Zamrzání PC

[lastsaves]

Prosím o kontrolu logu, zamrzá PC. Předem díky.
Addition.txt v příloze.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-12-2021
Ran by tMt-user (administrator) on TMT-DESKTOP (15-12-2021 00:10:55)
Running from C:\aa
Loaded Profiles: defaultuser0 & tMt & tMt-user & tMt-steam
Platform: Microsoft Windows 10 Pro Version 21H1 19043.1415 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Apps\IconGroups\x64\IconGroups.exe
() [File not signed] C:\Apps\OpenHardwareMonitor\OpenHardwareMonitor.exe
() [File not signed] C:\Apps\RBTray\RBTray.exe
() [File not signed] C:\Apps\Wondershare\MobileTrans\ElevationService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Alexandr Irza) [File not signed] C:\Apps\Volume2\Volume2.exe
(Amine Moufik -> Amine Mouafik) C:\Users\tMt-user\AppData\Local\Programs\ferdi\Ferdi.exe <10>
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Astonsoft Ltd. -> Astonsoft) C:\Apps\EssentialPIM Pro 9\EssentialPIM.exe <2>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast\wsc_proxy.exe
(Backblaze, Inc. -> ) C:\Program Files (x86)\Backblaze\bzbui.exe
(Backblaze, Inc. -> ) C:\Program Files (x86)\Backblaze\bzfilelist.exe
(Backblaze, Inc. -> ) C:\Program Files (x86)\Backblaze\bzserv.exe
(Bartels Media GmbH -> Bartels Media GmbH) C:\Apps\PhraseExpress\phraseexpress.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe <2>
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe <2>
(Ditto -> ) [File not signed] C:\Apps\Ditto\Ditto.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <4>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\138.3.2340\QtWebEngineProcess.exe <2>
(F.lux Software LLC -> f.lux Software LLC) C:\Users\tMt-user\AppData\Local\FluxSoftware\Flux\flux.exe
(Firebit OU -> Rainmeter) C:\Apps\Rainmeter\Rainmeter.exe
(Ghisler Software GmbH -> Ghisler Software GmbH) C:\Apps\Total Commander\TOTALCMD64.EXE
(GNE) [File not signed] C:\Apps\Dual Monitor Tools\DMT.exe
(Greatis Software LLC -> Greatis Software, LLC) C:\Apps\BootRacer\BootRacerServ.exe
(KARPOLAN) [File not signed] C:\Apps\Keyboard Leds\KeyboardLeds.exe
(Kazuyuki Nakayama) [File not signed] C:\Apps\HotSwap\HotSwap!.EXE
(KeepSolid Inc. -> KeepSolid Inc.) C:\Apps\VPN Unlimited\vpn-unlimited-daemon.exe
(Logitech Inc -> ) C:\Program Files\Logitech\Collaboration\Services\Video\RightSightAPI\crashpad_handler.exe
(Logitech Inc -> Logitech Europe S.A.) C:\Program Files\Logitech\Collaboration\Services\Video\RightSightAPI\RightSightService.exe
(Logitech Inc -> Logitech) C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe
(Martin Malik - REALiX -> REALiX) C:\Apps\HWInfo\HWiNFO64.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Users\tMt-user\AppData\Local\Microsoft\Teams\current\Teams.exe <9>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.59.11001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.59.11001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.12013.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.12013.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(mik61 (independent software developer) -> mik61) [File not signed] [File is in use] C:\Apps\Gameplay Time Tracker\Support64.exe
(mik61 (independent software developer) -> mik61) [File not signed] C:\Apps\Gameplay Time Tracker\GameplayTimeTracker.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_44dc4eefedc0d082\Display.NvContainer\NVDisplay.Container.exe <2>
(Open Source Developer, Noriyuki Miyazaki -> Crystal Dew World) C:\Apps\CrystalDiskInfo\DiskInfo64.exe <2>
(Open-Shell) [File not signed] C:\Apps\Open Shell\StartMenu.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Parsec Cloud, Inc. -> Parsec) C:\Program Files\Parsec\pservice.exe
(pCloud AG -> pCloud AG) C:\Program Files\pCloud Drive\pCloud.exe
(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Apps\Razer\Razer Cortex\RzKLService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SOFTPERFECT PTY. LTD. -> SoftPerfect) C:\Apps\Networx\networx.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Apps\TeamViewer\TeamViewer_Service.exe
(Tonalio GmbH -> sandboxie-plus.com) C:\Apps\Sandboxie-Plus\SandMan.exe
(Tonalio GmbH -> sandboxie-plus.com) C:\Apps\Sandboxie-Plus\SbieSvc.exe
(voidtools -> voidtools) C:\Apps\Everything\Everything.exe <2>
(WDC) [File not signed] C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe
(zett42) [File not signed] C:\Apps\FlashFolder\FlashFolder.exe
(zett42) [File not signed] C:\Apps\FlashFolder\FlashFolder64.exe <2>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast\AvLaunch.exe [157464 2021-12-05] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [NetWorx] => C:\Apps\Networx\networx.exe [7627080 2016-09-24] (SOFTPERFECT PTY. LTD. -> SoftPerfect)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [CANON P150 SVC] => C:\Windows\system32\P150SVC.dll [181760 2009-12-16] (Canon Electronics) [File not signed]
HKLM\...\Run: [MTPW] => C:\Apps\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> )
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8838400 2016-06-07] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [Open-Shell Start Menu] => C:\Apps\Open Shell\StartMenu.exe [216576 2020-09-26] (Open-Shell) [File not signed]
HKLM\...\Run: [Everything] => C:\Apps\Everything\Everything.exe [2261600 2021-05-12] (voidtools -> voidtools)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [8807200 2021-12-10] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Apps\Adobe Acrobat Pro 2017\Acrobat\Acrotray.exe [1996512 2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [RazerCortex] => C:\Apps\Razer\Razer Cortex\CortexLauncher.exe [267072 2021-03-31] (Razer USA Ltd. -> Razer Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-09-27] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [AutoAD] => C:\Apps\Wondershare\MobileTrans\AutoAD.exe [73224 2021-11-24] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Apps\Opera\assistant\browser_assistant.exe [4112592 2021-12-02] (Opera Software AS -> Opera Software)
HKLM\...\Policies\Explorer\Run: [BootRacer] => C:\Apps\BootRacer\bootrace.exe [9519440 2021-01-26] (Greatis Software LLC -> Greatis Software)
HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 1
HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 1
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 1
HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 1
HKU\S-1-5-21-2866573575-4116515599-1814928747-1002\...\Run: [Backblaze] => C:\Program Files (x86)\Backblaze\bzbui.exe [1174808 2021-07-07] (Backblaze, Inc. -> )
HKU\S-1-5-21-2866573575-4116515599-1814928747-1003\...\Run: [f.lux] => C:\Users\tMt-user\AppData\Local\FluxSoftware\Flux\flux.exe [1515848 2021-06-18] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-2866573575-4116515599-1814928747-1003\...\Run: [GameplayTimeTracker] => C:\Apps\Gameplay Time Tracker\GameplayTimeTracker.exe [932472 2018-09-17] (mik61 (independent software developer) -> mik61) [File not signed]
HKU\S-1-5-21-2866573575-4116515599-1814928747-1003\...\Run: [Adobe Acrobat Synchronizer] => C:\Apps\Adobe Acrobat Pro 2017\Acrobat\AdobeCollabSync.exe [886496 2021-10-05] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2866573575-4116515599-1814928747-1003\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [112191904 2021-12-06] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2866573575-4116515599-1814928747-1003\...\Run: [EssentialPIM Pro Portable] => C:\Apps\EssentialPIM Pro 9\EssentialPIM.exe [12368464 2021-12-11] (Astonsoft Ltd. -> Astonsoft)
HKU\S-1-5-21-2866573575-4116515599-1814928747-1003\...\Run: [Backblaze] => C:\Program Files (x86)\Backblaze\bzbui.exe [1174808 2021-07-07] (Backblaze, Inc. -> )
HKU\S-1-5-21-2866573575-4116515599-1814928747-1003\...\Run: [Ditto] => C:\Apps\Ditto\Ditto.exe [1717872 2012-11-08] (Ditto -> ) [File not signed]
HKU\S-1-5-21-2866573575-4116515599-1814928747-1003\...\Run: [KeyboardLeds.exe] => C:\Apps\Keyboard Leds\KeyboardLeds.exe [912896 2012-09-06] (KARPOLAN) [File not signed]
HKU\S-1-5-21-2866573575-4116515599-1814928747-1003\...\Run: [pCloud] => C:\Program Files\pCloud Drive\pCloud.exe [3720424 2020-05-29] (pCloud AG -> pCloud AG)
HKU\S-1-5-21-2866573575-4116515599-1814928747-1003\...\Run: [com.squirrel.Teams.Teams] => C:\Users\tMt-user\AppData\Local\Microsoft\Teams\Update.exe [2459304 2021-12-11] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2866573575-4116515599-1814928747-1003\...\Run: [GNE_DualMonitorTools] => C:\Apps\Dual Monitor Tools\DMT.exe [796160 2018-06-04] (GNE) [File not signed]
HKU\S-1-5-21-2866573575-4116515599-1814928747-1003\...\Run: [Ferdi] => C:\Users\tMt-user\AppData\Local\Programs\ferdi\Ferdi.exe [136400840 2021-07-18] (Amine Moufik -> Amine Mouafik)
HKU\S-1-5-21-2866573575-4116515599-1814928747-1003\...\Run: [VOLUME2] => C:\Apps\Volume2\Volume2.exe [4350464 2021-02-14] (Alexandr Irza) [File not signed]
HKU\S-1-5-21-2866573575-4116515599-1814928747-1003\...\Run: [SandboxiePlus_AutoRun] => C:\Apps\Sandboxie-Plus\SandMan.exe [1110032 2021-08-08] (Tonalio GmbH -> sandboxie-plus.com)
HKU\S-1-5-21-2866573575-4116515599-1814928747-1003\...\Run: [AutoAD] => C:\Apps\Wondershare\MobileTrans\AutoAD.exe [73224 2021-11-24] (Wondershare Technology Co.,Ltd -> Wondershare)
HKU\S-1-5-21-2866573575-4116515599-1814928747-1003\...\MountPoints2: {1e493c19-05d1-11ec-95db-5cf3708ef908} - "J:\Setup.exe"
HKU\S-1-5-21-2866573575-4116515599-1814928747-1003\...\MountPoints2: {1e493c2b-05d1-11ec-95db-5cf3708ef908} - "M:\setup.exe" /autorun
HKU\S-1-5-21-2866573575-4116515599-1814928747-1003\...\MountPoints2: {1e493f27-05d1-11ec-95db-5cf3708ef908} - "J:\setup.exe" /autorun
HKU\S-1-5-21-2866573575-4116515599-1814928747-1003\...\MountPoints2: {630a72da-1940-11eb-9544-5cf3708ef908} - "O:\setup.exe"
HKU\S-1-5-18\...\Run: [Backblaze] => C:\Program Files (x86)\Backblaze\bzbui.exe [1174808 2021-07-07] (Backblaze, Inc. -> )
HKLM\...\Windows x64\Print Processors\XRXS1PC: C:\Windows\System32\spool\prtprocs\x64\xrxs1pc.dll [33792 2007-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Server 2003 DDK provider)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [65176 2021-05-24] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\PDF-XChange V6 Printer Port Monitor (Lite): C:\WINDOWS\system32\pxcpm5L.dll [150720 2017-06-29] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
HKLM\...\Print\Monitors\us008 Langmon: C:\Windows\system32\us008lm.dll [31256 2016-02-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.110\Installer\chrmstp.exe [2021-12-14] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MTWSAndroidAppHelper.lnk [2021-11-27]
ShortcutTarget: MTWSAndroidAppHelper.lnk -> C:\Apps\Wondershare\MobileTrans\WSAndroidAppHelper.exe (Wondershare Technology Co.,Ltd -> Microsoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MTWSAppHelper.lnk [2021-11-27]
ShortcutTarget: MTWSAppHelper.lnk -> C:\Apps\Wondershare\MobileTrans\WSAppHelper.exe (Wondershare Technology Co.,Ltd -> Microsoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PhraseExpress.lnk [2021-05-24]
ShortcutTarget: PhraseExpress.lnk -> C:\Apps\PhraseExpress\phraseexpress.exe (Bartels Media GmbH -> Bartels Media GmbH)
Startup: C:\Users\tMt-user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odeslat do OneNote.lnk [2021-10-07]
ShortcutTarget: Odeslat do OneNote.lnk -> C:\Apps\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\tMt-user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2021-04-16]
ShortcutTarget: Rainmeter.lnk -> C:\Apps\Rainmeter\Rainmeter.exe (Firebit OU -> Rainmeter)
Startup: C:\Users\tMt-user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RBTray.lnk [2017-08-22]
ShortcutTarget: RBTray.lnk -> C:\Apps\RBTray\RBTray.exe () [File not signed]
Startup: C:\Users\tMt-user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\VeBest Icon Groups.lnk [2020-05-25]
ShortcutTarget: VeBest Icon Groups.lnk -> C:\Apps\IconGroups\IconGroups.exe () [File not signed]
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0399E6AA-61DF-481F-A77D-7C3E52EB6C7A} - System32\Tasks\Zotero => C:\Apps\Zotero\zotero.exe [255336 2021-09-19] (Corporation for Digital Scholarship -> Corporation for Digital Scholarship)
Task: {0C879D8A-AC1B-4355-8FB1-721867E4BBE6} - System32\Tasks\HWiNFO => C:\Apps\HWInfo\HWiNFO64.exe [6184480 2021-10-29] (Martin Malik - REALiX -> REALiX)
Task: {14812791-2116-4D3F-8617-49A6F54D6AF0} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {194B9C7E-AE7D-4ECA-A28C-C56006DE0702} - System32\Tasks\CCleaner Update => C:\Apps\CCleaner\CCUpdate.exe [684976 2021-11-12] (Piriform Software Ltd -> Piriform)
Task: {1E5D57A3-EFB9-4E2F-B7A6-8C19A04F1734} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast\AvEmUpdate.exe [4969240 2021-12-05] (Avast Software s.r.o. -> AVAST Software)
Task: {21843DAC-FD32-4158-A9E1-135EA66A1BF2} - System32\Tasks\Opera scheduled Autoupdate 1576927961 => C:\Apps\Opera\launcher.exe [1753808 2021-12-02] (Opera Software AS -> Opera Software)
Task: {23E29B3A-91D8-4EDF-A233-02A52BDD1241} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {244FD7EC-1966-43CE-991F-732189C82EBE} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {25BA9DA9-7394-4551-8C20-E0EAAE874445} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-04-29] (Avast Software s.r.o. -> Avast Software)
Task: {2BE52439-90FF-448D-9603-DEA7E083113B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-08] (Google Inc -> Google Inc.)
Task: {2F3B9968-A678-4B97-9684-16D294663C4A} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {32E29CF4-8429-4B89-813D-9D4A22DBC131} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {330B445E-8CDB-46EC-89F0-4D3B018F9C52} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe (No File)
Task: {36D86ED2-5119-48A7-9458-4D54E8B5CD58} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3C8C87BB-4D1E-4951-909E-89B051CD9A63} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {4F56E544-B7F3-4C84-9371-C19B4458AEC3} - System32\Tasks\Mozilla\Firefox Background Update 87BE11929858F73 => C:\Apps\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\87BE11929858F73\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {50442DE0-F3D0-4D8F-8115-D882054DE9D2} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {58B397D2-6D3B-4803-85B8-F86D0DDFB71B} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5981E631-0BE6-44C4-B7BB-57B947816E13} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {5A644220-9EAC-498D-8669-8AB23A1EC5D3} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {621829BF-F294-4298-A53C-631C16DAC10E} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {6512CDBB-8527-4772-9A34-A47BEC22DEBA} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6AE78B1F-6BC8-49FD-ABE1-AC64004DA7A4} - System32\Tasks\WD Discovery Service Task tmt-user => C:\Program Files (x86)\Western Digital\Discovery\Current\Service\WDDiscoveryService.exe [75504 2019-11-29] (Western Digital Technologies, Inc. -> )
Task: {7308D9FE-D213-449D-9B94-E6FDFB309B32} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {77EE2F02-5F89-474A-9EA5-C85EF2DE761B} - System32\Tasks\CrystalDiskInfo => C:\Apps\CrystalDiskInfo\DiskInfo64.exe [2799136 2021-07-11] (Open Source Developer, Noriyuki Miyazaki -> Crystal Dew World)
Task: {7B6D526E-862A-49E6-B5FA-8AA31718B356} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {88A2F643-69DF-446B-B49A-23E6BBB12223} - System32\Tasks\OpenHardwareMonitor => C:\Apps\OpenHardwareMonitor\OpenHardwareMonitor.exe [493568 2020-12-27] () [File not signed]
Task: {89A4DBDD-7FBC-4E35-A315-EE7CA464FB9B} - System32\Tasks\CCleanerSkipUAC - tMt-user => C:\Apps\CCleaner\CCleaner.exe [29417088 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {8DEBCEE4-E236-4CC3-9930-6EDE3160BEC8} - System32\Tasks\Opera scheduled assistant Autoupdate 1597678316 => C:\Apps\Opera\launcher.exe [1753808 2021-12-02] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Apps\Opera\assistant" $(Arg0)
Task: {910461A0-666E-4794-8064-F65191AF79B4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-08] (Google Inc -> Google Inc.)
Task: {95CD6496-7938-4491-BAAE-9F0FEF967A17} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {973F6195-877C-4732-9074-490C3DD8AADD} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {9DABE940-DF88-4156-B5DE-989C1A1A9AE2} - System32\Tasks\HotSwap! Applet => C:\Apps\HotSwap\HotSwap!.EXE [219648 2019-01-07] (Kazuyuki Nakayama) [File not signed]
Task: {9E1D9698-7DBE-4472-BC2A-A59887D1D394} - System32\Tasks\Mozilla\Firefox Default Browser Agent 87BE11929858F73 => C:\Apps\Mozilla Firefox\default-browser-agent.exe do-task "87BE11929858F73"
Task: {A5868E96-18B9-4A54-92FF-3DDB5E58B1BF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {BAF5B6E7-035E-4E02-A93C-306F7B1D4A5F} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {CA2C15C8-F967-47E9-82CD-DDF09DFBAECA} - System32\Tasks\WD Device Agent Task tmt-user => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Device Agent.exe [720624 2019-11-29] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
Task: {D03C9E07-7E75-472E-BE8B-3F7A5AA5A05A} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {D5468748-8F99-4C47-881A-D260B84FB6AA} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {E0B66F5A-E673-4B5D-A19B-6477ADAD8932} - System32\Tasks\Crystal Disk Info => C:\Apps\CrystalDiskInfo\DiskInfo64.exe [2799136 2021-07-11] (Open Source Developer, Noriyuki Miyazaki -> Crystal Dew World)
Task: {E6165D36-206C-4272-B813-01505ED33EF6} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E94834FC-00B1-48A2-B1EE-511011FBED2F} - System32\Tasks\Open Hardware Monitor\Startup => C:\Apps\OpenHardwareMonitor\OpenHardwareMonitor.exe [493568 2020-12-27] () [File not signed]
Task: {EA0916D4-4D3C-4553-A93C-D3CF001C5C33} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {EC8BA3EE-54C4-4BC5-831B-CF41C5D47656} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {F9C789DF-56EC-462A-8F3D-BD968F986B9A} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {FF548FCF-FC3B-4A75-9258-3911549EBB57} - System32\Tasks\MiniToolPartitionWizard => C:\Apps\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> )

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{178072c6-a771-417b-b35b-66f5192e2773}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{759d83ac-f5e0-c89b-38c2-ca581e218a0c}: [NameServer] 10.100.0.1
Tcpip\..\Interfaces\{8b2477d5-720d-47d5-a5f1-e61b2a4b8fe2}: [DhcpNameServer] 192.168.42.129

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\tMt-user\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-10]

FireFox:
========
FF DefaultProfile: mdjzqrib.default
FF DefaultProfile: 6uiofy8v.default-1625836185525
FF ProfilePath: C:\Users\tMt-user\AppData\Roaming\Zotero\Zotero\Profiles\mdjzqrib.default [2021-11-30]
FF Extension: (ZotFile) - C:\Users\tMt-user\AppData\Roaming\Zotero\Zotero\Profiles\mdjzqrib.default\Extensions\zotfile@columbia.edu.xpi [2020-02-06] [Legacy] [not signed]
FF ProfilePath: C:\Users\tMt-user\AppData\Roaming\Mozilla\Firefox\Profiles\0chh25ol.default-release [2021-11-10]
FF ProfilePath: C:\Users\tMt-user\AppData\Roaming\Mozilla\Firefox\Profiles\6uiofy8v.default-1625836185525 [2021-12-13]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Apps\Adobe Acrobat Pro 2017\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Apps\Adobe Acrobat Pro 2017\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Apps\Adobe Acrobat Pro 2017\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin-x32: @java.com/DTPlugin,version=11.311.2 -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\dtplugin\npDeployJava1.dll [2021-10-31] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.311.2 -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\plugin2\npjp2.dll [2021-10-31] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-05-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Apps\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Apps\Adobe Acrobat Pro 2017\Acrobat\Air\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
StartMenuInternet: Firefox-87BE11929858F73 - C:\Apps\Mozilla Firefox\firefox.exe

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default [2021-12-15]
CHR Notifications: Default -> hxxps://fitgirl-repacks.site; hxxps://meet.google.com; hxxps://my.pcloud.com; hxxps://steamcommunity.com; hxxps://topflownews.com; hxxps://trello.com
CHR HomePage: Default -> hxxp://www.google.com
CHR Extension: (Překladač Google) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2021-08-15]
CHR Extension: (Prezentace) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-17]
CHR Extension: (Bookmark Favicon Changer) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\acmfnomgphggonodopogfbmkneepfgnh [2018-09-12]
CHR Extension: (Incognito This!) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aglfgiceepbeffbpmlohbdnhmliojinm [2019-02-16]
CHR Extension: (Dokumenty) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-17]
CHR Extension: (Disk Google) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (Seznam doplněk - Email) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2020-04-06]
CHR Extension: (WOT – zabezpečení webových stránek a ochrana pro bezpečné procházení) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2021-11-26]
CHR Extension: (Block Sender) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bklnjbfcmglhiaoppcckdodanccbelcg [2020-12-23]
CHR Extension: (YouTube) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-10]
CHR Extension: (uBlock Origin) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-12-03]
CHR Extension: (Adobe Acrobat) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-11-17]
CHR Extension: (Zotero Connector) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2021-08-19]
CHR Extension: (Urban Free VPN proxy Unblocker - Best VPN) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\eppiocemhmnlbhjplcgkofciiegomcon [2021-11-05]
CHR Extension: (Youtube Subtitle Downloader) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\falajjjalaffofcbkhgdemihkpllibom [2021-11-14]
CHR Extension: (MyJDownloader Browser Extension) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2021-06-28]
CHR Extension: (Tabulky) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-17]
CHR Extension: (HTTPS Everywhere) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2021-07-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-12-01]
CHR Extension: (Power Thesaurus) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhnjkanigjoiglnlopahbbjdbfhkndjk [2021-11-20]
CHR Extension: (Undo Closed Tabs Button) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieehkmoiljghfkejgahoheemdjpdinml [2021-09-14]
CHR Extension: (Boční lišta zálloh) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdbnofccmhefkmjbkkdkfiicjkgofkdh [2021-12-13]
CHR Extension: (Grammarly for Chrome) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2021-12-06]
CHR Extension: (Download Statusbar) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfjkodkjnmdeookccjmcdbhhpbgkoche [2020-05-29]
CHR Extension: (Social Video Downloader) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfnnoammpigcglgbhcbbdpnekbcddahe [2021-02-10]
CHR Extension: (Tlačítko Google Scholar) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldipcbpaocekfooobnbcddclnhejkcpn [2021-02-22]
CHR Extension: (Decentraleyes) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldpochfccmkkmhdbclfhpagapcfdljkj [2021-09-09]
CHR Extension: (Change Case) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpakoahdokkkonadfppfgmednkknpgbm [2019-12-15]
CHR Extension: (Citace PRO) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncpfaidppllikakgbjppnjfidjkpafmp [2020-04-21]
CHR Extension: (Save to Pocket) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2021-11-10]
CHR Extension: (Message/Chat Downloader) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkinapjekllgfipphkgpmombekfclghe [2021-04-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Subtitles For YouTube) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\oanhbddbfkjaphdibnebkklpplclomal [2021-07-03]
CHR Extension: (Context Menu Search) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocpcmghnefmdhljkoiapafejjohldoga [2017-08-18]
CHR Extension: (Charset) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\oenllhgkiiljibhfagbfogdbchhdchml [2021-04-22]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2020-04-06]
CHR Extension: (Shindig Screen Share) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbpphkjkpobfpkckdilgkemcjklfidbj [2020-06-03]
CHR Extension: (Gmail) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Privacy Badger) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkehgijcmpdhfbdbbnkijodmdjhbjlgp [2021-11-27]
CHR Profile: C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-12-15]
CHR Profile: C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-11-30]
CHR Extension: (Prezentace) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-04-16]
CHR Extension: (Dokumenty) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-04-16]
CHR Extension: (Disk Google) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-04-16]
CHR Extension: (YouTube) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-04-16]
CHR Extension: (Adobe Acrobat) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-11-29]
CHR Extension: (Tabulky) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-04-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-16]
CHR Extension: (Gmail) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-04-16]
CHR Profile: C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\System Profile [2021-12-15]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

Opera:
=======
OPR Profile: C:\Users\tMt-user\AppData\Roaming\Opera Software\Opera Stable [2021-12-08]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\tMt-user\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-12-01]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\tMt-user\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-10-03]
StartMenuInternet: (HKLM) OperaStable - C:\Apps\Opera\Launcher.exe

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3833088 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3603200 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AODService; C:\Apps\AMD OverDrive\AODAssist.exe [137584 2014-01-08] (Advanced Micro Devices, Inc. -> )
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-03-16] (Apple Inc. -> Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast\aswidsagent.exe [8480848 2021-12-05] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast\AvastSvc.exe [452888 2021-12-05] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast\aswToolsSvc.exe [452888 2021-12-05] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast\wsc_proxy.exe [56912 2021-05-28] (Avast Software s.r.o. -> AVAST Software)
R2 BootRacerServ; C:\Apps\BootRacer\BootRacerServ.exe [97352 2020-09-23] (Greatis Software LLC -> Greatis Software, LLC)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2020-03-22] (BitRaider LLC -> BitRaider, LLC)
R2 bzserv; C:\Program Files (x86)\Backblaze\bzserv.exe [609560 2021-07-07] (Backblaze, Inc. -> )
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R2 CmdAgentProt; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2675504 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44328 2021-12-10] (Dropbox, Inc -> Dropbox, Inc.)
R2 ElevationService; C:\Apps\Wondershare\MobileTrans\ElevationService.exe [913408 2021-10-28] () [File not signed]
R2 Everything; C:\Apps\Everything\Everything.exe [2261600 2021-05-12] (voidtools -> voidtools)
R2 FlashFolder; C:\Apps\FlashFolder\FlashFolder64.exe [596992 2012-07-21] (zett42) [File not signed]
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [1044176 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
R2 nebula; C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe [4489352 2019-06-12] (Logitech Inc -> Logitech)
R2 Parsec; C:\Program Files\Parsec\pservice.exe [364048 2020-05-19] (Parsec Cloud, Inc. -> Parsec)
S3 ProtonVPN Service; C:\Apps\ProtonVPN\ProtonVPNService.exe [115816 2021-11-15] (Proton Technologies AG -> )
S3 ProtonVPN Update Service; C:\Apps\ProtonVPN\ProtonVPN.UpdateService.exe [65128 2021-11-15] (Proton Technologies AG -> )
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [254224 2021-03-22] (Razer USA Ltd. -> Razer Inc)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [533808 2021-01-29] (Razer USA Ltd. -> Razer Inc.)
R2 RzKLService; C:\Apps\Razer\Razer Cortex\RzKLService.exe [291320 2021-03-31] (Razer USA Ltd. -> Razer Inc.)
R2 SbieSvc; C:\Apps\Sandboxie-Plus\SbieSvc.exe [334352 2021-08-08] (Tonalio GmbH -> sandboxie-plus.com)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6138112 2021-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Apps\TeamViewer\TeamViewer_Service.exe [12912936 2021-11-16] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
U2 VPNUnlimitedService; C:\Apps\VPN Unlimited\vpn-unlimited-daemon.exe [47128 2021-10-26] (KeepSolid Inc. -> KeepSolid Inc.)
R2 WDBtnMgrSvc.exe; C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [119296 2012-05-01] (WDC) [File not signed]
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [366720 2019-11-25] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WireGuardTunnel$VPNUWireguard; C:\Apps\VPN Unlimited\WireVPNUImpl.exe [26648 2021-10-26] (KeepSolid Inc. -> )
R2 WsAppService3; C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe [83232 2019-06-26] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_44dc4eefedc0d082\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_44dc4eefedc0d082\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.3.0; C:\Apps\AMD OverDrive\amd64\AODDriver2.sys [59624 2014-01-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35720 2021-12-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [222128 2021-12-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [368152 2021-12-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [251928 2021-12-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99352 2021-12-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2021-09-24] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41352 2021-12-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [185216 2021-12-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107848 2021-12-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82912 2021-12-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [852752 2021-12-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [544096 2021-12-05] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [214352 2021-12-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [317680 2021-12-05] (Avast Software s.r.o. -> AVAST Software)
R1 cbfsconnect2017; C:\WINDOWS\system32\drivers\cbfsconnect2017.sys [480272 2019-10-07] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc.)
S0 cmdboot; C:\WINDOWS\System32\DRIVERS\cmdboot.sys [17576 2019-10-23] (Microsoft Windows Early Launch Anti-malware Publisher -> COMODO)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [38880 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [844000 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [47104 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
S3 dtproscsibus; C:\WINDOWS\System32\drivers\dtproscsibus.sys [30352 2016-07-27] (Disc Soft Ltd -> Disc Soft Ltd)
R3 HWiNFO_164; C:\Users\tMt-user\AppData\Local\Temp\HWiNFO64A_164.SYS [55816 2021-12-14] (Microsoft Windows Hardware Compatibility Publisher -> REALiX(tm)) <==== ATTENTION
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [130256 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
S3 ioFakDrv; C:\WINDOWS\System32\drivers\ioFakDrv.sys [23936 2010-12-15] (KYE SYSTEMS CORP. -> KYE System Corp.)
S3 ioFakMap; C:\WINDOWS\System32\drivers\ioFakMap.sys [12672 2010-12-15] (KYE SYSTEMS CORP. -> KYE System Corp.)
S3 ioTablet; C:\WINDOWS\System32\drivers\ioTablet.sys [35328 2012-04-05] (Microsoft Windows Hardware Compatibility Publisher -> KYE System Corp.)
S3 ioTblMap; C:\WINDOWS\System32\drivers\ioTblMap.sys [13200 2011-08-25] (KYE SYSTEMS CORP. -> KYE System Corp.)
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [63256 2018-08-29] (Comodo Security Solutions, Inc. -> COMODO)
S3 ProtonVPNCallout; C:\Apps\ProtonVPN\x64\Win10\ProtonVPN.CalloutDriver.sys [34176 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2019-11-08] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
R3 SbieDrv; C:\Apps\Sandboxie-Plus\SbieDrv.sys [225264 2021-08-08] (Microsoft Windows Hardware Compatibility Publisher -> sandboxie-plus.com)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tapexpressvpn; C:\WINDOWS\System32\drivers\tapexpressvpn.sys [45024 2019-03-14] (ExprsVPN LLC -> The OpenVPN Project)
R3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2020-12-30] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2021-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
R3 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [69168 2020-01-10] (Microsoft Windows Hardware Compatibility Publisher -> Benjamin Höglinger-Stelzer)
R3 vpnpbus; C:\WINDOWS\System32\drivers\vpnpbus.sys [20704 2019-03-01] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R1 wdfsconnect2017; C:\WINDOWS\system32\drivers\wdfsconnect2017.sys [468112 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 wdvpnpbus; C:\WINDOWS\System32\drivers\wdvpnpbus.sys [20624 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
R3 WinRing0_1_2_0; C:\Apps\OpenHardwareMonitor\OpenHardwareMonitorLib.sys [14544 2021-12-14] (Noriyuki MIYAZAKI -> OpenLibSys.org)
R3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [29680 2021-11-14] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-12-14 23:12 - 2021-12-14 23:12 - 000000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup-
2021-12-14 23:10 - 2021-12-14 23:10 - 000000000 ____D C:\WINDOWS\SystemTemp
2021-12-14 23:06 - 2021-12-14 23:06 - 000000000 ____D C:\aa
2021-12-14 23:05 - 2021-12-14 23:05 - 000011979 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-12-14 23:04 - 2021-12-14 23:04 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-12-14 23:04 - 2021-12-14 23:04 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-12-14 23:04 - 2021-12-14 23:04 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-12-14 22:45 - 2021-12-14 22:45 - 000000000 ___HD C:\$WinREAgent
2021-12-14 21:00 - 2021-12-15 00:11 - 000000000 ____D C:\FRST
2021-12-14 17:17 - 2021-12-14 17:17 - 000001150 _____ C:\Users\tMt-user\Downloads\meetingAttendanceList (1).csv
2021-12-14 17:02 - 2021-12-14 17:02 - 000000664 _____ C:\Users\tMt-user\Downloads\meetingAttendanceList.csv
2021-12-11 11:10 - 2021-12-14 20:51 - 000003066 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2866573575-4116515599-1814928747-1003
2021-12-10 22:38 - 2021-12-10 22:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2021-12-10 01:27 - 2021-12-10 01:27 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2021-12-10 01:27 - 2021-12-10 01:27 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2021-12-10 01:27 - 2021-12-10 01:27 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2021-12-10 01:27 - 2021-12-10 01:27 - 000044328 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2021-12-09 22:45 - 2021-12-09 22:45 - 000000000 ____D C:\Users\tMt-user\AppData\Roaming\fltk.org
2021-12-09 22:45 - 2021-12-09 22:45 - 000000000 ____D C:\ProgramData\fltk.org
2021-12-08 09:55 - 2021-12-08 09:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2021-12-08 09:44 - 2021-12-08 09:44 - 000000000 ____D C:\Users\tMt-user\AppData\Roaming\Proton Technologies AG
2021-12-08 09:44 - 2021-12-08 09:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProtonVPN
2021-12-05 09:19 - 2021-12-05 09:19 - 000340248 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-12-05 09:19 - 2021-12-05 09:19 - 000214352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-12-02 08:35 - 2021-12-02 08:36 - 000088634 _____ C:\Users\tMt-user\Downloads\label_1154153082.pdf
2021-11-28 10:32 - 2021-11-28 10:32 - 000000000 ____D C:\ProgramData\WsAppHelper
2021-11-27 23:16 - 2021-11-27 23:16 - 000000016 _____ C:\ProgramData\mntemp
2021-11-27 23:16 - 2021-11-27 23:16 - 000000000 ____D C:\Users\tMt-user\Documents\Wondershare
2021-11-27 23:15 - 2021-11-28 14:55 - 000000000 ____D C:\Users\tMt-user\AppData\Local\Wondershare
2021-11-27 23:15 - 2021-11-27 23:15 - 000000000 ____D C:\Users\tMt-user\AppData\Roaming\MobileBackupForeverIni
2021-11-27 23:13 - 2021-11-28 14:51 - 000000000 ____D C:\ProgramData\Wondershare
2021-11-27 23:13 - 2021-11-27 23:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2021-11-27 23:13 - 2021-11-27 23:15 - 000000000 ____D C:\Users\tMt-user\AppData\Roaming\Wondershare
2021-11-27 23:13 - 2021-11-27 23:13 - 000000000 ____D C:\Program Files (x86)\Wondershare
2021-11-27 23:11 - 2021-12-11 18:15 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2021-11-27 17:17 - 2021-11-27 17:17 - 000034795 _____ C:\Users\tMt-user\Downloads\claim-report.pdf
2021-11-27 17:17 - 2021-11-27 17:17 - 000034795 _____ C:\Users\tMt-user\Downloads\claim-report(1).pdf
2021-11-24 23:21 - 2021-11-29 09:22 - 000000000 ____D C:\Users\tMt-user\Documents\Sticky Passwords
2021-11-24 23:21 - 2021-11-24 23:21 - 000000000 ____D C:\Users\tMt-user\AppData\Local\Lamantine
2021-11-24 23:20 - 2021-11-24 23:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sticky Password
2021-11-24 23:20 - 2021-11-24 23:20 - 000000000 ____D C:\Program Files (x86)\Sticky Password
2021-11-24 22:56 - 2021-11-24 22:56 - 000000000 ____D C:\Users\tMt-user\AppData\Local\KeepSolid Inc
2021-11-24 22:54 - 2021-11-24 22:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VPN Unlimited
2021-11-23 18:41 - 2021-11-23 18:41 - 000000000 ____D C:\Users\tMt-user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2021-11-23 12:52 - 2021-12-08 09:39 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-11-20 23:10 - 2021-11-21 18:35 - 000000000 ___RD C:\Users\tMt-user\OneDrive - Univerzita Karlova
2021-11-19 14:03 - 2021-11-19 14:03 - 000000000 ____D C:\UserBenchmark

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-12-14 23:42 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-12-14 23:41 - 2017-07-08 04:29 - 000000000 ____D C:\Program Files (x86)\Google
2021-12-14 23:31 - 2019-10-04 07:08 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-12-14 23:18 - 2020-12-12 10:01 - 000000000 ____D C:\Users\tMt-user\AppData\Roaming\Ferdi
2021-12-14 23:18 - 2020-10-12 02:41 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-12-14 23:18 - 2019-12-07 15:43 - 000716770 _____ C:\WINDOWS\system32\perfh005.dat
2021-12-14 23:18 - 2019-12-07 15:43 - 000144948 _____ C:\WINDOWS\system32\perfc005.dat
2021-12-14 23:18 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-12-14 23:15 - 2017-12-10 10:25 - 000000000 ___RD C:\Users\tMt-user\OneDrive - Fakulta humanitních studií
2021-12-14 23:15 - 2017-08-07 15:10 - 000000000 ____D C:\Users\tMt-user\AppData\Local\Dropbox
2021-12-14 23:14 - 2017-07-23 16:02 - 000000000 ____D C:\ProgramData\NVIDIA
2021-12-14 23:14 - 2017-07-10 19:19 - 000000000 ____D C:\Users\tMt-user\AppData\Local\CrashDumps
2021-12-14 23:13 - 2020-10-12 02:31 - 000000000 ____D C:\Users\tMt-steam
2021-12-14 23:13 - 2020-10-12 02:31 - 000000000 ____D C:\Users\defaultuser0
2021-12-14 23:13 - 2020-05-25 19:32 - 003338240 _____ C:\Users\Public\Documents\bootracer.his
2021-12-14 23:13 - 2020-05-25 19:24 - 000001473 _____ C:\Users\Public\Documents\bootracer.ini
2021-12-14 23:11 - 2020-10-31 16:16 - 000008192 ___SH C:\DumpStack.log.tmp
2021-12-14 23:11 - 2020-10-12 02:48 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-12-14 23:11 - 2020-10-12 02:30 - 000427064 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-12-14 23:11 - 2017-08-07 15:10 - 000000936 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2021-12-14 23:11 - 2017-07-08 04:27 - 000000000 ____D C:\ProgramData\AVAST Software
2021-12-14 23:10 - 2020-10-12 02:31 - 000000000 ____D C:\Users\tMt
2021-12-14 23:10 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-12-14 23:10 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-12-14 23:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-12-14 23:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-12-14 23:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-12-14 23:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-12-14 23:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-12-14 23:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-12-14 23:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-12-14 23:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-12-14 23:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-12-14 23:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-12-14 23:10 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-12-14 23:09 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-12-14 23:08 - 2021-11-01 00:35 - 000002998 _____ C:\WINDOWS\system32\Tasks\HotSwap! Applet
2021-12-14 23:08 - 2021-04-09 10:51 - 000000000 ____D C:\Users\tMt-user\AppData\Local\OpenShell
2021-12-14 23:08 - 2020-10-12 02:31 - 000000000 ____D C:\Users\tMt-user
2021-12-14 23:00 - 2020-10-12 02:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-12-14 22:44 - 2017-07-10 19:22 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-12-14 22:37 - 2020-10-20 17:25 - 000000000 ____D C:\Program Files\dotnet
2021-12-14 22:37 - 2017-07-10 19:22 - 137938848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-12-14 22:37 - 2017-07-07 21:33 - 000000000 ____D C:\ProgramData\Package Cache
2021-12-14 22:33 - 2017-07-10 21:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2021-12-14 20:51 - 2021-08-30 11:53 - 000002242 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - tMt-user
2021-12-14 20:51 - 2021-07-03 12:41 - 000002580 _____ C:\WINDOWS\system32\Tasks\CrystalDiskInfo
2021-12-14 20:51 - 2021-07-03 12:35 - 000003176 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-12-14 20:51 - 2020-10-14 17:58 - 000002314 _____ C:\WINDOWS\system32\Tasks\HWiNFO
2021-12-14 20:51 - 2020-10-12 08:59 - 000003318 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6a0382da61997
2021-12-14 20:51 - 2020-10-12 02:48 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-12-14 20:51 - 2020-10-12 02:48 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-12-14 20:51 - 2020-10-12 02:48 - 000003470 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1597678316
2021-12-14 20:51 - 2020-10-12 02:48 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-12-14 20:51 - 2020-10-12 02:48 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-14 20:51 - 2020-10-12 02:48 - 000003348 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2021-12-14 20:51 - 2020-10-12 02:48 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-12-14 20:51 - 2020-10-12 02:48 - 000003276 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1576927961
2021-12-14 20:51 - 2020-10-12 02:48 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-14 20:51 - 2020-10-12 02:48 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-12-14 20:51 - 2020-10-12 02:48 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-14 20:51 - 2020-10-12 02:48 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-14 20:51 - 2020-10-12 02:48 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-14 20:51 - 2020-10-12 02:48 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-14 20:51 - 2020-10-12 02:48 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-14 20:51 - 2020-10-12 02:48 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-14 20:51 - 2020-10-12 02:48 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-14 20:51 - 2020-10-12 02:48 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2866573575-4116515599-1814928747-1003
2021-12-14 20:51 - 2020-10-12 02:48 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-14 20:51 - 2020-10-12 02:48 - 000002612 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2021-12-14 20:51 - 2020-10-12 02:48 - 000002428 _____ C:\WINDOWS\system32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
2021-12-14 20:51 - 2020-10-12 02:48 - 000002144 _____ C:\WINDOWS\system32\Tasks\Crystal Disk Info
2021-12-14 20:51 - 2020-10-12 02:48 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2021-12-14 19:52 - 2017-07-11 18:33 - 000000000 ____D C:\Users\tMt-user\AppData\LocalLow\Mozilla
2021-12-14 18:37 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-12-14 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-12-14 13:56 - 2017-08-07 16:08 - 000000000 ____D C:\ProgramData\firebird
2021-12-14 08:26 - 2017-07-08 04:30 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-12-14 08:23 - 2020-10-12 02:48 - 000004234 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-12-14 08:23 - 2017-07-08 04:28 - 000000000 ____D C:\Program Files\Avast
2021-12-13 22:37 - 2019-01-30 00:35 - 000000000 ____D C:\ProgramData\Mozilla
2021-12-13 20:29 - 2020-07-09 18:10 - 000000000 ____D C:\Users\tMt-user\AppData\Roaming\qBittorrent
2021-12-13 19:16 - 2021-04-23 08:49 - 000000000 ____D C:\Users\tMt-user\AppData\Roaming\Kiwi for Gmail
2021-12-13 09:51 - 2021-05-31 14:53 - 000000000 ____D C:\Users\tMt-user\AppData\Local\Avast Software
2021-12-12 09:56 - 2020-06-08 07:24 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-12-11 22:07 - 2021-05-24 18:15 - 000000000 ____D C:\Users\tMt-user\Documents\PhraseExpress
2021-12-11 10:02 - 2020-09-21 17:19 - 000002389 _____ C:\Users\tMt-user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-12-10 22:38 - 2017-08-07 15:10 - 000000000 ____D C:\Program Files (x86)\Dropbox
2021-12-10 09:57 - 2017-11-02 18:14 - 000000000 ____D C:\Users\tMt-user\AppData\Local\Packages
2021-12-10 00:33 - 2021-07-03 11:26 - 000000000 ____D C:\Program Files (x86)\Zotero
2021-12-10 00:33 - 2021-07-03 11:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-12-09 14:28 - 2020-10-12 10:00 - 000000000 ____D C:\Users\tMt-user\AppData\Local\Deployment
2021-12-08 17:25 - 2021-06-25 14:32 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-12-08 09:59 - 2017-08-07 18:07 - 000000906 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2021-12-08 09:55 - 2018-08-05 18:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2021-12-08 09:53 - 2021-07-09 13:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView
2021-12-08 09:48 - 2017-08-16 11:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2021-12-08 09:44 - 2020-05-31 20:41 - 000000000 ____D C:\Users\tMt-user\AppData\Local\ProtonVPN
2021-12-08 09:43 - 2021-07-09 11:05 - 000000748 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PicPick.lnk
2021-12-08 09:42 - 2021-07-29 08:55 - 000000000 ____D C:\Program Files\Audacity
2021-12-08 09:42 - 2021-07-09 13:13 - 000000871 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2021-12-08 09:41 - 2019-12-21 12:32 - 000000915 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2021-12-07 09:49 - 2020-10-12 02:31 - 000002396 _____ C:\Users\tMt-user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-12-05 09:19 - 2020-10-14 14:02 - 000185216 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-12-05 09:19 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-12-05 09:19 - 2019-01-14 14:57 - 000368152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-12-05 09:19 - 2019-01-04 18:57 - 000251928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-12-05 09:19 - 2019-01-04 18:57 - 000099352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-12-05 09:19 - 2019-01-04 18:57 - 000035720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-12-05 09:19 - 2018-10-11 18:19 - 000041352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-12-05 09:19 - 2018-05-02 07:56 - 000852752 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-12-05 09:19 - 2018-05-02 07:56 - 000544096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-12-05 09:19 - 2018-05-02 07:56 - 000317680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-12-05 09:19 - 2018-05-02 07:56 - 000222128 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-12-05 09:19 - 2018-05-02 07:56 - 000107848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-12-05 09:19 - 2018-05-02 07:56 - 000082912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-12-01 21:51 - 2020-11-07 11:44 - 000000000 ____D C:\_
2021-11-28 14:52 - 2020-01-03 11:13 - 000000000 ____D C:\Users\tMt-user\.android
2021-11-25 19:01 - 2018-05-06 00:22 - 000000000 ____D C:\Users\tMt-user\AppData\Local\D3DSCache
2021-11-23 18:42 - 2020-04-07 00:20 - 000000000 ____D C:\Users\tMt-user\AppData\Roaming\Zoom
2021-11-20 23:39 - 2021-11-06 21:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inscryption [GOG.com]
2021-11-20 23:10 - 2021-09-25 20:35 - 000000000 ____D C:\Users\tMt-user\Documents\Rise of the Tomb Raider
2021-11-20 23:10 - 2020-04-18 11:01 - 000000000 ____D C:\Users\tMt-user\Documents\The Witcher 3
2021-11-20 23:10 - 2019-12-17 16:41 - 000000000 ____D C:\Users\tMt-user\Documents\Snagit
2021-11-20 23:10 - 2017-08-19 19:21 - 000000000 ____D C:\Users\tMt-user\Documents\Sound recordings
2021-11-20 23:10 - 2017-07-10 19:19 - 000000000 ___RD C:\Users\tMt-user\OneDrive
2021-11-20 22:04 - 2020-10-06 14:12 - 000000000 ____D C:\Users\tMt-user\AppData\Roaming\Grammarly
2021-11-19 22:50 - 2018-06-20 22:57 - 000000000 ____D C:\ProgramData\Packages
2021-11-19 19:02 - 2020-04-18 08:44 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2021-11-19 19:02 - 2020-03-29 09:21 - 002224592 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2021-11-19 19:02 - 2020-03-29 09:21 - 000332224 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2021-11-19 19:02 - 2020-03-29 09:21 - 000217536 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2021-11-19 19:02 - 2020-03-29 09:21 - 000197048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2021-11-19 19:02 - 2020-03-29 09:21 - 000061904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2021-11-15 09:23 - 2020-05-18 14:18 - 000000000 ____D C:\UPLOAD
2021-11-15 08:35 - 2017-08-07 15:10 - 000000932 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job

==================== Files in the root of some directories ========

2019-03-03 09:07 - 2020-01-24 21:04 - 000000151 _____ () C:\Users\tMt-user\AppData\Roaming\gcstar.log
2017-10-18 20:52 - 2017-10-22 13:18 - 000000516 _____ () C:\Users\tMt-user\AppData\Roaming\rftg
2018-03-14 00:44 - 2018-03-14 00:45 - 000000049 _____ () C:\Users\tMt-user\AppData\Roaming\~SiMPLEX.ini
2018-10-25 16:05 - 2018-10-25 16:05 - 000000000 _____ () C:\Users\tMt-user\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[Rudy]

Zdravím!
Spusřre tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[lastsaves]

Log níže.

# -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build: 11-18-2021
# Database: 2021-12-02.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-15-2021
# Duration: 00:00:04
# OS: Windows 10 Pro
# Cleaned: 1
# Failed: 2


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

Deleted C:\END

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

Not Deleted Seznam doplněk - Email - bgjpfhpjcgdppjbgnpnjllokbmcdllig
Not Deleted Seznam doplněk - Esko - olfeabkoenfaoljndfecamgilllcpiak

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1561 octets] - [28/01/2021 23:29:08]
AdwCleaner[S01].txt - [1622 octets] - [15/12/2021 13:20:19]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

[Rudy]

OK. Dejte nové logy FRST+Addition.

[lastsaves]

Log níže. Addition v příloze.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-12-2021
Ran by tMt-user (administrator) on TMT-DESKTOP (15-12-2021 17:29:56)
Running from C:\Users\tMt-user\OneDrive - Univerzita Karlova\Plocha
Loaded Profiles: tMt & tMt-user
Platform: Microsoft Windows 10 Pro Version 21H1 19043.1415 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Apps\IconGroups\x64\IconGroups.exe
() [File not signed] C:\Apps\OpenHardwareMonitor\OpenHardwareMonitor.exe
() [File not signed] C:\Apps\RBTray\RBTray.exe
() [File not signed] C:\Apps\Wondershare\MobileTrans\ElevationService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Alexandr Irza) [File not signed] C:\Apps\Volume2\Volume2.exe
(Amine Moufik -> Amine Mouafik) C:\Users\tMt-user\AppData\Local\Programs\ferdi\Ferdi.exe <10>
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Astonsoft Ltd. -> Astonsoft) C:\Apps\EssentialPIM Pro 9\EssentialPIM.exe <2>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast\wsc_proxy.exe
(Backblaze, Inc. -> ) C:\Program Files (x86)\Backblaze\bzbui.exe
(Backblaze, Inc. -> ) C:\Program Files (x86)\Backblaze\bzfilelist.exe
(Backblaze, Inc. -> ) C:\Program Files (x86)\Backblaze\bzserv.exe
(Bartels Media GmbH -> Bartels Media GmbH) C:\Apps\PhraseExpress\phraseexpress.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe <2>
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe <2>
(Ditto -> ) [File not signed] C:\Apps\Ditto\Ditto.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <4>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\138.3.2340\QtWebEngineProcess.exe <2>
(F.lux Software LLC -> f.lux Software LLC) C:\Users\tMt-user\AppData\Local\FluxSoftware\Flux\flux.exe
(Firebit OU -> Rainmeter) C:\Apps\Rainmeter\Rainmeter.exe
(GNE) [File not signed] C:\Apps\Dual Monitor Tools\DMT.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <30>
(Greatis Software LLC -> Greatis Software, LLC) C:\Apps\BootRacer\BootRacerServ.exe
(KARPOLAN) [File not signed] C:\Apps\Keyboard Leds\KeyboardLeds.exe
(Kazuyuki Nakayama) [File not signed] C:\Apps\HotSwap\HotSwap!.EXE
(KeepSolid Inc. -> KeepSolid Inc.) C:\Apps\VPN Unlimited\vpn-unlimited-daemon.exe
(Logitech Inc -> ) C:\Program Files\Logitech\Collaboration\Services\Video\RightSightAPI\crashpad_handler.exe
(Logitech Inc -> Logitech Europe S.A.) C:\Program Files\Logitech\Collaboration\Services\Video\RightSightAPI\RightSightService.exe
(Logitech Inc -> Logitech) C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Apps\Microsoft Office\Office15\POWERPNT.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Users\tMt-user\AppData\Local\Microsoft\Teams\current\Teams.exe <9>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.60.12001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.60.12001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.12013.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.12013.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(mik61 (independent software developer) -> mik61) [File not signed] [File is in use] C:\Apps\Gameplay Time Tracker\Support64.exe
(mik61 (independent software developer) -> mik61) [File not signed] C:\Apps\Gameplay Time Tracker\GameplayTimeTracker.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_44dc4eefedc0d082\Display.NvContainer\NVDisplay.Container.exe <2>
(Open Source Developer, Noriyuki Miyazaki -> Crystal Dew World) C:\Apps\CrystalDiskInfo\DiskInfo64.exe <2>
(Open-Shell) [File not signed] C:\Apps\Open Shell\StartMenu.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Parsec Cloud, Inc. -> Parsec) C:\Program Files\Parsec\pservice.exe
(pCloud AG -> pCloud AG) C:\Program Files\pCloud Drive\pCloud.exe
(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Apps\Razer\Razer Cortex\RzKLService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SOFTPERFECT PTY. LTD. -> SoftPerfect) C:\Apps\Networx\networx.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Apps\TeamViewer\TeamViewer_Service.exe
(Tonalio GmbH -> sandboxie-plus.com) C:\Apps\Sandboxie-Plus\SandMan.exe
(Tonalio GmbH -> sandboxie-plus.com) C:\Apps\Sandboxie-Plus\SbieSvc.exe
(voidtools -> voidtools) C:\Apps\Everything\Everything.exe <2>
(WDC) [File not signed] C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe
(zett42) [File not signed] C:\Apps\FlashFolder\FlashFolder.exe
(zett42) [File not signed] C:\Apps\FlashFolder\FlashFolder64.exe <2>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast\AvLaunch.exe [157464 2021-12-15] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [NetWorx] => C:\Apps\Networx\networx.exe [7627080 2016-09-24] (SOFTPERFECT PTY. LTD. -> SoftPerfect)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [CANON P150 SVC] => C:\Windows\system32\P150SVC.dll [181760 2009-12-16] (Canon Electronics) [File not signed]
HKLM\...\Run: [MTPW] => C:\Apps\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> )
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8838400 2016-06-07] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [Open-Shell Start Menu] => C:\Apps\Open Shell\StartMenu.exe [216576 2020-09-26] (Open-Shell) [File not signed]
HKLM\...\Run: [Everything] => C:\Apps\Everything\Everything.exe [2261600 2021-05-12] (voidtools -> voidtools)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [8807200 2021-12-10] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Apps\Adobe Acrobat Pro 2017\Acrobat\Acrotray.exe [1996512 2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [RazerCortex] => C:\Apps\Razer\Razer Cortex\CortexLauncher.exe [267072 2021-03-31] (Razer USA Ltd. -> Razer Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-09-27] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [AutoAD] => C:\Apps\Wondershare\MobileTrans\AutoAD.exe [73224 2021-11-24] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Apps\Opera\assistant\browser_assistant.exe [4112592 2021-12-02] (Opera Software AS -> Opera Software)
HKLM\...\Policies\Explorer\Run: [BootRacer] => C:\Apps\BootRacer\bootrace.exe [9519440 2021-01-26] (Greatis Software LLC -> Greatis Software)
HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 1
HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 1
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 1
HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 1
HKU\S-1-5-21-2866573575-4116515599-1814928747-1002\...\Run: [Backblaze] => C:\Program Files (x86)\Backblaze\bzbui.exe [1174808 2021-07-07] (Backblaze, Inc. -> )
HKU\S-1-5-21-2866573575-4116515599-1814928747-1003\...\Run: [f.lux] => C:\Users\tMt-user\AppData\Local\FluxSoftware\Flux\flux.exe [1515848 2021-06-18] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-2866573575-4116515599-1814928747-1003\...\Run: [GameplayTimeTracker] => C:\Apps\Gameplay Time Tracker\GameplayTimeTracker.exe [932472 2018-09-17] (mik61 (independent software developer) -> mik61) [File not signed]
HKU\S-1-5-21-2866573575-4116515599-1814928747-1003\...\Run: [Adobe Acrobat Synchronizer] => C:\Apps\Adobe Acrobat Pro 2017\Acrobat\AdobeCollabSync.exe [886496 2021-10-05] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2866573575-4116515599-1814928747-1003\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [112191904 2021-12-06] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2866573575-4116515599-1814928747-1003\...\Run: [EssentialPIM Pro Portable] => C:\Apps\EssentialPIM Pro 9\EssentialPIM.exe [12368464 2021-12-11] (Astonsoft Ltd. -> Astonsoft)
HKU\S-1-5-21-2866573575-4116515599-1814928747-1003\...\Run: [Backblaze] => C:\Program Files (x86)\Backblaze\bzbui.exe [1174808 2021-07-07] (Backblaze, Inc. -> )
HKU\S-1-5-21-2866573575-4116515599-1814928747-1003\...\Run: [Ditto] => C:\Apps\Ditto\Ditto.exe [1717872 2012-11-08] (Ditto -> ) [File not signed]
HKU\S-1-5-21-2866573575-4116515599-1814928747-1003\...\Run: [KeyboardLeds.exe] => C:\Apps\Keyboard Leds\KeyboardLeds.exe [912896 2012-09-06] (KARPOLAN) [File not signed]
HKU\S-1-5-21-2866573575-4116515599-1814928747-1003\...\Run: [pCloud] => C:\Program Files\pCloud Drive\pCloud.exe [3720424 2020-05-29] (pCloud AG -> pCloud AG)
HKU\S-1-5-21-2866573575-4116515599-1814928747-1003\...\Run: [com.squirrel.Teams.Teams] => C:\Users\tMt-user\AppData\Local\Microsoft\Teams\Update.exe [2459304 2021-12-11] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2866573575-4116515599-1814928747-1003\...\Run: [GNE_DualMonitorTools] => C:\Apps\Dual Monitor Tools\DMT.exe [796160 2018-06-04] (GNE) [File not signed]
HKU\S-1-5-21-2866573575-4116515599-1814928747-1003\...\Run: [Ferdi] => C:\Users\tMt-user\AppData\Local\Programs\ferdi\Ferdi.exe [136400840 2021-07-18] (Amine Moufik -> Amine Mouafik)
HKU\S-1-5-21-2866573575-4116515599-1814928747-1003\...\Run: [VOLUME2] => C:\Apps\Volume2\Volume2.exe [4350464 2021-02-14] (Alexandr Irza) [File not signed]
HKU\S-1-5-21-2866573575-4116515599-1814928747-1003\...\Run: [SandboxiePlus_AutoRun] => C:\Apps\Sandboxie-Plus\SandMan.exe [1110032 2021-08-08] (Tonalio GmbH -> sandboxie-plus.com)
HKU\S-1-5-21-2866573575-4116515599-1814928747-1003\...\Run: [AutoAD] => C:\Apps\Wondershare\MobileTrans\AutoAD.exe [73224 2021-11-24] (Wondershare Technology Co.,Ltd -> Wondershare)
HKU\S-1-5-21-2866573575-4116515599-1814928747-1003\...\MountPoints2: {1e493c19-05d1-11ec-95db-5cf3708ef908} - "J:\Setup.exe"
HKU\S-1-5-21-2866573575-4116515599-1814928747-1003\...\MountPoints2: {1e493c2b-05d1-11ec-95db-5cf3708ef908} - "M:\setup.exe" /autorun
HKU\S-1-5-21-2866573575-4116515599-1814928747-1003\...\MountPoints2: {1e493f27-05d1-11ec-95db-5cf3708ef908} - "J:\setup.exe" /autorun
HKU\S-1-5-21-2866573575-4116515599-1814928747-1003\...\MountPoints2: {630a72da-1940-11eb-9544-5cf3708ef908} - "O:\setup.exe"
HKU\S-1-5-18\...\Run: [Backblaze] => C:\Program Files (x86)\Backblaze\bzbui.exe [1174808 2021-07-07] (Backblaze, Inc. -> )
HKLM\...\Windows x64\Print Processors\XRXS1PC: C:\Windows\System32\spool\prtprocs\x64\xrxs1pc.dll [33792 2007-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Server 2003 DDK provider)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [65176 2021-05-24] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\PDF-XChange V6 Printer Port Monitor (Lite): C:\WINDOWS\system32\pxcpm5L.dll [150720 2017-06-29] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
HKLM\...\Print\Monitors\us008 Langmon: C:\Windows\system32\us008lm.dll [31256 2016-02-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.110\Installer\chrmstp.exe [2021-12-14] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MTWSAndroidAppHelper.lnk [2021-11-27]
ShortcutTarget: MTWSAndroidAppHelper.lnk -> C:\Apps\Wondershare\MobileTrans\WSAndroidAppHelper.exe (Wondershare Technology Co.,Ltd -> Microsoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MTWSAppHelper.lnk [2021-11-27]
ShortcutTarget: MTWSAppHelper.lnk -> C:\Apps\Wondershare\MobileTrans\WSAppHelper.exe (Wondershare Technology Co.,Ltd -> Microsoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PhraseExpress.lnk [2021-05-24]
ShortcutTarget: PhraseExpress.lnk -> C:\Apps\PhraseExpress\phraseexpress.exe (Bartels Media GmbH -> Bartels Media GmbH)
Startup: C:\Users\tMt-user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odeslat do OneNote.lnk [2021-10-07]
ShortcutTarget: Odeslat do OneNote.lnk -> C:\Apps\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\tMt-user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2021-04-16]
ShortcutTarget: Rainmeter.lnk -> C:\Apps\Rainmeter\Rainmeter.exe (Firebit OU -> Rainmeter)
Startup: C:\Users\tMt-user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RBTray.lnk [2017-08-22]
ShortcutTarget: RBTray.lnk -> C:\Apps\RBTray\RBTray.exe () [File not signed]
Startup: C:\Users\tMt-user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\VeBest Icon Groups.lnk [2020-05-25]
ShortcutTarget: VeBest Icon Groups.lnk -> C:\Apps\IconGroups\IconGroups.exe () [File not signed]
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0399E6AA-61DF-481F-A77D-7C3E52EB6C7A} - System32\Tasks\Zotero => C:\Apps\Zotero\zotero.exe [255336 2021-09-19] (Corporation for Digital Scholarship -> Corporation for Digital Scholarship)
Task: {0C879D8A-AC1B-4355-8FB1-721867E4BBE6} - System32\Tasks\HWiNFO => C:\Apps\HWInfo\HWiNFO64.exe [6184480 2021-10-29] (Martin Malik - REALiX -> REALiX)
Task: {14812791-2116-4D3F-8617-49A6F54D6AF0} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {194B9C7E-AE7D-4ECA-A28C-C56006DE0702} - System32\Tasks\CCleaner Update => C:\Apps\CCleaner\CCUpdate.exe [684976 2021-11-12] (Piriform Software Ltd -> Piriform)
Task: {1CE8CC16-2FE2-4159-9B44-F7840784353D} - System32\Tasks\HotSwap! Applet => C:\Apps\HotSwap\HotSwap!.EXE [219648 2019-01-07] (Kazuyuki Nakayama) [File not signed]
Task: {21843DAC-FD32-4158-A9E1-135EA66A1BF2} - System32\Tasks\Opera scheduled Autoupdate 1576927961 => C:\Apps\Opera\launcher.exe [1753808 2021-12-02] (Opera Software AS -> Opera Software)
Task: {23E29B3A-91D8-4EDF-A233-02A52BDD1241} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {244FD7EC-1966-43CE-991F-732189C82EBE} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {25BA9DA9-7394-4551-8C20-E0EAAE874445} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-04-29] (Avast Software s.r.o. -> Avast Software)
Task: {2BE52439-90FF-448D-9603-DEA7E083113B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-08] (Google Inc -> Google Inc.)
Task: {2F3B9968-A678-4B97-9684-16D294663C4A} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {32E29CF4-8429-4B89-813D-9D4A22DBC131} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {330B445E-8CDB-46EC-89F0-4D3B018F9C52} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe (No File)
Task: {36D86ED2-5119-48A7-9458-4D54E8B5CD58} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3C8C87BB-4D1E-4951-909E-89B051CD9A63} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {4F56E544-B7F3-4C84-9371-C19B4458AEC3} - System32\Tasks\Mozilla\Firefox Background Update 87BE11929858F73 => C:\Apps\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\87BE11929858F73\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {50442DE0-F3D0-4D8F-8115-D882054DE9D2} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {58B397D2-6D3B-4803-85B8-F86D0DDFB71B} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5981E631-0BE6-44C4-B7BB-57B947816E13} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {5A644220-9EAC-498D-8669-8AB23A1EC5D3} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {621829BF-F294-4298-A53C-631C16DAC10E} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {6512CDBB-8527-4772-9A34-A47BEC22DEBA} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6AE78B1F-6BC8-49FD-ABE1-AC64004DA7A4} - System32\Tasks\WD Discovery Service Task tmt-user => C:\Program Files (x86)\Western Digital\Discovery\Current\Service\WDDiscoveryService.exe [75504 2019-11-29] (Western Digital Technologies, Inc. -> )
Task: {7308D9FE-D213-449D-9B94-E6FDFB309B32} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {77EE2F02-5F89-474A-9EA5-C85EF2DE761B} - System32\Tasks\CrystalDiskInfo => C:\Apps\CrystalDiskInfo\DiskInfo64.exe [2799136 2021-07-11] (Open Source Developer, Noriyuki Miyazaki -> Crystal Dew World)
Task: {7B6D526E-862A-49E6-B5FA-8AA31718B356} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {88A2F643-69DF-446B-B49A-23E6BBB12223} - System32\Tasks\OpenHardwareMonitor => C:\Apps\OpenHardwareMonitor\OpenHardwareMonitor.exe [493568 2020-12-27] () [File not signed]
Task: {89A4DBDD-7FBC-4E35-A315-EE7CA464FB9B} - System32\Tasks\CCleanerSkipUAC - tMt-user => C:\Apps\CCleaner\CCleaner.exe [29417088 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {8DEBCEE4-E236-4CC3-9930-6EDE3160BEC8} - System32\Tasks\Opera scheduled assistant Autoupdate 1597678316 => C:\Apps\Opera\launcher.exe [1753808 2021-12-02] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Apps\Opera\assistant" $(Arg0)
Task: {910461A0-666E-4794-8064-F65191AF79B4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-08] (Google Inc -> Google Inc.)
Task: {95CD6496-7938-4491-BAAE-9F0FEF967A17} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {973F6195-877C-4732-9074-490C3DD8AADD} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {9E1D9698-7DBE-4472-BC2A-A59887D1D394} - System32\Tasks\Mozilla\Firefox Default Browser Agent 87BE11929858F73 => C:\Apps\Mozilla Firefox\default-browser-agent.exe do-task "87BE11929858F73"
Task: {A5868E96-18B9-4A54-92FF-3DDB5E58B1BF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {BAF5B6E7-035E-4E02-A93C-306F7B1D4A5F} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {C6F65990-74FC-4ADB-9137-7D10166E581F} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast\AvEmUpdate.exe [4969240 2021-12-15] (Avast Software s.r.o. -> AVAST Software)
Task: {CA2C15C8-F967-47E9-82CD-DDF09DFBAECA} - System32\Tasks\WD Device Agent Task tmt-user => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Device Agent.exe [720624 2019-11-29] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
Task: {D03C9E07-7E75-472E-BE8B-3F7A5AA5A05A} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {D5468748-8F99-4C47-881A-D260B84FB6AA} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {E0B66F5A-E673-4B5D-A19B-6477ADAD8932} - System32\Tasks\Crystal Disk Info => C:\Apps\CrystalDiskInfo\DiskInfo64.exe [2799136 2021-07-11] (Open Source Developer, Noriyuki Miyazaki -> Crystal Dew World)
Task: {E6165D36-206C-4272-B813-01505ED33EF6} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E94834FC-00B1-48A2-B1EE-511011FBED2F} - System32\Tasks\Open Hardware Monitor\Startup => C:\Apps\OpenHardwareMonitor\OpenHardwareMonitor.exe [493568 2020-12-27] () [File not signed]
Task: {EA0916D4-4D3C-4553-A93C-D3CF001C5C33} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {EC8BA3EE-54C4-4BC5-831B-CF41C5D47656} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {F9C789DF-56EC-462A-8F3D-BD968F986B9A} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {FF548FCF-FC3B-4A75-9258-3911549EBB57} - System32\Tasks\MiniToolPartitionWizard => C:\Apps\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> )

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{178072c6-a771-417b-b35b-66f5192e2773}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{759d83ac-f5e0-c89b-38c2-ca581e218a0c}: [NameServer] 10.100.0.1
Tcpip\..\Interfaces\{8b2477d5-720d-47d5-a5f1-e61b2a4b8fe2}: [DhcpNameServer] 192.168.42.129

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\tMt-user\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-10]

FireFox:
========
FF DefaultProfile: mdjzqrib.default
FF DefaultProfile: 6uiofy8v.default-1625836185525
FF ProfilePath: C:\Users\tMt-user\AppData\Roaming\Zotero\Zotero\Profiles\mdjzqrib.default [2021-11-30]
FF Extension: (ZotFile) - C:\Users\tMt-user\AppData\Roaming\Zotero\Zotero\Profiles\mdjzqrib.default\Extensions\zotfile@columbia.edu.xpi [2020-02-06] [Legacy] [not signed]
FF ProfilePath: C:\Users\tMt-user\AppData\Roaming\Mozilla\Firefox\Profiles\0chh25ol.default-release [2021-11-10]
FF ProfilePath: C:\Users\tMt-user\AppData\Roaming\Mozilla\Firefox\Profiles\6uiofy8v.default-1625836185525 [2021-12-13]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Apps\Adobe Acrobat Pro 2017\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Apps\Adobe Acrobat Pro 2017\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Apps\Adobe Acrobat Pro 2017\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin-x32: @java.com/DTPlugin,version=11.311.2 -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\dtplugin\npDeployJava1.dll [2021-10-31] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.311.2 -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\plugin2\npjp2.dll [2021-10-31] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-05-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Apps\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Apps\Adobe Acrobat Pro 2017\Acrobat\Air\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
StartMenuInternet: Firefox-87BE11929858F73 - C:\Apps\Mozilla Firefox\firefox.exe

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default [2021-12-15]
CHR Notifications: Default -> hxxps://fitgirl-repacks.site; hxxps://meet.google.com; hxxps://my.pcloud.com; hxxps://steamcommunity.com; hxxps://topflownews.com; hxxps://trello.com
CHR HomePage: Default -> hxxp://www.google.com
CHR Extension: (Překladač Google) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2021-08-15]
CHR Extension: (Prezentace) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-17]
CHR Extension: (Bookmark Favicon Changer) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\acmfnomgphggonodopogfbmkneepfgnh [2018-09-12]
CHR Extension: (Incognito This!) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aglfgiceepbeffbpmlohbdnhmliojinm [2019-02-16]
CHR Extension: (Dokumenty) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-17]
CHR Extension: (Disk Google) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (Seznam doplněk - Email) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2020-04-06]
CHR Extension: (WOT – zabezpečení webových stránek a ochrana pro bezpečné procházení) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2021-11-26]
CHR Extension: (Block Sender) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bklnjbfcmglhiaoppcckdodanccbelcg [2020-12-23]
CHR Extension: (YouTube) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-10]
CHR Extension: (uBlock Origin) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-12-03]
CHR Extension: (Adobe Acrobat) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-11-17]
CHR Extension: (Zotero Connector) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2021-08-19]
CHR Extension: (Urban Free VPN proxy Unblocker - Best VPN) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\eppiocemhmnlbhjplcgkofciiegomcon [2021-12-15]
CHR Extension: (Youtube Subtitle Downloader) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\falajjjalaffofcbkhgdemihkpllibom [2021-11-14]
CHR Extension: (MyJDownloader Browser Extension) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2021-06-28]
CHR Extension: (Tabulky) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-17]
CHR Extension: (HTTPS Everywhere) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2021-07-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-12-01]
CHR Extension: (Power Thesaurus) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhnjkanigjoiglnlopahbbjdbfhkndjk [2021-11-20]
CHR Extension: (Undo Closed Tabs Button) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieehkmoiljghfkejgahoheemdjpdinml [2021-09-14]
CHR Extension: (Boční lišta zálloh) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdbnofccmhefkmjbkkdkfiicjkgofkdh [2021-12-13]
CHR Extension: (Grammarly for Chrome) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2021-12-15]
CHR Extension: (Download Statusbar) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfjkodkjnmdeookccjmcdbhhpbgkoche [2020-05-29]
CHR Extension: (Social Video Downloader) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfnnoammpigcglgbhcbbdpnekbcddahe [2021-02-10]
CHR Extension: (Tlačítko Google Scholar) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldipcbpaocekfooobnbcddclnhejkcpn [2021-02-22]
CHR Extension: (Decentraleyes) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldpochfccmkkmhdbclfhpagapcfdljkj [2021-09-09]
CHR Extension: (Change Case) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpakoahdokkkonadfppfgmednkknpgbm [2019-12-15]
CHR Extension: (Citace PRO) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncpfaidppllikakgbjppnjfidjkpafmp [2020-04-21]
CHR Extension: (Save to Pocket) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2021-11-10]
CHR Extension: (Message/Chat Downloader) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkinapjekllgfipphkgpmombekfclghe [2021-04-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Subtitles For YouTube) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\oanhbddbfkjaphdibnebkklpplclomal [2021-07-03]
CHR Extension: (Context Menu Search) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocpcmghnefmdhljkoiapafejjohldoga [2017-08-18]
CHR Extension: (Charset) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\oenllhgkiiljibhfagbfogdbchhdchml [2021-04-22]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2020-04-06]
CHR Extension: (Shindig Screen Share) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbpphkjkpobfpkckdilgkemcjklfidbj [2020-06-03]
CHR Extension: (Gmail) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Privacy Badger) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkehgijcmpdhfbdbbnkijodmdjhbjlgp [2021-11-27]
CHR Profile: C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-12-15]
CHR Profile: C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-11-30]
CHR Extension: (Prezentace) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-04-16]
CHR Extension: (Dokumenty) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-04-16]
CHR Extension: (Disk Google) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-04-16]
CHR Extension: (YouTube) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-04-16]
CHR Extension: (Adobe Acrobat) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-11-29]
CHR Extension: (Tabulky) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-04-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-16]
CHR Extension: (Gmail) - C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-04-16]
CHR Profile: C:\Users\tMt-user\AppData\Local\Google\Chrome\User Data\System Profile [2021-12-15]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

Opera:
=======
OPR Profile: C:\Users\tMt-user\AppData\Roaming\Opera Software\Opera Stable [2021-12-08]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\tMt-user\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-12-01]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\tMt-user\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-10-03]
StartMenuInternet: (HKLM) OperaStable - C:\Apps\Opera\Launcher.exe

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3833088 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3603200 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AODService; C:\Apps\AMD OverDrive\AODAssist.exe [137584 2014-01-08] (Advanced Micro Devices, Inc. -> )
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-03-16] (Apple Inc. -> Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast\aswidsagent.exe [8480848 2021-12-15] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast\AvastSvc.exe [452888 2021-12-15] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast\aswToolsSvc.exe [452888 2021-12-15] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast\wsc_proxy.exe [56912 2021-05-28] (Avast Software s.r.o. -> AVAST Software)
R2 BootRacerServ; C:\Apps\BootRacer\BootRacerServ.exe [97352 2020-09-23] (Greatis Software LLC -> Greatis Software, LLC)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2020-03-22] (BitRaider LLC -> BitRaider, LLC)
R2 bzserv; C:\Program Files (x86)\Backblaze\bzserv.exe [609560 2021-07-07] (Backblaze, Inc. -> )
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R2 CmdAgentProt; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2675504 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44328 2021-12-10] (Dropbox, Inc -> Dropbox, Inc.)
R2 ElevationService; C:\Apps\Wondershare\MobileTrans\ElevationService.exe [913408 2021-10-28] () [File not signed]
R2 Everything; C:\Apps\Everything\Everything.exe [2261600 2021-05-12] (voidtools -> voidtools)
R2 FlashFolder; C:\Apps\FlashFolder\FlashFolder64.exe [596992 2012-07-21] (zett42) [File not signed]
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [1044176 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
R2 nebula; C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe [4489352 2019-06-12] (Logitech Inc -> Logitech)
R2 Parsec; C:\Program Files\Parsec\pservice.exe [364048 2020-05-19] (Parsec Cloud, Inc. -> Parsec)
S3 ProtonVPN Service; C:\Apps\ProtonVPN\ProtonVPNService.exe [115816 2021-11-15] (Proton Technologies AG -> )
S3 ProtonVPN Update Service; C:\Apps\ProtonVPN\ProtonVPN.UpdateService.exe [65128 2021-11-15] (Proton Technologies AG -> )
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [254224 2021-03-22] (Razer USA Ltd. -> Razer Inc)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [533808 2021-01-29] (Razer USA Ltd. -> Razer Inc.)
R2 RzKLService; C:\Apps\Razer\Razer Cortex\RzKLService.exe [291320 2021-03-31] (Razer USA Ltd. -> Razer Inc.)
R2 SbieSvc; C:\Apps\Sandboxie-Plus\SbieSvc.exe [334352 2021-08-08] (Tonalio GmbH -> sandboxie-plus.com)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6138112 2021-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Apps\TeamViewer\TeamViewer_Service.exe [12912936 2021-11-16] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
U2 VPNUnlimitedService; C:\Apps\VPN Unlimited\vpn-unlimited-daemon.exe [47128 2021-10-26] (KeepSolid Inc. -> KeepSolid Inc.)
R2 WDBtnMgrSvc.exe; C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [119296 2012-05-01] (WDC) [File not signed]
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [366720 2019-11-25] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WireGuardTunnel$VPNUWireguard; C:\Apps\VPN Unlimited\WireVPNUImpl.exe [26648 2021-10-26] (KeepSolid Inc. -> )
R2 WsAppService3; C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe [83232 2019-06-26] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_44dc4eefedc0d082\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_44dc4eefedc0d082\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.3.0; C:\Apps\AMD OverDrive\amd64\AODDriver2.sys [59624 2014-01-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36784 2021-12-15] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [223176 2021-12-15] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [369216 2021-12-15] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [252992 2021-12-15] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [100416 2021-12-15] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2021-09-24] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42416 2021-12-15] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [186280 2021-12-15] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108912 2021-12-15] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83976 2021-12-15] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [853800 2021-12-15] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [545176 2021-12-15] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215432 2021-12-15] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [318760 2021-12-15] (Avast Software s.r.o. -> AVAST Software)
R1 cbfsconnect2017; C:\WINDOWS\system32\drivers\cbfsconnect2017.sys [480272 2019-10-07] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc.)
S0 cmdboot; C:\WINDOWS\System32\DRIVERS\cmdboot.sys [17576 2019-10-23] (Microsoft Windows Early Launch Anti-malware Publisher -> COMODO)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [38880 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [844000 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [47104 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
S3 dtproscsibus; C:\WINDOWS\System32\drivers\dtproscsibus.sys [30352 2016-07-27] (Disc Soft Ltd -> Disc Soft Ltd)
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [130256 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
S3 ioFakDrv; C:\WINDOWS\System32\drivers\ioFakDrv.sys [23936 2010-12-15] (KYE SYSTEMS CORP. -> KYE System Corp.)
S3 ioFakMap; C:\WINDOWS\System32\drivers\ioFakMap.sys [12672 2010-12-15] (KYE SYSTEMS CORP. -> KYE System Corp.)
S3 ioTablet; C:\WINDOWS\System32\drivers\ioTablet.sys [35328 2012-04-05] (Microsoft Windows Hardware Compatibility Publisher -> KYE System Corp.)
S3 ioTblMap; C:\WINDOWS\System32\drivers\ioTblMap.sys [13200 2011-08-25] (KYE SYSTEMS CORP. -> KYE System Corp.)
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [63256 2018-08-29] (Comodo Security Solutions, Inc. -> COMODO)
S3 ProtonVPNCallout; C:\Apps\ProtonVPN\x64\Win10\ProtonVPN.CalloutDriver.sys [34176 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2019-11-08] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
R3 SbieDrv; C:\Apps\Sandboxie-Plus\SbieDrv.sys [225264 2021-08-08] (Microsoft Windows Hardware Compatibility Publisher -> sandboxie-plus.com)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tapexpressvpn; C:\WINDOWS\System32\drivers\tapexpressvpn.sys [45024 2019-03-14] (ExprsVPN LLC -> The OpenVPN Project)
R3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2020-12-30] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2021-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
R3 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [69168 2020-01-10] (Microsoft Windows Hardware Compatibility Publisher -> Benjamin Höglinger-Stelzer)
R3 vpnpbus; C:\WINDOWS\System32\drivers\vpnpbus.sys [20704 2019-03-01] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R1 wdfsconnect2017; C:\WINDOWS\system32\drivers\wdfsconnect2017.sys [468112 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 wdvpnpbus; C:\WINDOWS\System32\drivers\wdvpnpbus.sys [20624 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
R3 WinRing0_1_2_0; C:\Apps\OpenHardwareMonitor\OpenHardwareMonitorLib.sys [14544 2021-12-15] (Noriyuki MIYAZAKI -> OpenLibSys.org)
R3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [29680 2021-11-14] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-12-15 14:03 - 2021-12-15 14:03 - 000000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup-
2021-12-15 13:36 - 2021-12-15 13:36 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2021-12-15 13:35 - 2021-12-15 13:35 - 000340248 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-12-15 13:35 - 2021-12-15 13:35 - 000215432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-12-14 23:10 - 2021-12-14 23:10 - 000000000 ____D C:\WINDOWS\SystemTemp
2021-12-14 23:06 - 2021-12-15 00:36 - 000000000 ____D C:\aa
2021-12-14 23:05 - 2021-12-14 23:05 - 000011979 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-12-14 23:04 - 2021-12-14 23:04 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-12-14 23:04 - 2021-12-14 23:04 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-12-14 23:04 - 2021-12-14 23:04 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-12-14 22:45 - 2021-12-14 22:45 - 000000000 ___HD C:\$WinREAgent
2021-12-14 21:00 - 2021-12-15 17:30 - 000000000 ____D C:\FRST
2021-12-14 17:17 - 2021-12-14 17:17 - 000001150 _____ C:\Users\tMt-user\Downloads\meetingAttendanceList (1).csv
2021-12-14 17:02 - 2021-12-14 17:02 - 000000664 _____ C:\Users\tMt-user\Downloads\meetingAttendanceList.csv
2021-12-11 11:10 - 2021-12-15 01:30 - 000003066 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2866573575-4116515599-1814928747-1003
2021-12-10 22:38 - 2021-12-10 22:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2021-12-10 01:27 - 2021-12-10 01:27 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2021-12-10 01:27 - 2021-12-10 01:27 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2021-12-10 01:27 - 2021-12-10 01:27 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2021-12-10 01:27 - 2021-12-10 01:27 - 000044328 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2021-12-09 22:45 - 2021-12-09 22:45 - 000000000 ____D C:\Users\tMt-user\AppData\Roaming\fltk.org
2021-12-09 22:45 - 2021-12-09 22:45 - 000000000 ____D C:\ProgramData\fltk.org
2021-12-08 09:55 - 2021-12-08 09:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2021-12-08 09:44 - 2021-12-08 09:44 - 000000000 ____D C:\Users\tMt-user\AppData\Roaming\Proton Technologies AG
2021-12-08 09:44 - 2021-12-08 09:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProtonVPN
2021-12-02 08:35 - 2021-12-02 08:36 - 000088634 _____ C:\Users\tMt-user\Downloads\label_1154153082.pdf
2021-11-28 10:32 - 2021-11-28 10:32 - 000000000 ____D C:\ProgramData\WsAppHelper
2021-11-27 23:16 - 2021-11-27 23:16 - 000000016 _____ C:\ProgramData\mntemp
2021-11-27 23:16 - 2021-11-27 23:16 - 000000000 ____D C:\Users\tMt-user\Documents\Wondershare
2021-11-27 23:15 - 2021-11-28 14:55 - 000000000 ____D C:\Users\tMt-user\AppData\Local\Wondershare
2021-11-27 23:15 - 2021-11-27 23:15 - 000000000 ____D C:\Users\tMt-user\AppData\Roaming\MobileBackupForeverIni
2021-11-27 23:13 - 2021-11-28 14:51 - 000000000 ____D C:\ProgramData\Wondershare
2021-11-27 23:13 - 2021-11-27 23:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2021-11-27 23:13 - 2021-11-27 23:15 - 000000000 ____D C:\Users\tMt-user\AppData\Roaming\Wondershare
2021-11-27 23:13 - 2021-11-27 23:13 - 000000000 ____D C:\Program Files (x86)\Wondershare
2021-11-27 23:11 - 2021-12-11 18:15 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2021-11-27 17:17 - 2021-11-27 17:17 - 000034795 _____ C:\Users\tMt-user\Downloads\claim-report.pdf
2021-11-27 17:17 - 2021-11-27 17:17 - 000034795 _____ C:\Users\tMt-user\Downloads\claim-report(1).pdf
2021-11-24 23:21 - 2021-11-29 09:22 - 000000000 ____D C:\Users\tMt-user\Documents\Sticky Passwords
2021-11-24 23:21 - 2021-11-24 23:21 - 000000000 ____D C:\Users\tMt-user\AppData\Local\Lamantine
2021-11-24 23:20 - 2021-11-24 23:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sticky Password
2021-11-24 23:20 - 2021-11-24 23:20 - 000000000 ____D C:\Program Files (x86)\Sticky Password
2021-11-24 22:56 - 2021-11-24 22:56 - 000000000 ____D C:\Users\tMt-user\AppData\Local\KeepSolid Inc
2021-11-24 22:54 - 2021-11-24 22:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VPN Unlimited
2021-11-23 18:41 - 2021-11-23 18:41 - 000000000 ____D C:\Users\tMt-user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2021-11-23 12:52 - 2021-12-08 09:39 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-11-20 23:10 - 2021-11-21 18:35 - 000000000 ___RD C:\Users\tMt-user\OneDrive - Univerzita Karlova
2021-11-19 14:03 - 2021-11-19 14:03 - 000000000 ____D C:\UserBenchmark

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-12-15 17:28 - 2021-04-09 10:51 - 000000000 ____D C:\Users\tMt-user\AppData\Local\OpenShell
2021-12-15 17:28 - 2020-10-12 02:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-12-15 16:52 - 2017-07-11 18:33 - 000000000 ____D C:\Users\tMt-user\AppData\LocalLow\Mozilla
2021-12-15 16:43 - 2019-10-04 07:08 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-12-15 16:40 - 2017-07-08 04:29 - 000000000 ____D C:\Program Files (x86)\Google
2021-12-15 15:27 - 2021-04-23 08:49 - 000000000 ____D C:\Users\tMt-user\AppData\Roaming\Kiwi for Gmail
2021-12-15 14:33 - 2020-12-12 10:01 - 000000000 ____D C:\Users\tMt-user\AppData\Roaming\Ferdi
2021-12-15 14:32 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-12-15 14:09 - 2020-10-12 02:41 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-12-15 14:09 - 2019-12-07 15:43 - 000716770 _____ C:\WINDOWS\system32\perfh005.dat
2021-12-15 14:09 - 2019-12-07 15:43 - 000144948 _____ C:\WINDOWS\system32\perfc005.dat
2021-12-15 14:09 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-12-15 14:06 - 2017-12-10 10:25 - 000000000 ___RD C:\Users\tMt-user\OneDrive - Fakulta humanitních studií
2021-12-15 14:06 - 2017-08-07 15:10 - 000000000 ____D C:\Users\tMt-user\AppData\Local\Dropbox
2021-12-15 14:05 - 2017-08-07 16:08 - 000000000 ____D C:\ProgramData\firebird
2021-12-15 14:04 - 2017-07-23 16:02 - 000000000 ____D C:\ProgramData\NVIDIA
2021-12-15 14:04 - 2017-07-10 19:19 - 000000000 ____D C:\Users\tMt-user\AppData\Local\CrashDumps
2021-12-15 14:03 - 2020-05-25 19:32 - 003346432 _____ C:\Users\Public\Documents\bootracer.his
2021-12-15 14:03 - 2020-05-25 19:24 - 000001474 _____ C:\Users\Public\Documents\bootracer.ini
2021-12-15 14:02 - 2020-10-31 16:16 - 000008192 ___SH C:\DumpStack.log.tmp
2021-12-15 14:02 - 2020-10-12 02:48 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-12-15 14:02 - 2017-08-07 15:10 - 000000936 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2021-12-15 14:02 - 2017-07-08 04:28 - 000000000 ____D C:\Program Files\Avast
2021-12-15 14:02 - 2017-07-08 04:27 - 000000000 ____D C:\ProgramData\AVAST Software
2021-12-15 14:01 - 2020-10-12 02:31 - 000000000 ____D C:\Users\tMt-steam
2021-12-15 14:01 - 2020-10-12 02:31 - 000000000 ____D C:\Users\defaultuser0
2021-12-15 14:01 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-12-15 13:35 - 2020-10-14 14:02 - 000186280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-12-15 13:35 - 2020-10-12 02:48 - 000003960 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-12-15 13:35 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-12-15 13:35 - 2019-01-14 14:57 - 000369216 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-12-15 13:35 - 2019-01-04 18:57 - 000252992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-12-15 13:35 - 2019-01-04 18:57 - 000100416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-12-15 13:35 - 2019-01-04 18:57 - 000036784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-12-15 13:35 - 2018-10-11 18:19 - 000042416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-12-15 13:35 - 2018-05-02 07:56 - 000853800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-12-15 13:35 - 2018-05-02 07:56 - 000545176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-12-15 13:35 - 2018-05-02 07:56 - 000318760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-12-15 13:35 - 2018-05-02 07:56 - 000223176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-12-15 13:35 - 2018-05-02 07:56 - 000108912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-12-15 13:35 - 2018-05-02 07:56 - 000083976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-12-15 13:20 - 2021-01-28 23:25 - 000000000 ____D C:\AdwCleaner
2021-12-15 11:24 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-12-15 11:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-12-15 11:23 - 2020-04-18 08:44 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2021-12-15 11:23 - 2020-03-29 09:21 - 002225640 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2021-12-15 11:23 - 2020-03-29 09:21 - 000333288 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2021-12-15 11:23 - 2020-03-29 09:21 - 000217536 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2021-12-15 11:23 - 2020-03-29 09:21 - 000197048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2021-12-15 11:23 - 2020-03-29 09:21 - 000062952 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2021-12-15 01:31 - 2021-11-01 00:35 - 000002998 _____ C:\WINDOWS\system32\Tasks\HotSwap! Applet
2021-12-15 01:30 - 2021-08-30 11:53 - 000002242 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - tMt-user
2021-12-15 01:30 - 2021-07-03 12:41 - 000002580 _____ C:\WINDOWS\system32\Tasks\CrystalDiskInfo
2021-12-15 01:30 - 2021-07-03 12:35 - 000003176 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-12-15 01:30 - 2020-10-14 17:58 - 000002314 _____ C:\WINDOWS\system32\Tasks\HWiNFO
2021-12-15 01:30 - 2020-10-12 08:59 - 000003318 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6a0382da61997
2021-12-15 01:30 - 2020-10-12 02:48 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-12-15 01:30 - 2020-10-12 02:48 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-12-15 01:30 - 2020-10-12 02:48 - 000003470 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1597678316
2021-12-15 01:30 - 2020-10-12 02:48 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-12-15 01:30 - 2020-10-12 02:48 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-15 01:30 - 2020-10-12 02:48 - 000003348 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2021-12-15 01:30 - 2020-10-12 02:48 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-12-15 01:30 - 2020-10-12 02:48 - 000003276 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1576927961
2021-12-15 01:30 - 2020-10-12 02:48 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-15 01:30 - 2020-10-12 02:48 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-12-15 01:30 - 2020-10-12 02:48 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-15 01:30 - 2020-10-12 02:48 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-15 01:30 - 2020-10-12 02:48 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-15 01:30 - 2020-10-12 02:48 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-15 01:30 - 2020-10-12 02:48 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-15 01:30 - 2020-10-12 02:48 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-15 01:30 - 2020-10-12 02:48 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-15 01:30 - 2020-10-12 02:48 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2866573575-4116515599-1814928747-1003
2021-12-15 01:30 - 2020-10-12 02:48 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-15 01:30 - 2020-10-12 02:48 - 000002612 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2021-12-15 01:30 - 2020-10-12 02:48 - 000002428 _____ C:\WINDOWS\system32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
2021-12-15 01:30 - 2020-10-12 02:48 - 000002144 _____ C:\WINDOWS\system32\Tasks\Crystal Disk Info
2021-12-15 01:04 - 2020-10-12 02:48 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2021-12-14 23:11 - 2020-10-12 02:30 - 000427064 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-12-14 23:10 - 2020-10-12 02:31 - 000000000 ____D C:\Users\tMt
2021-12-14 23:10 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-12-14 23:10 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-12-14 23:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-12-14 23:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-12-14 23:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-12-14 23:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-12-14 23:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-12-14 23:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-12-14 23:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-12-14 23:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-12-14 23:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-12-14 23:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-12-14 23:09 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-12-14 23:08 - 2020-10-12 02:31 - 000000000 ____D C:\Users\tMt-user
2021-12-14 22:44 - 2017-07-10 19:22 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-12-14 22:37 - 2020-10-20 17:25 - 000000000 ____D C:\Program Files\dotnet
2021-12-14 22:37 - 2017-07-10 19:22 - 137938848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-12-14 22:37 - 2017-07-07 21:33 - 000000000 ____D C:\ProgramData\Package Cache
2021-12-14 22:33 - 2017-07-10 21:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2021-12-14 08:26 - 2017-07-08 04:30 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-12-13 22:37 - 2019-01-30 00:35 - 000000000 ____D C:\ProgramData\Mozilla
2021-12-13 20:29 - 2020-07-09 18:10 - 000000000 ____D C:\Users\tMt-user\AppData\Roaming\qBittorrent
2021-12-13 09:51 - 2021-05-31 14:53 - 000000000 ____D C:\Users\tMt-user\AppData\Local\Avast Software
2021-12-12 09:56 - 2020-06-08 07:24 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-12-11 22:07 - 2021-05-24 18:15 - 000000000 ____D C:\Users\tMt-user\Documents\PhraseExpress
2021-12-11 10:02 - 2020-09-21 17:19 - 000002389 _____ C:\Users\tMt-user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-12-10 22:38 - 2017-08-07 15:10 - 000000000 ____D C:\Program Files (x86)\Dropbox
2021-12-10 09:57 - 2017-11-02 18:14 - 000000000 ____D C:\Users\tMt-user\AppData\Local\Packages
2021-12-10 00:33 - 2021-07-03 11:26 - 000000000 ____D C:\Program Files (x86)\Zotero
2021-12-10 00:33 - 2021-07-03 11:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-12-09 14:28 - 2020-10-12 10:00 - 000000000 ____D C:\Users\tMt-user\AppData\Local\Deployment
2021-12-08 17:25 - 2021-06-25 14:32 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-12-08 09:59 - 2017-08-07 18:07 - 000000906 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2021-12-08 09:55 - 2018-08-05 18:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2021-12-08 09:53 - 2021-07-09 13:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView
2021-12-08 09:48 - 2017-08-16 11:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2021-12-08 09:44 - 2020-05-31 20:41 - 000000000 ____D C:\Users\tMt-user\AppData\Local\ProtonVPN
2021-12-08 09:43 - 2021-07-09 11:05 - 000000748 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PicPick.lnk
2021-12-08 09:42 - 2021-07-29 08:55 - 000000000 ____D C:\Program Files\Audacity
2021-12-08 09:42 - 2021-07-09 13:13 - 000000871 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2021-12-08 09:41 - 2019-12-21 12:32 - 000000915 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2021-12-07 09:49 - 2020-10-12 02:31 - 000002396 _____ C:\Users\tMt-user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-12-01 21:51 - 2020-11-07 11:44 - 000000000 ____D C:\_
2021-11-28 14:52 - 2020-01-03 11:13 - 000000000 ____D C:\Users\tMt-user\.android
2021-11-25 19:01 - 2018-05-06 00:22 - 000000000 ____D C:\Users\tMt-user\AppData\Local\D3DSCache
2021-11-23 18:42 - 2020-04-07 00:20 - 000000000 ____D C:\Users\tMt-user\AppData\Roaming\Zoom
2021-11-20 23:39 - 2021-11-06 21:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inscryption [GOG.com]
2021-11-20 23:10 - 2021-09-25 20:35 - 000000000 ____D C:\Users\tMt-user\Documents\Rise of the Tomb Raider
2021-11-20 23:10 - 2020-04-18 11:01 - 000000000 ____D C:\Users\tMt-user\Documents\The Witcher 3
2021-11-20 23:10 - 2019-12-17 16:41 - 000000000 ____D C:\Users\tMt-user\Documents\Snagit
2021-11-20 23:10 - 2017-08-19 19:21 - 000000000 ____D C:\Users\tMt-user\Documents\Sound recordings
2021-11-20 23:10 - 2017-07-10 19:19 - 000000000 ___RD C:\Users\tMt-user\OneDrive
2021-11-20 22:04 - 2020-10-06 14:12 - 000000000 ____D C:\Users\tMt-user\AppData\Roaming\Grammarly
2021-11-19 22:50 - 2018-06-20 22:57 - 000000000 ____D C:\ProgramData\Packages
2021-11-15 09:23 - 2020-05-18 14:18 - 000000000 ____D C:\UPLOAD
2021-11-15 08:35 - 2017-08-07 15:10 - 000000932 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job

==================== Files in the root of some directories ========

2019-03-03 09:07 - 2020-01-24 21:04 - 000000151 _____ () C:\Users\tMt-user\AppData\Roaming\gcstar.log
2017-10-18 20:52 - 2017-10-22 13:18 - 000000516 _____ () C:\Users\tMt-user\AppData\Roaming\rftg
2018-03-14 00:44 - 2018-03-14 00:45 - 000000049 _____ () C:\Users\tMt-user\AppData\Roaming\~SiMPLEX.ini
2018-10-25 16:05 - 2018-10-25 16:05 - 000000000 _____ () C:\Users\tMt-user\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-09-27] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2866573575-4116515599-1814928747-1003\...\MountPoints2: {1e493c19-05d1-11ec-95db-5cf3708ef908} - "J:\Setup.exe"
HKU\S-1-5-21-2866573575-4116515599-1814928747-1003\...\MountPoints2: {1e493c2b-05d1-11ec-95db-5cf3708ef908} - "M:\setup.exe" /autorun
HKU\S-1-5-21-2866573575-4116515599-1814928747-1003\...\MountPoints2: {1e493f27-05d1-11ec-95db-5cf3708ef908} - "J:\setup.exe" /autorun
HKU\S-1-5-21-2866573575-4116515599-1814928747-1003\...\MountPoints2: {630a72da-1940-11eb-9544-5cf3708ef908} - "O:\setup.exe"
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {2BE52439-90FF-448D-9603-DEA7E083113B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-08] (Google Inc -> Google Inc.)
Task: {910461A0-666E-4794-8064-F65191AF79B4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-08] (Google Inc -> Google Inc.)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\system32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
CustomCLSID: HKU\S-1-5-21-2866573575-4116515599-1814928747-1003_Classes\CLSID\{9486aaf1-0930-362a-962d-8e6908739c817}\InprocServer32 -> 0x70AC6F9F5034D60170AC6F9F5034D601010000000900000000000000 => No File
C:\Users\tMt-user\AppData\Local\Temp
AlternateDataStreams: C:\ProgramData\TEMP:728B799F [372]
FirewallRules: [TCP Query User{FB985F04-C053-4C00-9320-71C5513AAE1A}C:\apps\essentialpim pro 8\essentialpim.exe] => (Block) C:\apps\essentialpim pro 8\essentialpim.exe => No File
FirewallRules: [UDP Query User{F809C33E-F7B9-4365-BEC9-89D83E65919F}C:\apps\essentialpim pro 8\essentialpim.exe] => (Block) C:\apps\essentialpim pro 8\essentialpim.exe => No File
FirewallRules: [TCP Query User{AD78A009-1EC3-44D3-8194-D847B5CDFC19}C:\apps\essentialpim pro 8\essentialpim.exe] => (Allow) C:\apps\essentialpim pro 8\essentialpim.exe => No File
FirewallRules: [UDP Query User{A33208AA-F528-46C0-9D43-2EDE921C9EA9}C:\apps\essentialpim pro 8\essentialpim.exe] => (Allow) C:\apps\essentialpim pro 8\essentialpim.exe => No File

EmptyTemp:
Hosts:
End

Uložte C:\Users\tMt-user\OneDrive - Univerzita Karlova\Plocha plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[lastsaves]

Provedeno, log níže.

Fix result of Farbar Recovery Scan Tool (x64) Version: 11-12-2021
Ran by tMt-user (16-12-2021 10:54:43) Run:1
Running from C:\Users\tMt-user\OneDrive - Univerzita Karlova\Plocha
Loaded Profiles: defaultuser0 & tMt & tMt-user & tMt-steam
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-09-27] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2866573575-4116515599-1814928747-1003\...\MountPoints2: {1e493c19-05d1-11ec-95db-5cf3708ef908} - "J:\Setup.exe"
HKU\S-1-5-21-2866573575-4116515599-1814928747-1003\...\MountPoints2: {1e493c2b-05d1-11ec-95db-5cf3708ef908} - "M:\setup.exe" /autorun
HKU\S-1-5-21-2866573575-4116515599-1814928747-1003\...\MountPoints2: {1e493f27-05d1-11ec-95db-5cf3708ef908} - "J:\setup.exe" /autorun
HKU\S-1-5-21-2866573575-4116515599-1814928747-1003\...\MountPoints2: {630a72da-1940-11eb-9544-5cf3708ef908} - "O:\setup.exe"
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {2BE52439-90FF-448D-9603-DEA7E083113B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-08] (Google Inc -> Google Inc.)
Task: {910461A0-666E-4794-8064-F65191AF79B4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-08] (Google Inc -> Google Inc.)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\system32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
CustomCLSID: HKU\S-1-5-21-2866573575-4116515599-1814928747-1003_Classes\CLSID\{9486aaf1-0930-362a-962d-8e6908739c817}\InprocServer32 -> 0x70AC6F9F5034D60170AC6F9F5034D601010000000900000000000000 => No File
C:\Users\tMt-user\AppData\Local\Temp
AlternateDataStreams: C:\ProgramData\TEMP:728B799F [372]
FirewallRules: [TCP Query User{FB985F04-C053-4C00-9320-71C5513AAE1A}C:\apps\essentialpim pro 8\essentialpim.exe] => (Block) C:\apps\essentialpim pro 8\essentialpim.exe => No File
FirewallRules: [UDP Query User{F809C33E-F7B9-4365-BEC9-89D83E65919F}C:\apps\essentialpim pro 8\essentialpim.exe] => (Block) C:\apps\essentialpim pro 8\essentialpim.exe => No File
FirewallRules: [TCP Query User{AD78A009-1EC3-44D3-8194-D847B5CDFC19}C:\apps\essentialpim pro 8\essentialpim.exe] => (Allow) C:\apps\essentialpim pro 8\essentialpim.exe => No File
FirewallRules: [UDP Query User{A33208AA-F528-46C0-9D43-2EDE921C9EA9}C:\apps\essentialpim pro 8\essentialpim.exe] => (Allow) C:\apps\essentialpim pro 8\essentialpim.exe => No File

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKU\S-1-5-21-2866573575-4116515599-1814928747-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1e493c19-05d1-11ec-95db-5cf3708ef908} => removed successfully
HKU\S-1-5-21-2866573575-4116515599-1814928747-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1e493c2b-05d1-11ec-95db-5cf3708ef908} => removed successfully
HKU\S-1-5-21-2866573575-4116515599-1814928747-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1e493f27-05d1-11ec-95db-5cf3708ef908} => removed successfully
HKU\S-1-5-21-2866573575-4116515599-1814928747-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{630a72da-1940-11eb-9544-5cf3708ef908} => removed successfully
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2BE52439-90FF-448D-9603-DEA7E083113B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2BE52439-90FF-448D-9603-DEA7E083113B}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{910461A0-666E-4794-8064-F65191AF79B4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{910461A0-666E-4794-8064-F65191AF79B4}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\WINDOWS\system32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => moved successfully
HKU\S-1-5-21-2866573575-4116515599-1814928747-1003_Classes\CLSID\{9486aaf1-0930-362a-962d-8e6908739c817} => removed successfully
C:\Users\tMt-user\AppData\Local\Temp => moved successfully
C:\ProgramData\TEMP => ":728B799F" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{FB985F04-C053-4C00-9320-71C5513AAE1A}C:\apps\essentialpim pro 8\essentialpim.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F809C33E-F7B9-4365-BEC9-89D83E65919F}C:\apps\essentialpim pro 8\essentialpim.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{AD78A009-1EC3-44D3-8194-D847B5CDFC19}C:\apps\essentialpim pro 8\essentialpim.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A33208AA-F528-46C0-9D43-2EDE921C9EA9}C:\apps\essentialpim pro 8\essentialpim.exe" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 2883584 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 140461647 B
Java, Flash, Steam htmlcache => 1065 B
Windows/system/drivers => 11225075 B
Edge => 59431 B
Chrome => 559175545 B
Firefox => 503273031 B
Opera => 231958974 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 106382 B
NetworkService => 106382 B
defaultuser0 => 106382 B
tMt => 594702 B
tMt-user => 11916622 B
tMt-steam => 11916622 B

RecycleBin => 7480 B
EmptyTemp: => 1.4 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 10:57:12 ====

[Rudy]

Smazáno. Nastala nějaká změna?

[lastsaves]

Zatím bez zamrznutí. Uvidíme za pár dní.
Díky za pomoc.

[Rudy]

Rádo se stalo!