010-1ED1-451C-9B4A-36BFC287AB88} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Acrobat Update Task" /ENABLE
Task: {1B9D9010-1ED1-451C-9B4A-36BFC287AB88} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\Adobe Uninstaller" /ENABLE
Task: {1B9D9010-1ED1-451C-9B4A-36BFC287AB88} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\AdobeAAMUpdater-1.0-MicrosoftAccount-lkos@email.cz" /ENABLE
Task: {1B9D9010-1ED1-451C-9B4A-36BFC287AB88} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\AdobeGCInvoker-1.0" /ENABLE
Task: {1B9D9010-1ED1-451C-9B4A-36BFC287AB88} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE
Task: {1B9D9010-1ED1-451C-9B4A-36BFC287AB88} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE
Task: {1B9D9010-1ED1-451C-9B4A-36BFC287AB88} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\CCleanerSkipUAC - uzivatel" /ENABLE
Task: {1B9D9010-1ED1-451C-9B4A-36BFC287AB88} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {1B9D9010-1ED1-451C-9B4A-36BFC287AB88} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {1B9D9010-1ED1-451C-9B4A-36BFC287AB88} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {1B9D9010-1ED1-451C-9B4A-36BFC287AB88} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {1B9D9010-1ED1-451C-9B4A-36BFC287AB88} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {1B9D9010-1ED1-451C-9B4A-36BFC287AB88} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {1B9D9010-1ED1-451C-9B4A-36BFC287AB88} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {1B9D9010-1ED1-451C-9B4A-36BFC287AB88} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(15): schtasks.exe -> /Change /TN "\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {1B9D9010-1ED1-451C-9B4A-36BFC287AB88} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(16): schtasks.exe -> /Change /TN "\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {1B9D9010-1ED1-451C-9B4A-36BFC287AB88} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(17): schtasks.exe -> /Change /TN "\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {1B9D9010-1ED1-451C-9B4A-36BFC287AB88} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(18): schtasks.exe -> /Change /TN "\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {1B9D9010-1ED1-451C-9B4A-36BFC287AB88} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(19): schtasks.exe -> /Change /TN "\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {1B9D9010-1ED1-451C-9B4A-36BFC287AB88} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(20): schtasks.exe -> /Change /TN "\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {1B9D9010-1ED1-451C-9B4A-36BFC287AB88} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(21): schtasks.exe -> /Change /TN "\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {1B9D9010-1ED1-451C-9B4A-36BFC287AB88} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(22): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-2675956952-4226471559-2940555150-1001" /ENABLE
Task: {1B9D9010-1ED1-451C-9B4A-36BFC287AB88} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(23): schtasks.exe -> /Change /TN "\Opera scheduled assistant Autoupdate 1577302546" /ENABLE
Task: {1B9D9010-1ED1-451C-9B4A-36BFC287AB88} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(24): schtasks.exe -> /Change /TN "\Opera scheduled Autoupdate 1577302536" /ENABLE
Task: {1B9D9010-1ED1-451C-9B4A-36BFC287AB88} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(25): schtasks.exe -> /Change /TN "\WindowGrid" /ENABLE
Task: {1B9D9010-1ED1-451C-9B4A-36BFC287AB88} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(26): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {1C09FC2B-FD49-49B3-9E10-6C3696DD52B8} - System32\Tasks\WindowGrid => C:\Program Files\WindowGrid\WindowGrid.exe [565760 2016-05-17] (windowgrid.net) [File not signed]
Task: {1E5BD2B4-C819-4A3F-8456-819281AAAB60} - System32\Tasks\Opera scheduled Autoupdate 1577302536 => C:\Users\uzivatel\AppData\Local\Programs\Opera\launcher.exe
Task: {1E99CFA6-5DD5-4631-B30D-2CE6D091EF78} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {34D44A4A-DEA8-4E3F-8A41-563A8440D0B7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29155968 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3A341974-92D9-4B25-9EF4-A43F0A3C3E55} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {68EE9F61-769F-46F6-8832-D56C499EDC5D} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6BDD7B91-57C7-41D5-AC86-CC9794A5B200} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6CA2161F-D083-4563-B366-32B986989124} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-lkos@email.cz => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {7A94DDB4-F5A5-4889-9DBC-0D2DB42D4EC4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-03] (Google Inc -> Google Inc.)
Task: {7B940F7B-9469-42CC-891E-CFB51C7D2337} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4929304 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
Task: {8ED45CF3-1A91-4325-9EF2-68AE02614287} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {9657BD6C-D92F-4B32-8316-22567BF99280} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A9BDD237-8000-4921-9340-D847948F8752} - System32\Tasks\CCleanerSkipUAC - uzivatel => C:\Program Files\CCleaner\CCleaner.exe [29155968 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {BA408925-32B5-4059-8579-C838EC52AB15} - System32\Tasks\Adobe Uninstaller => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [423152 2021-06-29] (Adobe Inc. -> Adobe Inc.)
Task: {C9136883-C045-4000-A3FC-360DBAF01ADE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-03] (Google Inc -> Google Inc.)
Task: {D7728714-3BE0-4235-A9BE-1526D9D6E613} - System32\Tasks\Opera scheduled assistant Autoupdate 1577302546 => C:\Users\uzivatel\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\uzivatel\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {D8CCF403-8DC7-4E03-9C98-08F5A8C70911} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DE958F4A-A54E-40E4-AF9C-901770F86839} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-09-10] (Piriform Software Ltd -> Piriform)
Task: {F76F23C5-AAC4-4D59-BDBF-9C59F0D09E99} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 193.17.47.1 10.15.13.1 8.8.8.8
Tcpip\..\Interfaces\{1961fd5e-8cb4-400a-af05-853afde3b758}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{4889d55e-0db2-4b0b-96a8-521e56b89848}: [DhcpNameServer] 192.168.0.1 193.17.47.1 10.15.13.1 8.8.8.8
Tcpip\..\Interfaces\{a9fbbf52-8c95-4d8e-a930-90118eb1a9a6}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{a9fbbf52-8c95-4d8e-a930-90118eb1a9a6}: [DhcpNameServer] 192.168.0.1 193.17.47.1 10.15.13.1 8.8.8.8

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\uzivatel\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-08]
Edge HomePage: Default -> hxxp://www.seznam.cz/

FireFox:
========
FF DefaultProfile: 6rklpty8.default
FF ProfilePath: C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\6rklpty8.default [2021-10-05]
FF NewTab: Mozilla\Firefox\Profiles\6rklpty8.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10444__191225
FF Plugin: @videolan.org/vlc,version=3.0.11 -> D:\programy\vlc\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> D:\programy\vlc\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> D:\programy\vlc\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> D:\programy\vlc\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2021-06-29] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2017-10-17] (CANON INC.) [File not signed]
FF Plugin-x32: @parallelgraphics.com/Cortona -> C:\Program Files (x86)\Common Files\ParallelGraphics\Cortona\npcortona.dll [2020-06-03] (Parallel Graphics Limited -> ParallelGraphics)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-09-25] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2021-06-29] (Adobe Inc. -> Adobe Systems)

Chrome:
=======
CHR Profile: C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default [2021-10-09]
CHR Notifications: Default -> hxxps://aukro.cz; hxxps://business.facebook.com; hxxps://calendar.google.com; hxxps://click-now-extra-special.online; hxxps://cryptosvet.cz; hxxps://drive.google.com; hxxps://meet.google.com; hxxps://paleosnadno.cz; hxxps://twitter.com; hxxps://www.airbaltic.com; hxxps://www.eglobalcentraleu.com; hxxps://www.facebook.com; hxxps://www.fotoskoda.cz; hxxps://www.netflix.com; hxxps://www.pestryjidelnicek.cz; hxxps://www.spuntik.cz; hxxps://www.working-dog.com; hxxps://www.youtube.com
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR Extension: (Překladač Google) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2021-08-15]
CHR Extension: (Prezentace) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-03]
CHR Extension: (DeFi Saver Gas Prices Extension) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\afgfdkloegmghldbalmenklokhlifphe [2021-04-27]
CHR Extension: (Dokumenty) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-03]
CHR Extension: (Disk Google) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (YouTube) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-03]
CHR Extension: (User-Agent Switcher for Chrome) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg [2019-09-23]
CHR Extension: (Avast Passwords) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2020-02-10]
CHR Extension: (Tabulky) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-09-03]
CHR Extension: (Yoroi) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffnbelfdoeiohenkjibnmadjiehjhajb [2021-09-30]
CHR Extension: (Binance Wallet) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhbohimaelbohpjbbldcngcnapndodjp [2021-08-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-09-23]
CHR Extension: (Google Kalendář) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2021-01-09]
CHR Extension: (FormApps Extension) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2021-02-03]
CHR Extension: (WPSNIFFER - WordPress Themes Sniffer) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kihhefcbenhkjgjhchanjfhhflaojldn [2019-10-23]
CHR Extension: (Alt Text Tester) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\koldhcllpbdfcdpfpbldbicbgddglodk [2018-10-31]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-01-23]
CHR Extension: (polkadot{.js} extension) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mopnmbcafieddcagagdcbnhejhlodfdd [2021-09-17]
CHR Extension: (EXIF Viewer) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafpfdcmppffipmhcpkbplhkoiekndck [2018-09-03]
CHR Extension: (MetaMask) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2021-09-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Profile: C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\System Profile [2021-10-05]
CHR HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [842480 2021-06-29] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3779840 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3547904 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8323664 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [630040 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [377624 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-05-21] (Avast Software s.r.o. -> AVAST Software)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4452456 2019-12-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [197120 2017-07-13] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
R2 HiTi Print Service; C:\Program Files (x86)\HiTi\HtService\HTService2.exe [231936 2020-12-22] (HiTi Digital, Inc.) [File not signed]
S4 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [397472 2018-03-15] (Canon Inc. -> )
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21304 2017-09-28] (Microsoft Corporation -> Microsoft Corporation)
R2 postgresql-x64-9.5; C:\Program Files\PostgreSQL\9.5\bin\pg_ctl.exe [94208 2016-08-09] (PostgreSQL Global Development Group) [File not signed]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [187904 2017-09-28] (Microsoft Corporation) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [3201616 2019-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe [103168 2019-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35720 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [221600 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [369176 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250408 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99368 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2021-09-26] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41368 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [184640 2021-09-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [538480 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107864 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82912 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851712 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [557152 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215392 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [328568 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
S3 athur; C:\WINDOWS\System32\drivers\athurx.sys [1847296 2010-01-05] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R3 DaVinciKeyboards; C:\WINDOWS\System32\drivers\DaVinciKeyboards.sys [27368 2021-06-23] (WDKTestCert build,131958900460134002 -> Blackmagic Design)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2019-12-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2019-12-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 googledrivefs3525; C:\WINDOWS\System32\DRIVERS\googledrivefs3525.sys [389640 2021-09-09] (Google LLC -> Google, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-11-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [351968 2019-11-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-11-07] (Microsoft Windows -> Microsoft Corporation)
U3 aspnet_state; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-10-09 01:25 - 2021-10-09 01:26 - 000000000 ____D C:\FRST
2021-10-05 20:43 - 2021-10-05 20:43 - 000001364 ____C C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2021-10-05 20:43 - 2021-10-05 20:43 - 000000000 ____D C:\Users\uzivatel\AppData\Local\PCHealthCheck
2021-10-05 11:51 - 2021-10-08 23:47 - 000002320 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - uzivatel
2021-09-26 14:48 - 2021-09-26 14:48 - 000215392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-09-26 14:48 - 2021-09-26 14:47 - 000340248 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-09-24 12:53 - 2021-09-24 12:53 - 000002064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2021-09-24 12:53 - 2021-09-24 12:53 - 000001899 _____ C:\Users\Default\Desktop\Google Slides.lnk
2021-09-24 12:53 - 2021-09-24 12:53 - 000001899 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2021-09-24 12:53 - 2021-09-24 12:53 - 000001887 _____ C:\Users\Default\Desktop\Google Docs.lnk
2021-09-24 12:53 - 2021-09-09 10:29 - 000389640 _____ (Google, Inc.) C:\WINDOWS\system32\Drivers\googledrivefs3525.sys
2021-09-17 08:29 - 2021-09-17 08:29 - 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll
2021-09-17 08:29 - 2021-09-17 08:29 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-09-17 08:29 - 2021-09-17 08:29 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-09-17 08:29 - 2021-09-17 08:29 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-09-17 08:29 - 2021-09-17 08:29 - 001313608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-09-17 08:29 - 2021-09-17 08:29 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-09-17 08:29 - 2021-09-17 08:29 - 000672768 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-09-17 08:29 - 2021-09-17 08:29 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-09-17 08:29 - 2021-09-17 08:29 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-09-17 08:29 - 2021-09-17 08:29 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-09-17 08:29 - 2021-09-17 08:29 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-09-17 08:29 - 2021-09-17 08:29 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2021-09-17 08:29 - 2021-09-17 08:29 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2021-09-17 08:29 - 2021-09-17 08:29 - 000011355 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-09-17 08:28 - 2021-09-17 08:28 - 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll
2021-09-17 08:28 - 2021-09-17 08:28 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-09-17 08:28 - 2021-09-17 08:28 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-09-17 08:28 - 2021-09-17 08:28 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-09-17 08:28 - 2021-09-17 08:28 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-09-17 08:28 - 2021-09-17 08:28 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-09-17 08:18 - 2021-09-17 08:18 - 000000000 ___HD C:\$WinREAgent
2021-09-15 11:49 - 2021-09-15 11:49 - 000001142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder 2021.lnk
2021-09-15 11:39 - 2021-09-15 11:39 - 000001130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2021.lnk
2021-09-15 11:23 - 2021-09-15 11:23 - 000001064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2021.lnk
2021-09-15 11:07 - 2021-09-15 11:07 - 000001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder 2019.lnk
2021-09-15 09:08 - 2019-09-27 19:41 - 000000000 ____D C:\Users\uzivatel\Desktop\EA - WEDDING TITLE
2021-09-15 09:08 - 2019-09-25 22:46 - 000000000 ____D C:\Users\uzivatel\Desktop\FONT
2021-09-15 08:58 - 2021-09-15 08:58 - 000001151 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2019.lnk
2021-09-09 14:40 - 2021-09-09 14:40 - 000001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom Classic.lnk
2021-09-09 14:26 - 2021-09-09 14:26 - 000001026 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge 2021.lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-10-09 01:25 - 2021-05-16 20:45 - 000000000 ____D C:\Users\uzivatel\AppData\Local\Discord
2021-10-09 01:25 - 2021-01-26 18:38 - 000000000 ____D C:\Users\uzivatel\AppData\Roaming\discord
2021-10-09 01:07 - 2020-08-27 15:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-10-09 01:07 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-10-08 23:47 - 2021-05-19 12:14 - 000002370 _____ C:\WINDOWS\system32\Tasks\Adobe Uninstaller
2021-10-08 23:47 - 2020-08-27 15:59 - 000003932 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1577302546
2021-10-08 23:47 - 2020-08-27 15:59 - 000003672 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1577302536
2021-10-08 23:47 - 2020-08-27 15:59 - 000003572 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-10-08 23:47 - 2020-08-27 15:59 - 000003542 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-10-08 23:47 - 2020-08-27 15:59 - 000003462 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-10-08 23:47 - 2020-08-27 15:59 - 000003458 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-10-08 23:47 - 2020-08-27 15:59 - 000003348 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-10-08 23:47 - 2020-08-27 15:59 - 000003256 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-10-08 23:47 - 2020-08-27 15:59 - 000003238 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-10-08 23:47 - 2020-08-27 15:59 - 000003212 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-10-08 23:47 - 2020-08-27 15:59 - 000003048 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-10-08 23:47 - 2020-08-27 15:59 - 000003044 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-10-08 23:47 - 2020-08-27 15:59 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-10-08 23:47 - 2020-08-27 15:59 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-10-08 23:47 - 2020-08-27 15:59 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-10-08 23:47 - 2020-08-27 15:59 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-10-08 23:47 - 2020-08-27 15:59 - 000002974 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-10-08 23:47 - 2020-08-27 15:59 - 000002922 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2675956952-4226471559-2940555150-1001
2021-10-08 23:47 - 2020-08-27 15:59 - 000002852 _____ C:\WINDOWS\system32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-lkos@email.cz
2021-10-08 23:47 - 2020-08-27 15:59 - 000002804 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-10-08 23:47 - 2020-08-27 15:59 - 000002672 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2021-10-08 23:47 - 2020-08-27 15:59 - 000002424 _____ C:\WINDOWS\system32\Tasks\WindowGrid
2021-10-08 23:47 - 2020-08-27 15:59 - 000002280 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-10-08 23:47 - 2020-08-27 15:59 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-10-08 23:09 - 2018-09-03 19:05 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-10-08 23:09 - 2018-09-03 19:05 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-10-08 23:09 - 2018-09-03 19:04 - 000000000 ____D C:\Program Files (x86)\Google
2021-10-08 19:53 - 2020-08-24 08:45 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-10-08 16:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-10-08 15:49 - 2018-09-06 13:21 - 000000000 ___DC C:\Users\uzivatel\AppData\Local\CrashDumps
2021-10-08 13:42 - 2018-09-14 10:39 - 000000000 ___DC C:\Users\uzivatel\AppData\Roaming\vlc
2021-10-08 12:59 - 2020-10-07 19:33 - 000000000 ____D C:\Users\uzivatel\AppData\Local\Room Arranger
2021-10-08 07:55 - 2018-09-04 06:37 - 000000000 ___DC C:\Users\uzivatel\AppData\Local\AVAST Software
2021-10-08 07:32 - 2020-08-27 15:43 - 001782064 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-10-08 07:32 - 2019-12-07 16:41 - 000746904 _____ C:\WINDOWS\system32\perfh005.dat
2021-10-08 07:32 - 2019-12-07 16:41 - 000160458 _____ C:\WINDOWS\system32\perfc005.dat
2021-10-08 07:32 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-10-08 07:27 - 2018-09-03 13:35 - 000000000 ____D C:\ProgramData\NVIDIA
2021-10-08 07:26 - 2018-10-03 17:53 - 000000000 ____D C:\Program Files\CCleaner
2021-10-08 07:25 - 2018-09-03 13:27 - 000000000 __SHD C:\Users\uzivatel\IntelGraphicsProfiles
2021-10-08 07:24 - 2020-08-27 15:59 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-10-08 07:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-10-08 07:24 - 2018-09-04 06:34 - 000000000 ____D C:\ProgramData\AVAST Software
2021-10-07 21:10 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-10-06 17:16 - 2020-09-03 19:47 - 000000000 ____D C:\ProgramData\Sony
2021-10-06 10:50 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-10-06 10:17 - 2018-09-03 19:20 - 000000000 ___RD C:\Users\uzivatel\Creative Cloud Files
2021-10-04 11:41 - 2021-03-25 20:01 - 000000000 ___HD C:\adobeTemp
2021-10-03 18:07 - 2018-09-03 19:03 - 000000000 ___DC C:\Users\uzivatel\AppData\Local\Google
2021-10-03 18:00 - 2020-06-10 18:40 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-10-03 18:00 - 2020-06-10 18:40 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-10-03 17:54 - 2018-09-06 10:27 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-10-02 08:01 - 2020-08-27 15:59 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-09-28 08:56 - 2020-10-15 08:12 - 000184640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-09-26 14:48 - 2020-04-14 19:54 - 000538480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-09-26 14:48 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-09-26 14:48 - 2019-01-06 13:33 - 000250408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-09-26 14:48 - 2019-01-06 13:33 - 000099368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-09-26 14:48 - 2018-09-04 06:36 - 000557152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-09-26 14:48 - 2018-09-04 06:36 - 000328568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-09-26 14:48 - 2018-09-04 06:36 - 000107864 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-09-26 14:48 - 2018-09-04 06:36 - 000082912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-09-26 14:48 - 2018-09-04 06:36 - 000021936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2021-09-26 14:47 - 2021-04-12 18:43 - 000035720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-09-26 14:47 - 2020-08-27 15:44 - 000002390 ____C C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-09-26 14:47 - 2019-01-14 17:33 - 000369176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-09-26 14:47 - 2018-10-23 08:43 - 000041368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-09-26 14:47 - 2018-09-04 06:36 - 000851712 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-09-26 14:47 - 2018-09-04 06:36 - 000221600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-09-26 14:46 - 2019-03-20 08:36 - 000000000 ___DC C:\Users\uzivatel\AppData\Local\NVIDIA Corporation
2021-09-24 12:53 - 2018-10-24 10:44 - 000002073 _____ C:\Users\Public\Desktop\Google Slides.lnk
2021-09-24 12:53 - 2018-10-24 10:44 - 000002071 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2021-09-24 12:53 - 2018-10-24 10:44 - 000002061 _____ C:\Users\Public\Desktop\Google Docs.lnk
2021-09-24 12:53 - 2018-10-24 10:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2021-09-24 12:53 - 2018-10-24 10:44 - 000000000 ____D C:\Program Files\Google
2021-09-22 17:50 - 2018-09-11 09:12 - 000000000 ___DC C:\Users\uzivatel\AppData\Local\D3DSCache
2021-09-21 13:31 - 2018-09-03 19:40 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-09-19 10:00 - 2020-08-27 15:40 - 005029144 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-09-17 21:20 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-09-17 21:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-09-17 21:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-09-17 21:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-09-17 21:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-09-17 21:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-09-17 21:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-09-17 21:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-09-17 21:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-09-17 21:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-09-17 21:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2021-09-17 21:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-09-17 21:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-09-17 21:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-09-17 21:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-09-17 21:20 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-09-17 08:32 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-09-15 11:49 - 2018-09-03 19:21 - 000000000 ____D C:\Program Files\Adobe
2021-09-15 08:29 - 2018-09-03 13:41 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-09-15 08:25 - 2018-09-03 13:41 - 135637312 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-09-10 20:30 - 2018-11-12 09:49 - 000000000 ____D C:\ProgramData\CanonIJPLM
2021-09-09 14:20 - 2018-09-03 19:16 - 000000000 ____D C:\ProgramData\Adobe

==================== Files in the root of some directories ========

2020-01-24 18:45 - 2020-03-04 13:38 - 000001480 _____ () C:\Users\uzivatel\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2018-11-20 14:05 - 2018-11-20 14:05 - 000000096 ____C () C:\Users\uzivatel\AppData\Local\fusioncache.dat
2018-09-30 19:16 - 2019-10-17 04:00 - 000000410 ____C () C:\Users\uzivatel\AppData\Local\oobelibMkey.log
2019-11-06 19:31 - 2020-03-18 12:34 - 000007601 ____C () C:\Users\uzivatel\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)



testsigning: ==> 'testsigning' is set. Check for possible unsigned driver <==== ATTENTION
==================== End of FRST.txt ========================



Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-10-2021
Ran by uzivatel (09-10-2021 01:27:11)
Running from D:\users\lkos\Downloads
Windows 10 Home Version 21H1 19043.1237 (X64) (2020-08-27 14:00:02)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2675956952-4226471559-2940555150-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2675956952-4226471559-2940555150-503 - Limited - Disabled)
Guest (S-1-5-21-2675956952-4226471559-2940555150-501 - Limited - Disabled)
info (S-1-5-21-2675956952-4226471559-2940555150-1004 - Limited - Disabled)
postgres (S-1-5-21-2675956952-4226471559-2940555150-1006 - Limited - Enabled) => C:\Users\postgres
uzivatel (S-1-5-21-2675956952-4226471559-2940555150-1001 - Administrator - Enabled) => C:\Users\uzivatel
WDAGUtilityAccount (S-1-5-21-2675956952-4226471559-2940555150-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.007.20095 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.89 - Adobe Systems Incorporated)
Adobe Bridge 2021 (HKLM-x32\...\KBRG_11_1_1) (Version: 11.1.1 - Adobe Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.5.0.617 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_10_4) (Version: 10.4 - Adobe Inc.)
Adobe Media Encoder 2019 (HKLM-x32\...\AME_13_1) (Version: 13.1 - Adobe Inc.)
Adobe Media Encoder 2021 (HKLM-x32\...\AME_15_4_1) (Version: 15.4.1 - Adobe Inc.)
Adobe Photoshop 2021 (HKLM-x32\...\PHSP_22_5_1) (Version: 22.5.1.441 - Adobe Inc.)
Adobe Premiere Pro 2019 (HKLM-x32\...\PPRO_13_1_2) (Version: 13.1.2 - Adobe Inc.)
Adobe Premiere Pro 2021 (HKLM-x32\...\PPRO_15_4_1) (Version: 15.4.1 - Adobe Inc.)
Application Verifier x64 External Package (HKLM\...\{D9908CED-5ABB-FEE9-FC84-743F4D38637C}) (Version: 10.1.16299.15 - Microsoft) Hidden
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 21.8.2487 - Avast Software)
Backup and Sync from Google (HKLM\...\{AE7B9534-BD28-4C51-838F-A847C2A206E2}) (Version: 3.57.3958.2866 - Google, Inc.)
Blackmagic RAW Common Components (HKLM\...\{FC105F36-D90B-4135-B954-F50CDCFACA3D}) (Version: 2.1 - Blackmagic Design)
Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
C:\Program Files\Adobe\Adobe Lightroom Classic CC\LRcestina_uninstall.exe (HKLM-x32\...\CZ Lokalizace pro Lightroom CC 2015.8 a 6.8_is1) (Version: 1.1 - )
C:\Program Files\Adobe\Adobe Lightroom Classic CC\LRcestina_uninstall.exe (HKLM-x32\...\CZ Lokalizace pro Lightroom Classic 8.3 a novější_is1) (Version: 1.2 - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.4.4 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.7.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.20.13 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.0.0 - Canon Inc.)
Canon MG5700 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5700_series) (Version: 1.00 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
Canon Utilities EOS Lens Registration Tool (HKLM-x32\...\EOS Lens Registration Tool) (Version: 1.9.0.0 - Canon Inc.)
Canon Utilities EOS Utility 2 (HKLM-x32\...\EOS Utility 2) (Version: 2.14.20.0 - Canon Inc.)
Canon Utilities EOS Utility 3 (HKLM-x32\...\EOS Utility 3) (Version: 3.9.0.0 - Canon Inc.)
Canon Utilities EOS Web Service Registration Tool (HKLM-x32\...\EOS Web Service Registration Tool) (Version: 1.8.0.0 - Canon Inc.)
Catalyst Browse 2019.2 (HKLM\...\{17C59191-A0B5-11EA-B33C-5CF9DD6B5363}) (Version: 2019.2.2.409 - Sony)
Catalyst Prepare 2019.2 (HKLM\...\{575F1F70-A1D1-11EA-BFA2-5CF9DD6B5363}) (Version: 2019.2.2.409 - Sony)
CCleaner (HKLM\...\CCleaner) (Version: 5.85 - Piriform)
Cortona3D Viewer (HKLM\...\{F61C39E2-C1BC-4DBB-9755-7006A1721DE8}) (Version: 8.8.215 - ParallelGraphics)
CPUID CPU-Z 1.90 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.90 - CPUID, Inc.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.11.0.1001 - Disc Soft Ltd)
DaVinci Resolve (HKLM\...\{AD85B92D-FC16-4632-9CEA-8BD8C09779B1}) (Version: 17.3.00014 - Blackmagic Design)
DaVinci Resolve Control Panels (HKLM\...\{FB1E6849-EE02-49DB-952C-6DD093D74DB0}) (Version: 2.0.0.0 - Blackmagic Design)
DaVinci Resolve Keyboards (HKLM\...\{04F776FB-37A2-4116-84F2-6CF3D731999D}) (Version: 1.0.0.0 - Blackmagic Design)
DidaktaCZ 1.0.0 (HKLM-x32\...\7e81f6ca-38af-5207-b03c-2ecbe5f1ce8e) (Version: 1.0.0 - SILCOM Multimedia, s.r.o.)
Discord (HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\Discord) (Version: 1.0.9001 - Discord Inc.)
Dolby Audio X2 Windows API SDK (HKLM\...\{F994125B-7BF5-4A38-A569-82833CEB24DC}) (Version: 0.8.4.83 - Dolby Laboratories, Inc.)
eFrame Converter (HKLM-x32\...\{C69173B6-A0F2-4BAB-93C4-3E83A5F85567}) (Version: 1.0.2.7 - HiTi)
Epic Games Launcher (HKLM-x32\...\{FEF3A9BA-A962-4469-AD62-04839D4BB847}) (Version: 1.1.298.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
EventDesiree Deluxe (HKLM-x32\...\{5483D431-43FD-4192-ABCE-7B795C263B80}) (Version: 1.1.8.9 - HiTi)
Facebook Gameroom 1.22.7235.32722 (HKLM-x32\...\{2867E3AE-18BA-4BCF-8268-F797A401ED86}) (Version: 1.22.7235.32722 - Facebook)
Fairlight Audio Accelerator Utility (HKLM\...\FairlightAudioAccelerator_is1) (Version: 1.0.13 - Blackmagic Design)
Fairlight Studio Utility (HKLM\...\{99BCB768-4C60-4944-9E69-DA8808F98661}) (Version: 1.3.0.0 - Blackmagic Design)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 51.0.15.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 94.0.4606.81 - Google LLC)
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
HiTi Photo Printer P510 series (HKLM\...\HiTi Photo Printer P510 series) (Version: - )
HiTi Photo Printer P51x series (HKLM\...\HiTi Photo Printer P51x series) (Version: 3.7.4.35 - HiTi Digital, Inc.)
HiTi PicviteMinilab2 (HKLM-x32\...\{4EC042BD-9464-41D6-9558-3C74BBDAC2B7}) (Version: 2.0.29.43 - HiTi)
HTService (HKLM-x32\...\InstallShield_{EE47F9CD-7979-42A3-88DC-2EAE949110F9}) (Version: - HiTi Digital, Inc.)
IDCreator (HKLM-x32\...\{CA1BF7E1-A0C9-40D3-9E51-3ACB315ADBB5}) (Version: 1.0.5.7 - HiTi)
IDQuickDesiree (HKLM-x32\...\{1C68A3E2-8B47-4FDF-B066-E3E6BFEAD268}) (Version: v1.0.10.6 - HiTi)
Imagenomic Portraiture 2.3 Plug-in (build 2308) (HKLM\...\ImagenomicPortraiturePlugin) (Version: - )
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.5018 - Intel Corporation)
Kits Configuration Installer (HKLM-x32\...\{86E59C8F-61D5-1782-A3CE-60AE7E4D7791}) (Version: 10.1.16299.15 - Microsoft) Hidden
Kontrola stavu osobního počítače s Windows (HKLM\...\{D18FE9D2-2F54-4C68-A2DE-A59D4A80A9BC}) (Version: 3.1.2109.29003 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LAV Filters 0.74.1 (HKLM-x32\...\lavfilters_is1) (Version: 0.74.1 - Hendrik Leppkes)
Ledger Live 2.25.1 (HKLM\...\c62032b2-0bca-5abc-b458-fd67cfc9e49b) (Version: 2.25.1 - Ledger Live Team)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 94.0.992.38 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\OneDriveSetup.exe) (Version: 21.170.0822.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29913 (HKLM-x32\...\{855e31d2-9031-46e1-b06d-c9d7777deefb}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29913 (HKLM-x32\...\{03d1453c-7d5c-479c-afea-8482f406e036}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 2.4.1080.1113 - Microsoft Corporation)
Mozilla Firefox 72.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 72.0.2 (x64 cs)) (Version: 72.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0.1 - Mozilla)
MSI Development Tools (HKLM-x32\...\{973CACA2-E018-065B-0580-F2784802E299}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
NVIDIA CUDA Development 10.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDADevelopment_10.1) (Version: 10.1 - NVIDIA Corporation)
NVIDIA CUDA Documentation 10.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDADocument_10.1) (Version: 10.1 - NVIDIA Corporation)
NVIDIA CUDA Runtime 10.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDARuntimes_10.1) (Version: 10.1 - NVIDIA Corporation)
NVIDIA CUDA Samples 10.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_samples_10.1) (Version: 10.1 - NVIDIA Corporation)
NVIDIA CUDA Visual Studio Integration 10.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_visual_studio_integration_10.1) (Version: 10.1 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Nsight Compute v2019.1 (HKLM\...\{A6575507-1758-44F6-B68A-7FB16826550F}) (Version: 19.1.0.0 - NVIDIA Corporation)
NVIDIA Nsight Systems v2018.3.3 (HKLM\...\{27969759-4685-4B75-A2D9-569EF76B0F7A}) (Version: 18.3.3.31 - NVIDIA Corporation)
NVIDIA Nsight Visual Studio Edition 2019.1.0.19017 (HKLM\...\{3D4CA9A5-E49A-4D71-A991-134A2B389033}) (Version: 19.1.0.19017 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NVIDIA Tools Extension SDK (NVTX) - 64 bit (HKLM\...\{B56D2F88-8865-40FD-B7AC-F074EE4D201D}) (Version: 1.00.00.00 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 25.0.8 - OBS Project)
OpenOffice 4.1.5 (HKLM-x32\...\{2FEA9841-64DE-4FA5-A36F-1CD23E2790EB}) (Version: 4.15.9789 - Apache Software Foundation)
PerformanceTest v9.0 (HKLM\...\PerformanceTest 9_is1) (Version: 9.0.1034.0 - Passmark Software)
PostgreSQL 9.5 (HKLM\...\PostgreSQL 9.5) (Version: 9.5 - PostgreSQL Global Development Group)
ProFact 2017 (HKLM-x32\...\ProFact_is1) (Version: - eXmind)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Registrace uživatele zařízení Canon MG5700 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG5700 series) (Version: - ‭Canon Inc.)
Room Arranger (64-bit) (HKLM-x32\...\Room Arranger x64) (Version: 9.5.5 - Jan Adamec)
Saal Designer (HKLM-x32\...\{CDB7C673-311A-AB20-D4A4-8F67E39CDFCD}) (Version: 4.0 - Saal Digital Fotoservice GmbH) Hidden
Saal Designer (HKLM-x32\...\SaalDesigner) (Version: 4.0 - Saal Digital Fotoservice GmbH)
Screaming Frog SEO Spider (HKLM-x32\...\Screaming Frog SEO Spider) (Version: 12.6 - Screaming Frog Ltd)
SDK ARM Additions (HKLM-x32\...\{7922BB77-0B59-840A-AC80-D560A34D75C5}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
SDK ARM Redistributables (HKLM-x32\...\{C87DF65C-A672-7E08-A083-E7D48FE8DB70}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Skype verze 8.59 (HKLM-x32\...\Skype_is1) (Version: 8.59 - Skype Technologies S.A.)
Software602 Signer (HKLM-x32\...\{8F4B06F9-7493-4BA9-9E43-BC0DAF5D3524}) (Version: 3.8.3.1021 - Software602 a.s.)
Sublime Text Build 3176 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
Sweet Home 3D version 6.4.2 (HKLM\...\Sweet Home 3D_is1) (Version: 6.4.2 - eTeks)
Telegram Desktop version 2.7.1 (HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.7.1 - Telegram FZ-LLC)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.21a - Ghisler Software GmbH)
TreeSize Free V4.2.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.2.2 - JAM Software)
Universal CRT Extension SDK (HKLM-x32\...\{A5FA2886-1925-133F-0D41-B9A8ECEA0A2D}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{B739B4C5-EEEC-8E70-0276-38C4779AF398}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{A9D6F52C-694E-3E41-7AB8-5BEB644742A5}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{E053089E-7953-3219-814F-F485FC151C54}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{B9424F08-0617-C4F6-A798-5A9250C1A738}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{D261CEA1-AB8D-9CFA-4407-BCEFC78661AC}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
vcpp_crt.redist.clickonce (HKLM-x32\...\{548647C7-4C0F-4DC4-8DAA-F46C67158370}) (Version: 14.24.28127 - Microsoft Corporation) Hidden
Visual SEO Studio (HKLM-x32\...\{eba42d56-4abc-4c33-9e8f-e096a534bea9}) (Version: 2.0.0.0 - aStonish Studio)
Visual Studio Community 2017 (HKLM-x32\...\e16f7db9) (Version: 15.9.28307.960 - Microsoft Corporation)
Visual Studio Community 2019 (HKLM-x32\...\69c74ea3) (Version: 16.4.29613.14 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
VS Script Debugging Common (HKLM\...\{D8B26CBD-15D2-440B-BCBD-5616D74EFC7D}) (Version: 16.0.98.0 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{D885E075-8219-4378-9D28-3F76A6FE758E}) (Version: 16.4.29430 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{72E86320-AFF2-44F8-9C8B-0BD51E5B14DE}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{AD0C92A4-1514-4BC1-A723-A272A8343924}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{2C6EB385-1400-4B2E-8AE9-1F01FC236772}) (Version: 16.4.29411 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{AF6BD1E3-7FE3-4DED-B9A0-D564B0F4C349}) (Version: 16.4.29411 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{692A0FB3-E6A2-4D41-AC03-4136B4312DC0}) (Version: 16.3.29209 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{27B16914-BC5D-4018-8074-071262A27F6D}) (Version: 16.2.28917 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{4B6D2CD8-324E-4462-AFD6-8F33E08BB214}) (Version: 16.4.29411 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{68B8AD33-CE97-4C3D-9583-669C39D21BA5}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{DA2B1838-3B2E-4220-8B2E-796F4624D463}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{E208E682-50EE-4F2F-9860-C91B906B8A03}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0-3) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Wargaming.net Game Center (HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\Wargaming.net Game Center) (Version: 21.6.0.6455 - Wargaming.net)
WarThunder (HKLM-x32\...\WarThunder) (Version: - ) <==== ATTENTION
WD My Cloud (HKLM\...\{4B86F896-11DC-4711-BB60-81104832FA44}) (Version: 1.0.7.17 - Western Digital Technologies, Inc.)
WhatsApp (HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\WhatsApp) (Version: 0.3.2848 - WhatsApp)
WinAppDeploy (HKLM-x32\...\{9690D51C-4435-1C20-7819-66CCAB0F03F9}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows SDK AddOn (HKLM-x32\...\{350F0ECD-0783-4529-8797-98F0AD33EAC0}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.16299.15 (HKLM-x32\...\{6195c203-b53c-4bb7-983a-6070a902e704}) (Version: 10.1.16299.15 - Microsoft Corporation)
WinHTTrack Website Copier 3.49-2 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.49.2 - HTTrack)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{385A1387-A488-9E90-3635-086129610034}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{D7DD3171-DA58-52A1-95B2-4769640855AF}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{7336279F-8F8F-5530-A543-3BE963846C0A}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{E414A474-0A87-4F66-C409-A4D9857CFD34}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{CE760B86-975B-F514-5673-0ED4332B801B}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{5E67F8BE-D8D2-257F-CE19-419A2D5125C7}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{A2AA063E-AF50-A1F5-8925-A06EB1556644}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{7D4C7F4A-02A9-E434-6451-C8787DF28C1F}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{BC467065-9374-5345-DA3F-FCF073304A25}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Wondershare Data Recovery(Build 6.6.1.0) (HKLM-x32\...\{FEA3976F-D621-45F3-AFBD-E812A1F2F00D}_is1) (Version: 6.6.1.0 - Wondershare Software Co.,Ltd.)
Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)
Wondershare Recoverit(Build 9.7.2.12) (HKLM-x32\...\{829555DC-31E5-4FEA-B350-8FCF24CECD95}_is1) (Version: 9.7.2.12 - Wondershare Software Co.,Ltd.)
World of Tanks EU (HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\WOT.EU.PRODUCTION) (Version: - Wargaming.net)
World_of_Warships_EU (HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\WOWS.EU.PRODUCTION) (Version: - Wargaming.net)
Zoner Photo Studio 18 (HKLM\...\ZonerPhotoStudio18_CZ_is1) (Version: 18.0.1.10 - ZONER software)

Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2020-07-10] (Adobe Systems Incorporated)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2120.1.0_x86__kgqvnymyfvs32 [2021-10-02] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.203.500.0_x86__kgqvnymyfvs32 [2021-10-02] (king.com)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-02-18] (Canon Inc.)
Code of War -> C:\Program Files\WindowsApps\CND4528B94-2EA2-4D85-B0B7.CodeofWar_3.16.5.0_x64__zxxvj7ezs5pcc [2021-05-07] (Extreme Developers)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.10.183.0_x64__rz1tebttyb220 [2021-10-02] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-06-22] (Microsoft Corporation)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.17.0_neutral__8xx8rvfyw5nnt [2021-10-04] (Instagram)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-04] (Microsoft Studios) [MS Ad]
Neat Office -> C:\Program Files\WindowsApps\15191PeakPlayer.NeatOffice_3.3.1.0_x86__y5c4dfz5b21fm [2021-10-02] (Any DVD &amp; Office App)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-05-25] (NVIDIA Corp.)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt [2021-07-23] (INTEL CORP) [Startup Task]
Raw Image Extension -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_1.0.41311.0_x64__8wekyb3d8bbwe [2021-06-10] (Microsoft Corporation)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-08-19] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2675956952-4226471559-2940555150-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-7B886B5D728C} -> [Creative Cloud Files] => C:\Users\uzivatel\Creative Cloud Files [2018-09-03 19:20]
CustomCLSID: HKU\S-1-5-21-2675956952-4226471559-2940555150-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-2675956952-4226471559-2940555150-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\51.0.15.0\drivefsext.dll [2021-09-09] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\51.0.15.0\drivefsext.dll [2021-09-09] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\51.0.15.0\drivefsext.dll [2021-09-09] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\51.0.15.0\drivefsext.dll [2021-09-09] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-09-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-09-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-09-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-26] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-26] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-26] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\51.0.15.0\drivefsext.dll [2021-09-09] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-09-09] (Google LLC -> Google)
ContextMenuHandlers1: [Long-Term Docs Signer] -> {8B7B7594-9951-4D5A-BBCC-EB9AEE81CB12} => C:\Program Files (x86)\Software602\Signer\ContextMenu64.dll [2019-04-17] (Software602) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\programy\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\programy\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-12-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-26] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-12-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\51.0.15.0\drivefsext.dll [2021-09-09] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-09-09] (Google LLC -> Google)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\51.0.15.0\drivefsext.dll [2021-09-09] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_dd5d08598ac3d75d\igfxDTCM.dll [2018-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-02-08] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> )
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-26] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\programy\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\programy\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\WarThunder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --app=hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=1&aff_sub2=J9hsHlDYGGRRqBhpU61oZEqpaT4EisjwisVvxpaVeuOHBVr2lsSq3ipJgAAAGadXlwie&click_id=4c334ae3130d58dcb9d76153793992a35ec2dd51 --app-window-size=2560,1440
ShortcutWithArgument: C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Instagram.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=maonlnecdeecdljpahhnnlmhbmalehlm
ShortcutWithArgument: C:\Users\uzivatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --app=hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=1&aff_sub2=J9hsHlDYGGRRqBhpU61oZEqpaT4EisjwisVvxpaVeuOHBVr2lsSq3ipJgAAAGadXlwie&click_id=4c334ae3130d58dcb9d76153793992a35ec2dd51 --app-window-size=2560,1440

==================== Loaded Modules (Whitelisted) =============

2009-06-23 02:42 - 2009-06-23 02:42 - 000043008 _____ () [File not signed] C:\Program Files (x86)\HiTi\HtService\libgcc_s_dw2-1.dll
2009-01-10 18:32 - 2009-01-10 18:32 - 000011362 _____ () [File not signed] C:\Program Files (x86)\HiTi\HtService\mingwm10.dll
2010-02-24 15:22 - 2010-02-24 15:22 - 002415104 _____ () [File not signed] C:\Program Files (x86)\HiTi\HtService\QtCore4.dll
2010-02-18 18:03 - 2010-02-18 18:03 - 009515520 _____ () [File not signed] C:\Program Files (x86)\HiTi\HtService\QtGui4.dll
2010-02-18 17:25 - 2010-02-18 17:25 - 001148416 _____ () [File not signed] C:\Program Files (x86)\HiTi\HtService\QtNetwork4.dll
2010-02-25 09:21 - 2010-02-25 09:21 - 000091136 _____ () [File not signed] C:\Program Files (x86)\HiTi\HtService\QtSolutions_Service-2.6.dll
2010-02-18 17:21 - 2010-02-18 17:21 - 000398336 _____ () [File not signed] C:\Program Files (x86)\HiTi\HtService\QtXml4.dll
2020-12-04 13:20 - 2016-08-09 07:13 - 000183296 _____ () [File not signed] C:\Program Files\PostgreSQL\9.5\bin\LIBPQ.dll
2020-12-04 13:20 - 2016-07-27 10:08 - 002264576 _____ () [File not signed] C:\Program Files\PostgreSQL\9.5\bin\libxml2.dll
2018-11-12 10:03 - 2015-03-17 09:51 - 000375296 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2020-12-04 13:20 - 2015-08-26 10:40 - 001687930 _____ (Free Software Foundation) [File not signed] C:\Program Files\PostgreSQL\9.5\bin\libiconv-2.dll
2020-12-04 13:20 - 2015-08-26 10:40 - 000685350 _____ (Free Software Foundation) [File not signed] C:\Program Files\PostgreSQL\9.5\bin\libintl-8.dll
2021-01-13 10:16 - 2021-01-13 10:16 - 000493568 _____ (HiTi Digital, Inc.) [File not signed] C:\Program Files (x86)\HiTi\HtService\HTPrintSpl5.DLL
2021-07-22 08:52 - 2021-07-22 08:52 - 042803200 _____ (Intel Corporation) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt\IGCC.dll
2017-09-28 19:41 - 2017-09-28 19:41 - 000266240 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbPc.DLL
2020-12-04 13:20 - 2016-05-05 08:35 - 001655808 _____ (The OpenSSL Project, http://www.openssl.org/) [File not signed] C:\Program Files\PostgreSQL\9.5\bin\LIBEAY32.dll
2020-12-04 13:20 - 2016-05-05 08:35 - 000349696 _____ (The OpenSSL Project, http://www.openssl.org/) [File not signed] C:\Program Files\PostgreSQL\9.5\bin\SSLEAY32.dll
2019-11-20 13:19 - 2016-05-17 19:19 - 000278528 ____N (windowgrid.net) [File not signed] C:\Program Files\WindowGrid\WindowGrid32.dll
2019-11-20 13:19 - 2016-05-17 19:19 - 000339968 ____N (windowgrid.net) [File not signed] C:\Program Files\WindowGrid\WindowGrid64.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\uzivatel\AppData\Local\Temp:com.affinity.designer.2 [320]
AlternateDataStreams: C:\Users\uzivatel\AppData\Local\Temp:com.affinity.designer.3 [197]
AlternateDataStreams: C:\Users\uzivatel\AppData\Local\Temp:com.affinity.photo.2 [320]
AlternateDataStreams: C:\Users\uzivatel\AppData\Local\Temp:com.affinity.photo.3 [197]
AlternateDataStreams: C:\Users\uzivatel\AppData\Local\Temp:com.affinity.publisher.2 [320]
AlternateDataStreams: C:\Users\uzivatel\AppData\Local\Temp:com.affinity.publisher.3 [197]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10444__191225
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-01-07 13:49 - 2019-12-25 21:46 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;C:\Program Files\NVIDIA GPU Computing Toolkit\CUDA\v10.1\bin;C:\Program Files\NVIDIA GPU Computing Toolkit\CUDA\v10.1\libnvvp;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\Nsight Compute 2019.1\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\GtkSharp\2.12\bin
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-2675956952-4226471559-2940555150-1006\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1 - 193.17.47.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: avast => 2
MSCONFIG\Services: avastm => 3
MSCONFIG\Services: AvastSecureBrowserElevationService => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: IJPLMSVC => 2
MSCONFIG\Services: McAfee WebAdvisor => 2
MSCONFIG\Services: MozillaMaintenance => 3
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX"
HKLM\...\StartupApproved\Run32: => "OnScreen Control"
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\StartupApproved\StartupFolder: => "EOS Utility.lnk"
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\StartupApproved\StartupFolder: => "Facebook Gameroom.lnk"
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\StartupApproved\Run: => "World of Tanks"
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_C77CE8056B4BBFFA3D13F6056A9B5F7A"
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\StartupApproved\Run: => "CCXProcess"
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\StartupApproved\Run: => "Wargaming.net Game Center"
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\StartupApproved\Run: => "WindowGrid"
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\StartupApproved\Run: => "Skype for Desktop"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{26C9E4F3-2010-4369-AA83-E313FEC3BA23}D:\users\lkos\dokumenty\fotky\2020\videoprohlídka\malé\vtour\tour_testingserver.exe] => (Allow) D:\users\lkos\dokumenty\fotky\2020\videoprohlídka\malé\vtour\tour_testingserver.exe (krpano Gesellschaft mbH -> )
FirewallRules: [TCP Query User{9A89411D-C1DE-4992-A3CB-99A579F1ED29}D:\users\lkos\dokumenty\fotky\2020\videoprohlídka\malé\vtour\tour_testingserver.exe] => (Allow) D:\users\lkos\dokumenty\fotky\2020\videoprohlídka\malé\vtour\tour_testingserver.exe (krpano Gesellschaft mbH -> )
FirewallRules: [{7C5C8B3A-57F2-4B64-8BA2-11DF546CF35C}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{645B36A9-AE70-4CF8-8ED4-4A7BF09D57FF}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{96332945-9D71-48FB-B172-AAB279AF8CC0}D:\world_of_tanks\win64\worldoftanks.exe] => (Allow) D:\world_of_tanks\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{570BBB0C-F24B-4FA8-AB90-3741E5519C7B}D:\world_of_tanks\win64\worldoftanks.exe] => (Allow) D:\world_of_tanks\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{B750EF61-AB1F-4F05-9300-1CBDEA4F211D}D:\users\lkos\downloads\anydesk.exe] => (Allow) D:\users\lkos\downloads\anydesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [TCP Query User{8E9E45D0-499F-4C56-8F6A-412260A11C32}D:\users\lkos\downloads\anydesk.exe] => (Allow) D:\users\lkos\downloads\anydesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [UDP Query User{79109B3D-FACC-4E66-B587-D9114EF0CB0A}C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe] => (Allow) C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{DFB581A2-545D-43CB-B351-19D7B4E128B2}C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe] => (Allow) C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{837B5E62-8F2A-4233-953D-57E344E9F47B}D:\utorrent\utorrent.exe] => (Allow) D:\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{3D740462-F01E-45B8-9847-85614281A298}D:\utorrent\utorrent.exe] => (Allow) D:\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{07618A35-53CB-451C-99DF-5FF02B70EB86}G:\codex\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Allow) G:\codex\swgame\binaries\win64\starwarsjedifallenorder.exe => No File
FirewallRules: [TCP Query User{9FD2A6B3-BC3D-4D42-B184-3B96BAEA5C59}G:\codex\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Allow) G:\codex\swgame\binaries\win64\starwarsjedifallenorder.exe => No File
FirewallRules: [{B57525F3-51FC-4925-9161-985D86A89B2F}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{C158F96A-4830-4873-BBCE-91ADB577723F}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{4B3BD563-A5BE-4306-B66A-91A8A92DB0BC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B57DA34F-0918-41B9-A129-46A7F57E1253}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C1976364-9FB0-4C1B-A574-49D553E643BE}] => (Allow) D:\World_of_Tanks\WoTLauncher.exe (Wargaming PCL -> Wargaming.net)
FirewallRules: [{97B8E480-CB42-4758-BC5E-7B4A0E75CC8F}] => (Allow) D:\World_of_Tanks\WoTLauncher.exe (Wargaming PCL -> Wargaming.net)
FirewallRules: [{AFF4D487-28BE-4381-A8B1-4F66CCB2BB9C}] => (Allow) D:\World_of_Tanks\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{46C8B258-2C48-4583-A592-EB34B32227E3}] => (Allow) D:\World_of_Tanks\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{3CB9B532-F8E0-48BD-A15C-C0A3AFB03A61}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{9053854E-FCA0-4CFB-A97E-F4ADE4A4249D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{787A8297-AC0B-4275-9DAE-FD1B1BD027FA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{78701CCE-B75C-44C2-BD84-D862D4A83295}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{AB64709F-7EC5-43A9-AD6E-56FBB424CA59}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{6F8DE259-C769-44C8-B416-10AB5506F329}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{6D5A4298-DF07-49B1-8705-B4D205E02718}] => (Allow) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe (Canon Inc. -> CANON INC.)
FirewallRules: [{37EED083-B1D8-42BA-82AB-6DCEDCF9FD24}] => (Allow) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe (Canon Inc. -> CANON INC.)
FirewallRules: [{4F65A1F4-4EF0-4503-A157-FA25F9E8908A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{88700993-841B-43A7-995E-275FA0F7CDF2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{5E50F660-BF5B-4C6F-B0AF-6DB8E4F7E951}D:\world_of_tanks\win32\worldoftanks.exe] => (Allow) D:\world_of_tanks\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{E80196F8-9A81-4414-98CA-39BB944E1955}D:\world_of_tanks\win32\worldoftanks.exe] => (Allow) D:\world_of_tanks\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{AC8DD71B-1E49-4063-B16D-0DEEDE722973}D:\wargaming.net\gamecenter\wgc.exe] => (Allow) D:\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{06BD2B38-4C67-47CD-A84D-042E3E4094F9}D:\wargaming.net\gamecenter\wgc.exe] => (Allow) D:\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{7B816216-65AA-41D1-97A9-EDE2EFB45C55}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [UDP Query User{D467D6E0-D448-4FA6-A5FE-BBC36830E02D}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{6EFC31C2-1EBC-4E12-9A90-DADCEB7729D7}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{5091432C-170F-4B93-861B-57583BB7959D}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{FF546684-E6BD-481B-AD92-43D7989D7CF4}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [UDP Query User{F4BDC077-51B9-48F2-AA41-E87CC30055B0}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{A40B97F8-2F75-400E-905E-E2C9DA871EAF}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{F79C95AA-81C1-4040-B49E-302BD1BA2698}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{90541E89-4A67-480C-AACA-CEB2BE21764D}C:\program files (x86)\blackmagic design\fairlight panels\panel setup utility\fairlight panel setup.exe] => (Block) C:\program files (x86)\blackmagic design\fairlight panels\panel setup utility\fairlight panel setup.exe (Blackmagic Design) [File not signed]
FirewallRules: [UDP Query User{36D901EE-FEDB-4C59-8D6A-B2A00E505B91}C:\program files (x86)\blackmagic design\fairlight panels\panel setup utility\fairlight panel setup.exe] => (Block) C:\program files (x86)\blackmagic design\fairlight panels\panel setup utility\fairlight panel setup.exe (Blackmagic Design) [File not signed]
FirewallRules: [{E4B190F9-7D30-472B-BD62-0681784A3EFF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FB19D89F-4432-4251-B5DF-90D76D9515BF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{332E8DC1-8E6B-4C50-9DEF-7A54C5E0F32F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F8097483-DA75-4B2B-B3A4-8845F1060F37}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{73FAD00A-B1BC-48C7-9FEA-D9396371D598}C:\program files\avast software\avast\avastui.exe] => (Allow) C:\program files\avast software\avast\avastui.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [UDP Query User{9DF1962E-7EE1-4364-AA60-A71EC37A2207}C:\program files\avast software\avast\avastui.exe] => (Allow) C:\program files\avast software\avast\avastui.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{6EEFF591-E061-4A27-A3B8-9BA357F5F85C}C:\program files (x86)\blackmagic design\davinci control panels\setup utility\davinci control panels setup.exe] => (Allow) C:\program files (x86)\blackmagic design\davinci control panels\setup utility\davinci control panels setup.exe (Blackmagic Design Pty Ltd -> Blackmagic Design)
FirewallRules: [UDP Query User{B0A529D1-CA59-4EDD-A2FB-6F416FF1D5A5}C:\program files (x86)\blackmagic design\davinci control panels\setup utility\davinci control panels setup.exe] => (Allow) C:\program files (x86)\blackmagic design\davinci control panels\setup utility\davinci control panels setup.exe (Blackmagic Design Pty Ltd -> Blackmagic Design)
FirewallRules: [{846A49FF-392E-4F52-853F-6AAF3243F4A1}] => (Allow) LPort=57209
FirewallRules: [{6676C866-857E-4D5D-BF94-35AF973F08AC}] => (Allow) LPort=57210
FirewallRules: [{9DA14626-EC9E-44EE-BE51-3C28FBF20809}] => (Allow) LPort=57211
FirewallRules: [{06F3FB30-385A-4877-81A1-CDA23238E2BA}] => (Allow) LPort=57212
FirewallRules: [{74DC10F3-B3F5-4018-9B04-B5F455099C38}] => (Allow) LPort=57213
FirewallRules: [{3C11E09A-D925-4D81-8439-B028BBB6B1B0}] => (Allow) LPort=57214
FirewallRules: [{57B2A2BC-604D-41F8-85B3-DEA2CE703573}] => (Allow) LPort=57215
FirewallRules: [{67446446-F053-466B-B3B6-070F85D5ABB5}] => (Allow) LPort=57216
FirewallRules: [{3E73B93C-7E3C-4176-A709-D4B187E33859}] => (Allow) LPort=57217
FirewallRules: [{4C15B4CF-783F-4F6E-8842-F916C1DC8560}] => (Allow) LPort=57218
FirewallRules: [{EFD15BA5-D495-43B5-9D33-C4BEFAC8D12C}] => (Allow) LPort=57209
FirewallRules: [{1E18F3AB-4F62-4815-BDB2-626D8DB44CD7}] => (Allow) LPort=57210
FirewallRules: [{387B8BF8-D4C5-4162-8243-36A1BD2262DD}] => (Allow) LPort=57211
FirewallRules: [{99699546-7182-44B5-B3F0-0D38D98049C0}] => (Allow) LPort=57212
FirewallRules: [{55A97704-F7EB-4FEE-B23A-D807BD0F005B}] => (Allow) LPort=57213
FirewallRules: [{B55F5754-8091-45E7-BF3F-DA448F6F3940}] => (Allow) LPort=57214
FirewallRules: [{70D7821C-A61E-4E52-B09D-067618D5D86D}] => (Allow) LPort=57215
FirewallRules: [{288BFA13-FDA9-495F-B7D2-EDB2E8C0F009}] => (Allow) LPort=57216
FirewallRules: [{0157E027-7BAA-43D1-9162-5E55BFA226D6}] => (Allow) LPort=57217
FirewallRules: [{C9D2665C-F1B9-4220-AE61-B17C3DAF9395}] => (Allow) LPort=57218
FirewallRules: [{A212F782-65BF-479F-8E17-6EDA74CC2790}] => (Allow) LPort=63007
FirewallRules: [{8E46EA3A-3881-4211-8E21-F009B37F4389}] => (Allow) LPort=63008
FirewallRules: [{0EC1A2A2-5799-4F9D-8BA6-B5A0177A77AF}] => (Allow) LPort=63009
FirewallRules: [{A21B4C7E-E152-4CA6-93D2-BDA15DBB9CC0}] => (Allow) LPort=63010
FirewallRules: [{12522F56-B9A4-44C2-9110-F2D4E20A6811}] => (Allow) LPort=63011
FirewallRules: [{D0C31B24-D57B-4252-9C2C-6220015A0360}] => (Allow) LPort=63012
FirewallRules: [{90B9BED8-74AC-4C37-9E4F-DEEECFBACA93}] => (Allow) LPort=63013
FirewallRules: [{87AFBC1D-1CBB-4EEA-BC83-8A8D7A306866}] => (Allow) LPort=63014
FirewallRules: [{5C1EAA18-23E6-488F-9418-23C110F40E81}] => (Allow) LPort=63015
FirewallRules: [{6022A45D-C9C4-4741-ADD5-740DF70B4A72}] => (Allow) LPort=63016
FirewallRules: [{38C1EF0A-2BF8-4063-9CE2-E7BCFD2E483D}] => (Allow) LPort=63007
FirewallRules: [{80C64D30-B7F6-4A81-AFE4-324B64F4F086}] => (Allow) LPort=63008
FirewallRules: [{82F8F967-E536-4F08-AF29-B6E0DBEB2150}] => (Allow) LPort=63009
FirewallRules: [{95950DF5-4B5A-45AD-B255-9F64E41A4DCB}] => (Allow) LPort=63010
FirewallRules: [{3E96E131-CE74-49F4-8968-2A6598518214}] => (Allow) LPort=63011
FirewallRules: [{5A51AE89-42E9-4FBB-9FAA-8D63D68A3AEB}] => (Allow) LPort=63012
FirewallRules: [{4833C30C-141B-46DE-832E-FE6B8C3E1AD6}] => (Allow) LPort=63013
FirewallRules: [{78BF4CBE-C39F-45EA-ACDF-A7139BA11173}] => (Allow) LPort=63014
FirewallRules: [{E4C13705-6EAF-4E29-8071-24C58AB310C7}] => (Allow) LPort=63015
FirewallRules: [{74838132-CDA9-40AC-B226-455B63D39D8E}] => (Allow) LPort=63016
FirewallRules: [{BD2594BE-256E-48CF-A1DA-E55DCAB08550}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{42DCFC91-584D-4FC6-8DE1-6666DE376085}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{93333EF2-758D-4E70-AB5A-B791DE155978}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A925FFC4-714D-463D-81AA-B04FF519CC23}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EE9C7C60-EA30-4468-9FE9-60A6769E3D48}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{91F6E9F9-FD1F-4E4A-8EB0-2A762315D960}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{7B9B22CD-AA62-4CD6-B5D5-D679A7D54732}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{A6F2ECD8-8D0B-4DA7-A18B-27914CD5FAB5}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{F126C959-3811-4A3F-AB0A-D1B6D7CDF242}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{6F988256-CB8F-46EC-A10D-D6C2D0B4E39E}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{B61B3B55-6C36-4910-BC39-5F85653FEADA}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File
FirewallRules: [{86C61507-8FA3-4622-82F4-03DC3DF44B0F}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{FC068EF1-6D54-4243-90E0-DC04D49A1F97}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{B94E1EE9-9E17-4B13-AEDB-4223C56243DD}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{58187B22-A7C8-4E60-8479-64059512067B}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{5758F72B-7424-47E6-8BB9-57F9DD02F888}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{8EF2939B-49B8-42F6-BD2B-4802C4A75128}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{3605E2F9-E54F-4783-8A2F-B8BCE5D7C7FE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:118.1 GB) (Free:12.9 GB) (11%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (10/08/2021 03:49:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Adobe Premiere Pro.exe, verze: 13.1.2.9, časové razítko: 0x5cbf047c
Název chybujícího modulu: Backend.dll, verze: 13.1.2.9, časové razítko: 0x5cbed6b5
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000b1fb2d
ID chybujícího procesu: 0x407c
Čas spuštění chybující aplikace: 0x01d7bc2bcb60a968
Cesta k chybující aplikaci: C:\Program Files\Adobe\Adobe Premiere Pro CC 2019\Adobe Premiere Pro.exe
Cesta k chybujícímu modulu: C:\Program Files\Adobe\Adobe Premiere Pro CC 2019\Backend.dll
ID zprávy: 9772dea3-1047-41ef-8d68-aa3f8286f0fc
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/08/2021 12:09:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Adobe Media Encoder.exe, verze: 13.1.0.173, časové razítko: 0x5c9324fa
Název chybujícího modulu: Backend.dll, verze: 13.1.0.173, časové razítko: 0x5c930710
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000b1fb2d
ID chybujícího procesu: 0x24dc
Čas spuštění chybující aplikace: 0x01d7bc2c4eab6a61
Cesta k chybující aplikaci: C:\Program Files\Adobe\Adobe Media Encoder CC 2019\Adobe Media Encoder.exe
Cesta k chybujícímu modulu: C:\Program Files\Adobe\Adobe Media Encoder CC 2019\Backend.dll
ID zprávy: fe82cf0d-300f-4a93-9b0f-249010b76dd0
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/08/2021 07:25:08 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe, identifikátor PID: 4604, identifikátor PID ProfSvc: 1728.

Error: (10/07/2021 09:09:59 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (10/07/2021 09:09:59 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (10/07/2021 09:09:59 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (10/07/2021 09:09:59 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (10/07/2021 11:52:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 10.0.19041.1202, časové razítko: 0xdba1e981
Název chybujícího modulu: explorerframe.dll, verze: 10.0.19041.1023, časové razítko: 0x00d83fbe
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000008f2b
ID chybujícího procesu: 0x242c
Čas spuštění chybující aplikace: 0x01d7bb467ec4e438
Cesta k chybující aplikaci: C:\WINDOWS\Explorer.EXE
Cesta k chybujícímu modulu: C:\WINDOWS\system32\explorerframe.dll
ID zprávy: 197c1b55-88c2-4392-bdaf-56c232a651fe
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (10/08/2021 01:22:19 PM) (Source: disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR2.

Error: (10/08/2021 07:24:36 AM) (Source: Netwtw04) (EventID: 5010) (User: )
Description: Intel(R) Dual Band Wireless-AC 3165 : Síťový adaptér vrátil ovladači neplatnou hodnotu.
5010 - Driver DBG_ASSERT - instead of BSOD

Error: (10/07/2021 08:41:46 AM) (Source: Netwtw04) (EventID: 5010) (User: )
Description: Intel(R) Dual Band Wireless-AC 3165 : Síťový adaptér vrátil ovladači neplatnou hodnotu.
5010 - Driver DBG_ASSERT - instead of BSOD

Error: (10/06/2021 09:44:26 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {354FF91B-5E49-4BDC-A8E6-1CB6C6877182} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/06/2021 06:29:06 PM) (Source: Netwtw04) (EventID: 5010) (User: )
Description: Intel(R) Dual Band Wireless-AC 3165 : Síťový adaptér vrátil ovladači neplatnou hodnotu.
5010 - Driver DBG_ASSERT - instead of BSOD

Error: (10/06/2021 06:28:01 PM) (Source: DCOM) (EventID: 10010) (User: LUBOS_NOTE)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/06/2021 06:28:01 PM) (Source: DCOM) (EventID: 10010) (User: LUBOS_NOTE)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/06/2021 08:42:11 AM) (Source: Netwtw04) (EventID: 5010) (User: )
Description: Intel(R) Dual Band Wireless-AC 3165 : Síťový adaptér vrátil ovladači neplatnou hodnotu.
5010 - Driver DBG_ASSERT - instead of BSOD


CodeIntegrity:
===============
Date: 2021-10-09 01:25:22
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2021-10-08 21:05:33
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\x86\aswAMSI.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO E5CN52WW 04/28/2016
Motherboard: LENOVO Lenovo ideapad 700-17ISK
Processor: Intel(R) Core(TM) i7-6700HQ CPU @ 2.60GHz
Percentage of memory in use: 59%
Total physical RAM: 16145.29 MB
Available physical RAM: 6518.86 MB
Total Virtual: 25361.29 MB
Available Virtual: 12313.45 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:118.1 GB) (Free:12.9 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:1862.89 GB) (Free:130.55 GB) NTFS

\\?\Volume{d0735b2a-de13-4684-8bb4-c526d47bc4b8}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{dbafd1e3-0dd9-476f-b29f-37a1320fa9e9}\ () (Fixed) (Total:0.54 GB) (Free:0.08 GB) NTFS
\\?\Volume{97bfc6ef-4b2f-4d3b-a503-9fcc9a4bae3d}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Size: 119.2 GB) (Disk ID: 215A0EFD)

Partition: GPT.

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118254
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Napadený účet Netflix prosím o kontrolu NB

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
lubo52
Návštěvník
Návštěvník
Příspěvky: 90
Registrován: 05 zář 2012 14:03

Re: Napadený účet Netflix prosím o kontrolu NB

#3 Příspěvek od lubo52 »

Zdravím,
nevím jestli jsem to udělal dobře.
Po scanu tam už byla jen možnost přesunout do karantény.
log níže.
# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build: 06-29-2021
# Database: 2021-10-08.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-09-2021
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 8
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\PRODUCTSETUP
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WarThunder

***** [ Chromium (and derivatives) ] *****

Deleted User-Agent Switcher for Chrome - djflhoibgkdhkhhcedjiklpkjnoahfmg

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2036 octets] - [09/10/2021 22:31:15]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118254
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Napadený účet Netflix prosím o kontrolu NB

#4 Příspěvek od Rudy »

Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
lubo52
Návštěvník
Návštěvník
Příspěvky: 90
Registrován: 05 zář 2012 14:03

Re: Napadený účet Netflix prosím o kontrolu NB

#5 Příspěvek od lubo52 »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-10-2021
Ran by uzivatel (administrator) on LUBOS_NOTE (LENOVO 80RV) (10-10-2021 20:52:43)
Running from D:\users\lkos\Downloads
Loaded Profiles: uzivatel & postgres
Platform: Microsoft Windows 10 Home Version 21H1 19043.1237 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Discord Inc. -> Discord Inc.) C:\Users\uzivatel\AppData\Local\Discord\app-1.0.9003\Discord.exe <6>
(Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(Epic Games Inc. -> Epic Games, Inc.) D:\Games\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(Epic Games Inc. -> Epic Games, Inc.) D:\Games\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(Google LLC -> ) C:\Program Files\Google\Drive File Stream\51.0.15.0\crashpad_handler.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <37>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(HiTi Digital, Inc.) [File not signed] C:\Program Files (x86)\HiTi\HtService\HTService2.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt\IGCC.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_69d915519e0a2ac8\aesm_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_dd5d08598ac3d75d\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_dd5d08598ac3d75d\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_dd5d08598ac3d75d\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_dd5d08598ac3d75d\IntelCpHeciSvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2109.6305.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20436.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20436.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\9.5\bin\pg_ctl.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\9.5\bin\postgres.exe <7>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(windowgrid.net) [File not signed] C:\Program Files\WindowGrid\WindowGrid.exe
(windowgrid.net) [File not signed] C:\Program Files\WindowGrid\WindowGridOverlay.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [134936 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18384352 2017-10-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493984 2017-10-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493984 2017-10-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2015-01-09] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [EventDesireeDeluxe] => C:\Program Files (x86)\HiTi\EveDsirDeluxe\HTPntSplr.exe [176128 2011-06-14] () [File not signed]
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [781552 2021-10-09] (Adobe Inc. -> Adobe Inc.)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\51.0.15.0\GoogleDriveFS.exe [54124376 2021-09-09] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\51.0.15.0\GoogleDriveFS.exe [54124376 2021-09-09] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [190280 2021-09-30] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\Run: [Wargaming.net Game Center] => D:\Wargaming.net\GameCenter\wgc.exe [2147776 2021-10-08] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35093120 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91591032 2020-04-14] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\Run: [EpicGamesLauncher] => D:\Games\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33435616 2021-10-08] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\Run: [Discord] => C:\Users\uzivatel\AppData\Local\Discord\Update.exe [1512040 2021-03-18] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\Run: [Zoner Photo Studio Autoupdate] => D:\programy\Photo Studio 18\Photo Studio 18\Program32\ZPSTRAY.EXE [680520 2017-01-09] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\51.0.15.0\GoogleDriveFS.exe [54124376 2021-09-09] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\MountPoints2: {34ab0ae3-04cc-11ec-897a-ac2b6ef875f6} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2675956952-4226471559-2940555150-1006\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\51.0.15.0\GoogleDriveFS.exe [54124376 2021-09-09] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\51.0.15.0\GoogleDriveFS.exe [54124376 2021-09-09] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\Canon MG5700 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCS.DLL [30208 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5700 series: C:\Windows\system32\CNMLMCS.DLL [406528 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [375296 2015-03-17] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\HiTi P510 Language Monitor: C:\Windows\system32\LMonhrak.dll [129024 2015-10-07] (HiTi Digital, Inc. -> HiTi Digital, Inc.)
HKLM\...\Print\Monitors\Software602 XPS port monitor: C:\Windows\system32\602localmon.dll [54864 2018-05-31] (Software602 a.s. -> Windows (R) Win 7 DDK provider)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\94.0.4606.81\Installer\chrmstp.exe [2021-10-08] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\88.0.7842.105\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Startup: C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk [2019-03-18]
ShortcutTarget: EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon Inc. -> Canon INC.)
Startup: C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2019-12-29]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\uzivatel\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook, Inc. -> Facebook)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {055673F3-2BC0-4636-B174-74ACA81F2B57} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1790184 2021-04-29] (Avast Software s.r.o. -> Avast Software)
Task: {07E1EB51-AE9E-4856-9D1D-E1F204F90459} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {0A88B552-1E5C-4E00-9F2B-D49575E52411} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0B2B404D-95C7-46EE-BF4B-EA2FB85D9F19} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {161B1EC9-C18A-439C-9B86-BB4B53767248} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [64920 2019-12-29] (Microsoft Corporation -> Microsoft)
Task: {1ABD4B52-42B5-4521-B07F-0B2836162F18} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1C09FC2B-FD49-49B3-9E10-6C3696DD52B8} - System32\Tasks\WindowGrid => C:\Program Files\WindowGrid\WindowGrid.exe [565760 2016-05-17] (windowgrid.net) [File not signed]
Task: {1E5BD2B4-C819-4A3F-8456-819281AAAB60} - System32\Tasks\Opera scheduled Autoupdate 1577302536 => C:\Users\uzivatel\AppData\Local\Programs\Opera\launcher.exe
Task: {1E99CFA6-5DD5-4631-B30D-2CE6D091EF78} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {34D44A4A-DEA8-4E3F-8A41-563A8440D0B7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29155968 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3A341974-92D9-4B25-9EF4-A43F0A3C3E55} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {68EE9F61-769F-46F6-8832-D56C499EDC5D} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6BDD7B91-57C7-41D5-AC86-CC9794A5B200} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6CA2161F-D083-4563-B366-32B986989124} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-lkos@email.cz => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {7A94DDB4-F5A5-4889-9DBC-0D2DB42D4EC4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-03] (Google Inc -> Google Inc.)
Task: {7B940F7B-9469-42CC-891E-CFB51C7D2337} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4929304 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
Task: {8ED45CF3-1A91-4325-9EF2-68AE02614287} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {9657BD6C-D92F-4B32-8316-22567BF99280} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A9BDD237-8000-4921-9340-D847948F8752} - System32\Tasks\CCleanerSkipUAC - uzivatel => C:\Program Files\CCleaner\CCleaner.exe [29155968 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {BA408925-32B5-4059-8579-C838EC52AB15} - System32\Tasks\Adobe Uninstaller => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [424168 2021-10-09] (Adobe Inc. -> Adobe Inc.)
Task: {C9136883-C045-4000-A3FC-360DBAF01ADE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-03] (Google Inc -> Google Inc.)
Task: {D7728714-3BE0-4235-A9BE-1526D9D6E613} - System32\Tasks\Opera scheduled assistant Autoupdate 1577302546 => C:\Users\uzivatel\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\uzivatel\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {D8CCF403-8DC7-4E03-9C98-08F5A8C70911} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DE958F4A-A54E-40E4-AF9C-901770F86839} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-09-10] (Piriform Software Ltd -> Piriform)
Task: {F76F23C5-AAC4-4D59-BDBF-9C59F0D09E99} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 193.17.47.1 10.15.13.1 8.8.8.8
Tcpip\..\Interfaces\{1961fd5e-8cb4-400a-af05-853afde3b758}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{4889d55e-0db2-4b0b-96a8-521e56b89848}: [DhcpNameServer] 192.168.0.1 193.17.47.1 10.15.13.1 8.8.8.8
Tcpip\..\Interfaces\{a9fbbf52-8c95-4d8e-a930-90118eb1a9a6}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{a9fbbf52-8c95-4d8e-a930-90118eb1a9a6}: [DhcpNameServer] 192.168.0.1 193.17.47.1 10.15.13.1 8.8.8.8

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\uzivatel\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-10]
Edge HomePage: Default -> hxxp://www.seznam.cz/

FireFox:
========
FF DefaultProfile: 6rklpty8.default
FF ProfilePath: C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\6rklpty8.default [2021-10-10]
FF NewTab: Mozilla\Firefox\Profiles\6rklpty8.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10444__191225
FF Plugin: @videolan.org/vlc,version=3.0.11 -> D:\programy\vlc\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> D:\programy\vlc\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> D:\programy\vlc\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> D:\programy\vlc\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2021-10-09] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2017-10-17] (CANON INC.) [File not signed]
FF Plugin-x32: @parallelgraphics.com/Cortona -> C:\Program Files (x86)\Common Files\ParallelGraphics\Cortona\npcortona.dll [2020-06-03] (Parallel Graphics Limited -> ParallelGraphics)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-09-25] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2021-10-09] (Adobe Inc. -> Adobe Systems)

Chrome:
=======
CHR Profile: C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default [2021-10-10]
CHR Notifications: Default -> hxxps://aukro.cz; hxxps://business.facebook.com; hxxps://calendar.google.com; hxxps://click-now-extra-special.online; hxxps://cryptosvet.cz; hxxps://drive.google.com; hxxps://meet.google.com; hxxps://paleosnadno.cz; hxxps://twitter.com; hxxps://www.airbaltic.com; hxxps://www.eglobalcentraleu.com; hxxps://www.facebook.com; hxxps://www.fotoskoda.cz; hxxps://www.netflix.com; hxxps://www.pestryjidelnicek.cz; hxxps://www.spuntik.cz; hxxps://www.working-dog.com; hxxps://www.youtube.com
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR Extension: (Překladač Google) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2021-08-15]
CHR Extension: (Prezentace) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-03]
CHR Extension: (DeFi Saver Gas Prices Extension) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\afgfdkloegmghldbalmenklokhlifphe [2021-04-27]
CHR Extension: (Dokumenty) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-03]
CHR Extension: (Disk Google) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (YouTube) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-03]
CHR Extension: (User-Agent Switcher for Chrome) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg [2021-10-09]
CHR Extension: (Avast Passwords) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2020-02-10]
CHR Extension: (Tabulky) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-09-03]
CHR Extension: (Yoroi) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffnbelfdoeiohenkjibnmadjiehjhajb [2021-09-30]
CHR Extension: (Binance Wallet) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhbohimaelbohpjbbldcngcnapndodjp [2021-08-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-09-23]
CHR Extension: (Google Kalendář) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2021-01-09]
CHR Extension: (FormApps Extension) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2021-02-03]
CHR Extension: (WPSNIFFER - WordPress Themes Sniffer) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kihhefcbenhkjgjhchanjfhhflaojldn [2019-10-23]
CHR Extension: (Alt Text Tester) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\koldhcllpbdfcdpfpbldbicbgddglodk [2018-10-31]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-01-23]
CHR Extension: (polkadot{.js} extension) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mopnmbcafieddcagagdcbnhejhlodfdd [2021-09-17]
CHR Extension: (EXIF Viewer) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafpfdcmppffipmhcpkbplhkoiekndck [2018-09-03]
CHR Extension: (MetaMask) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2021-09-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Profile: C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\System Profile [2021-10-10]
CHR HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [844528 2021-10-09] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3779840 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3547904 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8323664 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [630040 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [377624 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-05-21] (Avast Software s.r.o. -> AVAST Software)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4452456 2019-12-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [197120 2017-07-13] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
R2 HiTi Print Service; C:\Program Files (x86)\HiTi\HtService\HTService2.exe [231936 2020-12-22] (HiTi Digital, Inc.) [File not signed]
S4 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [397472 2018-03-15] (Canon Inc. -> )
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21304 2017-09-28] (Microsoft Corporation -> Microsoft Corporation)
R2 postgresql-x64-9.5; C:\Program Files\PostgreSQL\9.5\bin\pg_ctl.exe [94208 2016-08-09] (PostgreSQL Global Development Group) [File not signed]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [187904 2017-09-28] (Microsoft Corporation) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [3201616 2019-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe [103168 2019-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35720 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [221600 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [369176 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250408 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99368 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2021-09-26] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41368 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [184640 2021-09-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [538480 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107864 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82912 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851712 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [557152 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215392 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [328568 2021-09-26] (Avast Software s.r.o. -> AVAST Software)
S3 athur; C:\WINDOWS\System32\drivers\athurx.sys [1847296 2010-01-05] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R3 DaVinciKeyboards; C:\WINDOWS\System32\drivers\DaVinciKeyboards.sys [27368 2021-06-23] (WDKTestCert build,131958900460134002 -> Blackmagic Design)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2019-12-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2019-12-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 googledrivefs3525; C:\WINDOWS\System32\DRIVERS\googledrivefs3525.sys [389640 2021-09-09] (Google LLC -> Google, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-11-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [351968 2019-11-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-11-07] (Microsoft Windows -> Microsoft Corporation)
U3 aspnet_state; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-10-09 22:33 - 2021-10-09 22:33 - 008553680 ____C (Malwarebytes) C:\Users\uzivatel\Desktop\adwcleaner_8.3.0 (1).exe
2021-10-09 22:30 - 2021-10-09 22:32 - 000000000 ____D C:\AdwCleaner
2021-10-09 01:25 - 2021-10-10 20:53 - 000000000 ____D C:\FRST
2021-10-05 20:43 - 2021-10-05 20:43 - 000001364 ____C C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2021-10-05 20:43 - 2021-10-05 20:43 - 000000000 ____D C:\Users\uzivatel\AppData\Local\PCHealthCheck
2021-10-05 11:51 - 2021-10-09 22:33 - 000002260 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - uzivatel
2021-09-26 14:48 - 2021-09-26 14:48 - 000215392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-09-26 14:48 - 2021-09-26 14:47 - 000340248 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-09-24 12:53 - 2021-09-24 12:53 - 000002064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2021-09-24 12:53 - 2021-09-24 12:53 - 000001899 _____ C:\Users\Default\Desktop\Google Slides.lnk
2021-09-24 12:53 - 2021-09-24 12:53 - 000001899 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2021-09-24 12:53 - 2021-09-24 12:53 - 000001887 _____ C:\Users\Default\Desktop\Google Docs.lnk
2021-09-24 12:53 - 2021-09-09 10:29 - 000389640 _____ (Google, Inc.) C:\WINDOWS\system32\Drivers\googledrivefs3525.sys
2021-09-17 08:29 - 2021-09-17 08:29 - 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll
2021-09-17 08:29 - 2021-09-17 08:29 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-09-17 08:29 - 2021-09-17 08:29 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-09-17 08:29 - 2021-09-17 08:29 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-09-17 08:29 - 2021-09-17 08:29 - 001313608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-09-17 08:29 - 2021-09-17 08:29 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-09-17 08:29 - 2021-09-17 08:29 - 000672768 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-09-17 08:29 - 2021-09-17 08:29 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-09-17 08:29 - 2021-09-17 08:29 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-09-17 08:29 - 2021-09-17 08:29 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-09-17 08:29 - 2021-09-17 08:29 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-09-17 08:29 - 2021-09-17 08:29 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2021-09-17 08:29 - 2021-09-17 08:29 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2021-09-17 08:29 - 2021-09-17 08:29 - 000011355 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-09-17 08:28 - 2021-09-17 08:28 - 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll
2021-09-17 08:28 - 2021-09-17 08:28 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-09-17 08:28 - 2021-09-17 08:28 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-09-17 08:28 - 2021-09-17 08:28 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-09-17 08:28 - 2021-09-17 08:28 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-09-17 08:28 - 2021-09-17 08:28 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-09-17 08:18 - 2021-09-17 08:18 - 000000000 ___HD C:\$WinREAgent
2021-09-15 11:49 - 2021-09-15 11:49 - 000001142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder 2021.lnk
2021-09-15 11:39 - 2021-09-15 11:39 - 000001130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2021.lnk
2021-09-15 11:23 - 2021-09-15 11:23 - 000001064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2021.lnk
2021-09-15 11:07 - 2021-09-15 11:07 - 000001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder 2019.lnk
2021-09-15 09:08 - 2019-09-27 19:41 - 000000000 ____D C:\Users\uzivatel\Desktop\EA - WEDDING TITLE
2021-09-15 09:08 - 2019-09-25 22:46 - 000000000 ____D C:\Users\uzivatel\Desktop\FONT
2021-09-15 08:58 - 2021-09-15 08:58 - 000001151 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2019.lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-10-10 20:48 - 2021-01-26 18:38 - 000000000 ____D C:\Users\uzivatel\AppData\Roaming\discord
2021-10-10 20:47 - 2020-08-27 15:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-10-10 20:47 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-10-10 20:46 - 2021-05-16 20:45 - 000000000 ____D C:\Users\uzivatel\AppData\Local\Discord
2021-10-10 20:07 - 2018-09-03 19:04 - 000000000 ____D C:\Program Files (x86)\Google
2021-10-10 19:16 - 2018-09-04 06:37 - 000000000 ___DC C:\Users\uzivatel\AppData\Local\AVAST Software
2021-10-10 18:48 - 2018-09-03 13:35 - 000000000 ____D C:\ProgramData\NVIDIA
2021-10-10 18:46 - 2018-09-03 13:27 - 000000000 __SHD C:\Users\uzivatel\IntelGraphicsProfiles
2021-10-10 17:49 - 2020-08-27 15:43 - 001782064 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-10-10 17:49 - 2019-12-07 16:41 - 000746904 _____ C:\WINDOWS\system32\perfh005.dat
2021-10-10 17:49 - 2019-12-07 16:41 - 000160458 _____ C:\WINDOWS\system32\perfc005.dat
2021-10-10 17:49 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-10-10 17:47 - 2018-10-03 17:53 - 000000000 ____D C:\Program Files\CCleaner
2021-10-10 17:45 - 2020-08-27 15:59 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-10-10 17:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-10-10 17:45 - 2018-09-04 06:34 - 000000000 ____D C:\ProgramData\AVAST Software
2021-10-10 17:44 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-10-10 17:36 - 2018-09-06 13:21 - 000000000 ___DC C:\Users\uzivatel\AppData\Local\CrashDumps
2021-10-10 11:59 - 2020-08-27 15:59 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-10-10 11:59 - 2020-08-27 15:59 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-10-09 22:33 - 2021-05-19 12:14 - 000002310 _____ C:\WINDOWS\system32\Tasks\Adobe Uninstaller
2021-10-09 22:33 - 2020-08-27 15:59 - 000003872 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1577302546
2021-10-09 22:33 - 2020-08-27 15:59 - 000003612 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1577302536
2021-10-09 22:33 - 2020-08-27 15:59 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-10-09 22:33 - 2020-08-27 15:59 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-10-09 22:33 - 2020-08-27 15:59 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-10-09 22:33 - 2020-08-27 15:59 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-10-09 22:33 - 2020-08-27 15:59 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-10-09 22:33 - 2020-08-27 15:59 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-10-09 22:33 - 2020-08-27 15:59 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-10-09 22:33 - 2020-08-27 15:59 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-10-09 22:33 - 2020-08-27 15:59 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-10-09 22:33 - 2020-08-27 15:59 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-10-09 22:33 - 2020-08-27 15:59 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-10-09 22:33 - 2020-08-27 15:59 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-10-09 22:33 - 2020-08-27 15:59 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-10-09 22:33 - 2020-08-27 15:59 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2675956952-4226471559-2940555150-1001
2021-10-09 22:33 - 2020-08-27 15:59 - 000002792 _____ C:\WINDOWS\system32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-lkos@email.cz
2021-10-09 22:33 - 2020-08-27 15:59 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-10-09 22:33 - 2020-08-27 15:59 - 000002612 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2021-10-09 22:33 - 2020-08-27 15:59 - 000002364 _____ C:\WINDOWS\system32\Tasks\WindowGrid
2021-10-09 22:33 - 2020-08-27 15:59 - 000002220 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-10-09 22:33 - 2020-08-27 15:59 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-10-09 22:14 - 2021-03-25 20:01 - 000000000 ___HD C:\adobeTemp
2021-10-09 22:13 - 2020-05-27 18:53 - 000001386 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2021-10-09 22:13 - 2020-05-27 18:53 - 000001356 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2021-10-09 22:13 - 2018-09-03 19:40 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-10-09 22:13 - 2018-09-03 19:21 - 000000000 ____D C:\Program Files\Adobe
2021-10-09 22:13 - 2018-09-03 19:20 - 000000000 ___RD C:\Users\uzivatel\Creative Cloud Files
2021-10-09 22:13 - 2018-09-03 19:16 - 000000000 ____D C:\Program Files (x86)\Adobe
2021-10-09 09:35 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-10-09 09:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-10-09 09:34 - 2020-08-27 15:44 - 000002390 ____C C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-10-08 23:09 - 2018-09-03 19:05 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-10-08 23:09 - 2018-09-03 19:05 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-10-08 19:53 - 2020-08-24 08:45 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-10-08 13:42 - 2018-09-14 10:39 - 000000000 ___DC C:\Users\uzivatel\AppData\Roaming\vlc
2021-10-08 12:59 - 2020-10-07 19:33 - 000000000 ____D C:\Users\uzivatel\AppData\Local\Room Arranger
2021-10-06 17:16 - 2020-09-03 19:47 - 000000000 ____D C:\ProgramData\Sony
2021-10-03 18:07 - 2018-09-03 19:03 - 000000000 ___DC C:\Users\uzivatel\AppData\Local\Google
2021-10-03 18:00 - 2020-06-10 18:40 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-10-03 18:00 - 2020-06-10 18:40 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-10-03 17:54 - 2018-09-06 10:27 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-10-02 08:01 - 2020-08-27 15:59 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-09-28 08:56 - 2020-10-15 08:12 - 000184640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-09-26 14:48 - 2020-04-14 19:54 - 000538480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-09-26 14:48 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-09-26 14:48 - 2019-01-06 13:33 - 000250408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-09-26 14:48 - 2019-01-06 13:33 - 000099368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-09-26 14:48 - 2018-09-04 06:36 - 000557152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-09-26 14:48 - 2018-09-04 06:36 - 000328568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-09-26 14:48 - 2018-09-04 06:36 - 000107864 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-09-26 14:48 - 2018-09-04 06:36 - 000082912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-09-26 14:48 - 2018-09-04 06:36 - 000021936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2021-09-26 14:47 - 2021-04-12 18:43 - 000035720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-09-26 14:47 - 2019-01-14 17:33 - 000369176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-09-26 14:47 - 2018-10-23 08:43 - 000041368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-09-26 14:47 - 2018-09-04 06:36 - 000851712 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-09-26 14:47 - 2018-09-04 06:36 - 000221600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-09-26 14:46 - 2019-03-20 08:36 - 000000000 ___DC C:\Users\uzivatel\AppData\Local\NVIDIA Corporation
2021-09-24 12:53 - 2018-10-24 10:44 - 000002073 _____ C:\Users\Public\Desktop\Google Slides.lnk
2021-09-24 12:53 - 2018-10-24 10:44 - 000002071 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2021-09-24 12:53 - 2018-10-24 10:44 - 000002061 _____ C:\Users\Public\Desktop\Google Docs.lnk
2021-09-24 12:53 - 2018-10-24 10:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2021-09-24 12:53 - 2018-10-24 10:44 - 000000000 ____D C:\Program Files\Google
2021-09-22 17:50 - 2018-09-11 09:12 - 000000000 ___DC C:\Users\uzivatel\AppData\Local\D3DSCache
2021-09-19 10:00 - 2020-08-27 15:40 - 005029144 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-09-17 21:20 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-09-17 21:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-09-17 21:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-09-17 21:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-09-17 21:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-09-17 21:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-09-17 21:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-09-17 21:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-09-17 21:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-09-17 21:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-09-17 21:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2021-09-17 21:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-09-17 21:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-09-17 21:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-09-17 21:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-09-17 21:20 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-09-17 08:32 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-09-15 08:29 - 2018-09-03 13:41 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-09-15 08:25 - 2018-09-03 13:41 - 135637312 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-09-10 20:30 - 2018-11-12 09:49 - 000000000 ____D C:\ProgramData\CanonIJPLM

==================== Files in the root of some directories ========

2020-01-24 18:45 - 2020-03-04 13:38 - 000001480 _____ () C:\Users\uzivatel\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2018-11-20 14:05 - 2018-11-20 14:05 - 000000096 ____C () C:\Users\uzivatel\AppData\Local\fusioncache.dat
2018-09-30 19:16 - 2019-10-17 04:00 - 000000410 ____C () C:\Users\uzivatel\AppData\Local\oobelibMkey.log
2019-11-06 19:31 - 2020-03-18 12:34 - 000007601 ____C () C:\Users\uzivatel\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)



testsigning: ==> 'testsigning' is set. Check for possible unsigned driver <==== ATTENTION
==================== End of FRST.txt ========================



Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-10-2021
Ran by uzivatel (10-10-2021 20:55:14)
Running from D:\users\lkos\Downloads
Microsoft Windows 10 Home Version 21H1 19043.1237 (X64) (2020-08-27 14:00:02)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2675956952-4226471559-2940555150-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2675956952-4226471559-2940555150-503 - Limited - Disabled)
Guest (S-1-5-21-2675956952-4226471559-2940555150-501 - Limited - Disabled)
info (S-1-5-21-2675956952-4226471559-2940555150-1004 - Limited - Disabled)
postgres (S-1-5-21-2675956952-4226471559-2940555150-1006 - Limited - Enabled) => C:\Users\postgres
uzivatel (S-1-5-21-2675956952-4226471559-2940555150-1001 - Administrator - Enabled) => C:\Users\uzivatel
WDAGUtilityAccount (S-1-5-21-2675956952-4226471559-2940555150-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.007.20095 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.89 - Adobe Systems Incorporated)
Adobe Bridge 2021 (HKLM-x32\...\KBRG_11_1_1) (Version: 11.1.1 - Adobe Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.6.0.788 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_10_4) (Version: 10.4 - Adobe Inc.)
Adobe Media Encoder 2019 (HKLM-x32\...\AME_13_1) (Version: 13.1 - Adobe Inc.)
Adobe Media Encoder 2021 (HKLM-x32\...\AME_15_4_1) (Version: 15.4.1 - Adobe Inc.)
Adobe Photoshop 2021 (HKLM-x32\...\PHSP_22_5_1) (Version: 22.5.1.441 - Adobe Inc.)
Adobe Premiere Pro 2019 (HKLM-x32\...\PPRO_13_1_2) (Version: 13.1.2 - Adobe Inc.)
Adobe Premiere Pro 2021 (HKLM-x32\...\PPRO_15_4_1) (Version: 15.4.1 - Adobe Inc.)
Application Verifier x64 External Package (HKLM\...\{D9908CED-5ABB-FEE9-FC84-743F4D38637C}) (Version: 10.1.16299.15 - Microsoft) Hidden
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 21.8.2487 - Avast Software)
Backup and Sync from Google (HKLM\...\{AE7B9534-BD28-4C51-838F-A847C2A206E2}) (Version: 3.57.3958.2866 - Google, Inc.)
Blackmagic RAW Common Components (HKLM\...\{FC105F36-D90B-4135-B954-F50CDCFACA3D}) (Version: 2.1 - Blackmagic Design)
Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
C:\Program Files\Adobe\Adobe Lightroom Classic CC\LRcestina_uninstall.exe (HKLM-x32\...\CZ Lokalizace pro Lightroom CC 2015.8 a 6.8_is1) (Version: 1.1 - )
C:\Program Files\Adobe\Adobe Lightroom Classic CC\LRcestina_uninstall.exe (HKLM-x32\...\CZ Lokalizace pro Lightroom Classic 8.3 a novější_is1) (Version: 1.2 - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.4.4 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.7.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.20.13 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.0.0 - Canon Inc.)
Canon MG5700 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5700_series) (Version: 1.00 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
Canon Utilities EOS Lens Registration Tool (HKLM-x32\...\EOS Lens Registration Tool) (Version: 1.9.0.0 - Canon Inc.)
Canon Utilities EOS Utility 2 (HKLM-x32\...\EOS Utility 2) (Version: 2.14.20.0 - Canon Inc.)
Canon Utilities EOS Utility 3 (HKLM-x32\...\EOS Utility 3) (Version: 3.9.0.0 - Canon Inc.)
Canon Utilities EOS Web Service Registration Tool (HKLM-x32\...\EOS Web Service Registration Tool) (Version: 1.8.0.0 - Canon Inc.)
Catalyst Browse 2019.2 (HKLM\...\{17C59191-A0B5-11EA-B33C-5CF9DD6B5363}) (Version: 2019.2.2.409 - Sony)
Catalyst Prepare 2019.2 (HKLM\...\{575F1F70-A1D1-11EA-BFA2-5CF9DD6B5363}) (Version: 2019.2.2.409 - Sony)
CCleaner (HKLM\...\CCleaner) (Version: 5.85 - Piriform)
Cortona3D Viewer (HKLM\...\{F61C39E2-C1BC-4DBB-9755-7006A1721DE8}) (Version: 8.8.215 - ParallelGraphics)
CPUID CPU-Z 1.90 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.90 - CPUID, Inc.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.11.0.1001 - Disc Soft Ltd)
DaVinci Resolve (HKLM\...\{AD85B92D-FC16-4632-9CEA-8BD8C09779B1}) (Version: 17.3.00014 - Blackmagic Design)
DaVinci Resolve Control Panels (HKLM\...\{FB1E6849-EE02-49DB-952C-6DD093D74DB0}) (Version: 2.0.0.0 - Blackmagic Design)
DaVinci Resolve Keyboards (HKLM\...\{04F776FB-37A2-4116-84F2-6CF3D731999D}) (Version: 1.0.0.0 - Blackmagic Design)
DidaktaCZ 1.0.0 (HKLM-x32\...\7e81f6ca-38af-5207-b03c-2ecbe5f1ce8e) (Version: 1.0.0 - SILCOM Multimedia, s.r.o.)
Discord (HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\Discord) (Version: 1.0.9001 - Discord Inc.)
Dolby Audio X2 Windows API SDK (HKLM\...\{F994125B-7BF5-4A38-A569-82833CEB24DC}) (Version: 0.8.4.83 - Dolby Laboratories, Inc.)
eFrame Converter (HKLM-x32\...\{C69173B6-A0F2-4BAB-93C4-3E83A5F85567}) (Version: 1.0.2.7 - HiTi)
Epic Games Launcher (HKLM-x32\...\{FEF3A9BA-A962-4469-AD62-04839D4BB847}) (Version: 1.1.298.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
EventDesiree Deluxe (HKLM-x32\...\{5483D431-43FD-4192-ABCE-7B795C263B80}) (Version: 1.1.8.9 - HiTi)
Facebook Gameroom 1.22.7235.32722 (HKLM-x32\...\{2867E3AE-18BA-4BCF-8268-F797A401ED86}) (Version: 1.22.7235.32722 - Facebook)
Fairlight Audio Accelerator Utility (HKLM\...\FairlightAudioAccelerator_is1) (Version: 1.0.13 - Blackmagic Design)
Fairlight Studio Utility (HKLM\...\{99BCB768-4C60-4944-9E69-DA8808F98661}) (Version: 1.3.0.0 - Blackmagic Design)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 51.0.15.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 94.0.4606.81 - Google LLC)
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
HiTi Photo Printer P510 series (HKLM\...\HiTi Photo Printer P510 series) (Version: - )
HiTi Photo Printer P51x series (HKLM\...\HiTi Photo Printer P51x series) (Version: 3.7.4.35 - HiTi Digital, Inc.)
HiTi PicviteMinilab2 (HKLM-x32\...\{4EC042BD-9464-41D6-9558-3C74BBDAC2B7}) (Version: 2.0.29.43 - HiTi)
HTService (HKLM-x32\...\InstallShield_{EE47F9CD-7979-42A3-88DC-2EAE949110F9}) (Version: - HiTi Digital, Inc.)
IDCreator (HKLM-x32\...\{CA1BF7E1-A0C9-40D3-9E51-3ACB315ADBB5}) (Version: 1.0.5.7 - HiTi)
IDQuickDesiree (HKLM-x32\...\{1C68A3E2-8B47-4FDF-B066-E3E6BFEAD268}) (Version: v1.0.10.6 - HiTi)
Imagenomic Portraiture 2.3 Plug-in (build 2308) (HKLM\...\ImagenomicPortraiturePlugin) (Version: - )
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.5018 - Intel Corporation)
Kits Configuration Installer (HKLM-x32\...\{86E59C8F-61D5-1782-A3CE-60AE7E4D7791}) (Version: 10.1.16299.15 - Microsoft) Hidden
Kontrola stavu osobního počítače s Windows (HKLM\...\{D18FE9D2-2F54-4C68-A2DE-A59D4A80A9BC}) (Version: 3.1.2109.29003 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LAV Filters 0.74.1 (HKLM-x32\...\lavfilters_is1) (Version: 0.74.1 - Hendrik Leppkes)
Ledger Live 2.25.1 (HKLM\...\c62032b2-0bca-5abc-b458-fd67cfc9e49b) (Version: 2.25.1 - Ledger Live Team)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 94.0.992.38 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\OneDriveSetup.exe) (Version: 21.180.0905.0007 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29913 (HKLM-x32\...\{855e31d2-9031-46e1-b06d-c9d7777deefb}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29913 (HKLM-x32\...\{03d1453c-7d5c-479c-afea-8482f406e036}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 2.4.1080.1113 - Microsoft Corporation)
Mozilla Firefox 72.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 72.0.2 (x64 cs)) (Version: 72.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0.1 - Mozilla)
MSI Development Tools (HKLM-x32\...\{973CACA2-E018-065B-0580-F2784802E299}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
NVIDIA CUDA Development 10.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDADevelopment_10.1) (Version: 10.1 - NVIDIA Corporation)
NVIDIA CUDA Documentation 10.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDADocument_10.1) (Version: 10.1 - NVIDIA Corporation)
NVIDIA CUDA Runtime 10.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDARuntimes_10.1) (Version: 10.1 - NVIDIA Corporation)
NVIDIA CUDA Samples 10.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_samples_10.1) (Version: 10.1 - NVIDIA Corporation)
NVIDIA CUDA Visual Studio Integration 10.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_visual_studio_integration_10.1) (Version: 10.1 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Nsight Compute v2019.1 (HKLM\...\{A6575507-1758-44F6-B68A-7FB16826550F}) (Version: 19.1.0.0 - NVIDIA Corporation)
NVIDIA Nsight Systems v2018.3.3 (HKLM\...\{27969759-4685-4B75-A2D9-569EF76B0F7A}) (Version: 18.3.3.31 - NVIDIA Corporation)
NVIDIA Nsight Visual Studio Edition 2019.1.0.19017 (HKLM\...\{3D4CA9A5-E49A-4D71-A991-134A2B389033}) (Version: 19.1.0.19017 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NVIDIA Tools Extension SDK (NVTX) - 64 bit (HKLM\...\{B56D2F88-8865-40FD-B7AC-F074EE4D201D}) (Version: 1.00.00.00 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 25.0.8 - OBS Project)
OpenOffice 4.1.5 (HKLM-x32\...\{2FEA9841-64DE-4FA5-A36F-1CD23E2790EB}) (Version: 4.15.9789 - Apache Software Foundation)
PerformanceTest v9.0 (HKLM\...\PerformanceTest 9_is1) (Version: 9.0.1034.0 - Passmark Software)
PostgreSQL 9.5 (HKLM\...\PostgreSQL 9.5) (Version: 9.5 - PostgreSQL Global Development Group)
ProFact 2017 (HKLM-x32\...\ProFact_is1) (Version: - eXmind)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Registrace uživatele zařízení Canon MG5700 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG5700 series) (Version: - ‭Canon Inc.)
Room Arranger (64-bit) (HKLM-x32\...\Room Arranger x64) (Version: 9.5.5 - Jan Adamec)
Saal Designer (HKLM-x32\...\{CDB7C673-311A-AB20-D4A4-8F67E39CDFCD}) (Version: 4.0 - Saal Digital Fotoservice GmbH) Hidden
Saal Designer (HKLM-x32\...\SaalDesigner) (Version: 4.0 - Saal Digital Fotoservice GmbH)
Screaming Frog SEO Spider (HKLM-x32\...\Screaming Frog SEO Spider) (Version: 12.6 - Screaming Frog Ltd)
SDK ARM Additions (HKLM-x32\...\{7922BB77-0B59-840A-AC80-D560A34D75C5}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
SDK ARM Redistributables (HKLM-x32\...\{C87DF65C-A672-7E08-A083-E7D48FE8DB70}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Skype verze 8.59 (HKLM-x32\...\Skype_is1) (Version: 8.59 - Skype Technologies S.A.)
Software602 Signer (HKLM-x32\...\{8F4B06F9-7493-4BA9-9E43-BC0DAF5D3524}) (Version: 3.8.3.1021 - Software602 a.s.)
Sublime Text Build 3176 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
Sweet Home 3D version 6.4.2 (HKLM\...\Sweet Home 3D_is1) (Version: 6.4.2 - eTeks)
Telegram Desktop version 2.7.1 (HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.7.1 - Telegram FZ-LLC)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.21a - Ghisler Software GmbH)
TreeSize Free V4.2.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.2.2 - JAM Software)
Universal CRT Extension SDK (HKLM-x32\...\{A5FA2886-1925-133F-0D41-B9A8ECEA0A2D}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{B739B4C5-EEEC-8E70-0276-38C4779AF398}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{A9D6F52C-694E-3E41-7AB8-5BEB644742A5}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{E053089E-7953-3219-814F-F485FC151C54}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{B9424F08-0617-C4F6-A798-5A9250C1A738}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{D261CEA1-AB8D-9CFA-4407-BCEFC78661AC}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
vcpp_crt.redist.clickonce (HKLM-x32\...\{548647C7-4C0F-4DC4-8DAA-F46C67158370}) (Version: 14.24.28127 - Microsoft Corporation) Hidden
Visual SEO Studio (HKLM-x32\...\{eba42d56-4abc-4c33-9e8f-e096a534bea9}) (Version: 2.0.0.0 - aStonish Studio)
Visual Studio Community 2017 (HKLM-x32\...\e16f7db9) (Version: 15.9.28307.960 - Microsoft Corporation)
Visual Studio Community 2019 (HKLM-x32\...\69c74ea3) (Version: 16.4.29613.14 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
VS Script Debugging Common (HKLM\...\{D8B26CBD-15D2-440B-BCBD-5616D74EFC7D}) (Version: 16.0.98.0 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{D885E075-8219-4378-9D28-3F76A6FE758E}) (Version: 16.4.29430 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{72E86320-AFF2-44F8-9C8B-0BD51E5B14DE}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{AD0C92A4-1514-4BC1-A723-A272A8343924}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{2C6EB385-1400-4B2E-8AE9-1F01FC236772}) (Version: 16.4.29411 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{AF6BD1E3-7FE3-4DED-B9A0-D564B0F4C349}) (Version: 16.4.29411 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{692A0FB3-E6A2-4D41-AC03-4136B4312DC0}) (Version: 16.3.29209 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{27B16914-BC5D-4018-8074-071262A27F6D}) (Version: 16.2.28917 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{4B6D2CD8-324E-4462-AFD6-8F33E08BB214}) (Version: 16.4.29411 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{68B8AD33-CE97-4C3D-9583-669C39D21BA5}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{DA2B1838-3B2E-4220-8B2E-796F4624D463}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{E208E682-50EE-4F2F-9860-C91B906B8A03}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0-3) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Wargaming.net Game Center (HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\Wargaming.net Game Center) (Version: 21.6.0.6455 - Wargaming.net)
WD My Cloud (HKLM\...\{4B86F896-11DC-4711-BB60-81104832FA44}) (Version: 1.0.7.17 - Western Digital Technologies, Inc.)
WhatsApp (HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\WhatsApp) (Version: 0.3.2848 - WhatsApp)
WinAppDeploy (HKLM-x32\...\{9690D51C-4435-1C20-7819-66CCAB0F03F9}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows SDK AddOn (HKLM-x32\...\{350F0ECD-0783-4529-8797-98F0AD33EAC0}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.16299.15 (HKLM-x32\...\{6195c203-b53c-4bb7-983a-6070a902e704}) (Version: 10.1.16299.15 - Microsoft Corporation)
WinHTTrack Website Copier 3.49-2 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.49.2 - HTTrack)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{385A1387-A488-9E90-3635-086129610034}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{D7DD3171-DA58-52A1-95B2-4769640855AF}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{7336279F-8F8F-5530-A543-3BE963846C0A}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{E414A474-0A87-4F66-C409-A4D9857CFD34}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{CE760B86-975B-F514-5673-0ED4332B801B}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{5E67F8BE-D8D2-257F-CE19-419A2D5125C7}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{A2AA063E-AF50-A1F5-8925-A06EB1556644}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{7D4C7F4A-02A9-E434-6451-C8787DF28C1F}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{BC467065-9374-5345-DA3F-FCF073304A25}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Wondershare Data Recovery(Build 6.6.1.0) (HKLM-x32\...\{FEA3976F-D621-45F3-AFBD-E812A1F2F00D}_is1) (Version: 6.6.1.0 - Wondershare Software Co.,Ltd.)
Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)
Wondershare Recoverit(Build 9.7.2.12) (HKLM-x32\...\{829555DC-31E5-4FEA-B350-8FCF24CECD95}_is1) (Version: 9.7.2.12 - Wondershare Software Co.,Ltd.)
World of Tanks EU (HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\WOT.EU.PRODUCTION) (Version: - Wargaming.net)
World_of_Warships_EU (HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\WOWS.EU.PRODUCTION) (Version: - Wargaming.net)
Zoner Photo Studio 18 (HKLM\...\ZonerPhotoStudio18_CZ_is1) (Version: 18.0.1.10 - ZONER software)

Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2020-07-10] (Adobe Systems Incorporated)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2120.1.0_x86__kgqvnymyfvs32 [2021-10-02] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.203.500.0_x86__kgqvnymyfvs32 [2021-10-02] (king.com)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-02-18] (Canon Inc.)
Code of War -> C:\Program Files\WindowsApps\CND4528B94-2EA2-4D85-B0B7.CodeofWar_3.16.5.0_x64__zxxvj7ezs5pcc [2021-05-07] (Extreme Developers)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.10.183.0_x64__rz1tebttyb220 [2021-10-02] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-06-22] (Microsoft Corporation)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.17.0_neutral__8xx8rvfyw5nnt [2021-10-04] (Instagram)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.9220.0_x64__8wekyb3d8bbwe [2021-10-09] (Microsoft Studios) [MS Ad]
Neat Office -> C:\Program Files\WindowsApps\15191PeakPlayer.NeatOffice_3.3.1.0_x86__y5c4dfz5b21fm [2021-10-02] (Any DVD &amp; Office App)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-05-25] (NVIDIA Corp.)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt [2021-07-23] (INTEL CORP) [Startup Task]
Raw Image Extension -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_1.0.41311.0_x64__8wekyb3d8bbwe [2021-06-10] (Microsoft Corporation)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-08-19] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2675956952-4226471559-2940555150-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-7B886B5D728C} -> [Creative Cloud Files] => C:\Users\uzivatel\Creative Cloud Files [2018-09-03 19:20]
CustomCLSID: HKU\S-1-5-21-2675956952-4226471559-2940555150-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-2675956952-4226471559-2940555150-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\51.0.15.0\drivefsext.dll [2021-09-09] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\51.0.15.0\drivefsext.dll [2021-09-09] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\51.0.15.0\drivefsext.dll [2021-09-09] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\51.0.15.0\drivefsext.dll [2021-09-09] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-09-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-09-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-09-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-26] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-26] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-26] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\51.0.15.0\drivefsext.dll [2021-09-09] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-09-09] (Google LLC -> Google)
ContextMenuHandlers1: [Long-Term Docs Signer] -> {8B7B7594-9951-4D5A-BBCC-EB9AEE81CB12} => C:\Program Files (x86)\Software602\Signer\ContextMenu64.dll [2019-04-17] (Software602) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\programy\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\programy\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-12-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-26] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-12-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\51.0.15.0\drivefsext.dll [2021-09-09] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-09-09] (Google LLC -> Google)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\51.0.15.0\drivefsext.dll [2021-09-09] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_dd5d08598ac3d75d\igfxDTCM.dll [2018-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-02-08] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> )
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-26] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\programy\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\programy\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\WarThunder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --app=hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=1&aff_sub2=J9hsHlDYGGRRqBhpU61oZEqpaT4EisjwisVvxpaVeuOHBVr2lsSq3ipJgAAAGadXlwie&click_id=4c334ae3130d58dcb9d76153793992a35ec2dd51 --app-window-size=2560,1440
ShortcutWithArgument: C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Instagram.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=maonlnecdeecdljpahhnnlmhbmalehlm
ShortcutWithArgument: C:\Users\uzivatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --app=hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=1&aff_sub2=J9hsHlDYGGRRqBhpU61oZEqpaT4EisjwisVvxpaVeuOHBVr2lsSq3ipJgAAAGadXlwie&click_id=4c334ae3130d58dcb9d76153793992a35ec2dd51 --app-window-size=2560,1440

==================== Loaded Modules (Whitelisted) =============

2009-06-23 02:42 - 2009-06-23 02:42 - 000043008 _____ () [File not signed] C:\Program Files (x86)\HiTi\HtService\libgcc_s_dw2-1.dll
2009-01-10 18:32 - 2009-01-10 18:32 - 000011362 _____ () [File not signed] C:\Program Files (x86)\HiTi\HtService\mingwm10.dll
2010-02-24 15:22 - 2010-02-24 15:22 - 002415104 _____ () [File not signed] C:\Program Files (x86)\HiTi\HtService\QtCore4.dll
2010-02-18 18:03 - 2010-02-18 18:03 - 009515520 _____ () [File not signed] C:\Program Files (x86)\HiTi\HtService\QtGui4.dll
2010-02-18 17:25 - 2010-02-18 17:25 - 001148416 _____ () [File not signed] C:\Program Files (x86)\HiTi\HtService\QtNetwork4.dll
2010-02-25 09:21 - 2010-02-25 09:21 - 000091136 _____ () [File not signed] C:\Program Files (x86)\HiTi\HtService\QtSolutions_Service-2.6.dll
2010-02-18 17:21 - 2010-02-18 17:21 - 000398336 _____ () [File not signed] C:\Program Files (x86)\HiTi\HtService\QtXml4.dll
2020-12-04 13:20 - 2016-08-09 07:13 - 000183296 _____ () [File not signed] C:\Program Files\PostgreSQL\9.5\bin\LIBPQ.dll
2020-12-04 13:20 - 2016-07-27 10:08 - 002264576 _____ () [File not signed] C:\Program Files\PostgreSQL\9.5\bin\libxml2.dll
2018-11-12 10:03 - 2015-03-17 09:51 - 000375296 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2020-12-04 13:20 - 2015-08-26 10:40 - 001687930 _____ (Free Software Foundation) [File not signed] C:\Program Files\PostgreSQL\9.5\bin\libiconv-2.dll
2020-12-04 13:20 - 2015-08-26 10:40 - 000685350 _____ (Free Software Foundation) [File not signed] C:\Program Files\PostgreSQL\9.5\bin\libintl-8.dll
2021-01-13 10:16 - 2021-01-13 10:16 - 000493568 _____ (HiTi Digital, Inc.) [File not signed] C:\Program Files (x86)\HiTi\HtService\HTPrintSpl5.DLL
2021-07-22 08:52 - 2021-07-22 08:52 - 042803200 _____ (Intel Corporation) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt\IGCC.dll
2017-09-28 19:41 - 2017-09-28 19:41 - 000266240 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbPc.DLL
2021-02-03 10:10 - 2019-04-17 16:07 - 000896000 _____ (Software602) [File not signed] C:\Program Files (x86)\Software602\Signer\ContextMenu64.dll
2020-12-04 13:20 - 2016-05-05 08:35 - 001655808 _____ (The OpenSSL Project, http://www.openssl.org/) [File not signed] C:\Program Files\PostgreSQL\9.5\bin\LIBEAY32.dll
2020-12-04 13:20 - 2016-05-05 08:35 - 000349696 _____ (The OpenSSL Project, http://www.openssl.org/) [File not signed] C:\Program Files\PostgreSQL\9.5\bin\SSLEAY32.dll
2019-11-20 13:19 - 2016-05-17 19:19 - 000278528 ____N (windowgrid.net) [File not signed] C:\Program Files\WindowGrid\WindowGrid32.dll
2019-11-20 13:19 - 2016-05-17 19:19 - 000339968 ____N (windowgrid.net) [File not signed] C:\Program Files\WindowGrid\WindowGrid64.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\uzivatel\AppData\Local\Temp:com.affinity.designer.2 [320]
AlternateDataStreams: C:\Users\uzivatel\AppData\Local\Temp:com.affinity.designer.3 [197]
AlternateDataStreams: C:\Users\uzivatel\AppData\Local\Temp:com.affinity.photo.2 [320]
AlternateDataStreams: C:\Users\uzivatel\AppData\Local\Temp:com.affinity.photo.3 [197]
AlternateDataStreams: C:\Users\uzivatel\AppData\Local\Temp:com.affinity.publisher.2 [320]
AlternateDataStreams: C:\Users\uzivatel\AppData\Local\Temp:com.affinity.publisher.3 [197]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-01-07 13:49 - 2019-12-25 21:46 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;C:\Program Files\NVIDIA GPU Computing Toolkit\CUDA\v10.1\bin;C:\Program Files\NVIDIA GPU Computing Toolkit\CUDA\v10.1\libnvvp;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\Nsight Compute 2019.1\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\GtkSharp\2.12\bin
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-2675956952-4226471559-2940555150-1006\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1 - 193.17.47.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: avast => 2
MSCONFIG\Services: avastm => 3
MSCONFIG\Services: AvastSecureBrowserElevationService => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: IJPLMSVC => 2
MSCONFIG\Services: McAfee WebAdvisor => 2
MSCONFIG\Services: MozillaMaintenance => 3
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX"
HKLM\...\StartupApproved\Run32: => "OnScreen Control"
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\StartupApproved\StartupFolder: => "EOS Utility.lnk"
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\StartupApproved\StartupFolder: => "Facebook Gameroom.lnk"
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\StartupApproved\Run: => "World of Tanks"
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_C77CE8056B4BBFFA3D13F6056A9B5F7A"
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\StartupApproved\Run: => "CCXProcess"
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\StartupApproved\Run: => "Wargaming.net Game Center"
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\StartupApproved\Run: => "WindowGrid"
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\StartupApproved\Run: => "Skype for Desktop"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{26C9E4F3-2010-4369-AA83-E313FEC3BA23}D:\users\lkos\dokumenty\fotky\2020\videoprohlídka\malé\vtour\tour_testingserver.exe] => (Allow) D:\users\lkos\dokumenty\fotky\2020\videoprohlídka\malé\vtour\tour_testingserver.exe (krpano Gesellschaft mbH -> )
FirewallRules: [TCP Query User{9A89411D-C1DE-4992-A3CB-99A579F1ED29}D:\users\lkos\dokumenty\fotky\2020\videoprohlídka\malé\vtour\tour_testingserver.exe] => (Allow) D:\users\lkos\dokumenty\fotky\2020\videoprohlídka\malé\vtour\tour_testingserver.exe (krpano Gesellschaft mbH -> )
FirewallRules: [{7C5C8B3A-57F2-4B64-8BA2-11DF546CF35C}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{645B36A9-AE70-4CF8-8ED4-4A7BF09D57FF}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{96332945-9D71-48FB-B172-AAB279AF8CC0}D:\world_of_tanks\win64\worldoftanks.exe] => (Allow) D:\world_of_tanks\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{570BBB0C-F24B-4FA8-AB90-3741E5519C7B}D:\world_of_tanks\win64\worldoftanks.exe] => (Allow) D:\world_of_tanks\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{B750EF61-AB1F-4F05-9300-1CBDEA4F211D}D:\users\lkos\downloads\anydesk.exe] => (Allow) D:\users\lkos\downloads\anydesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [TCP Query User{8E9E45D0-499F-4C56-8F6A-412260A11C32}D:\users\lkos\downloads\anydesk.exe] => (Allow) D:\users\lkos\downloads\anydesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [UDP Query User{79109B3D-FACC-4E66-B587-D9114EF0CB0A}C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe] => (Allow) C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{DFB581A2-545D-43CB-B351-19D7B4E128B2}C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe] => (Allow) C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{837B5E62-8F2A-4233-953D-57E344E9F47B}D:\utorrent\utorrent.exe] => (Allow) D:\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{3D740462-F01E-45B8-9847-85614281A298}D:\utorrent\utorrent.exe] => (Allow) D:\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{07618A35-53CB-451C-99DF-5FF02B70EB86}G:\codex\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Allow) G:\codex\swgame\binaries\win64\starwarsjedifallenorder.exe => No File
FirewallRules: [TCP Query User{9FD2A6B3-BC3D-4D42-B184-3B96BAEA5C59}G:\codex\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Allow) G:\codex\swgame\binaries\win64\starwarsjedifallenorder.exe => No File
FirewallRules: [{B57525F3-51FC-4925-9161-985D86A89B2F}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{C158F96A-4830-4873-BBCE-91ADB577723F}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{4B3BD563-A5BE-4306-B66A-91A8A92DB0BC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B57DA34F-0918-41B9-A129-46A7F57E1253}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C1976364-9FB0-4C1B-A574-49D553E643BE}] => (Allow) D:\World_of_Tanks\WoTLauncher.exe (Wargaming PCL -> Wargaming.net)
FirewallRules: [{97B8E480-CB42-4758-BC5E-7B4A0E75CC8F}] => (Allow) D:\World_of_Tanks\WoTLauncher.exe (Wargaming PCL -> Wargaming.net)
FirewallRules: [{AFF4D487-28BE-4381-A8B1-4F66CCB2BB9C}] => (Allow) D:\World_of_Tanks\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{46C8B258-2C48-4583-A592-EB34B32227E3}] => (Allow) D:\World_of_Tanks\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{3CB9B532-F8E0-48BD-A15C-C0A3AFB03A61}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{9053854E-FCA0-4CFB-A97E-F4ADE4A4249D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{787A8297-AC0B-4275-9DAE-FD1B1BD027FA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{78701CCE-B75C-44C2-BD84-D862D4A83295}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{AB64709F-7EC5-43A9-AD6E-56FBB424CA59}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{6F8DE259-C769-44C8-B416-10AB5506F329}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{6D5A4298-DF07-49B1-8705-B4D205E02718}] => (Allow) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe (Canon Inc. -> CANON INC.)
FirewallRules: [{37EED083-B1D8-42BA-82AB-6DCEDCF9FD24}] => (Allow) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe (Canon Inc. -> CANON INC.)
FirewallRules: [{4F65A1F4-4EF0-4503-A157-FA25F9E8908A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{88700993-841B-43A7-995E-275FA0F7CDF2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{5E50F660-BF5B-4C6F-B0AF-6DB8E4F7E951}D:\world_of_tanks\win32\worldoftanks.exe] => (Allow) D:\world_of_tanks\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{E80196F8-9A81-4414-98CA-39BB944E1955}D:\world_of_tanks\win32\worldoftanks.exe] => (Allow) D:\world_of_tanks\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{AC8DD71B-1E49-4063-B16D-0DEEDE722973}D:\wargaming.net\gamecenter\wgc.exe] => (Allow) D:\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{06BD2B38-4C67-47CD-A84D-042E3E4094F9}D:\wargaming.net\gamecenter\wgc.exe] => (Allow) D:\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{7B816216-65AA-41D1-97A9-EDE2EFB45C55}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [UDP Query User{D467D6E0-D448-4FA6-A5FE-BBC36830E02D}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{6EFC31C2-1EBC-4E12-9A90-DADCEB7729D7}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{5091432C-170F-4B93-861B-57583BB7959D}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{FF546684-E6BD-481B-AD92-43D7989D7CF4}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [UDP Query User{F4BDC077-51B9-48F2-AA41-E87CC30055B0}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{A40B97F8-2F75-400E-905E-E2C9DA871EAF}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{F79C95AA-81C1-4040-B49E-302BD1BA2698}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{90541E89-4A67-480C-AACA-CEB2BE21764D}C:\program files (x86)\blackmagic design\fairlight panels\panel setup utility\fairlight panel setup.exe] => (Block) C:\program files (x86)\blackmagic design\fairlight panels\panel setup utility\fairlight panel setup.exe (Blackmagic Design) [File not signed]
FirewallRules: [UDP Query User{36D901EE-FEDB-4C59-8D6A-B2A00E505B91}C:\program files (x86)\blackmagic design\fairlight panels\panel setup utility\fairlight panel setup.exe] => (Block) C:\program files (x86)\blackmagic design\fairlight panels\panel setup utility\fairlight panel setup.exe (Blackmagic Design) [File not signed]
FirewallRules: [{E4B190F9-7D30-472B-BD62-0681784A3EFF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FB19D89F-4432-4251-B5DF-90D76D9515BF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{332E8DC1-8E6B-4C50-9DEF-7A54C5E0F32F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F8097483-DA75-4B2B-B3A4-8845F1060F37}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{73FAD00A-B1BC-48C7-9FEA-D9396371D598}C:\program files\avast software\avast\avastui.exe] => (Allow) C:\program files\avast software\avast\avastui.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [UDP Query User{9DF1962E-7EE1-4364-AA60-A71EC37A2207}C:\program files\avast software\avast\avastui.exe] => (Allow) C:\program files\avast software\avast\avastui.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{6EEFF591-E061-4A27-A3B8-9BA357F5F85C}C:\program files (x86)\blackmagic design\davinci control panels\setup utility\davinci control panels setup.exe] => (Allow) C:\program files (x86)\blackmagic design\davinci control panels\setup utility\davinci control panels setup.exe (Blackmagic Design Pty Ltd -> Blackmagic Design)
FirewallRules: [UDP Query User{B0A529D1-CA59-4EDD-A2FB-6F416FF1D5A5}C:\program files (x86)\blackmagic design\davinci control panels\setup utility\davinci control panels setup.exe] => (Allow) C:\program files (x86)\blackmagic design\davinci control panels\setup utility\davinci control panels setup.exe (Blackmagic Design Pty Ltd -> Blackmagic Design)
FirewallRules: [{846A49FF-392E-4F52-853F-6AAF3243F4A1}] => (Allow) LPort=57209
FirewallRules: [{6676C866-857E-4D5D-BF94-35AF973F08AC}] => (Allow) LPort=57210
FirewallRules: [{9DA14626-EC9E-44EE-BE51-3C28FBF20809}] => (Allow) LPort=57211
FirewallRules: [{06F3FB30-385A-4877-81A1-CDA23238E2BA}] => (Allow) LPort=57212
FirewallRules: [{74DC10F3-B3F5-4018-9B04-B5F455099C38}] => (Allow) LPort=57213
FirewallRules: [{3C11E09A-D925-4D81-8439-B028BBB6B1B0}] => (Allow) LPort=57214
FirewallRules: [{57B2A2BC-604D-41F8-85B3-DEA2CE703573}] => (Allow) LPort=57215
FirewallRules: [{67446446-F053-466B-B3B6-070F85D5ABB5}] => (Allow) LPort=57216
FirewallRules: [{3E73B93C-7E3C-4176-A709-D4B187E33859}] => (Allow) LPort=57217
FirewallRules: [{4C15B4CF-783F-4F6E-8842-F916C1DC8560}] => (Allow) LPort=57218
FirewallRules: [{EFD15BA5-D495-43B5-9D33-C4BEFAC8D12C}] => (Allow) LPort=57209
FirewallRules: [{1E18F3AB-4F62-4815-BDB2-626D8DB44CD7}] => (Allow) LPort=57210
FirewallRules: [{387B8BF8-D4C5-4162-8243-36A1BD2262DD}] => (Allow) LPort=57211
FirewallRules: [{99699546-7182-44B5-B3F0-0D38D98049C0}] => (Allow) LPort=57212
FirewallRules: [{55A97704-F7EB-4FEE-B23A-D807BD0F005B}] => (Allow) LPort=57213
FirewallRules: [{B55F5754-8091-45E7-BF3F-DA448F6F3940}] => (Allow) LPort=57214
FirewallRules: [{70D7821C-A61E-4E52-B09D-067618D5D86D}] => (Allow) LPort=57215
FirewallRules: [{288BFA13-FDA9-495F-B7D2-EDB2E8C0F009}] => (Allow) LPort=57216
FirewallRules: [{0157E027-7BAA-43D1-9162-5E55BFA226D6}] => (Allow) LPort=57217
FirewallRules: [{C9D2665C-F1B9-4220-AE61-B17C3DAF9395}] => (Allow) LPort=57218
FirewallRules: [{A212F782-65BF-479F-8E17-6EDA74CC2790}] => (Allow) LPort=63007
FirewallRules: [{8E46EA3A-3881-4211-8E21-F009B37F4389}] => (Allow) LPort=63008
FirewallRules: [{0EC1A2A2-5799-4F9D-8BA6-B5A0177A77AF}] => (Allow) LPort=63009
FirewallRules: [{A21B4C7E-E152-4CA6-93D2-BDA15DBB9CC0}] => (Allow) LPort=63010
FirewallRules: [{12522F56-B9A4-44C2-9110-F2D4E20A6811}] => (Allow) LPort=63011
FirewallRules: [{D0C31B24-D57B-4252-9C2C-6220015A0360}] => (Allow) LPort=63012
FirewallRules: [{90B9BED8-74AC-4C37-9E4F-DEEECFBACA93}] => (Allow) LPort=63013
FirewallRules: [{87AFBC1D-1CBB-4EEA-BC83-8A8D7A306866}] => (Allow) LPort=63014
FirewallRules: [{5C1EAA18-23E6-488F-9418-23C110F40E81}] => (Allow) LPort=63015
FirewallRules: [{6022A45D-C9C4-4741-ADD5-740DF70B4A72}] => (Allow) LPort=63016
FirewallRules: [{38C1EF0A-2BF8-4063-9CE2-E7BCFD2E483D}] => (Allow) LPort=63007
FirewallRules: [{80C64D30-B7F6-4A81-AFE4-324B64F4F086}] => (Allow) LPort=63008
FirewallRules: [{82F8F967-E536-4F08-AF29-B6E0DBEB2150}] => (Allow) LPort=63009
FirewallRules: [{95950DF5-4B5A-45AD-B255-9F64E41A4DCB}] => (Allow) LPort=63010
FirewallRules: [{3E96E131-CE74-49F4-8968-2A6598518214}] => (Allow) LPort=63011
FirewallRules: [{5A51AE89-42E9-4FBB-9FAA-8D63D68A3AEB}] => (Allow) LPort=63012
FirewallRules: [{4833C30C-141B-46DE-832E-FE6B8C3E1AD6}] => (Allow) LPort=63013
FirewallRules: [{78BF4CBE-C39F-45EA-ACDF-A7139BA11173}] => (Allow) LPort=63014
FirewallRules: [{E4C13705-6EAF-4E29-8071-24C58AB310C7}] => (Allow) LPort=63015
FirewallRules: [{74838132-CDA9-40AC-B226-455B63D39D8E}] => (Allow) LPort=63016
FirewallRules: [{BD2594BE-256E-48CF-A1DA-E55DCAB08550}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{42DCFC91-584D-4FC6-8DE1-6666DE376085}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{93333EF2-758D-4E70-AB5A-B791DE155978}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A925FFC4-714D-463D-81AA-B04FF519CC23}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EE9C7C60-EA30-4468-9FE9-60A6769E3D48}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{91F6E9F9-FD1F-4E4A-8EB0-2A762315D960}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{7B9B22CD-AA62-4CD6-B5D5-D679A7D54732}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{A6F2ECD8-8D0B-4DA7-A18B-27914CD5FAB5}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{F126C959-3811-4A3F-AB0A-D1B6D7CDF242}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{6F988256-CB8F-46EC-A10D-D6C2D0B4E39E}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{B61B3B55-6C36-4910-BC39-5F85653FEADA}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File
FirewallRules: [{86C61507-8FA3-4622-82F4-03DC3DF44B0F}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{FC068EF1-6D54-4243-90E0-DC04D49A1F97}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{B94E1EE9-9E17-4B13-AEDB-4223C56243DD}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{58187B22-A7C8-4E60-8479-64059512067B}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{5758F72B-7424-47E6-8BB9-57F9DD02F888}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{8EF2939B-49B8-42F6-BD2B-4802C4A75128}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{3605E2F9-E54F-4783-8A2F-B8BCE5D7C7FE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:118.1 GB) (Free:13.98 GB) (12%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (10/10/2021 06:46:17 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe, identifikátor PID: 4780, identifikátor PID ProfSvc: 1776.

Error: (10/10/2021 05:44:29 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (10/10/2021 05:44:29 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (10/10/2021 05:44:29 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (10/10/2021 05:44:29 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (10/10/2021 05:37:10 PM) (Source: ESENT) (EventID: 454) (User: )
Description: taskhostw (7800,U,98) WebCacheLocal: Při pokusu o obnovení nebo zotavení databáze došlo k neočekávané chybě -1216.

Error: (10/10/2021 05:37:10 PM) (Source: ESENT) (EventID: 494) (User: )
Description: taskhostw (7800,U,98) WebCacheLocal: Obnovení databáze selhalo a došlo k chybě -1216, protože se zjistily odkazy na databázi C:\Users\uzivatel\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat, která už není dostupná. Databáze se před odebráním (nebo případným přesunutím nebo přejmenováním) nepřevedla do stavu čistého vypnutí. Databázový stroj nepovolí dokončení obnovení pro tuto instanci, dokud se znovu nevytvoří instance chybějící databáze. Pokud už databáze skutečně není dostupná a už se nevyžaduje, získáte pokyny týkající se odstranění této chyby ve znalostní bázi Microsoft Knowledge Base nebo po kliknutí na odkaz Další informace na konci této zprávy.

Error: (10/10/2021 11:11:09 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe, identifikátor PID: 4436, identifikátor PID ProfSvc: 1716.


System errors:
=============
Error: (10/10/2021 05:45:10 PM) (Source: Netwtw04) (EventID: 5010) (User: )
Description: Intel(R) Dual Band Wireless-AC 3165 : Síťový adaptér vrátil ovladači neplatnou hodnotu.
5010 - Driver DBG_ASSERT - instead of BSOD

Error: (10/10/2021 05:43:58 PM) (Source: DCOM) (EventID: 10000) (User: LUBOS_NOTE)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (10/10/2021 05:36:03 PM) (Source: DCOM) (EventID: 10000) (User: LUBOS_NOTE)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (10/10/2021 11:08:33 AM) (Source: Netwtw04) (EventID: 5010) (User: )
Description: Intel(R) Dual Band Wireless-AC 3165 : Síťový adaptér vrátil ovladači neplatnou hodnotu.
5010 - Driver DBG_ASSERT - instead of BSOD

Error: (10/10/2021 12:23:01 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv04.dll

Error: (10/10/2021 12:23:01 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv04.dll

Error: (10/10/2021 12:22:51 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv04.dll

Error: (10/09/2021 10:34:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.


CodeIntegrity:
===============
Date: 2021-10-10 18:58:20
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\x86\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2021-10-10 17:47:17
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2021-10-10 17:46:19
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO E5CN52WW 04/28/2016
Motherboard: LENOVO Lenovo ideapad 700-17ISK
Processor: Intel(R) Core(TM) i7-6700HQ CPU @ 2.60GHz
Percentage of memory in use: 46%
Total physical RAM: 16145.29 MB
Available physical RAM: 8565.14 MB
Total Virtual: 26897.29 MB
Available Virtual: 17401.75 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:118.1 GB) (Free:13.98 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:1862.89 GB) (Free:124.17 GB) NTFS

\\?\Volume{d0735b2a-de13-4684-8bb4-c526d47bc4b8}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{dbafd1e3-0dd9-476f-b29f-37a1320fa9e9}\ () (Fixed) (Total:0.54 GB) (Free:0.08 GB) NTFS
\\?\Volume{97bfc6ef-4b2f-4d3b-a503-9fcc9a4bae3d}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Size: 119.2 GB) (Disk ID: 215A0EFD)

Partition: GPT.

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118254
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Napadený účet Netflix prosím o kontrolu NB

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\MountPoints2: {34ab0ae3-04cc-11ec-897a-ac2b6ef875f6} - "F:\HiSuiteDownLoader.exe"
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {7A94DDB4-F5A5-4889-9DBC-0D2DB42D4EC4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-03] (Google Inc -> Google Inc.)
Task: {C9136883-C045-4000-A3FC-360DBAF01ADE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-03] (Google Inc -> Google Inc.)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
U3 aspnet_state; no ImagePath
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\Users\uzivatel\AppData\Local\Temp:com.affinity.designer.2 [320]
AlternateDataStreams: C:\Users\uzivatel\AppData\Local\Temp:com.affinity.designer.3 [197]
AlternateDataStreams: C:\Users\uzivatel\AppData\Local\Temp:com.affinity.photo.2 [320]
AlternateDataStreams: C:\Users\uzivatel\AppData\Local\Temp:com.affinity.photo.3 [197]
AlternateDataStreams: C:\Users\uzivatel\AppData\Local\Temp:com.affinity.publisher.2 [320]
AlternateDataStreams: C:\Users\uzivatel\AppData\Local\Temp:com.affinity.publisher.3 [197]
FirewallRules: [UDP Query User{07618A35-53CB-451C-99DF-5FF02B70EB86}G:\codex\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Allow) G:\codex\swgame\binaries\win64\starwarsjedifallenorder.exe => No File
FirewallRules: [TCP Query User{9FD2A6B3-BC3D-4D42-B184-3B96BAEA5C59}G:\codex\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Allow) G:\codex\swgame\binaries\win64\starwarsjedifallenorder.exe => No File
FirewallRules: [{B61B3B55-6C36-4910-BC39-5F85653FEADA}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File

EmptyTemp:
End
Uložte do D:\users\lkos\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
lubo52
Návštěvník
Návštěvník
Příspěvky: 90
Registrován: 05 zář 2012 14:03

Re: Napadený účet Netflix prosím o kontrolu NB

#7 Příspěvek od lubo52 »

Fix result of Farbar Recovery Scan Tool (x64) Version: 10-10-2021
Ran by uzivatel (11-10-2021 00:15:14) Run:1
Running from D:\users\lkos\Downloads
Loaded Profiles: uzivatel & postgres
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\MountPoints2: {34ab0ae3-04cc-11ec-897a-ac2b6ef875f6} - "F:\HiSuiteDownLoader.exe"
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {7A94DDB4-F5A5-4889-9DBC-0D2DB42D4EC4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-03] (Google Inc -> Google Inc.)
Task: {C9136883-C045-4000-A3FC-360DBAF01ADE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-03] (Google Inc -> Google Inc.)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
U3 aspnet_state; no ImagePath
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\Users\uzivatel\AppData\Local\Temp:com.affinity.designer.2 [320]
AlternateDataStreams: C:\Users\uzivatel\AppData\Local\Temp:com.affinity.designer.3 [197]
AlternateDataStreams: C:\Users\uzivatel\AppData\Local\Temp:com.affinity.photo.2 [320]
AlternateDataStreams: C:\Users\uzivatel\AppData\Local\Temp:com.affinity.photo.3 [197]
AlternateDataStreams: C:\Users\uzivatel\AppData\Local\Temp:com.affinity.publisher.2 [320]
AlternateDataStreams: C:\Users\uzivatel\AppData\Local\Temp:com.affinity.publisher.3 [197]
FirewallRules: [UDP Query User{07618A35-53CB-451C-99DF-5FF02B70EB86}G:\codex\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Allow) G:\codex\swgame\binaries\win64\starwarsjedifallenorder.exe => No File
FirewallRules: [TCP Query User{9FD2A6B3-BC3D-4D42-B184-3B96BAEA5C59}G:\codex\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Allow) G:\codex\swgame\binaries\win64\starwarsjedifallenorder.exe => No File
FirewallRules: [{B61B3B55-6C36-4910-BC39-5F85653FEADA}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File

EmptyTemp:
End
*****************

Processes closed successfully.
"HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge" => removed successfully
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{34ab0ae3-04cc-11ec-897a-ac2b6ef875f6} => removed successfully
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7A94DDB4-F5A5-4889-9DBC-0D2DB42D4EC4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7A94DDB4-F5A5-4889-9DBC-0D2DB42D4EC4}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C9136883-C045-4000-A3FC-360DBAF01ADE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C9136883-C045-4000-A3FC-360DBAF01ADE}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
HKLM\System\CurrentControlSet\Services\aspnet_state => removed successfully
aspnet_state => service removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
C:\Users\uzivatel\AppData\Local\Temp => ":com.affinity.designer.2" ADS removed successfully
C:\Users\uzivatel\AppData\Local\Temp => ":com.affinity.designer.3" ADS removed successfully
C:\Users\uzivatel\AppData\Local\Temp => ":com.affinity.photo.2" ADS removed successfully
C:\Users\uzivatel\AppData\Local\Temp => ":com.affinity.photo.3" ADS removed successfully
C:\Users\uzivatel\AppData\Local\Temp => ":com.affinity.publisher.2" ADS removed successfully
C:\Users\uzivatel\AppData\Local\Temp => ":com.affinity.publisher.3" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{07618A35-53CB-451C-99DF-5FF02B70EB86}G:\codex\swgame\binaries\win64\starwarsjedifallenorder.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9FD2A6B3-BC3D-4D42-B184-3B96BAEA5C59}G:\codex\swgame\binaries\win64\starwarsjedifallenorder.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B61B3B55-6C36-4910-BC39-5F85653FEADA}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 77888132 B
Java, Flash, Steam htmlcache => 397 B
Windows/system/drivers => 11998244 B
Edge => 144909 B
Chrome => 474998755 B
Firefox => 9472112 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 3888 B
NetworkService => 3888 B
uzivatel => 56869770 B
postgres => 56869770 B

RecycleBin => 0 B
EmptyTemp: => 657.6 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 00:15:44 ====
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118254
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Napadený účet Netflix prosím o kontrolu NB

#8 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
lubo52
Návštěvník
Návštěvník
Příspěvky: 90
Registrován: 05 zář 2012 14:03

Re: Napadený účet Netflix prosím o kontrolu NB

#9 Příspěvek od lubo52 »

Problém, kromě napadení a přesměrování účtu u netfixu nebyl.
Počítač se choval normálně.
Co to bylo?
Díky moc
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118254
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Napadený účet Netflix prosím o kontrolu NB

#10 Příspěvek od Rudy »

To hlavní vyčistil ADW a zbytek (vesměs zbytečnosti) dorazil FRST. Problém mohl přijít prakticky odkudkoli z internetu. ADW vyházel právě takové možnosti.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
lubo52
Návštěvník
Návštěvník
Příspěvky: 90
Registrován: 05 zář 2012 14:03

Re: Napadený účet Netflix prosím o kontrolu NB

#11 Příspěvek od lubo52 »

Děkuji,
lze tedy ADW používat preventivně třeba jako ccleaner?
Díky
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118254
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Napadený účet Netflix prosím o kontrolu NB

#12 Příspěvek od Rudy »

Možné to je. Zatím jsem nezaznamenal, že by smazal něco důležitého.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
lubo52
Návštěvník
Návštěvník
Příspěvky: 90
Registrován: 05 zář 2012 14:03

Re: Napadený účet Netflix prosím o kontrolu NB

#13 Příspěvek od lubo52 »

Díky moc
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118254
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Napadený účet Netflix prosím o kontrolu NB

#14 Příspěvek od Rudy »

Rádo se stalo! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“