Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
martin06
Návštěvník
Návštěvník
Příspěvky: 163
Registrován: 07 říj 2006 22:46

Prosím o kontrolu logu

#1 Příspěvek od martin06 »

Dobrý den přeji,

prosím o kontrolu logu, pc sice jede v pohodě, ale pro jistotu ho nechám prověřit kvůli tomu, že pc sdílím se spolubydlícím. Děkuji

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-02-2021 01
Ran by Martin (administrator) on DESKTOP-69LFJ66 (10-02-2021 13:36:13)
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin
Platform: Windows 10 Home Version 20H2 19042.746 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Acronis International GmbH -> ) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
(ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Adobe Inc. -> ) C:\Program Files\Adobe\Adobe Photoshop 2021\Required\Plug-ins\Spaces\Adobe Spaces Helper.exe <3>
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Inc. -> Adobe) [File not signed] C:\Program Files\Adobe\Adobe Photoshop 2021\Photoshop.exe
(Adobe Systems Incorporated -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\FANRGBHEADER\FanLEDCtrl.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\LightingService\1.00.39\AsRogAuraGpuDllServer.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.31\aaHMSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\1.00.39\LightingService.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Martin\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.20122.11121.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <12>
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Photoshop 2021\node.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Samsung Electronics CO., LTD. -> ) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [519912 2017-12-01] (Acronis International GmbH -> )
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9246656 2018-01-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] (Samsung Electronics CO., LTD. -> )
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [425864 2017-12-01] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [3770736 2017-12-01] (Acronis International GmbH -> )
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [705728 2020-11-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [731240 2018-12-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\Run: [Steam] => D:\Steam\steam.exe [3424032 2020-10-29] (Valve -> Valve Corporation)
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32414392 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\Run: [Discord] => C:\Users\Martin\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [153136 2007-03-12] (Nero AG -> Nero AG)
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\Run: [Google Update] => C:\Users\Martin\AppData\Local\Google\Update\1.3.36.72\GoogleUpdateCore.exe [216392 2021-02-05] (Google LLC -> Google LLC)
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\MountPoints2: {60327e6c-13ab-11e9-88ca-0c9d9262121a} - "H:\setup.exe"
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\MountPoints2: {c75b7132-132a-11e9-88c9-0c9d9262121a} - "F:\setup.exe"
HKLM\...\Windows x64\Print Processors\Canon MP630 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9C.DLL [27648 2009-12-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\sxj2mPC: C:\Windows\System32\spool\prtprocs\x64\sxj2mpc.dll [43520 2014-02-20] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP630 series: C:\Windows\system32\CNMLM9C.DLL [279040 2009-12-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\sxj2m Langmon: C:\Windows\system32\sxj2mlm.dll [34304 2013-12-10] (Microsoft Windows Hardware Compatibility Publisher -> )
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04981217-BF68-4827-9660-232E07343173} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {08F002C4-F94B-4213-93FA-EA697B686B15} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0E2E5711-E4F9-4BFF-A0A3-2EA6D867D5B4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1AA362C0-33A0-439E-A281-8CAF9DA6A5AA} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1CB8F8EF-06DD-4839-BC16-44FE29F764FE} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {223681F8-5AED-46C5-ABC7-58EFCC149392} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {2F0534FF-ADF5-4F9F-93A7-AD000D61F783} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {33C890BB-F53C-4498-B08F-D15563F8D2FC} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {354F394F-637D-417D-AC5B-3DCA03622C42} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {39067128-13B0-40AE-A7D0-19D8AAAC45DA} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {3DA85365-E7E4-427C-B112-E4FFF539286B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [563000 2015-08-26] (Apple Inc. -> Apple Inc.)
Task: {453C5CAD-A481-4B82-A48F-836B9FF60B56} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {486D5A86-E43F-4ACE-A6FF-70CBA670D2FF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {66B7EEEA-9777-4CFC-ADBD-25890248E9B2} - System32\Tasks\Zoner.Updater.S-1-5-21-1952709571-807798404-1509361630-1003 => C:\ProgramData\Zoner\Zoner.Installer.Core\Updater.exe [2075216 2020-12-09] (ZONER software, a.s. -> ZONER software, a.s.)
Task: {66BA1A9F-46DA-44E2-9E70-06D495F50986} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe [69512 2018-04-24] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {678CBBC0-4866-4932-B734-44FF637A3CD6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1952709571-807798404-1509361630-1003UA => C:\Users\Martin\AppData\Local\Google\Update\GoogleUpdate.exe [155592 2020-11-05] (Google LLC -> Google LLC)
Task: {848B3368-4FCD-44F7-AC25-D1B75021B74C} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2072536 2017-07-16] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {9226B98D-FF26-4311-835E-77B86A525C1E} - System32\Tasks\ASUS\AsRogAuraGpuDllServer => C:\Program Files (x86)\LightingService\1.00.39\AsRogAuraGpuDllServer.exe [280536 2018-02-06] (ASUSTeK Computer Inc. -> )
Task: {95E07D5B-2D05-4947-9FE1-7C4A163F53E5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9709CD51-16C0-4C37-BD54-726DFC83CCEF} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {AED8C40E-6018-4F9B-88DC-48B1036643E1} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [49544 2018-04-24] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {C0502CCE-925F-44CE-A3A7-B0606D3E65F5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1952709571-807798404-1509361630-1003Core => C:\Users\Martin\AppData\Local\Google\Update\GoogleUpdate.exe [155592 2020-11-05] (Google LLC -> Google LLC)
Task: {CE00299D-4551-48EF-9386-ECF1A2F31769} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CE80864E-7238-4759-BAB6-512990003C48} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DB782345-A49A-4F95-8783-9067B0A3F848} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DC0A1948-2196-4242-AEB1-0E7E83C12640} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E5AB2829-5A65-4444-8A9B-8F138EBE1235} - System32\Tasks\ASUS\ASUS FanLEDCtrl => C:\Program Files (x86)\ASUS\AI Suite III\FANRGBHEADER\FanLEDCtrl.exe [1147352 2017-07-17] (ASUSTeK Computer Inc. -> )

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{c51dedd1-487f-476e-a3d8-d5c7ba1a874f}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Martin\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-10]

FireFox:
========
FF DefaultProfile: dzgrn46h.default
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\dzgrn46h.default [2021-02-10]
FF DownloadDir: D:\BMW\cuketa
FF Homepage: Mozilla\Firefox\Profiles\dzgrn46h.default -> hxxps://www.seznam.cz/
FF NewTab: Mozilla\Firefox\Profiles\dzgrn46h.default -> hxxps://securesearch.org/homepage?hp=2&pId=BT170603&iDate=2021-01-05 07:53:01&iid=ba45a4b4-96ed-4baa-b779-5d62b391a06d&bName=
FF Notifications: Mozilla\Firefox\Profiles\dzgrn46h.default -> hxxps://www.kupi.cz
FF Extension: (Komponenta I.CA PKI Service) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\dzgrn46h.default\Extensions\icapkiservice@ica.cz.xpi [2020-06-16]
FF Extension: (Block Site) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\dzgrn46h.default\Extensions\{07046613-1993-4b66-9dd1-9dd1ce581cb7}.xpi [2020-07-13]
FF Extension: (Whoer VPN) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\dzgrn46h.default\Extensions\{ee47f82c-1872-4053-badf-cc675093f81e}.xpi [2020-07-14]
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-02-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-02-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems Incorporated -> Adobe Systems)

Chrome:
=======
CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default [2021-02-10]
CHR Extension: (Prezentace) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-04-23]
CHR Extension: (Safe Torrent Scanner) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2021-01-24]
CHR Extension: (Dokumenty) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-04-23]
CHR Extension: (Disk Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-05]
CHR Extension: (YouTube) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-23]
CHR Extension: (Tabulky) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-04-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-05]
CHR Extension: (Chrome Media Router) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-29]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [2723872 2017-12-01] (Acronis International GmbH -> Acronis International GmbH)
R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1133728 2017-12-01] (Acronis International GmbH -> )
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6096688 2018-05-10] (Acronis International GmbH -> )
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe [382424 2018-02-06] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.31\aaHMSvc.exe [975832 2017-06-01] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [636592 2020-11-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [384360 2020-12-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8402648 2019-12-08] (BattlEye Innovations e.K. -> )
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3644008 2018-12-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [777856 2019-10-24] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA)
S3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-18] (Hewlett-Packard Co.) [File not signed]
S3 I.CA Maintenance Service; C:\Program Files (x86)\I.CA\I.CA Maintenance\ICAMaintenance.exe [283904 2019-08-02] (Prvni certifikacni autorita, a.s. -> I.CA, a.s.)
R2 LightingService; C:\Program Files (x86)\LightingService\1.00.39\LightingService.exe [1244632 2018-02-06] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4808088 2017-12-01] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2017-12-01] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1706080 2017-12-01] (Acronis International GmbH -> )
S3 NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [774144 2007-01-15] (Nero AG) [File not signed]
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-03-12] (Nero AG -> Nero AG)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1314448 2020-03-11] (Rockstar Games, Inc. -> Rockstar Games)
R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7003048 2017-12-01] (Acronis International GmbH -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13172752 2020-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\NisSrv.exe [2462960 2021-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MsMpEng.exe [128376 2021-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2017-06-01] (ASUSTeK Computer Inc. -> )
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2019-01-08] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2019-01-08] (Disc Soft Ltd -> Disc Soft Ltd)
R2 file_protector; C:\WINDOWS\System32\DRIVERS\file_protector.sys [564304 2018-05-10] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [379664 2018-05-10] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S3 GLCKIO; C:\Program Files (x86)\ASUS\AURA\690b33e1-0462-4e84-9bea-c7552b45432a.sys [14976 2020-12-16] (ASUSTeK Computer Inc. -> )
R3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [50248 2020-12-01] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
R3 RtsUpx; C:\Windows\system32\drivers\RtsUpx.sys [30328 2018-11-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [1310552 2018-05-10] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [213336 2018-05-10] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [690520 2018-05-10] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [326416 2018-05-10] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R0 volume_tracker; C:\WINDOWS\System32\DRIVERS\volume_tracker.sys [243472 2018-05-10] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49552 2021-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [419040 2021-02-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2021-02-10] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-10 13:36 - 2021-02-10 13:36 - 000030388 _____ C:\Users\Martin\Desktop\FRST.txt
2021-02-10 13:35 - 2021-02-10 13:35 - 002297344 _____ (Farbar) C:\Users\Martin\Desktop\FRST64.exe
2021-02-10 10:35 - 2021-02-10 10:35 - 000000762 _____ C:\Users\Martin\Desktop\install Forza Horizon 4.lnk
2021-02-10 10:35 - 2021-02-10 10:35 - 000000707 _____ C:\Users\Martin\Desktop\Forza Horizon 4.lnk
2021-02-09 21:23 - 2021-02-10 10:38 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-02-02 16:14 - 2021-02-02 16:14 - 003097697 _____ (ask4pc ) C:\WINDOWS\unins006.exe
2021-02-01 11:03 - 2021-02-01 11:03 - 003097697 _____ (ask4pc ) C:\WINDOWS\unins002.exe
2021-02-01 10:45 - 2021-02-01 10:45 - 002618209 _____ C:\WINDOWS\unins020.exe
2021-02-01 10:45 - 2021-02-01 10:45 - 000061891 _____ C:\WINDOWS\unins020.dat
2021-02-01 10:44 - 2021-02-01 10:44 - 002618209 _____ C:\WINDOWS\unins019.exe
2021-02-01 10:44 - 2021-02-01 10:44 - 000026009 _____ C:\WINDOWS\unins019.dat
2021-02-01 10:43 - 2021-02-01 10:43 - 002618209 _____ C:\WINDOWS\unins018.exe
2021-02-01 10:43 - 2021-02-01 10:43 - 000029659 _____ C:\WINDOWS\unins018.dat
2021-02-01 10:41 - 2021-02-01 10:41 - 002618209 _____ C:\WINDOWS\unins017.exe
2021-02-01 10:41 - 2021-02-01 10:41 - 000091183 _____ C:\WINDOWS\unins017.dat
2021-02-01 10:40 - 2021-02-01 10:40 - 002618209 _____ C:\WINDOWS\unins016.exe
2021-02-01 10:40 - 2021-02-01 10:40 - 000124231 _____ C:\WINDOWS\unins016.dat
2021-02-01 10:36 - 2021-02-01 10:36 - 003097697 _____ (ask4pc ) C:\WINDOWS\unins014.exe
2021-02-01 10:36 - 2021-02-01 10:36 - 002618209 _____ C:\WINDOWS\unins015.exe
2021-02-01 10:36 - 2021-02-01 10:36 - 000050565 _____ C:\WINDOWS\unins014.dat
2021-02-01 10:36 - 2021-02-01 10:36 - 000036577 _____ C:\WINDOWS\unins015.dat
2021-02-01 10:32 - 2021-02-01 10:32 - 002618209 _____ C:\WINDOWS\unins013.exe
2021-02-01 10:32 - 2021-02-01 10:32 - 002618209 _____ C:\WINDOWS\unins012.exe
2021-02-01 10:32 - 2021-02-01 10:32 - 000162189 _____ C:\WINDOWS\unins012.dat
2021-02-01 10:32 - 2021-02-01 10:32 - 000128505 _____ C:\WINDOWS\unins013.dat
2021-02-01 10:21 - 2021-02-01 10:21 - 003097697 _____ (ask4pc ) C:\WINDOWS\unins011.exe
2021-02-01 10:21 - 2021-02-01 10:21 - 000066239 _____ C:\WINDOWS\unins011.dat
2021-02-01 10:20 - 2021-02-01 10:20 - 003097697 _____ (ask4pc ) C:\WINDOWS\unins010.exe
2021-02-01 10:20 - 2021-02-01 10:20 - 003097697 _____ (ask4pc ) C:\WINDOWS\unins009.exe
2021-02-01 10:20 - 2021-02-01 10:20 - 003097697 _____ (ask4pc ) C:\WINDOWS\unins008.exe
2021-02-01 10:20 - 2021-02-01 10:20 - 000127811 _____ C:\WINDOWS\unins010.dat
2021-02-01 10:20 - 2021-02-01 10:20 - 000084751 _____ C:\WINDOWS\unins008.dat
2021-02-01 10:20 - 2021-02-01 10:20 - 000059379 _____ C:\WINDOWS\unins009.dat
2021-02-01 09:35 - 2021-02-01 09:35 - 003097697 _____ (ask4pc ) C:\WINDOWS\unins007.exe
2021-02-01 09:35 - 2021-02-01 09:35 - 000081107 _____ C:\WINDOWS\unins007.dat
2021-02-01 09:34 - 2021-02-02 16:14 - 000127494 _____ C:\WINDOWS\unins006.dat
2021-02-01 09:34 - 2021-02-01 09:34 - 003097697 _____ (ask4pc ) C:\WINDOWS\unins005.exe
2021-02-01 09:34 - 2021-02-01 09:34 - 000080269 _____ C:\WINDOWS\unins005.dat
2021-02-01 09:33 - 2021-02-01 09:33 - 002618209 _____ C:\WINDOWS\unins004.exe
2021-02-01 09:33 - 2021-02-01 09:33 - 002618209 _____ C:\WINDOWS\unins001.exe
2021-02-01 09:33 - 2021-02-01 09:33 - 000032875 _____ C:\WINDOWS\unins004.dat
2021-02-01 09:06 - 2021-02-01 09:06 - 003097697 _____ (ask4pc ) C:\WINDOWS\unins003.exe
2021-02-01 09:06 - 2021-02-01 09:06 - 000086581 _____ C:\WINDOWS\unins003.dat
2021-02-01 09:05 - 2021-02-01 11:03 - 000097618 _____ C:\WINDOWS\unins002.dat
2021-02-01 09:05 - 2021-02-01 09:33 - 000117633 _____ C:\WINDOWS\unins001.dat
2021-02-01 09:05 - 2021-02-01 09:05 - 002618209 _____ C:\WINDOWS\unins000.exe
2021-02-01 09:05 - 2021-02-01 09:05 - 000108171 _____ C:\WINDOWS\unins000.dat
2021-02-01 09:05 - 2021-02-01 09:05 - 000000000 ____D C:\Users\Martin\Documents\Wondershare Filmora 9
2021-01-31 18:55 - 2021-02-05 16:32 - 000000000 ____D C:\Program Files (x86)\Google
2021-01-31 18:23 - 2021-01-31 18:23 - 000003522 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2021-01-31 18:22 - 2021-02-10 12:37 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-01-31 18:22 - 2021-02-10 12:37 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2021-01-31 17:55 - 2021-01-31 18:05 - 017311086 _____ C:\Users\Martin\Downloads\khana.psd
2021-01-30 19:32 - 2021-01-30 19:32 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2021-01-30 19:32 - 2021-01-30 19:32 - 000000000 ____D C:\ProgramData\Documents\Wondershare
2021-01-30 19:31 - 2021-01-30 19:32 - 000000000 ____D C:\ProgramData\Wondershare
2021-01-30 19:31 - 2021-01-30 19:31 - 000001151 _____ C:\Users\Public\Desktop\Wondershare Filmora X.lnk
2021-01-30 19:31 - 2021-01-30 19:31 - 000001151 _____ C:\ProgramData\Desktop\Wondershare Filmora X.lnk
2021-01-30 19:31 - 2021-01-30 19:31 - 000000016 _____ C:\ProgramData\mntemp
2021-01-30 19:31 - 2021-01-30 19:31 - 000000000 ____D C:\Users\Martin\AppData\Local\Wondershare
2021-01-30 19:31 - 2021-01-30 19:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2021-01-30 19:30 - 2021-02-10 12:36 - 000000000 ____D C:\ProgramData\Wondershare Filmora
2021-01-30 19:30 - 2021-01-30 19:31 - 000000000 ____D C:\Program Files\Wondershare
2021-01-30 19:30 - 2021-01-30 19:30 - 000000000 ____D C:\Users\Martin\Documents\Wondershare
2021-01-30 18:41 - 2021-01-30 18:41 - 000601600 _____ C:\ProgramData\adobe_snr_patch_v2_0_painter0000.exe
2021-01-30 18:18 - 2021-01-30 18:18 - 000001298 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2021-01-30 18:18 - 2021-01-30 18:18 - 000001286 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2021-01-30 18:18 - 2021-01-30 18:18 - 000001286 _____ C:\ProgramData\Desktop\Adobe Creative Cloud.lnk
2021-01-28 18:39 - 2021-01-31 08:30 - 000205664 _____ C:\Users\Martin\Documents\khana.veg
2021-01-28 18:39 - 2021-01-31 00:41 - 000205664 _____ C:\Users\Martin\Documents\khana.veg.bak
2021-01-23 15:43 - 2021-01-23 15:43 - 000000000 ____D C:\Users\Martin\AppData\Local\IO Interactive
2021-01-23 15:41 - 2021-01-23 15:41 - 000000000 ____D C:\Users\Public\Documents\Epic
2021-01-23 15:41 - 2021-01-23 15:41 - 000000000 ____D C:\Users\Martin\AppData\Roaming\IO Interactive
2021-01-23 15:41 - 2021-01-23 15:41 - 000000000 ____D C:\ProgramData\Documents\Epic
2021-01-23 13:30 - 2021-01-23 13:30 - 014952221 _____ C:\Users\Martin\Downloads\vlog5.psd
2021-01-22 12:49 - 2021-02-01 12:11 - 000000091 _____ C:\Users\Martin\Desktop\Nový textový dokument (2).txt
2021-01-22 11:15 - 2021-01-22 11:15 - 000001261 _____ C:\Users\Public\Desktop\Avira.lnk
2021-01-22 11:15 - 2021-01-22 11:15 - 000001261 _____ C:\ProgramData\Desktop\Avira.lnk
2021-01-22 11:15 - 2021-01-22 11:15 - 000001113 _____ C:\Users\Public\Desktop\Avira Phantom VPN.lnk
2021-01-22 11:15 - 2021-01-22 11:15 - 000001113 _____ C:\ProgramData\Desktop\Avira Phantom VPN.lnk
2021-01-22 11:15 - 2021-01-22 11:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2021-01-22 11:15 - 2021-01-22 11:15 - 000000000 ____D C:\ProgramData\Avira
2021-01-22 11:15 - 2021-01-22 11:15 - 000000000 ____D C:\Program Files (x86)\Avira
2021-01-20 23:18 - 2021-01-23 20:38 - 000192296 _____ C:\Users\Martin\Documents\5.dil_verze_2.veg
2021-01-20 23:18 - 2021-01-23 13:01 - 000191936 _____ C:\Users\Martin\Documents\5.dil_verze_2.veg.bak
2021-01-18 18:13 - 2021-01-19 00:47 - 000101128 _____ C:\Users\Martin\Documents\5.dil.veg
2021-01-18 18:13 - 2021-01-19 00:22 - 000092352 _____ C:\Users\Martin\Documents\5.dil.veg.bak
2021-01-17 23:57 - 2021-01-18 09:06 - 000094608 _____ C:\Users\Martin\Documents\4dil.veg
2021-01-17 23:57 - 2021-01-17 23:57 - 000094608 _____ C:\Users\Martin\Documents\4dil.veg.bak
2021-01-17 23:48 - 2021-01-17 23:48 - 009627571 _____ C:\Users\Martin\Downloads\vlog.psd
2021-01-16 12:55 - 2021-01-16 15:32 - 000077320 _____ C:\Users\Martin\Documents\4.dil_verze1.veg
2021-01-16 12:55 - 2021-01-16 15:18 - 000078912 _____ C:\Users\Martin\Documents\4.dil_verze1.veg.bak
2021-01-15 09:47 - 2021-01-15 09:47 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-15 09:47 - 2021-01-15 09:47 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-15 09:47 - 2021-01-15 09:47 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-15 09:47 - 2021-01-15 09:47 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-15 09:47 - 2021-01-15 09:47 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-15 09:47 - 2021-01-15 09:47 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-15 09:47 - 2021-01-15 09:47 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-15 09:47 - 2021-01-15 09:47 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-15 09:47 - 2021-01-15 09:47 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-15 09:47 - 2021-01-15 09:47 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-15 09:47 - 2021-01-15 09:47 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-15 09:46 - 2021-01-15 09:46 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-15 09:46 - 2021-01-15 09:46 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-15 09:46 - 2021-01-15 09:46 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-15 09:46 - 2021-01-15 09:46 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-01-15 09:46 - 2021-01-15 09:46 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-15 09:46 - 2021-01-15 09:46 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-01-15 09:46 - 2021-01-15 09:46 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-15 09:46 - 2021-01-15 09:46 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-15 09:46 - 2021-01-15 09:46 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-15 09:46 - 2021-01-15 09:46 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-01-15 09:46 - 2021-01-15 09:46 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-01-15 09:46 - 2021-01-15 09:46 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-15 09:46 - 2021-01-15 09:46 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-15 09:46 - 2021-01-15 09:46 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-15 09:46 - 2021-01-15 09:46 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-15 09:46 - 2021-01-15 09:46 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-15 09:46 - 2021-01-15 09:46 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-15 09:46 - 2021-01-15 09:46 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-15 09:46 - 2021-01-15 09:46 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-15 09:46 - 2021-01-15 09:46 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-15 09:46 - 2021-01-15 09:46 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-15 09:46 - 2021-01-15 09:46 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-15 09:46 - 2021-01-15 09:46 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-15 09:46 - 2021-01-15 09:46 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-15 09:46 - 2021-01-15 09:46 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-01-15 09:46 - 2021-01-15 09:46 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-15 09:46 - 2021-01-15 09:46 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-15 09:46 - 2021-01-15 09:46 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-15 09:46 - 2021-01-15 09:46 - 000010894 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-01-13 12:19 - 2021-01-16 12:45 - 000041552 _____ C:\Users\Martin\Documents\4.dil.veg
2021-01-13 12:19 - 2021-01-13 13:47 - 000038240 _____ C:\Users\Martin\Documents\4.dil.veg.bak
2021-01-12 15:17 - 2021-01-12 15:17 - 005510126 _____ C:\Users\Martin\Downloads\for fun.psd
2021-01-12 11:34 - 2021-01-15 15:54 - 000076928 _____ C:\Users\Martin\Documents\m3_3_3veg.veg
2021-01-12 11:34 - 2021-01-14 16:41 - 000078912 _____ C:\Users\Martin\Documents\m3_3_3veg.veg.bak
2021-01-11 23:08 - 2021-01-12 11:34 - 000058792 _____ C:\Users\Martin\Documents\m3_3veg.veg
2021-01-11 23:08 - 2021-01-12 11:26 - 000057784 _____ C:\Users\Martin\Documents\m3_3veg.veg.bak
2021-01-11 19:58 - 2021-01-11 19:58 - 000000000 ____D C:\Users\Martin\AppData\LocalLow\Colossal Order

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-10 13:36 - 2020-01-19 19:57 - 000000000 ____D C:\FRST
2021-02-10 13:31 - 2021-01-05 20:53 - 000000000 ____D C:\Users\Martin\AppData\Local\BitTorrentHelper
2021-02-10 13:31 - 2019-01-08 11:43 - 000000000 ____D C:\Users\Martin\AppData\Roaming\uTorrent
2021-02-10 13:24 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-10 13:06 - 2019-01-08 11:42 - 000000000 ____D C:\Users\Martin\AppData\Local\CrashDumps
2021-02-10 12:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-10 12:54 - 2019-01-08 10:51 - 000000000 ____D C:\Users\Martin\AppData\Local\Packages
2021-02-10 12:25 - 2018-11-18 18:48 - 000000000 ____D C:\ProgramData\NVIDIA
2021-02-10 12:24 - 2020-11-01 01:26 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-10 11:48 - 2019-01-12 02:30 - 000000000 ____D C:\Users\Martin\AppData\Roaming\vlc
2021-02-10 10:45 - 2020-11-01 14:15 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-10 10:45 - 2019-12-07 15:41 - 000716602 _____ C:\WINDOWS\system32\perfh005.dat
2021-02-10 10:45 - 2019-12-07 15:41 - 000144780 _____ C:\WINDOWS\system32\perfc005.dat
2021-02-10 10:45 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-02-10 10:41 - 2019-01-08 11:06 - 000000000 ____D C:\Users\Martin\AppData\LocalLow\Mozilla
2021-02-10 10:40 - 2019-02-08 10:59 - 000000000 ____D C:\Program Files\CCleaner
2021-02-10 10:38 - 2020-11-01 01:31 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-10 10:38 - 2020-11-01 01:25 - 000008192 ___SH C:\DumpStack.log.tmp
2021-02-10 10:38 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-02-10 10:38 - 2019-05-21 11:39 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-02-10 10:38 - 2019-01-08 11:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-02-10 10:35 - 2020-11-17 11:11 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2021-02-10 10:35 - 2020-10-25 18:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\by.xatab
2021-02-10 09:25 - 2018-05-10 07:38 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-02-10 09:00 - 2019-01-08 11:06 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-02-10 08:50 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-10 00:23 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-09 09:19 - 2020-11-01 14:13 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6afe655bc307f
2021-02-09 09:19 - 2020-11-01 01:31 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-08 20:38 - 2020-04-23 18:52 - 000002548 _____ C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-08 20:38 - 2020-04-23 18:52 - 000002511 _____ C:\Users\Martin\Desktop\Google Chrome.lnk
2021-02-07 13:06 - 2019-01-08 11:24 - 000000000 ____D C:\Users\Martin\AppData\Local\D3DSCache
2021-02-07 10:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2021-02-07 10:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2021-02-06 15:01 - 2019-03-22 22:54 - 000000000 ____D C:\Users\Martin\AppData\Roaming\slobs-client
2021-02-06 10:26 - 2020-06-05 07:48 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-06 10:26 - 2020-06-05 07:48 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-02-06 10:26 - 2020-06-05 07:48 - 000002274 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-02-05 16:32 - 2020-11-05 11:46 - 000003734 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-1952709571-807798404-1509361630-1003UA
2021-02-05 16:32 - 2020-11-05 11:46 - 000003466 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-1952709571-807798404-1509361630-1003Core
2021-02-02 14:54 - 2021-01-01 19:05 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-02-01 09:03 - 2020-12-25 14:53 - 000000000 ____D C:\ProgramData\WinZip
2021-02-01 00:49 - 2020-10-31 13:00 - 000000000 ____D C:\Users\Martin
2021-01-31 17:46 - 2019-01-15 19:31 - 000000000 ____D C:\Users\Martin\AppData\Local\Adobe
2021-01-31 17:45 - 2019-09-16 21:10 - 000000000 ____D C:\ProgramData\Adobe
2021-01-31 17:45 - 2019-01-08 10:51 - 000000000 ____D C:\Users\Martin\AppData\Roaming\Adobe
2021-01-30 22:09 - 2020-11-13 23:01 - 000000000 ____D C:\Users\Martin\Documents\OFX Presets
2021-01-30 18:44 - 2020-12-25 14:27 - 000000000 ____D C:\Users\Martin\Documents\Adobe
2021-01-30 18:22 - 2020-12-25 14:23 - 000000000 ____D C:\Program Files\Adobe
2021-01-30 18:22 - 2019-09-16 21:11 - 000000000 ____D C:\Program Files (x86)\Adobe
2021-01-28 18:53 - 2020-11-01 01:31 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1952709571-807798404-1509361630-1003
2021-01-28 18:53 - 2020-10-31 13:00 - 000002409 _____ C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-01-28 18:53 - 2019-01-08 10:52 - 000000000 ___RD C:\Users\Martin\OneDrive
2021-01-28 13:28 - 2020-11-01 01:31 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-01-28 13:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-01-27 11:10 - 2020-12-25 14:43 - 000000000 ____D C:\Users\Martin\Desktop\Untitled Export
2021-01-24 18:01 - 2019-03-02 14:35 - 000000000 ____D C:\Users\Martin\AppData\Roaming\obs-studio
2021-01-23 01:36 - 2019-03-22 22:54 - 000000000 ____D C:\Users\Martin\AppData\Roaming\Streamlabs OBS
2021-01-22 11:15 - 2018-05-10 07:48 - 000000000 ____D C:\ProgramData\Package Cache
2021-01-22 09:11 - 2020-01-28 20:50 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-01-19 01:31 - 2019-03-28 22:14 - 000000002 _____ C:\Users\Martin\AppData\Roaming\ExplorerFavorites.txt
2021-01-17 16:32 - 2020-11-19 16:30 - 000000000 ____D C:\ProgramData\Zoner
2021-01-15 13:57 - 2020-11-01 01:26 - 000448472 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-15 13:56 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-15 13:56 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-15 09:46 - 2020-11-01 01:26 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-01-15 09:40 - 2018-05-10 08:03 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-01-15 09:37 - 2018-05-10 08:03 - 135062968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-01-11 20:34 - 2019-01-08 12:25 - 000000000 ____D C:\Users\Martin\AppData\Local\NVIDIA

==================== Files in the root of some directories ========

2021-01-30 18:41 - 2021-01-30 18:41 - 000601600 _____ () C:\ProgramData\adobe_snr_patch_v2_0_painter0000.exe
2019-03-28 22:14 - 2021-01-19 01:31 - 000000002 _____ () C:\Users\Martin\AppData\Roaming\ExplorerFavorites.txt
2019-03-22 14:08 - 2002-08-29 18:33 - 000319488 _____ () C:\Users\Martin\AppData\Roaming\MafiaSetup.exe
2019-09-16 22:26 - 2019-09-16 22:26 - 000000027 _____ () C:\Users\Martin\AppData\Local\.sdpl-system-config4
2021-02-01 09:06 - 2021-02-01 09:06 - 000000000 _____ () C:\Users\Martin\AppData\Local\oobelibMkey.log
2019-07-28 00:07 - 2019-07-28 00:07 - 000000017 _____ () C:\Users\Martin\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-02-2021 01
Ran by Martin (10-02-2021 13:38:01)
Running from C:\Users\Martin\Desktop
Windows 10 Home Version 20H2 19042.746 (X64) (2020-11-01 00:31:44)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1952709571-807798404-1509361630-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1952709571-807798404-1509361630-503 - Limited - Disabled)
Guest (S-1-5-21-1952709571-807798404-1509361630-501 - Limited - Disabled)
Martin (S-1-5-21-1952709571-807798404-1509361630-1003 - Administrator - Enabled) => C:\Users\Martin
WDAGUtilityAccount (S-1-5-21-1952709571-807798404-1509361630-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\uTorrent) (Version: 3.5.5.45852 - BitTorrent Inc.)
Acronis True Image OEM (HKLM-x32\...\{52497ECE-588E-41F3-8233-E0749ED085F7}) (Version: 22.0.10510 - Acronis)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Adobe Ae (HKLM\...\{B910FB1A-0B9D-412D-A735-28AF88A52FF1}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_10_0) (Version: 10.0 - Adobe Inc.)
Adobe Photoshop 2021 (HKLM-x32\...\PHSP_22_0) (Version: 22.0.0.35 - Adobe Inc.)
AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 2.00.12 - ASUSTeK Computer Inc.)
AIDA64 Extreme v6.00 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 6.00 - FinalWire Ltd.)
Aktualizace NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 18.4.1 - Advanced Micro Devices, Inc.)
ApowerPDF V4.1.0.124 (HKLM-x32\...\{99A1CF84-3154-433D-9F73-0A4D4DACBA1A}_is1) (Version: 4.1.0.124 - Apowersoft LIMITED)
Apowersoft Online Launcher verze 1.7.1 (HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.7.1 - APOWERSOFT LIMITED)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.50.1 - Asmedia Technology)
AURA (HKLM-x32\...\{5899CD4F-8764-4303-A0D9-C60A62CFC24F}) (Version: 1.05.38 - ASUSTeK Computer Inc.)
Avira (HKLM-x32\...\{161e6084-b0f5-43e8-86d8-09eda5c0893d}) (Version: 1.2.153.30452 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{426D1710-5DFD-45E9-B11D-464792C5AD35}) (Version: 1.2.153.30452 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.37.1.24458 - Avira Operations GmbH & Co. KG)
Balanced (HKLM-x32\...\{EFD0705E-598B-46D4-8D5B-4539431764B8}) (Version: 2.02.0000 - Název společnosti:) Hidden
BufferChm (HKLM-x32\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.327.000 - Hewlett-Packard) Hidden
Canon MP630 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP630_series) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.75 - Piriform)
Cities: Skylines (HKLM-x32\...\Cities: Skylines_is1) (Version: - )
Common Desktop Agent (HKLM\...\{A38002C3-BA08-466A-A813-7F9D578B13A1}) (Version: 1.62.0 - OEM) Hidden
CPUID HWMonitor 1.41 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.41 - CPUID, Inc.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.9.0.0677 - Disc Soft Ltd)
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden
Discord (HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\Discord) (Version: 0.0.305 - Discord Inc.)
DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Euro Truck Simulator 2 Beyond the Baltic Sea (HKLM-x32\...\Euro Truck Simulator 2 Beyond the Baltic Sea_is1) (Version: - )
Euro Truck Simulator 2 Road to the Black Sea (HKLM-x32\...\Euro Truck Simulator 2 Road to the Black Sea_is1) (Version: - )
Euro Truck Simulator 2 v. 1.38.1.15s (HKLM-x32\...\Euro Truck Simulator 2_is1) (Version: - )
Excla WAVclean 1.9.3 (HKLM-x32\...\{4A64D33C-289E-4D32-8079-DA46A4FEBC2D}) (Version: 1.9.3 - Excla Inc)
FIFA 19 (HKLM-x32\...\{3391E07D-8484-4124-817E-FCBDA859FD62}) (Version: 1.0.58.64628 - Electronic Arts)
Forza Horizon 4 v. 1.460.859.2 (HKLM-x32\...\Forza Horizon 4_is1) (Version: - )
Google Chrome (HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\Google Chrome) (Version: 88.0.4324.150 - Google LLC)
GPBaseService2 (HKLM-x32\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.367.000 - Hewlett-Packard) Hidden
HGTV Flipper (HKLM-x32\...\1689378242_is1) (Version: 1.20173 (e87af) - GOG.com)
House Flipper (HKLM-x32\...\1140907376_is1) (Version: 1.20173 (e87af) - GOG.com)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Scanjet 2400 (HKLM\...\{7B604AC7-B496-473F-A17C-489398E38BEA}) (Version: 13.0 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
hpg2410 (HKLM-x32\...\{41E105E1-6E85-4828-8699-4B0227BB118F}) (Version: 14.0.0.0 - Název společnosti:) Hidden
HPProductAssistant (HKLM-x32\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.367.000 - Hewlett-Packard) Hidden
I.CA Maintenance (HKLM-x32\...\{A26EE07C-9196-4BB9-BB81-1608D0A99887}) (Version: 1.3.2.0 - První certifikační autorita, a.s.) Hidden
I.CA Maintenance (HKLM-x32\...\I.CA Maintenance 1.3.2.0) (Version: 1.3.2.0 - První certifikační autorita, a.s.)
I.CA PKIServiceHost (HKLM\...\{A14460AC-0A70-4AE6-B159-1D4EEA921896}) (Version: 1.4.0.0 - První certifikační autorita, a.s.) Hidden
I.CA PKIServiceHost (HKLM-x32\...\I.CA PKIServiceHost 1.4.0.0) (Version: 1.4.0.0 - První certifikační autorita, a.s.)
InfraRecorder 0.53 (x64 edition) (HKLM\...\{2C22EA92-CB30-4932-0053-000001000000}) (Version: 0.53.00.00 - Christian Kindahl)
Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
Kits Configuration Installer (HKLM-x32\...\{C690B2D9-0AA8-8CDA-965D-FED648C3EF9C}) (Version: 10.1.17134.1 - Microsoft) Hidden
Mafia - Definitve Edition v.1.0.1 (HKLM-x32\...\Mafia - Definitve Edition_is1) (Version: - )
Mafia Game (HKLM-x32\...\Mafia Game) (Version: - )
Max Payne (HKLM-x32\...\{39930321-4C58-4B8B-BCBF-342698C9801D}) (Version: - )
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.63 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.59 - )
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\OneDriveSetup.exe) (Version: 21.002.0104.0005 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{97238E8A-4919-4A1E-965A-C6C36938F4CE}) (Version: 2.68.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
MOV Player 1.0.2 (HKLM-x32\...\MOV Player_is1) (Version: - vsevensoft.com)
Mozilla Firefox 85.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 85.0.2 (x64 cs)) (Version: 85.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0 - Mozilla)
Nero 7 Ultra Edition (HKLM-x32\...\{4F2CE68F-EDBB-4592-BF07-5AC930A51029}) (Version: 7.02.6446 - Nero AG)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 461.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.09 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 23.0.1 - OBS Project)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OEM Application Profile (HKLM-x32\...\{7F5DCD33-1039-C3B2-9538-B645B65BBA63}) (Version: 1.00.0000 - Název společnosti:)
OPRAVA PC ONLINE (HKLM-x32\...\{5E71387E-2CF7-1F26-C919-7FACFF27D2EF}) (Version: 7.11.760 - LogMeIn, Inc.)
Ovládací panel NVIDIA 461.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 461.09 - NVIDIA Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.23.1003.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8339 - Realtek Semiconductor Corp.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.19.234 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.5.2 - Rockstar Games)
Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Sniper Ghost Warrior Contracts (HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\Sniper Ghost Warrior Contracts) (Version: - HOODLUM)
SolutionCenter (HKLM-x32\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.369.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs OBS 0.12.1 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.12.1 - General Workings, Inc.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.3.2 - TeamSpeak Systems GmbH)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.2.2756 - TeamViewer)
Thumbnail me 3.0 (HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\Thumbnail me 3.0) (Version: - )
Toolkit Documentation (HKLM-x32\...\{563689A6-D95B-EA6D-665F-97959643E0DB}) (Version: 10.1.17134.1 - Microsoft) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
VEGAS Pro 14.0 (64-bit) (HKLM\...\{4C79D80F-79F9-11E6-8402-BB95F5A309BD}) (Version: 14.0.161 - VEGAS)
VEGAS Pro 16.0 (HKLM\...\{0D090E4F-12A2-11E9-A3DD-00155D6302F2}) (Version: 16.0.361 - VEGAS)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
WebReg (HKLM-x32\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.128.017 - Hewlett-Packard) Hidden
WhatsApp (HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\WhatsApp) (Version: 2.2049.10 - WhatsApp)
Windows Assessment and Deployment Kit - Windows 10 (HKLM-x32\...\{d794748d-72e9-45d7-9ab7-83d6c4c80f7f}) (Version: 10.1.17134.1 - Microsoft Corporation)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
Wondershare Filmora X(Build 10.0.4.6) (HKLM\...\Wondershare Filmora X_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Xerox Easy Printer Manager (HKLM-x32\...\Xerox Easy Printer Manager) (Version: 1.03.97.00(21.04.2014) - Xerox Corporation.)
Xerox Easy Wireless Setup (HKLM-x32\...\Xerox Easy Wireless Setup) (Version: 3.70.18.0 - Xerox Corporation)
Xerox Phaser 3020 (HKLM-x32\...\Xerox Phaser 3020) (Version: 1.01 (20.05.2014) - Xerox Corporation)
Xerox Phaser 3020 XPS (Windows 8) (HKLM-x32\...\Xerox Phaser 3020 XPS (Windows 8)) (Version: 3.03.13.02:11 - Xerox Corporation)
Zobrazit uživatelskou příručku (HKLM-x32\...\Xerox View User Guide ) (Version: 3.60.45.0 - )
Zoner Photo Studio X CS (HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\ZPS X) (Version: 19.2009.2.286 - ZONER software)

Packages:
=========
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1951.1.0_x86__kgqvnymyfvs32 [2021-02-10] (king.com)
Cooking Fever -> C:\Program Files\WindowsApps\NORDCURRENT.COOKINGFEVER_11.1.3.0_x86__m9bz608c1b9ra [2021-02-05] (Nordcurrent)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.7.337.0_x64__rz1tebttyb220 [2021-02-10] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-05] (Microsoft Corporation)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2019-01-08] (Fitbit)
Forza Horizon 4 -> D:\Forza Horizon 4\FH4 [2021-02-10] (Microsoft Studios)
Forza Horizon 4 Fortune Island -> D:\Forza Horizon 4\FH4_FortuneIsland [2021-02-10] (Microsoft Studios)
Forza Horizon 4 LEGO Speed Champions -> D:\Forza Horizon 4\FH4_Lego [2021-02-10] (Microsoft Studios)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-22] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-22] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-01-30] (Microsoft Studios) [MS Ad]
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_3.25.1.0_x64__nfy108tqq3p12 [2021-02-06] (Thumbmunkeys Ltd)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1952709571-807798404-1509361630-1003_Classes\CLSID\{6D264B70-DA18-401D-910C-B202D89670C6}\InprocServer32 -> C:\Users\Martin\AppData\Local\Google\Update\1.3.36.32\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1952709571-807798404-1509361630-1003_Classes\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32 -> C:\Users\Martin\AppData\Local\Google\Update\1.3.36.72\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-1952709571-807798404-1509361630-1003_Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\localserver32 -> C:\Users\Martin\AppData\Local\Google\Chrome\Application\88.0.4324.150\notification_helper.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-1952709571-807798404-1509361630-1003_Classes\CLSID\{CA919489-0396-4164-A6E7-94CDED45A707}\InprocServer32 -> C:\Users\Martin\AppData\Local\Google\Update\1.3.36.52\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1952709571-807798404-1509361630-1003_Classes\CLSID\{DEDF773D-E27B-485E-8E7D-85C5B0EB5A67}\InprocServer32 -> C:\Users\Martin\AppData\Local\Google\Update\1.3.36.72\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-1952709571-807798404-1509361630-1003_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-1952709571-807798404-1509361630-1003_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Martin\AppData\Local\Google\Update\1.3.36.72\psuser_64.dll (Google LLC -> Google LLC)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AcronisDrive] -> {5D74FD4B-4EFB-4586-8022-8637BBE40970} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-12-01] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-12-01] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-12-01] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-12-01] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [2007-02-28] (Nero AG -> Nero AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-12-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-12-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2018-04-24] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Martin\Desktop\(32х)Euro Truck Simulator 2.lnk -> D:\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software) <==== Cyrillic
Shortcut: C:\Users\Martin\Desktop\(64х)Euro Truck Simulator 2.lnk -> D:\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software) <==== Cyrillic
Shortcut: C:\Users\Martin\Desktop\install Forza Horizon 4.lnk -> D:\Forza Horizon 4\install.bat ()

==================== Loaded Modules (Whitelisted) =============

2017-09-06 18:11 - 2017-09-06 18:11 - 000125952 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-09-06 18:11 - 2017-09-06 18:11 - 000118272 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-09-06 18:11 - 2017-09-06 18:11 - 000086528 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2017-09-06 18:11 - 2017-09-06 18:11 - 000214528 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-09-06 18:11 - 2017-09-06 18:11 - 000117248 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2018-05-10 07:55 - 2015-06-03 00:17 - 000147456 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2017-12-01 14:44 - 2017-12-01 14:44 - 000277538 _____ () [File not signed] C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\LIBMAGIC.dll
2021-01-30 19:31 - 2016-07-21 10:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2021-01-30 19:31 - 2017-09-12 10:34 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2018-11-18 18:46 - 2018-02-06 19:48 - 000073728 _____ () [File not signed] C:\Program Files (x86)\LightingService\1.00.39\ClaymoreProtocol.dll
2018-11-18 18:46 - 2018-02-06 19:43 - 000053248 _____ () [File not signed] C:\Program Files (x86)\LightingService\1.00.39\cpuutil.dll
2018-11-18 18:46 - 2018-02-06 19:48 - 000073728 _____ () [File not signed] C:\Program Files (x86)\LightingService\1.00.39\CharmProtocol.dll
2018-11-18 18:46 - 2018-02-06 19:48 - 001951232 _____ () [File not signed] C:\Program Files (x86)\LightingService\1.00.39\R2Clib.dll
2018-11-18 18:46 - 2018-02-06 19:48 - 000073728 _____ () [File not signed] C:\Program Files (x86)\LightingService\1.00.39\RogNewmouseProtocol.dll
2018-11-18 18:46 - 2018-02-06 19:48 - 001777664 _____ () [File not signed] C:\Program Files (x86)\LightingService\1.00.39\Vender.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000015360 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2018-04-24 21:55 - 2018-04-24 21:55 - 002519040 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2021-02-10 12:38 - 2021-02-10 12:38 - 000064512 _____ () [File not signed] C:\Users\Martin\AppData\Local\Temp\cr_sdk_temp_00718376.tmp
2018-05-10 07:55 - 2017-06-01 21:24 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.31\ASACPI.DLL
2018-05-10 07:55 - 2015-06-03 00:17 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsAcpi.dll
2018-05-10 07:55 - 2017-06-01 21:24 - 000676864 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.31\asacpiEx.dll
2018-05-10 07:55 - 2015-06-03 00:17 - 000676864 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\asacpiex.dll
2018-05-10 07:55 - 2015-06-03 00:17 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsMultiLang.dll
2018-11-18 18:46 - 2018-02-06 19:48 - 000081920 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\LightingService\1.00.39\AudioLEDCtrl.dll
2017-12-01 14:44 - 2017-12-01 14:44 - 025338368 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Acronis\TrueImageHome\icudt54.dll
2017-12-01 14:44 - 2017-12-01 14:44 - 002056704 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Acronis\TrueImageHome\icuin54.dll
2017-12-01 14:44 - 2017-12-01 14:44 - 001425408 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Acronis\TrueImageHome\icuuc54.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000032256 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000039936 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000034304 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000237056 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000025600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000025600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000024064 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000481792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 001336320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2018-04-24 23:01 - 2018-04-24 23:01 - 005766144 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 006045184 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000964096 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000279552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 003233792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 003406848 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000328704 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000325632 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 069968896 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000109568 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 005523456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000282624 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000194560 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 003281408 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000049152 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000018432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000018432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000311296 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000089600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000018432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2018-11-18 18:46 - 2018-02-06 19:48 - 002039296 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\LightingService\1.00.39\LED_DLL_forMB.dll
2018-11-18 18:46 - 2018-02-06 19:48 - 001628672 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\LightingService\1.00.39\VGA_Extra.dll
2021-01-30 19:31 - 2017-09-12 10:36 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-1952709571-807798404-1509361630-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=BT170603&iDate=2021-01-05 07:53:01&iid=ba45a4b4-96ed-4baa-b779-5d62b391a06d&bName=
SearchScopes: HKU\S-1-5-21-1952709571-807798404-1509361630-1003 -> {993F5746-4C15-42BC-99C1-064A1764271B} URL = hxxps://securesearch.org?q={searchTerms}
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-02-07] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-02-07] (Oracle America, Inc. -> Oracle Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\*.capgemini.com -> hxxp://*.capgemini.com
IE trusted site: HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\*.capgemini.com -> hxxps://*.capgemini.com
IE trusted site: HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\*.csob.cz -> hxxps://*.csob.cz
IE trusted site: HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\*.csob.sk -> hxxps://*.csob.sk
IE trusted site: HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\*.erasvet.cz -> hxxps://*.erasvet.cz
IE trusted site: HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\*.ica.cz -> hxxp://*.ica.cz
IE trusted site: HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\*.ica.cz -> hxxps://*.ica.cz
IE trusted site: HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\*.postovnisporitelna.cz -> hxxps://*.postovnisporitelna.cz
IE trusted site: HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\*.proebiz.com -> hxxp://*.proebiz.com
IE trusted site: HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\*.proebiz.com -> hxxps://*.proebiz.com
IE trusted site: HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 00:38 - 2020-07-13 20:23 - 000001256 _____ C:\WINDOWS\system32\drivers\etc\hosts
109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 fitgirl-repack.com # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site

2020-02-15 13:37 - 2020-03-13 09:29 - 000000509 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.0.102 DESKTOP-69LFJ66.mshome.net # 2025 3 3 12 8 29 43 70
192.168.137.209 Lenovo-PC.mshome.net # 2020 3 0 15 13 52 45 222

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile64\;C:\Program Files (x86)\Common Files\Acronis\FileProtector\;C:\Program Files (x86)\Common Files\Acronis\FileProtector64\;C:\Program Files (x86)\Common Files\Acronis\SnapAPI\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\QuickTime\QTSystem\
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "WinZip Preloader.lnk"
HKLM\...\StartupApproved\Run: => "WinZip UN"
HKLM\...\StartupApproved\Run: => "WinZip FAH"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\StartupApproved\Run: => "Web Companion"
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\StartupApproved\Run: => "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{4A6222DA-985D-4441-91F2-A48D91D50603}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe => No File
FirewallRules: [{141EBEC6-9607-494F-AD2F-26D0DACE0AEC}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe => No File
FirewallRules: [UDP Query User{8F238540-D13D-4E59-9409-A859A6A2472E}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [TCP Query User{E59FC280-9D0C-4804-94FB-D012306B2127}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{EC285A85-F1C1-4BDD-BB9D-4FF660018146}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E7AA1EA3-EAD5-4DFD-B706-450B25EA6715}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{6E1E5B3E-C109-47FC-AAA6-D5EB20411FA7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{6B7DA4E2-C54C-4084-86BB-6C9635EF5EDF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [UDP Query User{9F4D8D01-64B1-4E6B-90B2-2DDEB83776BD}D:\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [TCP Query User{8D38D1B7-E7EB-4965-9DA4-B1D32BFF70DB}D:\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [UDP Query User{9E2A7824-88DB-476C-AD55-7A6CE6E7859E}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{964AEB1A-0FDD-494E-A4C5-7FFF3A54B680}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{686056B1-05B2-47E4-B520-1DB333E5A8F8}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{42E19EC2-58BD-4B77-B9E5-C01B7BADADC9}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{5F5571F8-28D5-4122-9084-4F13623D2A4B}C:\users\martin\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\martin\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe => No File
FirewallRules: [TCP Query User{38047FBD-87A4-4728-983C-83057318927F}C:\users\martin\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\martin\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe => No File
FirewallRules: [UDP Query User{5467B834-12AA-4F4D-BE49-38233F3BA57F}C:\users\martin\appdata\local\fivem\fivem.exe] => (Allow) C:\users\martin\appdata\local\fivem\fivem.exe => No File
FirewallRules: [TCP Query User{17BB8B65-C515-4653-A0E5-415FC691FB34}C:\users\martin\appdata\local\fivem\fivem.exe] => (Allow) C:\users\martin\appdata\local\fivem\fivem.exe => No File
FirewallRules: [UDP Query User{E0B385EF-13F8-43C0-9461-0E4A0DFD270C}D:\sniper ghost warrior contracts\win_x64\sgwcontracts.exe] => (Allow) D:\sniper ghost warrior contracts\win_x64\sgwcontracts.exe (CI Games S.A.) [File not signed]
FirewallRules: [TCP Query User{EC4ACF0B-20CA-432E-8E69-CD38F92213D5}D:\sniper ghost warrior contracts\win_x64\sgwcontracts.exe] => (Allow) D:\sniper ghost warrior contracts\win_x64\sgwcontracts.exe (CI Games S.A.) [File not signed]
FirewallRules: [{14308295-25F2-4901-8DF5-530EA628C62A}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{D539D077-22F1-4A4E-ACD9-B12F91403590}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [UDP Query User{0F973F44-95F7-4528-8411-25F4524A2A9C}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{76E8F8CA-9108-43BE-ABC3-D2320E8D8B01}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{B2E7890C-F611-4EC4-9DF8-2C8DFEE1AA37}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{7E6F36FB-A838-4B9F-9A5F-D5D6A21E1075}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{36AE5206-19B4-4270-9ACA-6AD17B077E6A}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (PUBG CORPORATION -> Bluehole GinnoGames, Inc.)
FirewallRules: [TCP Query User{4658BD78-E5DA-4434-BD0F-FD3D026338DE}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (PUBG CORPORATION -> Bluehole GinnoGames, Inc.)
FirewallRules: [{B4C8B6B1-77FD-4D0E-88FA-C6453FC19371}] => (Allow) D:\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG CORPORATION -> PUBG Corporation)
FirewallRules: [{2EE9FF7D-B819-49D3-AE13-9E3CA0D05551}] => (Allow) D:\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG CORPORATION -> PUBG Corporation)
FirewallRules: [{A481F9AF-A0A7-455A-B8C5-B578AE560DBA}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> )
FirewallRules: [{4053D2D5-87E6-4EB0-BBA4-458F744FFF52}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{08647957-8047-41E1-A2D7-37F4A6DAA28F}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImage.exe (Acronis International GmbH -> )
FirewallRules: [{632CA24B-495C-451D-B330-035B5C1F65B6}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis International GmbH -> )
FirewallRules: [{5059776B-7F65-40DE-B9FB-668486167F1B}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageTools.exe (Acronis International GmbH -> )
FirewallRules: [{EC11AA58-02DE-48FC-80D0-00EAAD7C3EA5}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeService.exe (Acronis International GmbH -> )
FirewallRules: [{E813B00A-98EB-4E01-AEA8-943623762734}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\MediaBuilder.exe (Acronis International GmbH -> )
FirewallRules: [{4D5EC006-4E5D-45BA-9DA9-03033A677DF5}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\SystemReport.exe (Acronis International GmbH -> )
FirewallRules: [{22E3BC61-97EA-40E2-96A3-C23FCA3C8593}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\acronis_drive.exe (Acronis International GmbH -> )
FirewallRules: [{B79D168C-2CF6-4F63-84CE-2F795E51EE06}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{EF1678BC-75D2-4960-A9A1-58735A01AE4B}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe (Acronis International GmbH -> )
FirewallRules: [{CDBB2A6F-ECD5-4F4A-AD6B-49EC29146CE0}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\ga_service.exe (Acronis International GmbH -> )
FirewallRules: [{562552BB-7272-4269-8CF1-579CABB87AE7}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{927C3AFE-EA8B-47BA-88F9-BE2E3C8997E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D2D65BC2-DEA7-44EA-AF90-BC0F37D35799}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D64CF47A-2578-44EB-86DD-A1DA917FB732}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0D33FFEB-3307-4E4F-8B7E-41B7BF00B9B7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{7E8C9265-1C5B-4B70-B8F4-3C16615CB6F3}C:\users\martin\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\martin\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{CFBD22A8-8B0F-41A1-87D9-EA558BF4D856}C:\users\martin\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\martin\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{D1771151-2481-4654-B7BA-EB0E413A1EE8}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{15DCDB1C-7028-4F71-884B-3840CDE704CE}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{C30C0CFF-04A7-4DFF-ABCD-9AF87D6153AE}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{9D044B38-ACE0-456A-B469-60F981C35A9A}D:\dying light\devtools\dyinglightplayer.exe] => (Allow) D:\dying light\devtools\dyinglightplayer.exe => No File
FirewallRules: [UDP Query User{D9E01699-4A10-4FDC-8528-BC0BD55C287E}D:\dying light\devtools\dyinglightplayer.exe] => (Allow) D:\dying light\devtools\dyinglightplayer.exe => No File
FirewallRules: [TCP Query User{51E506C4-3805-47CA-B43D-43B27A98F55C}D:\dying light\dyinglightgame.exe] => (Allow) D:\dying light\dyinglightgame.exe => No File
FirewallRules: [UDP Query User{8280EF09-BBB4-479D-9814-DF70638989CA}D:\dying light\dyinglightgame.exe] => (Allow) D:\dying light\dyinglightgame.exe => No File
FirewallRules: [{27063BC7-EC0F-4F08-BCCA-57EF139A618E}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{2DC00B46-1878-4D94-B58E-DE1CB622374F}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{D45BAE82-5571-4D09-AC65-53B0D7651FA1}D:\grand theft auto v\gta5.exe] => (Allow) D:\grand theft auto v\gta5.exe => No File
FirewallRules: [UDP Query User{29D6F94D-2315-44C0-B8B9-B3D3528C120C}D:\grand theft auto v\gta5.exe] => (Allow) D:\grand theft auto v\gta5.exe => No File
FirewallRules: [{4DE6C839-0421-40DD-A107-F4D93AF5151A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{7C1634F2-EE1D-468A-B0ED-5BB3F1DC956F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{C633A48E-625F-4A21-89AA-9341DD0CFD7F}] => (Allow) D:\FIFA19\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{6DC3FF49-0F57-476B-B377-E4E39110F36B}] => (Allow) D:\FIFA19\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{C01D4D4E-962C-4754-B154-C9113E81053A}] => (Allow) D:\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [{A3C2A781-2DB4-4BAA-8614-504F5379DB76}] => (Allow) D:\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [{33ACD65F-1B0E-4BC8-95AB-A83A4F3CA441}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{813997DD-A021-4CD9-B632-07B03270DF9E}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{B0C36551-5C28-47C5-A3FB-65A9DF0E63DE}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{42070C38-7211-49CA-A788-BF8D5DF27D27}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{728E0591-987F-4EE9-99E6-A15E650E2B75}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DD4E8D08-8D78-4E0F-951E-27F7391ECE6D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D3039657-FA14-4FEF-8553-C071B39636BB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{388CAAAC-D744-4350-930E-DDBCBA1BCDD5}C:\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [UDP Query User{67BEDAEB-6055-42DD-8BD6-2BA22442935E}C:\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [{866BB5FC-0472-406B-A264-B537EDCF4ECE}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{99B6FAFB-62C9-43A1-817A-9CB1B1D072A1}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{8449ABDE-C618-40CA-9EF0-9B2415C02D7C}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Application.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{DEA70D0D-B5A6-44E7-9480-61ABD650222D}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Application.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{838801C3-CD72-41A3-A573-505BBD3E7218}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.OrderSupplies.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{E67434A5-0E92-4A63-80D7-65EE2350E71B}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.OrderSupplies.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{64772DFF-1278-41CD-B97E-D8AF617B1546}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Alert.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{0A4492FA-6A59-4B8E-9DDA-E3927FD9581F}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Alert.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{F1C71E61-13D0-4357-9D43-816E193ECC66}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\uninstall.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{B7628C83-9659-49DB-A171-1220B4381A4C}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\uninstall.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{7376F86B-CDCF-42C4-84EB-F0C1106326AC}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\CDAS2PC\Xerox.CDAS2PC.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{B9ADA6E4-5DCC-4E90-B45C-F8330A83DB9A}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\CDAS2PC\Xerox.CDAS2PC.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{18E83BA8-DA89-4CF5-9A56-081D68A2536A}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{18A23B19-459A-4903-82AF-F40A6239F6C1}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{781DAF4A-459B-4005-BC8D-95DD135C3F34}] => (Allow) C:\Users\Martin\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{6E1A2B98-1001-4279-8218-ACA2955A6DD2}] => (Allow) C:\Users\Martin\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{6896169F-8B4F-44D4-8624-51549816EBFA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D2EF2A0D-C009-4284-90D3-171F041D66B3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3DC17ADD-2ED0-4053-889C-A6AE11484B59}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6F7E535D-44D7-416C-807C-3BFA890AD38F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{94757BDF-A87B-4EF9-B696-FEBDF33902FA}] => (Allow) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

10-02-2021 00:22:17 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/10/2021 01:06:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Microsoft.SunriseBaseGame_1.460.859.2_x64__8wekyb3d8bbwe.exe, verze: 0.0.0.0, časové razítko: 0x5ffe07a9
Název chybujícího modulu: Microsoft.SunriseBaseGame_1.460.859.2_x64__8wekyb3d8bbwe.exe, verze: 0.0.0.0, časové razítko: 0x5ffe07a9
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000003468c60
ID chybujícího procesu: 0x2804
Čas spuštění chybující aplikace: 0x01d6ffa52c655a9a
Cesta k chybující aplikaci: D:\Forza Horizon 4\FH4\Microsoft.SunriseBaseGame_1.460.859.2_x64__8wekyb3d8bbwe.exe
Cesta k chybujícímu modulu: D:\Forza Horizon 4\FH4\Microsoft.SunriseBaseGame_1.460.859.2_x64__8wekyb3d8bbwe.exe
ID zprávy: ca18c101-ab9a-4294-aac3-2bbc5a8972f8
Úplný název chybujícího balíčku: Microsoft.SunriseBaseGame_1.460.859.2_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: SunriseReleaseFinal

Error: (02/10/2021 01:05:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Microsoft.SunriseBaseGame_1.460.859.2_x64__8wekyb3d8bbwe.exe, verze: 0.0.0.0, časové razítko: 0x5ffe07a9
Název chybujícího modulu: Microsoft.SunriseBaseGame_1.460.859.2_x64__8wekyb3d8bbwe.exe, verze: 0.0.0.0, časové razítko: 0x5ffe07a9
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000003468c60
ID chybujícího procesu: 0x108c
Čas spuštění chybující aplikace: 0x01d6ffa4f7b926bb
Cesta k chybující aplikaci: D:\Forza Horizon 4\FH4\Microsoft.SunriseBaseGame_1.460.859.2_x64__8wekyb3d8bbwe.exe
Cesta k chybujícímu modulu: D:\Forza Horizon 4\FH4\Microsoft.SunriseBaseGame_1.460.859.2_x64__8wekyb3d8bbwe.exe
ID zprávy: 0567b6c1-453b-4549-b4b2-e7a6d7be7304
Úplný název chybujícího balíčku: Microsoft.SunriseBaseGame_1.460.859.2_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: SunriseReleaseFinal

Error: (02/10/2021 12:50:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Microsoft.SunriseBaseGame_1.460.859.2_x64__8wekyb3d8bbwe.exe, verze: 0.0.0.0, časové razítko: 0x5ffe07a9
Název chybujícího modulu: Microsoft.SunriseBaseGame_1.460.859.2_x64__8wekyb3d8bbwe.exe, verze: 0.0.0.0, časové razítko: 0x5ffe07a9
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000003468c60
ID chybujícího procesu: 0xf34
Čas spuštění chybující aplikace: 0x01d6ffa2df156c61
Cesta k chybující aplikaci: D:\Forza Horizon 4\FH4\Microsoft.SunriseBaseGame_1.460.859.2_x64__8wekyb3d8bbwe.exe
Cesta k chybujícímu modulu: D:\Forza Horizon 4\FH4\Microsoft.SunriseBaseGame_1.460.859.2_x64__8wekyb3d8bbwe.exe
ID zprávy: 6724a33c-3a78-4cf2-b2de-b82f6f159708
Úplný název chybujícího balíčku: Microsoft.SunriseBaseGame_1.460.859.2_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: SunriseReleaseFinal

Error: (02/10/2021 12:49:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Microsoft.SunriseBaseGame_1.460.859.2_x64__8wekyb3d8bbwe.exe, verze: 0.0.0.0, časové razítko: 0x5ffe07a9
Název chybujícího modulu: Microsoft.SunriseBaseGame_1.460.859.2_x64__8wekyb3d8bbwe.exe, verze: 0.0.0.0, časové razítko: 0x5ffe07a9
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000003468c60
ID chybujícího procesu: 0x20e0
Čas spuštění chybující aplikace: 0x01d6ffa2bbb10760
Cesta k chybující aplikaci: D:\Forza Horizon 4\FH4\Microsoft.SunriseBaseGame_1.460.859.2_x64__8wekyb3d8bbwe.exe
Cesta k chybujícímu modulu: D:\Forza Horizon 4\FH4\Microsoft.SunriseBaseGame_1.460.859.2_x64__8wekyb3d8bbwe.exe
ID zprávy: e54ed9c3-ca03-42aa-9ebd-f39ce8edcb5a
Úplný název chybujícího balíčku: Microsoft.SunriseBaseGame_1.460.859.2_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: SunriseReleaseFinal

Error: (02/10/2021 12:47:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Microsoft.SunriseBaseGame_1.460.859.2_x64__8wekyb3d8bbwe.exe, verze: 0.0.0.0, časové razítko: 0x5ffe07a9
Název chybujícího modulu: Microsoft.SunriseBaseGame_1.460.859.2_x64__8wekyb3d8bbwe.exe, verze: 0.0.0.0, časové razítko: 0x5ffe07a9
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000003468c60
ID chybujícího procesu: 0x3e80
Čas spuštění chybující aplikace: 0x01d6ffa286dcde74
Cesta k chybující aplikaci: D:\Forza Horizon 4\FH4\Microsoft.SunriseBaseGame_1.460.859.2_x64__8wekyb3d8bbwe.exe
Cesta k chybujícímu modulu: D:\Forza Horizon 4\FH4\Microsoft.SunriseBaseGame_1.460.859.2_x64__8wekyb3d8bbwe.exe
ID zprávy: 6d04b394-c0c3-4727-8a12-f33bd6850f19
Úplný název chybujícího balíčku: Microsoft.SunriseBaseGame_1.460.859.2_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: SunriseReleaseFinal

Error: (02/10/2021 10:37:58 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (02/08/2021 03:29:01 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Elements (I:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (02/08/2021 03:28:08 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Nový svazek (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)


System errors:
=============
Error: (02/10/2021 10:38:30 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba luafv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (02/07/2021 12:06:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba luafv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (02/06/2021 11:05:55 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-69LFJ66)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/05/2021 11:58:40 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-69LFJ66)
Description: Server Microsoft.Windows.ContentDeliveryManager_10.0.19041.423_neutral_neutral_cw5n1h2txyewy!App.AppXwdz8g2fxr36xz0tdtagygnvemf85s7gg.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/05/2021 04:41:41 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-69LFJ66)
Description: Server {1EF75F33-893B-4E8F-9655-C3D602BA4897} se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/05/2021 04:41:41 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-69LFJ66)
Description: Server {1EF75F33-893B-4E8F-9655-C3D602BA4897} se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/05/2021 04:41:41 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-69LFJ66)
Description: Server {1EF75F33-893B-4E8F-9655-C3D602BA4897} se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/05/2021 04:41:41 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-69LFJ66)
Description: Server {1EF75F33-893B-4E8F-9655-C3D602BA4897} se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
===================================
Date: 2021-02-10 13:38:10.6260000Z
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Keygen
ID: 2147593794
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\ProgramData\adobe_snr_patch_v2_0_painter0000.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-69LFJ66\Martin
Název procesu: C:\Users\Martin\Desktop\FRST64.exe
Verze bezpečnostních informací: AV: 1.331.650.0, AS: 1.331.650.0, NIS: 1.331.650.0
Verze modulu: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-02-10 13:38:02.8780000Z
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Keygen
ID: 2147593794
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\ProgramData\adobe_snr_patch_v2_0_painter0000.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-69LFJ66\Martin
Název procesu: C:\Users\Martin\Desktop\FRST64.exe
Verze bezpečnostních informací: AV: 1.331.650.0, AS: 1.331.650.0, NIS: 1.331.650.0
Verze modulu: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-02-10 13:37:53.4060000Z
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Keygen
ID: 2147593794
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\ProgramData\adobe_snr_patch_v2_0_painter0000.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-69LFJ66\Martin
Název procesu: C:\Users\Martin\Desktop\FRST64.exe
Verze bezpečnostních informací: AV: 1.331.650.0, AS: 1.331.650.0, NIS: 1.331.650.0
Verze modulu: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-02-10 12:37:51.1450000Z
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.D7!ml
ID: 2147757786
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Martin\Downloads\7zip.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-69LFJ66\Martin
Název procesu: C:\Program Files\Adobe\Adobe Photoshop 2021\Photoshop.exe
Verze bezpečnostních informací: AV: 1.331.633.0, AS: 1.331.633.0, NIS: 1.331.633.0
Verze modulu: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-02-08 08:06:56.4580000Z
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {92475579-9E80-4936-BE59-F8A04DE19FB8}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-02-10 13:38:10.6320000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na kritickou chybu při provádění akce s malwarem nebo jiným potenciálně nežádoucím softwarem.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Keygen
ID: 2147593794
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\ProgramData\adobe_snr_patch_v2_0_painter0000.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-69LFJ66\Martin
Název procesu: C:\Users\Martin\Desktop\FRST64.exe
Akce: Neznámý
Stav akce: No additional actions required
Kód chyby: 0x80508032
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Verze bezpečnostních informací: AV: 1.331.650.0, AS: 1.331.650.0, NIS: 1.331.650.0
Verze modulu: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-01-30 18:35:03.7610000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o obnovení položky z karantény.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Backdoor:Win32/Bladabindi!ml
ID: 2147748148
Závažnost: Vážné
Kategorie: Zadní vrátka
Uživatel: DESKTOP-69LFJ66\Martin
Kód chyby: 0x80508014
Popis chyby: Položku v karanténě nelze obnovit.
Verze bezpečnostních informací: AV: 1.329.3145.0, AS: 1.329.3145.0
Verze modulu: 1.1.17800.5

Date: 2021-01-30 18:33:13.3720000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o obnovení položky z karantény.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Backdoor:Win32/Bladabindi!ml
ID: 2147748148
Závažnost: Vážné
Kategorie: Zadní vrátka
Uživatel: DESKTOP-69LFJ66\Martin
Kód chyby: 0x80508014
Popis chyby: Položku v karanténě nelze obnovit.
Verze bezpečnostních informací: AV: 1.329.3145.0, AS: 1.329.3145.0
Verze modulu: 1.1.17800.5

Date: 2021-01-30 18:31:05.1120000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o obnovení položky z karantény.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Backdoor:Win32/Bladabindi!ml
ID: 2147748148
Závažnost: Vážné
Kategorie: Zadní vrátka
Uživatel: DESKTOP-69LFJ66\Martin
Kód chyby: 0x80508014
Popis chyby: Položku v karanténě nelze obnovit.
Verze bezpečnostních informací: AV: 1.329.3145.0, AS: 1.329.3145.0
Verze modulu: 1.1.17800.5

Date: 2021-01-30 18:30:35.4480000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o obnovení položky z karantény.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Backdoor:Win32/Bladabindi!ml
ID: 2147748148
Závažnost: Vážné
Kategorie: Zadní vrátka
Uživatel: DESKTOP-69LFJ66\Martin
Kód chyby: 0x80508014
Popis chyby: Položku v karanténě nelze obnovit.
Verze bezpečnostních informací: AV: 1.329.3145.0, AS: 1.329.3145.0
Verze modulu: 1.1.17800.5

CodeIntegrity:
===================================

Date: 2020-12-19 14:47:00.3170000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\WWAHost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2020-12-19 14:47:00.3070000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\WWAHost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 0409 08/24/2018
Motherboard: ASUSTeK COMPUTER INC. TUF B450M-PLUS GAMING
Processor: AMD Ryzen 5 1600X Six-Core Processor
Percentage of memory in use: 58%
Total physical RAM: 16318.82 MB
Available physical RAM: 6706.11 MB
Total Virtual: 23486.82 MB
Available Virtual: 7079.41 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.52 GB) (Free:125.18 GB) NTFS
Drive d: (Nový svazek) (Fixed) (Total:931.5 GB) (Free:346.68 GB) NTFS
Drive f: (Windows7_2019) (CDROM) (Total:4.75 GB) (Free:0 GB) UDF

\\?\Volume{eefd00c4-824a-4bda-82d2-b0270ebff817}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.43 GB) NTFS
\\?\Volume{4b740878-0fc8-4a30-a5a9-05aa90f50aad}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{cbbc910d-1694-45ed-b3e9-76e61563b606}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#2 Příspěvek od Diallix »

Dobry den.

:arrow: Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

martin06
Návštěvník
Návštěvník
Příspěvky: 163
Registrován: 07 říj 2006 22:46

Re: Prosím o kontrolu logu

#3 Příspěvek od martin06 »

Zdravím, děkuji za odepsání, níže je log

# -------------------------------
# Malwarebytes AdwCleaner 8.0.9.1
# -------------------------------
# Build: 01-20-2021
# Database: 2021-01-11.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 02-10-2021
# Duration: 00:00:20
# OS: Windows 10 Home
# Scanned: 31956
# Detected: 8


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{993F5746-4C15-42BC-99C1-064A1764271B}
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
PUP.Optional.WarThunder HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\warthunder.com
PUP.Optional.WarThunder HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\warthunder.com
PUP.Optional.WebCompanion HKCU\Software\Lavasoft\Web Companion
PUP.Optional.WebCompanion HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.WebCompanion HKLM\Software\Wow6432Node\Lavasoft\Web Companion

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [1356 octets] - [18/01/2020 15:22:34]
AdwCleaner[C00].txt - [1524 octets] - [18/01/2020 15:26:53]
AdwCleaner[S01].txt - [1448 octets] - [18/01/2020 20:37:25]
AdwCleaner[S02].txt - [1509 octets] - [18/01/2020 21:04:30]
AdwCleaner[C02].txt - [1697 octets] - [18/01/2020 21:04:39]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S03].txt ##########

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#4 Příspěvek od Diallix »

Je nutne najdene objekty zmazat:
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

martin06
Návštěvník
Návštěvník
Příspěvky: 163
Registrován: 07 říj 2006 22:46

Re: Prosím o kontrolu logu

#5 Příspěvek od martin06 »

Aha, oukej, tak to je ten druhej txt.
# -------------------------------
# Malwarebytes AdwCleaner 8.0.9.1
# -------------------------------
# Build: 01-20-2021
# Database: 2021-01-11.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-10-2021
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 8
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\warthunder.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\warthunder.com
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{993F5746-4C15-42BC-99C1-064A1764271B}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1356 octets] - [18/01/2020 15:22:34]
AdwCleaner[C00].txt - [1524 octets] - [18/01/2020 15:26:53]
AdwCleaner[S01].txt - [1448 octets] - [18/01/2020 20:37:25]
AdwCleaner[S02].txt - [1509 octets] - [18/01/2020 21:04:30]
AdwCleaner[C02].txt - [1697 octets] - [18/01/2020 21:04:39]
AdwCleaner[S03].txt - [2763 octets] - [10/02/2021 21:35:49]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C03].txt ##########

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#6 Příspěvek od Diallix »

Dobre. Poprosim o nove logy FRST + ADDITION
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

martin06
Návštěvník
Návštěvník
Příspěvky: 163
Registrován: 07 říj 2006 22:46

Re: Prosím o kontrolu logu

#7 Příspěvek od martin06 »

Ok, log z FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-02-2021 01
Ran by Martin (administrator) on DESKTOP-69LFJ66 (10-02-2021 22:05:40)
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin
Platform: Windows 10 Home Version 20H2 19042.746 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Acronis International GmbH -> ) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
(ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\FANRGBHEADER\FanLEDCtrl.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\LightingService\1.00.39\AsRogAuraGpuDllServer.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.31\aaHMSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\1.00.39\LightingService.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Martin\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2101.15643.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2012.21.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.20122.11121.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe <2>
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <8>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Samsung Electronics CO., LTD. -> ) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [519912 2017-12-01] (Acronis International GmbH -> )
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9246656 2018-01-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] (Samsung Electronics CO., LTD. -> )
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [425864 2017-12-01] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [3770736 2017-12-01] (Acronis International GmbH -> )
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [705728 2020-11-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [731240 2018-12-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\Run: [Steam] => D:\Steam\steam.exe [3424032 2020-10-29] (Valve -> Valve Corporation)
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32414392 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\Run: [Discord] => C:\Users\Martin\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [153136 2007-03-12] (Nero AG -> Nero AG)
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\Run: [Google Update] => C:\Users\Martin\AppData\Local\Google\Update\1.3.36.72\GoogleUpdateCore.exe [216392 2021-02-05] (Google LLC -> Google LLC)
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\MountPoints2: {60327e6c-13ab-11e9-88ca-0c9d9262121a} - "H:\setup.exe"
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\MountPoints2: {c75b7132-132a-11e9-88c9-0c9d9262121a} - "F:\setup.exe"
HKLM\...\Windows x64\Print Processors\Canon MP630 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9C.DLL [27648 2009-12-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\sxj2mPC: C:\Windows\System32\spool\prtprocs\x64\sxj2mpc.dll [43520 2014-02-20] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP630 series: C:\Windows\system32\CNMLM9C.DLL [279040 2009-12-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\sxj2m Langmon: C:\Windows\system32\sxj2mlm.dll [34304 2013-12-10] (Microsoft Windows Hardware Compatibility Publisher -> )
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04981217-BF68-4827-9660-232E07343173} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {08F002C4-F94B-4213-93FA-EA697B686B15} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0E2E5711-E4F9-4BFF-A0A3-2EA6D867D5B4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1AA362C0-33A0-439E-A281-8CAF9DA6A5AA} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1CB8F8EF-06DD-4839-BC16-44FE29F764FE} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2F0534FF-ADF5-4F9F-93A7-AD000D61F783} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {33C890BB-F53C-4498-B08F-D15563F8D2FC} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {354F394F-637D-417D-AC5B-3DCA03622C42} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {39067128-13B0-40AE-A7D0-19D8AAAC45DA} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {3DA85365-E7E4-427C-B112-E4FFF539286B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [563000 2015-08-26] (Apple Inc. -> Apple Inc.)
Task: {453C5CAD-A481-4B82-A48F-836B9FF60B56} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {486D5A86-E43F-4ACE-A6FF-70CBA670D2FF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {66B7EEEA-9777-4CFC-ADBD-25890248E9B2} - System32\Tasks\Zoner.Updater.S-1-5-21-1952709571-807798404-1509361630-1003 => C:\ProgramData\Zoner\Zoner.Installer.Core\Updater.exe [2075216 2020-12-09] (ZONER software, a.s. -> ZONER software, a.s.)
Task: {66BA1A9F-46DA-44E2-9E70-06D495F50986} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe [69512 2018-04-24] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {678CBBC0-4866-4932-B734-44FF637A3CD6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1952709571-807798404-1509361630-1003UA => C:\Users\Martin\AppData\Local\Google\Update\GoogleUpdate.exe [155592 2020-11-05] (Google LLC -> Google LLC)
Task: {7A2B783F-1A40-4E2C-88AE-267E6D8A14EE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {848B3368-4FCD-44F7-AC25-D1B75021B74C} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2072536 2017-07-16] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {9226B98D-FF26-4311-835E-77B86A525C1E} - System32\Tasks\ASUS\AsRogAuraGpuDllServer => C:\Program Files (x86)\LightingService\1.00.39\AsRogAuraGpuDllServer.exe [280536 2018-02-06] (ASUSTeK Computer Inc. -> )
Task: {95E07D5B-2D05-4947-9FE1-7C4A163F53E5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9709CD51-16C0-4C37-BD54-726DFC83CCEF} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {AED8C40E-6018-4F9B-88DC-48B1036643E1} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [49544 2018-04-24] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {C0502CCE-925F-44CE-A3A7-B0606D3E65F5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1952709571-807798404-1509361630-1003Core => C:\Users\Martin\AppData\Local\Google\Update\GoogleUpdate.exe [155592 2020-11-05] (Google LLC -> Google LLC)
Task: {CE00299D-4551-48EF-9386-ECF1A2F31769} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CE80864E-7238-4759-BAB6-512990003C48} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DB782345-A49A-4F95-8783-9067B0A3F848} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DC0A1948-2196-4242-AEB1-0E7E83C12640} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E5AB2829-5A65-4444-8A9B-8F138EBE1235} - System32\Tasks\ASUS\ASUS FanLEDCtrl => C:\Program Files (x86)\ASUS\AI Suite III\FANRGBHEADER\FanLEDCtrl.exe [1147352 2017-07-17] (ASUSTeK Computer Inc. -> )

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{c51dedd1-487f-476e-a3d8-d5c7ba1a874f}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Martin\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-10]

FireFox:
========
FF DefaultProfile: dzgrn46h.default
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\dzgrn46h.default [2021-02-10]
FF DownloadDir: D:\BMW\evo
FF Homepage: Mozilla\Firefox\Profiles\dzgrn46h.default -> hxxps://www.seznam.cz/
FF NewTab: Mozilla\Firefox\Profiles\dzgrn46h.default -> hxxps://securesearch.org/homepage?hp=2&pId=BT170603&iDate=2021-01-05 07:53:01&iid=ba45a4b4-96ed-4baa-b779-5d62b391a06d&bName=
FF Notifications: Mozilla\Firefox\Profiles\dzgrn46h.default -> hxxps://www.kupi.cz
FF Extension: (Komponenta I.CA PKI Service) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\dzgrn46h.default\Extensions\icapkiservice@ica.cz.xpi [2020-06-16]
FF Extension: (Block Site) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\dzgrn46h.default\Extensions\{07046613-1993-4b66-9dd1-9dd1ce581cb7}.xpi [2020-07-13]
FF Extension: (Whoer VPN) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\dzgrn46h.default\Extensions\{ee47f82c-1872-4053-badf-cc675093f81e}.xpi [2020-07-14]
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-02-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-02-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems Incorporated -> Adobe Systems)

Chrome:
=======
CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default [2021-02-10]
CHR Extension: (Prezentace) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-04-23]
CHR Extension: (Safe Torrent Scanner) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2021-01-24]
CHR Extension: (Dokumenty) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-04-23]
CHR Extension: (Disk Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-05]
CHR Extension: (YouTube) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-23]
CHR Extension: (Tabulky) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-04-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-05]
CHR Extension: (Chrome Media Router) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-29]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [2723872 2017-12-01] (Acronis International GmbH -> Acronis International GmbH)
R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1133728 2017-12-01] (Acronis International GmbH -> )
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6096688 2018-05-10] (Acronis International GmbH -> )
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe [382424 2018-02-06] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.31\aaHMSvc.exe [975832 2017-06-01] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [636592 2020-11-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [384360 2020-12-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8402648 2019-12-08] (BattlEye Innovations e.K. -> )
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3644008 2018-12-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [777856 2019-10-24] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA)
S3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-18] (Hewlett-Packard Co.) [File not signed]
S3 I.CA Maintenance Service; C:\Program Files (x86)\I.CA\I.CA Maintenance\ICAMaintenance.exe [283904 2019-08-02] (Prvni certifikacni autorita, a.s. -> I.CA, a.s.)
R2 LightingService; C:\Program Files (x86)\LightingService\1.00.39\LightingService.exe [1244632 2018-02-06] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4808088 2017-12-01] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2017-12-01] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1706080 2017-12-01] (Acronis International GmbH -> )
S3 NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [774144 2007-01-15] (Nero AG) [File not signed]
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-03-12] (Nero AG -> Nero AG)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1314448 2020-03-11] (Rockstar Games, Inc. -> Rockstar Games)
R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7003048 2017-12-01] (Acronis International GmbH -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13172752 2020-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\NisSrv.exe [2462960 2021-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MsMpEng.exe [128376 2021-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2017-06-01] (ASUSTeK Computer Inc. -> )
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2019-01-08] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2019-01-08] (Disc Soft Ltd -> Disc Soft Ltd)
R2 file_protector; C:\WINDOWS\System32\DRIVERS\file_protector.sys [564304 2018-05-10] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [379664 2018-05-10] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S3 GLCKIO; C:\Program Files (x86)\ASUS\AURA\690b33e1-0462-4e84-9bea-c7552b45432a.sys [14976 2020-12-16] (ASUSTeK Computer Inc. -> )
R3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [50248 2020-12-01] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
R3 RtsUpx; C:\Windows\system32\drivers\RtsUpx.sys [30328 2018-11-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [1310552 2018-05-10] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [213336 2018-05-10] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [690520 2018-05-10] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [326416 2018-05-10] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R0 volume_tracker; C:\WINDOWS\System32\DRIVERS\volume_tracker.sys [243472 2018-05-10] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49552 2021-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [419040 2021-02-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2021-02-10] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-10 21:34 - 2021-02-10 21:34 - 008457584 _____ (Malwarebytes) C:\Users\Martin\Desktop\adwcleaner_8.0.9.1.exe
2021-02-10 13:38 - 2021-02-10 13:38 - 000074782 _____ C:\Users\Martin\Desktop\Addition.txt
2021-02-10 13:36 - 2021-02-10 22:06 - 000029874 _____ C:\Users\Martin\Desktop\FRST.txt
2021-02-10 13:35 - 2021-02-10 13:35 - 002297344 _____ (Farbar) C:\Users\Martin\Desktop\FRST64.exe
2021-02-10 10:35 - 2021-02-10 10:35 - 000000762 _____ C:\Users\Martin\Desktop\install Forza Horizon 4.lnk
2021-02-10 10:35 - 2021-02-10 10:35 - 000000707 _____ C:\Users\Martin\Desktop\Forza Horizon 4.lnk
2021-02-09 21:23 - 2021-02-10 10:38 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-02-07 12:45 - 2021-02-10 13:31 - 000000000 ____D C:\Users\Martin\AppData\LocalLow\uTorrent
2021-02-02 16:14 - 2021-02-02 16:14 - 003097697 _____ (ask4pc ) C:\WINDOWS\unins006.exe
2021-02-01 11:03 - 2021-02-01 11:03 - 003097697 _____ (ask4pc ) C:\WINDOWS\unins002.exe
2021-02-01 10:45 - 2021-02-01 10:45 - 002618209 _____ C:\WINDOWS\unins020.exe
2021-02-01 10:45 - 2021-02-01 10:45 - 000061891 _____ C:\WINDOWS\unins020.dat
2021-02-01 10:44 - 2021-02-01 10:44 - 002618209 _____ C:\WINDOWS\unins019.exe
2021-02-01 10:44 - 2021-02-01 10:44 - 000026009 _____ C:\WINDOWS\unins019.dat
2021-02-01 10:43 - 2021-02-01 10:43 - 002618209 _____ C:\WINDOWS\unins018.exe
2021-02-01 10:43 - 2021-02-01 10:43 - 000029659 _____ C:\WINDOWS\unins018.dat
2021-02-01 10:41 - 2021-02-01 10:41 - 002618209 _____ C:\WINDOWS\unins017.exe
2021-02-01 10:41 - 2021-02-01 10:41 - 000091183 _____ C:\WINDOWS\unins017.dat
2021-02-01 10:40 - 2021-02-01 10:40 - 002618209 _____ C:\WINDOWS\unins016.exe
2021-02-01 10:40 - 2021-02-01 10:40 - 000124231 _____ C:\WINDOWS\unins016.dat
2021-02-01 10:36 - 2021-02-01 10:36 - 003097697 _____ (ask4pc ) C:\WINDOWS\unins014.exe
2021-02-01 10:36 - 2021-02-01 10:36 - 002618209 _____ C:\WINDOWS\unins015.exe
2021-02-01 10:36 - 2021-02-01 10:36 - 000050565 _____ C:\WINDOWS\unins014.dat
2021-02-01 10:36 - 2021-02-01 10:36 - 000036577 _____ C:\WINDOWS\unins015.dat
2021-02-01 10:32 - 2021-02-01 10:32 - 002618209 _____ C:\WINDOWS\unins013.exe
2021-02-01 10:32 - 2021-02-01 10:32 - 002618209 _____ C:\WINDOWS\unins012.exe
2021-02-01 10:32 - 2021-02-01 10:32 - 000162189 _____ C:\WINDOWS\unins012.dat
2021-02-01 10:32 - 2021-02-01 10:32 - 000128505 _____ C:\WINDOWS\unins013.dat
2021-02-01 10:21 - 2021-02-01 10:21 - 003097697 _____ (ask4pc ) C:\WINDOWS\unins011.exe
2021-02-01 10:21 - 2021-02-01 10:21 - 000066239 _____ C:\WINDOWS\unins011.dat
2021-02-01 10:20 - 2021-02-01 10:20 - 003097697 _____ (ask4pc ) C:\WINDOWS\unins010.exe
2021-02-01 10:20 - 2021-02-01 10:20 - 003097697 _____ (ask4pc ) C:\WINDOWS\unins009.exe
2021-02-01 10:20 - 2021-02-01 10:20 - 003097697 _____ (ask4pc ) C:\WINDOWS\unins008.exe
2021-02-01 10:20 - 2021-02-01 10:20 - 000127811 _____ C:\WINDOWS\unins010.dat
2021-02-01 10:20 - 2021-02-01 10:20 - 000084751 _____ C:\WINDOWS\unins008.dat
2021-02-01 10:20 - 2021-02-01 10:20 - 000059379 _____ C:\WINDOWS\unins009.dat
2021-02-01 09:35 - 2021-02-01 09:35 - 003097697 _____ (ask4pc ) C:\WINDOWS\unins007.exe
2021-02-01 09:35 - 2021-02-01 09:35 - 000081107 _____ C:\WINDOWS\unins007.dat
2021-02-01 09:34 - 2021-02-02 16:14 - 000127494 _____ C:\WINDOWS\unins006.dat
2021-02-01 09:34 - 2021-02-01 09:34 - 003097697 _____ (ask4pc ) C:\WINDOWS\unins005.exe
2021-02-01 09:34 - 2021-02-01 09:34 - 000080269 _____ C:\WINDOWS\unins005.dat
2021-02-01 09:33 - 2021-02-01 09:33 - 002618209 _____ C:\WINDOWS\unins004.exe
2021-02-01 09:33 - 2021-02-01 09:33 - 002618209 _____ C:\WINDOWS\unins001.exe
2021-02-01 09:33 - 2021-02-01 09:33 - 000032875 _____ C:\WINDOWS\unins004.dat
2021-02-01 09:06 - 2021-02-01 09:06 - 003097697 _____ (ask4pc ) C:\WINDOWS\unins003.exe
2021-02-01 09:06 - 2021-02-01 09:06 - 000086581 _____ C:\WINDOWS\unins003.dat
2021-02-01 09:05 - 2021-02-01 11:03 - 000097618 _____ C:\WINDOWS\unins002.dat
2021-02-01 09:05 - 2021-02-01 09:33 - 000117633 _____ C:\WINDOWS\unins001.dat
2021-02-01 09:05 - 2021-02-01 09:05 - 002618209 _____ C:\WINDOWS\unins000.exe
2021-02-01 09:05 - 2021-02-01 09:05 - 000108171 _____ C:\WINDOWS\unins000.dat
2021-02-01 09:05 - 2021-02-01 09:05 - 000000000 ____D C:\Users\Martin\Documents\Wondershare Filmora 9
2021-01-31 18:55 - 2021-02-05 16:32 - 000000000 ____D C:\Program Files (x86)\Google
2021-01-31 18:23 - 2021-01-31 18:23 - 000003522 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2021-01-31 18:22 - 2021-02-10 12:37 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-01-31 18:22 - 2021-02-10 12:37 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2021-01-31 17:55 - 2021-02-10 14:51 - 022871332 _____ C:\Users\Martin\Downloads\khana.psd
2021-01-30 19:32 - 2021-01-30 19:32 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2021-01-30 19:32 - 2021-01-30 19:32 - 000000000 ____D C:\ProgramData\Documents\Wondershare
2021-01-30 19:31 - 2021-01-30 19:32 - 000000000 ____D C:\ProgramData\Wondershare
2021-01-30 19:31 - 2021-01-30 19:31 - 000001151 _____ C:\Users\Public\Desktop\Wondershare Filmora X.lnk
2021-01-30 19:31 - 2021-01-30 19:31 - 000001151 _____ C:\ProgramData\Desktop\Wondershare Filmora X.lnk
2021-01-30 19:31 - 2021-01-30 19:31 - 000000016 _____ C:\ProgramData\mntemp
2021-01-30 19:31 - 2021-01-30 19:31 - 000000000 ____D C:\Users\Martin\AppData\Local\Wondershare
2021-01-30 19:31 - 2021-01-30 19:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2021-01-30 19:30 - 2021-02-10 12:36 - 000000000 ____D C:\ProgramData\Wondershare Filmora
2021-01-30 19:30 - 2021-01-30 19:31 - 000000000 ____D C:\Program Files\Wondershare
2021-01-30 19:30 - 2021-01-30 19:30 - 000000000 ____D C:\Users\Martin\Documents\Wondershare
2021-01-30 18:18 - 2021-01-30 18:18 - 000001298 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2021-01-30 18:18 - 2021-01-30 18:18 - 000001286 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2021-01-30 18:18 - 2021-01-30 18:18 - 000001286 _____ C:\ProgramData\Desktop\Adobe Creative Cloud.lnk
2021-01-28 18:39 - 2021-01-31 08:30 - 000205664 _____ C:\Users\Martin\Documents\khana.veg
2021-01-28 18:39 - 2021-01-31 00:41 - 000205664 _____ C:\Users\Martin\Documents\khana.veg.bak
2021-01-23 15:43 - 2021-01-23 15:43 - 000000000 ____D C:\Users\Martin\AppData\Local\IO Interactive
2021-01-23 15:41 - 2021-01-23 15:41 - 000000000 ____D C:\Users\Public\Documents\Epic
2021-01-23 15:41 - 2021-01-23 15:41 - 000000000 ____D C:\Users\Martin\AppData\Roaming\IO Interactive
2021-01-23 15:41 - 2021-01-23 15:41 - 000000000 ____D C:\ProgramData\Documents\Epic
2021-01-23 13:30 - 2021-01-23 13:30 - 014952221 _____ C:\Users\Martin\Downloads\vlog5.psd
2021-01-22 12:49 - 2021-02-01 12:11 - 000000091 _____ C:\Users\Martin\Desktop\Nový textový dokument (2).txt
2021-01-22 11:15 - 2021-01-22 11:15 - 000001261 _____ C:\Users\Public\Desktop\Avira.lnk
2021-01-22 11:15 - 2021-01-22 11:15 - 000001261 _____ C:\ProgramData\Desktop\Avira.lnk
2021-01-22 11:15 - 2021-01-22 11:15 - 000001113 _____ C:\Users\Public\Desktop\Avira Phantom VPN.lnk
2021-01-22 11:15 - 2021-01-22 11:15 - 000001113 _____ C:\ProgramData\Desktop\Avira Phantom VPN.lnk
2021-01-22 11:15 - 2021-01-22 11:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2021-01-22 11:15 - 2021-01-22 11:15 - 000000000 ____D C:\ProgramData\Avira
2021-01-22 11:15 - 2021-01-22 11:15 - 000000000 ____D C:\Program Files (x86)\Avira
2021-01-20 23:18 - 2021-01-23 20:38 - 000192296 _____ C:\Users\Martin\Documents\5.dil_verze_2.veg
2021-01-20 23:18 - 2021-01-23 13:01 - 000191936 _____ C:\Users\Martin\Documents\5.dil_verze_2.veg.bak
2021-01-18 18:13 - 2021-01-19 00:47 - 000101128 _____ C:\Users\Martin\Documents\5.dil.veg
2021-01-18 18:13 - 2021-01-19 00:22 - 000092352 _____ C:\Users\Martin\Documents\5.dil.veg.bak
2021-01-17 23:57 - 2021-01-18 09:06 - 000094608 _____ C:\Users\Martin\Documents\4dil.veg
2021-01-17 23:57 - 2021-01-17 23:57 - 000094608 _____ C:\Users\Martin\Documents\4dil.veg.bak
2021-01-17 23:48 - 2021-01-17 23:48 - 009627571 _____ C:\Users\Martin\Downloads\vlog.psd
2021-01-16 12:55 - 2021-01-16 15:32 - 000077320 _____ C:\Users\Martin\Documents\4.dil_verze1.veg
2021-01-16 12:55 - 2021-01-16 15:18 - 000078912 _____ C:\Users\Martin\Documents\4.dil_verze1.veg.bak
2021-01-15 09:47 - 2021-01-15 09:47 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-15 09:47 - 2021-01-15 09:47 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-15 09:47 - 2021-01-15 09:47 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-15 09:47 - 2021-01-15 09:47 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-15 09:47 - 2021-01-15 09:47 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-15 09:47 - 2021-01-15 09:47 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-15 09:47 - 2021-01-15 09:47 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-15 09:47 - 2021-01-15 09:47 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-15 09:47 - 2021-01-15 09:47 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-15 09:47 - 2021-01-15 09:47 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-15 09:47 - 2021-01-15 09:47 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-15 09:46 - 2021-01-15 09:46 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-15 09:46 - 2021-01-15 09:46 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-15 09:46 - 2021-01-15 09:46 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-15 09:46 - 2021-01-15 09:46 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-01-15 09:46 - 2021-01-15 09:46 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-15 09:46 - 2021-01-15 09:46 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-01-15 09:46 - 2021-01-15 09:46 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-15 09:46 - 2021-01-15 09:46 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-15 09:46 - 2021-01-15 09:46 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-15 09:46 - 2021-01-15 09:46 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-01-15 09:46 - 2021-01-15 09:46 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-01-15 09:46 - 2021-01-15 09:46 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-15 09:46 - 2021-01-15 09:46 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-15 09:46 - 2021-01-15 09:46 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-15 09:46 - 2021-01-15 09:46 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-15 09:46 - 2021-01-15 09:46 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-15 09:46 - 2021-01-15 09:46 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-15 09:46 - 2021-01-15 09:46 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-15 09:46 - 2021-01-15 09:46 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-15 09:46 - 2021-01-15 09:46 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-15 09:46 - 2021-01-15 09:46 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-15 09:46 - 2021-01-15 09:46 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-15 09:46 - 2021-01-15 09:46 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-15 09:46 - 2021-01-15 09:46 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-15 09:46 - 2021-01-15 09:46 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-01-15 09:46 - 2021-01-15 09:46 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-15 09:46 - 2021-01-15 09:46 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-15 09:46 - 2021-01-15 09:46 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-15 09:46 - 2021-01-15 09:46 - 000010894 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-01-13 12:19 - 2021-01-16 12:45 - 000041552 _____ C:\Users\Martin\Documents\4.dil.veg
2021-01-13 12:19 - 2021-01-13 13:47 - 000038240 _____ C:\Users\Martin\Documents\4.dil.veg.bak
2021-01-12 15:17 - 2021-01-12 15:17 - 005510126 _____ C:\Users\Martin\Downloads\for fun.psd
2021-01-12 11:34 - 2021-01-15 15:54 - 000076928 _____ C:\Users\Martin\Documents\m3_3_3veg.veg
2021-01-12 11:34 - 2021-01-14 16:41 - 000078912 _____ C:\Users\Martin\Documents\m3_3_3veg.veg.bak
2021-01-11 23:08 - 2021-01-12 11:34 - 000058792 _____ C:\Users\Martin\Documents\m3_3veg.veg
2021-01-11 23:08 - 2021-01-12 11:26 - 000057784 _____ C:\Users\Martin\Documents\m3_3veg.veg.bak
2021-01-11 19:58 - 2021-01-11 19:58 - 000000000 ____D C:\Users\Martin\AppData\LocalLow\Colossal Order

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-10 22:05 - 2020-01-19 19:57 - 000000000 ____D C:\FRST
2021-02-10 22:05 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-10 21:50 - 2020-11-01 01:31 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-02-10 21:44 - 2020-11-01 14:15 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-10 21:44 - 2019-12-07 15:41 - 000716602 _____ C:\WINDOWS\system32\perfh005.dat
2021-02-10 21:44 - 2019-12-07 15:41 - 000144780 _____ C:\WINDOWS\system32\perfc005.dat
2021-02-10 21:44 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-02-10 21:39 - 2019-02-08 10:59 - 000000000 ____D C:\Program Files\CCleaner
2021-02-10 21:39 - 2018-11-18 18:48 - 000000000 ____D C:\ProgramData\NVIDIA
2021-02-10 21:38 - 2019-01-08 11:06 - 000000000 ____D C:\Users\Martin\AppData\LocalLow\Mozilla
2021-02-10 21:37 - 2020-11-01 01:31 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-10 21:37 - 2020-11-01 01:25 - 000008192 ___SH C:\DumpStack.log.tmp
2021-02-10 21:37 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-02-10 21:37 - 2019-05-21 11:39 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-02-10 13:31 - 2021-01-05 20:53 - 000000000 ____D C:\Users\Martin\AppData\Local\BitTorrentHelper
2021-02-10 13:31 - 2019-01-08 11:43 - 000000000 ____D C:\Users\Martin\AppData\Roaming\uTorrent
2021-02-10 13:06 - 2019-01-08 11:42 - 000000000 ____D C:\Users\Martin\AppData\Local\CrashDumps
2021-02-10 12:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-10 12:54 - 2019-01-08 10:51 - 000000000 ____D C:\Users\Martin\AppData\Local\Packages
2021-02-10 12:24 - 2020-11-01 01:26 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-10 11:48 - 2019-01-12 02:30 - 000000000 ____D C:\Users\Martin\AppData\Roaming\vlc
2021-02-10 10:38 - 2019-01-08 11:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-02-10 10:35 - 2020-11-17 11:11 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2021-02-10 10:35 - 2020-10-25 18:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\by.xatab
2021-02-10 09:25 - 2018-05-10 07:38 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-02-10 09:00 - 2019-01-08 11:06 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-02-10 08:50 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-10 00:23 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-09 09:19 - 2020-11-01 14:13 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6afe655bc307f
2021-02-09 09:19 - 2020-11-01 01:31 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-08 20:38 - 2020-04-23 18:52 - 000002548 _____ C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-08 20:38 - 2020-04-23 18:52 - 000002511 _____ C:\Users\Martin\Desktop\Google Chrome.lnk
2021-02-07 13:06 - 2019-01-08 11:24 - 000000000 ____D C:\Users\Martin\AppData\Local\D3DSCache
2021-02-07 10:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2021-02-07 10:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2021-02-06 15:01 - 2019-03-22 22:54 - 000000000 ____D C:\Users\Martin\AppData\Roaming\slobs-client
2021-02-06 10:26 - 2020-06-05 07:48 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-06 10:26 - 2020-06-05 07:48 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-02-06 10:26 - 2020-06-05 07:48 - 000002274 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-02-05 16:32 - 2020-11-05 11:46 - 000003734 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-1952709571-807798404-1509361630-1003UA
2021-02-05 16:32 - 2020-11-05 11:46 - 000003466 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-1952709571-807798404-1509361630-1003Core
2021-02-02 14:54 - 2021-01-01 19:05 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-02-01 09:03 - 2020-12-25 14:53 - 000000000 ____D C:\ProgramData\WinZip
2021-02-01 00:49 - 2020-10-31 13:00 - 000000000 ____D C:\Users\Martin
2021-01-31 17:46 - 2019-01-15 19:31 - 000000000 ____D C:\Users\Martin\AppData\Local\Adobe
2021-01-31 17:45 - 2019-09-16 21:10 - 000000000 ____D C:\ProgramData\Adobe
2021-01-31 17:45 - 2019-01-08 10:51 - 000000000 ____D C:\Users\Martin\AppData\Roaming\Adobe
2021-01-30 22:09 - 2020-11-13 23:01 - 000000000 ____D C:\Users\Martin\Documents\OFX Presets
2021-01-30 18:44 - 2020-12-25 14:27 - 000000000 ____D C:\Users\Martin\Documents\Adobe
2021-01-30 18:22 - 2020-12-25 14:23 - 000000000 ____D C:\Program Files\Adobe
2021-01-30 18:22 - 2019-09-16 21:11 - 000000000 ____D C:\Program Files (x86)\Adobe
2021-01-28 18:53 - 2020-11-01 01:31 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1952709571-807798404-1509361630-1003
2021-01-28 18:53 - 2020-10-31 13:00 - 000002409 _____ C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-01-28 18:53 - 2019-01-08 10:52 - 000000000 ___RD C:\Users\Martin\OneDrive
2021-01-28 13:28 - 2020-11-01 01:31 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-01-28 13:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-01-27 11:10 - 2020-12-25 14:43 - 000000000 ____D C:\Users\Martin\Desktop\Untitled Export
2021-01-24 18:01 - 2019-03-02 14:35 - 000000000 ____D C:\Users\Martin\AppData\Roaming\obs-studio
2021-01-23 01:36 - 2019-03-22 22:54 - 000000000 ____D C:\Users\Martin\AppData\Roaming\Streamlabs OBS
2021-01-22 11:15 - 2018-05-10 07:48 - 000000000 ____D C:\ProgramData\Package Cache
2021-01-22 09:11 - 2020-01-28 20:50 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-01-19 01:31 - 2019-03-28 22:14 - 000000002 _____ C:\Users\Martin\AppData\Roaming\ExplorerFavorites.txt
2021-01-17 16:32 - 2020-11-19 16:30 - 000000000 ____D C:\ProgramData\Zoner
2021-01-15 13:57 - 2020-11-01 01:26 - 000448472 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-15 13:56 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-15 13:56 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-01-15 13:56 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-15 09:46 - 2020-11-01 01:26 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-01-15 09:40 - 2018-05-10 08:03 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-01-15 09:37 - 2018-05-10 08:03 - 135062968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-01-11 20:34 - 2019-01-08 12:25 - 000000000 ____D C:\Users\Martin\AppData\Local\NVIDIA

==================== Files in the root of some directories ========

2019-03-28 22:14 - 2021-01-19 01:31 - 000000002 _____ () C:\Users\Martin\AppData\Roaming\ExplorerFavorites.txt
2019-03-22 14:08 - 2002-08-29 18:33 - 000319488 _____ () C:\Users\Martin\AppData\Roaming\MafiaSetup.exe
2019-09-16 22:26 - 2019-09-16 22:26 - 000000027 _____ () C:\Users\Martin\AppData\Local\.sdpl-system-config4
2021-02-01 09:06 - 2021-02-01 09:06 - 000000000 _____ () C:\Users\Martin\AppData\Local\oobelibMkey.log
2019-07-28 00:07 - 2019-07-28 00:07 - 000000017 _____ () C:\Users\Martin\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

martin06
Návštěvník
Návštěvník
Příspěvky: 163
Registrován: 07 říj 2006 22:46

Re: Prosím o kontrolu logu

#8 Příspěvek od martin06 »

Log z addition

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-02-2021 01
Ran by Martin (10-02-2021 22:07:15)
Running from C:\Users\Martin\Desktop
Windows 10 Home Version 20H2 19042.746 (X64) (2020-11-01 00:31:44)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1952709571-807798404-1509361630-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1952709571-807798404-1509361630-503 - Limited - Disabled)
Guest (S-1-5-21-1952709571-807798404-1509361630-501 - Limited - Disabled)
Martin (S-1-5-21-1952709571-807798404-1509361630-1003 - Administrator - Enabled) => C:\Users\Martin
WDAGUtilityAccount (S-1-5-21-1952709571-807798404-1509361630-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\uTorrent) (Version: 3.5.5.45852 - BitTorrent Inc.)
Acronis True Image OEM (HKLM-x32\...\{52497ECE-588E-41F3-8233-E0749ED085F7}) (Version: 22.0.10510 - Acronis)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Adobe Ae (HKLM\...\{B910FB1A-0B9D-412D-A735-28AF88A52FF1}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_10_0) (Version: 10.0 - Adobe Inc.)
Adobe Photoshop 2021 (HKLM-x32\...\PHSP_22_0) (Version: 22.0.0.35 - Adobe Inc.)
AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 2.00.12 - ASUSTeK Computer Inc.)
AIDA64 Extreme v6.00 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 6.00 - FinalWire Ltd.)
Aktualizace NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 18.4.1 - Advanced Micro Devices, Inc.)
ApowerPDF V4.1.0.124 (HKLM-x32\...\{99A1CF84-3154-433D-9F73-0A4D4DACBA1A}_is1) (Version: 4.1.0.124 - Apowersoft LIMITED)
Apowersoft Online Launcher verze 1.7.1 (HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.7.1 - APOWERSOFT LIMITED)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.50.1 - Asmedia Technology)
AURA (HKLM-x32\...\{5899CD4F-8764-4303-A0D9-C60A62CFC24F}) (Version: 1.05.38 - ASUSTeK Computer Inc.)
Avira (HKLM-x32\...\{161e6084-b0f5-43e8-86d8-09eda5c0893d}) (Version: 1.2.153.30452 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{426D1710-5DFD-45E9-B11D-464792C5AD35}) (Version: 1.2.153.30452 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.37.1.24458 - Avira Operations GmbH & Co. KG)
Balanced (HKLM-x32\...\{EFD0705E-598B-46D4-8D5B-4539431764B8}) (Version: 2.02.0000 - Název společnosti:) Hidden
BufferChm (HKLM-x32\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.327.000 - Hewlett-Packard) Hidden
Canon MP630 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP630_series) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.75 - Piriform)
Cities: Skylines (HKLM-x32\...\Cities: Skylines_is1) (Version: - )
Common Desktop Agent (HKLM\...\{A38002C3-BA08-466A-A813-7F9D578B13A1}) (Version: 1.62.0 - OEM) Hidden
CPUID HWMonitor 1.41 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.41 - CPUID, Inc.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.9.0.0677 - Disc Soft Ltd)
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden
Discord (HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\Discord) (Version: 0.0.305 - Discord Inc.)
DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Euro Truck Simulator 2 Beyond the Baltic Sea (HKLM-x32\...\Euro Truck Simulator 2 Beyond the Baltic Sea_is1) (Version: - )
Euro Truck Simulator 2 Road to the Black Sea (HKLM-x32\...\Euro Truck Simulator 2 Road to the Black Sea_is1) (Version: - )
Euro Truck Simulator 2 v. 1.38.1.15s (HKLM-x32\...\Euro Truck Simulator 2_is1) (Version: - )
Excla WAVclean 1.9.3 (HKLM-x32\...\{4A64D33C-289E-4D32-8079-DA46A4FEBC2D}) (Version: 1.9.3 - Excla Inc)
FIFA 19 (HKLM-x32\...\{3391E07D-8484-4124-817E-FCBDA859FD62}) (Version: 1.0.58.64628 - Electronic Arts)
Forza Horizon 4 v. 1.460.859.2 (HKLM-x32\...\Forza Horizon 4_is1) (Version: - )
Google Chrome (HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\Google Chrome) (Version: 88.0.4324.150 - Google LLC)
GPBaseService2 (HKLM-x32\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.367.000 - Hewlett-Packard) Hidden
HGTV Flipper (HKLM-x32\...\1689378242_is1) (Version: 1.20173 (e87af) - GOG.com)
House Flipper (HKLM-x32\...\1140907376_is1) (Version: 1.20173 (e87af) - GOG.com)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Scanjet 2400 (HKLM\...\{7B604AC7-B496-473F-A17C-489398E38BEA}) (Version: 13.0 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
hpg2410 (HKLM-x32\...\{41E105E1-6E85-4828-8699-4B0227BB118F}) (Version: 14.0.0.0 - Název společnosti:) Hidden
HPProductAssistant (HKLM-x32\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.367.000 - Hewlett-Packard) Hidden
I.CA Maintenance (HKLM-x32\...\{A26EE07C-9196-4BB9-BB81-1608D0A99887}) (Version: 1.3.2.0 - První certifikační autorita, a.s.) Hidden
I.CA Maintenance (HKLM-x32\...\I.CA Maintenance 1.3.2.0) (Version: 1.3.2.0 - První certifikační autorita, a.s.)
I.CA PKIServiceHost (HKLM\...\{A14460AC-0A70-4AE6-B159-1D4EEA921896}) (Version: 1.4.0.0 - První certifikační autorita, a.s.) Hidden
I.CA PKIServiceHost (HKLM-x32\...\I.CA PKIServiceHost 1.4.0.0) (Version: 1.4.0.0 - První certifikační autorita, a.s.)
InfraRecorder 0.53 (x64 edition) (HKLM\...\{2C22EA92-CB30-4932-0053-000001000000}) (Version: 0.53.00.00 - Christian Kindahl)
Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
Kits Configuration Installer (HKLM-x32\...\{C690B2D9-0AA8-8CDA-965D-FED648C3EF9C}) (Version: 10.1.17134.1 - Microsoft) Hidden
Mafia - Definitve Edition v.1.0.1 (HKLM-x32\...\Mafia - Definitve Edition_is1) (Version: - )
Mafia Game (HKLM-x32\...\Mafia Game) (Version: - )
Max Payne (HKLM-x32\...\{39930321-4C58-4B8B-BCBF-342698C9801D}) (Version: - )
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.63 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.59 - )
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\OneDriveSetup.exe) (Version: 21.002.0104.0005 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{97238E8A-4919-4A1E-965A-C6C36938F4CE}) (Version: 2.68.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
MOV Player 1.0.2 (HKLM-x32\...\MOV Player_is1) (Version: - vsevensoft.com)
Mozilla Firefox 85.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 85.0.2 (x64 cs)) (Version: 85.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0 - Mozilla)
Nero 7 Ultra Edition (HKLM-x32\...\{4F2CE68F-EDBB-4592-BF07-5AC930A51029}) (Version: 7.02.6446 - Nero AG)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 461.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.09 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 23.0.1 - OBS Project)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OEM Application Profile (HKLM-x32\...\{7F5DCD33-1039-C3B2-9538-B645B65BBA63}) (Version: 1.00.0000 - Název společnosti:)
OPRAVA PC ONLINE (HKLM-x32\...\{5E71387E-2CF7-1F26-C919-7FACFF27D2EF}) (Version: 7.11.760 - LogMeIn, Inc.)
Ovládací panel NVIDIA 461.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 461.09 - NVIDIA Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.23.1003.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8339 - Realtek Semiconductor Corp.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.19.234 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.5.2 - Rockstar Games)
Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Sniper Ghost Warrior Contracts (HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\Sniper Ghost Warrior Contracts) (Version: - HOODLUM)
SolutionCenter (HKLM-x32\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.369.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs OBS 0.12.1 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.12.1 - General Workings, Inc.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.3.2 - TeamSpeak Systems GmbH)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.2.2756 - TeamViewer)
Thumbnail me 3.0 (HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\Thumbnail me 3.0) (Version: - )
Toolkit Documentation (HKLM-x32\...\{563689A6-D95B-EA6D-665F-97959643E0DB}) (Version: 10.1.17134.1 - Microsoft) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
VEGAS Pro 14.0 (64-bit) (HKLM\...\{4C79D80F-79F9-11E6-8402-BB95F5A309BD}) (Version: 14.0.161 - VEGAS)
VEGAS Pro 16.0 (HKLM\...\{0D090E4F-12A2-11E9-A3DD-00155D6302F2}) (Version: 16.0.361 - VEGAS)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
WebReg (HKLM-x32\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.128.017 - Hewlett-Packard) Hidden
WhatsApp (HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\WhatsApp) (Version: 2.2049.10 - WhatsApp)
Windows Assessment and Deployment Kit - Windows 10 (HKLM-x32\...\{d794748d-72e9-45d7-9ab7-83d6c4c80f7f}) (Version: 10.1.17134.1 - Microsoft Corporation)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
Wondershare Filmora X(Build 10.0.4.6) (HKLM\...\Wondershare Filmora X_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Xerox Easy Printer Manager (HKLM-x32\...\Xerox Easy Printer Manager) (Version: 1.03.97.00(21.04.2014) - Xerox Corporation.)
Xerox Easy Wireless Setup (HKLM-x32\...\Xerox Easy Wireless Setup) (Version: 3.70.18.0 - Xerox Corporation)
Xerox Phaser 3020 (HKLM-x32\...\Xerox Phaser 3020) (Version: 1.01 (20.05.2014) - Xerox Corporation)
Xerox Phaser 3020 XPS (Windows 8) (HKLM-x32\...\Xerox Phaser 3020 XPS (Windows 8)) (Version: 3.03.13.02:11 - Xerox Corporation)
Zobrazit uživatelskou příručku (HKLM-x32\...\Xerox View User Guide ) (Version: 3.60.45.0 - )
Zoner Photo Studio X CS (HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\ZPS X) (Version: 19.2009.2.286 - ZONER software)

Packages:
=========
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1951.1.0_x86__kgqvnymyfvs32 [2021-02-10] (king.com)
Cooking Fever -> C:\Program Files\WindowsApps\NORDCURRENT.COOKINGFEVER_11.1.3.0_x86__m9bz608c1b9ra [2021-02-05] (Nordcurrent)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.7.337.0_x64__rz1tebttyb220 [2021-02-10] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-05] (Microsoft Corporation)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2019-01-08] (Fitbit)
Forza Horizon 4 -> D:\Forza Horizon 4\FH4 [2021-02-10] (Microsoft Studios)
Forza Horizon 4 Fortune Island -> D:\Forza Horizon 4\FH4_FortuneIsland [2021-02-10] (Microsoft Studios)
Forza Horizon 4 LEGO Speed Champions -> D:\Forza Horizon 4\FH4_Lego [2021-02-10] (Microsoft Studios)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-22] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-22] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-01-30] (Microsoft Studios) [MS Ad]
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_3.25.1.0_x64__nfy108tqq3p12 [2021-02-06] (Thumbmunkeys Ltd)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1952709571-807798404-1509361630-1003_Classes\CLSID\{6D264B70-DA18-401D-910C-B202D89670C6}\InprocServer32 -> C:\Users\Martin\AppData\Local\Google\Update\1.3.36.32\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1952709571-807798404-1509361630-1003_Classes\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32 -> C:\Users\Martin\AppData\Local\Google\Update\1.3.36.72\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-1952709571-807798404-1509361630-1003_Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\localserver32 -> C:\Users\Martin\AppData\Local\Google\Chrome\Application\88.0.4324.150\notification_helper.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-1952709571-807798404-1509361630-1003_Classes\CLSID\{CA919489-0396-4164-A6E7-94CDED45A707}\InprocServer32 -> C:\Users\Martin\AppData\Local\Google\Update\1.3.36.52\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1952709571-807798404-1509361630-1003_Classes\CLSID\{DEDF773D-E27B-485E-8E7D-85C5B0EB5A67}\InprocServer32 -> C:\Users\Martin\AppData\Local\Google\Update\1.3.36.72\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-1952709571-807798404-1509361630-1003_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-1952709571-807798404-1509361630-1003_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Martin\AppData\Local\Google\Update\1.3.36.72\psuser_64.dll (Google LLC -> Google LLC)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AcronisDrive] -> {5D74FD4B-4EFB-4586-8022-8637BBE40970} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-12-01] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-12-01] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-12-01] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-12-01] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [2007-02-28] (Nero AG -> Nero AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-12-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-12-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2018-04-24] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Martin\Desktop\(32х)Euro Truck Simulator 2.lnk -> D:\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software) <==== Cyrillic
Shortcut: C:\Users\Martin\Desktop\(64х)Euro Truck Simulator 2.lnk -> D:\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software) <==== Cyrillic
Shortcut: C:\Users\Martin\Desktop\install Forza Horizon 4.lnk -> D:\Forza Horizon 4\install.bat ()

==================== Loaded Modules (Whitelisted) =============

2018-05-10 07:55 - 2015-06-03 00:17 - 000147456 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2017-12-01 14:44 - 2017-12-01 14:44 - 000277538 _____ () [File not signed] C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\LIBMAGIC.dll
2021-01-30 19:31 - 2016-07-21 10:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2021-01-30 19:31 - 2017-09-12 10:34 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2018-11-18 18:46 - 2018-02-06 19:48 - 000073728 _____ () [File not signed] C:\Program Files (x86)\LightingService\1.00.39\ClaymoreProtocol.dll
2018-11-18 18:46 - 2018-02-06 19:43 - 000053248 _____ () [File not signed] C:\Program Files (x86)\LightingService\1.00.39\cpuutil.dll
2018-11-18 18:46 - 2018-02-06 19:48 - 000073728 _____ () [File not signed] C:\Program Files (x86)\LightingService\1.00.39\CharmProtocol.dll
2018-11-18 18:46 - 2018-02-06 19:48 - 001951232 _____ () [File not signed] C:\Program Files (x86)\LightingService\1.00.39\R2Clib.dll
2018-11-18 18:46 - 2018-02-06 19:48 - 000073728 _____ () [File not signed] C:\Program Files (x86)\LightingService\1.00.39\RogNewmouseProtocol.dll
2018-11-18 18:46 - 2018-02-06 19:48 - 001777664 _____ () [File not signed] C:\Program Files (x86)\LightingService\1.00.39\Vender.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000015360 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2018-04-24 21:55 - 2018-04-24 21:55 - 002519040 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2018-05-10 07:55 - 2017-06-01 21:24 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.31\ASACPI.DLL
2018-05-10 07:55 - 2015-06-03 00:17 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsAcpi.dll
2018-05-10 07:55 - 2017-06-01 21:24 - 000676864 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.31\asacpiEx.dll
2018-05-10 07:55 - 2015-06-03 00:17 - 000676864 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\asacpiex.dll
2018-05-10 07:55 - 2015-06-03 00:17 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsMultiLang.dll
2018-11-18 18:46 - 2018-02-06 19:48 - 000081920 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\LightingService\1.00.39\AudioLEDCtrl.dll
2017-12-01 14:44 - 2017-12-01 14:44 - 025338368 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Acronis\TrueImageHome\icudt54.dll
2017-12-01 14:44 - 2017-12-01 14:44 - 002056704 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Acronis\TrueImageHome\icuin54.dll
2017-12-01 14:44 - 2017-12-01 14:44 - 001425408 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Acronis\TrueImageHome\icuuc54.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000032256 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000039936 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000034304 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000237056 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000025600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000025600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000024064 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000481792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 001336320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2018-04-24 23:01 - 2018-04-24 23:01 - 005766144 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 006045184 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000964096 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000279552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 003233792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 003406848 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000328704 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000325632 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 069968896 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000109568 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 005523456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000282624 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000194560 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 003281408 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000049152 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000018432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000018432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000311296 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000089600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000018432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2018-11-18 18:46 - 2018-02-06 19:48 - 002039296 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\LightingService\1.00.39\LED_DLL_forMB.dll
2018-11-18 18:46 - 2018-02-06 19:48 - 001628672 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\LightingService\1.00.39\VGA_Extra.dll
2021-01-30 19:31 - 2017-09-12 10:36 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-1952709571-807798404-1509361630-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=BT170603&iDate=2021-01-05 07:53:01&iid=ba45a4b4-96ed-4baa-b779-5d62b391a06d&bName=
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-02-07] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-02-07] (Oracle America, Inc. -> Oracle Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\*.capgemini.com -> hxxp://*.capgemini.com
IE trusted site: HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\*.capgemini.com -> hxxps://*.capgemini.com
IE trusted site: HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\*.csob.cz -> hxxps://*.csob.cz
IE trusted site: HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\*.csob.sk -> hxxps://*.csob.sk
IE trusted site: HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\*.erasvet.cz -> hxxps://*.erasvet.cz
IE trusted site: HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\*.ica.cz -> hxxp://*.ica.cz
IE trusted site: HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\*.ica.cz -> hxxps://*.ica.cz
IE trusted site: HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\*.postovnisporitelna.cz -> hxxps://*.postovnisporitelna.cz
IE trusted site: HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\*.proebiz.com -> hxxp://*.proebiz.com
IE trusted site: HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\*.proebiz.com -> hxxps://*.proebiz.com
IE trusted site: HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 00:38 - 2020-07-13 20:23 - 000001256 _____ C:\WINDOWS\system32\drivers\etc\hosts
109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 fitgirl-repack.com # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site

2020-02-15 13:37 - 2020-03-13 09:29 - 000000509 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.0.102 DESKTOP-69LFJ66.mshome.net # 2025 3 3 12 8 29 43 70
192.168.137.209 Lenovo-PC.mshome.net # 2020 3 0 15 13 52 45 222

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile64\;C:\Program Files (x86)\Common Files\Acronis\FileProtector\;C:\Program Files (x86)\Common Files\Acronis\FileProtector64\;C:\Program Files (x86)\Common Files\Acronis\SnapAPI\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\QuickTime\QTSystem\
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "WinZip Preloader.lnk"
HKLM\...\StartupApproved\Run: => "WinZip UN"
HKLM\...\StartupApproved\Run: => "WinZip FAH"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\StartupApproved\Run: => "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{4A6222DA-985D-4441-91F2-A48D91D50603}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe => No File
FirewallRules: [{141EBEC6-9607-494F-AD2F-26D0DACE0AEC}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe => No File
FirewallRules: [UDP Query User{8F238540-D13D-4E59-9409-A859A6A2472E}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [TCP Query User{E59FC280-9D0C-4804-94FB-D012306B2127}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{EC285A85-F1C1-4BDD-BB9D-4FF660018146}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E7AA1EA3-EAD5-4DFD-B706-450B25EA6715}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{6E1E5B3E-C109-47FC-AAA6-D5EB20411FA7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{6B7DA4E2-C54C-4084-86BB-6C9635EF5EDF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [UDP Query User{9F4D8D01-64B1-4E6B-90B2-2DDEB83776BD}D:\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [TCP Query User{8D38D1B7-E7EB-4965-9DA4-B1D32BFF70DB}D:\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [UDP Query User{9E2A7824-88DB-476C-AD55-7A6CE6E7859E}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{964AEB1A-0FDD-494E-A4C5-7FFF3A54B680}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{686056B1-05B2-47E4-B520-1DB333E5A8F8}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{42E19EC2-58BD-4B77-B9E5-C01B7BADADC9}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{5F5571F8-28D5-4122-9084-4F13623D2A4B}C:\users\martin\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\martin\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe => No File
FirewallRules: [TCP Query User{38047FBD-87A4-4728-983C-83057318927F}C:\users\martin\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\martin\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe => No File
FirewallRules: [UDP Query User{5467B834-12AA-4F4D-BE49-38233F3BA57F}C:\users\martin\appdata\local\fivem\fivem.exe] => (Allow) C:\users\martin\appdata\local\fivem\fivem.exe => No File
FirewallRules: [TCP Query User{17BB8B65-C515-4653-A0E5-415FC691FB34}C:\users\martin\appdata\local\fivem\fivem.exe] => (Allow) C:\users\martin\appdata\local\fivem\fivem.exe => No File
FirewallRules: [UDP Query User{E0B385EF-13F8-43C0-9461-0E4A0DFD270C}D:\sniper ghost warrior contracts\win_x64\sgwcontracts.exe] => (Allow) D:\sniper ghost warrior contracts\win_x64\sgwcontracts.exe (CI Games S.A.) [File not signed]
FirewallRules: [TCP Query User{EC4ACF0B-20CA-432E-8E69-CD38F92213D5}D:\sniper ghost warrior contracts\win_x64\sgwcontracts.exe] => (Allow) D:\sniper ghost warrior contracts\win_x64\sgwcontracts.exe (CI Games S.A.) [File not signed]
FirewallRules: [{14308295-25F2-4901-8DF5-530EA628C62A}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{D539D077-22F1-4A4E-ACD9-B12F91403590}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [UDP Query User{0F973F44-95F7-4528-8411-25F4524A2A9C}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{76E8F8CA-9108-43BE-ABC3-D2320E8D8B01}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{B2E7890C-F611-4EC4-9DF8-2C8DFEE1AA37}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{7E6F36FB-A838-4B9F-9A5F-D5D6A21E1075}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{36AE5206-19B4-4270-9ACA-6AD17B077E6A}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (PUBG CORPORATION -> Bluehole GinnoGames, Inc.)
FirewallRules: [TCP Query User{4658BD78-E5DA-4434-BD0F-FD3D026338DE}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (PUBG CORPORATION -> Bluehole GinnoGames, Inc.)
FirewallRules: [{B4C8B6B1-77FD-4D0E-88FA-C6453FC19371}] => (Allow) D:\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG CORPORATION -> PUBG Corporation)
FirewallRules: [{2EE9FF7D-B819-49D3-AE13-9E3CA0D05551}] => (Allow) D:\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG CORPORATION -> PUBG Corporation)
FirewallRules: [{A481F9AF-A0A7-455A-B8C5-B578AE560DBA}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> )
FirewallRules: [{4053D2D5-87E6-4EB0-BBA4-458F744FFF52}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{08647957-8047-41E1-A2D7-37F4A6DAA28F}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImage.exe (Acronis International GmbH -> )
FirewallRules: [{632CA24B-495C-451D-B330-035B5C1F65B6}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis International GmbH -> )
FirewallRules: [{5059776B-7F65-40DE-B9FB-668486167F1B}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageTools.exe (Acronis International GmbH -> )
FirewallRules: [{EC11AA58-02DE-48FC-80D0-00EAAD7C3EA5}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeService.exe (Acronis International GmbH -> )
FirewallRules: [{E813B00A-98EB-4E01-AEA8-943623762734}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\MediaBuilder.exe (Acronis International GmbH -> )
FirewallRules: [{4D5EC006-4E5D-45BA-9DA9-03033A677DF5}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\SystemReport.exe (Acronis International GmbH -> )
FirewallRules: [{22E3BC61-97EA-40E2-96A3-C23FCA3C8593}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\acronis_drive.exe (Acronis International GmbH -> )
FirewallRules: [{B79D168C-2CF6-4F63-84CE-2F795E51EE06}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{EF1678BC-75D2-4960-A9A1-58735A01AE4B}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe (Acronis International GmbH -> )
FirewallRules: [{CDBB2A6F-ECD5-4F4A-AD6B-49EC29146CE0}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\ga_service.exe (Acronis International GmbH -> )
FirewallRules: [{562552BB-7272-4269-8CF1-579CABB87AE7}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{927C3AFE-EA8B-47BA-88F9-BE2E3C8997E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D2D65BC2-DEA7-44EA-AF90-BC0F37D35799}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D64CF47A-2578-44EB-86DD-A1DA917FB732}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0D33FFEB-3307-4E4F-8B7E-41B7BF00B9B7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{7E8C9265-1C5B-4B70-B8F4-3C16615CB6F3}C:\users\martin\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\martin\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{CFBD22A8-8B0F-41A1-87D9-EA558BF4D856}C:\users\martin\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\martin\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{D1771151-2481-4654-B7BA-EB0E413A1EE8}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{15DCDB1C-7028-4F71-884B-3840CDE704CE}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{C30C0CFF-04A7-4DFF-ABCD-9AF87D6153AE}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{9D044B38-ACE0-456A-B469-60F981C35A9A}D:\dying light\devtools\dyinglightplayer.exe] => (Allow) D:\dying light\devtools\dyinglightplayer.exe => No File
FirewallRules: [UDP Query User{D9E01699-4A10-4FDC-8528-BC0BD55C287E}D:\dying light\devtools\dyinglightplayer.exe] => (Allow) D:\dying light\devtools\dyinglightplayer.exe => No File
FirewallRules: [TCP Query User{51E506C4-3805-47CA-B43D-43B27A98F55C}D:\dying light\dyinglightgame.exe] => (Allow) D:\dying light\dyinglightgame.exe => No File
FirewallRules: [UDP Query User{8280EF09-BBB4-479D-9814-DF70638989CA}D:\dying light\dyinglightgame.exe] => (Allow) D:\dying light\dyinglightgame.exe => No File
FirewallRules: [{27063BC7-EC0F-4F08-BCCA-57EF139A618E}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{2DC00B46-1878-4D94-B58E-DE1CB622374F}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{D45BAE82-5571-4D09-AC65-53B0D7651FA1}D:\grand theft auto v\gta5.exe] => (Allow) D:\grand theft auto v\gta5.exe => No File
FirewallRules: [UDP Query User{29D6F94D-2315-44C0-B8B9-B3D3528C120C}D:\grand theft auto v\gta5.exe] => (Allow) D:\grand theft auto v\gta5.exe => No File
FirewallRules: [{4DE6C839-0421-40DD-A107-F4D93AF5151A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{7C1634F2-EE1D-468A-B0ED-5BB3F1DC956F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{C633A48E-625F-4A21-89AA-9341DD0CFD7F}] => (Allow) D:\FIFA19\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{6DC3FF49-0F57-476B-B377-E4E39110F36B}] => (Allow) D:\FIFA19\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{C01D4D4E-962C-4754-B154-C9113E81053A}] => (Allow) D:\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [{A3C2A781-2DB4-4BAA-8614-504F5379DB76}] => (Allow) D:\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [{33ACD65F-1B0E-4BC8-95AB-A83A4F3CA441}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{813997DD-A021-4CD9-B632-07B03270DF9E}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{B0C36551-5C28-47C5-A3FB-65A9DF0E63DE}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{42070C38-7211-49CA-A788-BF8D5DF27D27}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{728E0591-987F-4EE9-99E6-A15E650E2B75}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DD4E8D08-8D78-4E0F-951E-27F7391ECE6D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D3039657-FA14-4FEF-8553-C071B39636BB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{388CAAAC-D744-4350-930E-DDBCBA1BCDD5}C:\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [UDP Query User{67BEDAEB-6055-42DD-8BD6-2BA22442935E}C:\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [{866BB5FC-0472-406B-A264-B537EDCF4ECE}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{99B6FAFB-62C9-43A1-817A-9CB1B1D072A1}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{8449ABDE-C618-40CA-9EF0-9B2415C02D7C}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Application.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{DEA70D0D-B5A6-44E7-9480-61ABD650222D}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Application.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{838801C3-CD72-41A3-A573-505BBD3E7218}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.OrderSupplies.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{E67434A5-0E92-4A63-80D7-65EE2350E71B}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.OrderSupplies.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{64772DFF-1278-41CD-B97E-D8AF617B1546}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Alert.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{0A4492FA-6A59-4B8E-9DDA-E3927FD9581F}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Alert.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{F1C71E61-13D0-4357-9D43-816E193ECC66}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\uninstall.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{B7628C83-9659-49DB-A171-1220B4381A4C}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\uninstall.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{7376F86B-CDCF-42C4-84EB-F0C1106326AC}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\CDAS2PC\Xerox.CDAS2PC.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{B9ADA6E4-5DCC-4E90-B45C-F8330A83DB9A}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\CDAS2PC\Xerox.CDAS2PC.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{18E83BA8-DA89-4CF5-9A56-081D68A2536A}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{18A23B19-459A-4903-82AF-F40A6239F6C1}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{781DAF4A-459B-4005-BC8D-95DD135C3F34}] => (Allow) C:\Users\Martin\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{6E1A2B98-1001-4279-8218-ACA2955A6DD2}] => (Allow) C:\Users\Martin\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{6896169F-8B4F-44D4-8624-51549816EBFA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D2EF2A0D-C009-4284-90D3-171F041D66B3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3DC17ADD-2ED0-4053-889C-A6AE11484B59}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6F7E535D-44D7-416C-807C-3BFA890AD38F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{94757BDF-A87B-4EF9-B696-FEBDF33902FA}] => (Allow) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

10-02-2021 00:22:17 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/10/2021 01:06:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Microsoft.SunriseBaseGame_1.460.859.2_x64__8wekyb3d8bbwe.exe, verze: 0.0.0.0, časové razítko: 0x5ffe07a9
Název chybujícího modulu: Microsoft.SunriseBaseGame_1.460.859.2_x64__8wekyb3d8bbwe.exe, verze: 0.0.0.0, časové razítko: 0x5ffe07a9
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000003468c60
ID chybujícího procesu: 0x2804
Čas spuštění chybující aplikace: 0x01d6ffa52c655a9a
Cesta k chybující aplikaci: D:\Forza Horizon 4\FH4\Microsoft.SunriseBaseGame_1.460.859.2_x64__8wekyb3d8bbwe.exe
Cesta k chybujícímu modulu: D:\Forza Horizon 4\FH4\Microsoft.SunriseBaseGame_1.460.859.2_x64__8wekyb3d8bbwe.exe
ID zprávy: ca18c101-ab9a-4294-aac3-2bbc5a8972f8
Úplný název chybujícího balíčku: Microsoft.SunriseBaseGame_1.460.859.2_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: SunriseReleaseFinal

Error: (02/10/2021 01:05:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Microsoft.SunriseBaseGame_1.460.859.2_x64__8wekyb3d8bbwe.exe, verze: 0.0.0.0, časové razítko: 0x5ffe07a9
Název chybujícího modulu: Microsoft.SunriseBaseGame_1.460.859.2_x64__8wekyb3d8bbwe.exe, verze: 0.0.0.0, časové razítko: 0x5ffe07a9
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000003468c60
ID chybujícího procesu: 0x108c
Čas spuštění chybující aplikace: 0x01d6ffa4f7b926bb
Cesta k chybující aplikaci: D:\Forza Horizon 4\FH4\Microsoft.SunriseBaseGame_1.460.859.2_x64__8wekyb3d8bbwe.exe
Cesta k chybujícímu modulu: D:\Forza Horizon 4\FH4\Microsoft.SunriseBaseGame_1.460.859.2_x64__8wekyb3d8bbwe.exe
ID zprávy: 0567b6c1-453b-4549-b4b2-e7a6d7be7304
Úplný název chybujícího balíčku: Microsoft.SunriseBaseGame_1.460.859.2_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: SunriseReleaseFinal

Error: (02/10/2021 12:50:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Microsoft.SunriseBaseGame_1.460.859.2_x64__8wekyb3d8bbwe.exe, verze: 0.0.0.0, časové razítko: 0x5ffe07a9
Název chybujícího modulu: Microsoft.SunriseBaseGame_1.460.859.2_x64__8wekyb3d8bbwe.exe, verze: 0.0.0.0, časové razítko: 0x5ffe07a9
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000003468c60
ID chybujícího procesu: 0xf34
Čas spuštění chybující aplikace: 0x01d6ffa2df156c61
Cesta k chybující aplikaci: D:\Forza Horizon 4\FH4\Microsoft.SunriseBaseGame_1.460.859.2_x64__8wekyb3d8bbwe.exe
Cesta k chybujícímu modulu: D:\Forza Horizon 4\FH4\Microsoft.SunriseBaseGame_1.460.859.2_x64__8wekyb3d8bbwe.exe
ID zprávy: 6724a33c-3a78-4cf2-b2de-b82f6f159708
Úplný název chybujícího balíčku: Microsoft.SunriseBaseGame_1.460.859.2_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: SunriseReleaseFinal

Error: (02/10/2021 12:49:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Microsoft.SunriseBaseGame_1.460.859.2_x64__8wekyb3d8bbwe.exe, verze: 0.0.0.0, časové razítko: 0x5ffe07a9
Název chybujícího modulu: Microsoft.SunriseBaseGame_1.460.859.2_x64__8wekyb3d8bbwe.exe, verze: 0.0.0.0, časové razítko: 0x5ffe07a9
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000003468c60
ID chybujícího procesu: 0x20e0
Čas spuštění chybující aplikace: 0x01d6ffa2bbb10760
Cesta k chybující aplikaci: D:\Forza Horizon 4\FH4\Microsoft.SunriseBaseGame_1.460.859.2_x64__8wekyb3d8bbwe.exe
Cesta k chybujícímu modulu: D:\Forza Horizon 4\FH4\Microsoft.SunriseBaseGame_1.460.859.2_x64__8wekyb3d8bbwe.exe
ID zprávy: e54ed9c3-ca03-42aa-9ebd-f39ce8edcb5a
Úplný název chybujícího balíčku: Microsoft.SunriseBaseGame_1.460.859.2_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: SunriseReleaseFinal

Error: (02/10/2021 12:47:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Microsoft.SunriseBaseGame_1.460.859.2_x64__8wekyb3d8bbwe.exe, verze: 0.0.0.0, časové razítko: 0x5ffe07a9
Název chybujícího modulu: Microsoft.SunriseBaseGame_1.460.859.2_x64__8wekyb3d8bbwe.exe, verze: 0.0.0.0, časové razítko: 0x5ffe07a9
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000003468c60
ID chybujícího procesu: 0x3e80
Čas spuštění chybující aplikace: 0x01d6ffa286dcde74
Cesta k chybující aplikaci: D:\Forza Horizon 4\FH4\Microsoft.SunriseBaseGame_1.460.859.2_x64__8wekyb3d8bbwe.exe
Cesta k chybujícímu modulu: D:\Forza Horizon 4\FH4\Microsoft.SunriseBaseGame_1.460.859.2_x64__8wekyb3d8bbwe.exe
ID zprávy: 6d04b394-c0c3-4727-8a12-f33bd6850f19
Úplný název chybujícího balíčku: Microsoft.SunriseBaseGame_1.460.859.2_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: SunriseReleaseFinal

Error: (02/10/2021 10:37:58 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (02/08/2021 03:29:01 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Elements (I:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (02/08/2021 03:28:08 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Nový svazek (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)


System errors:
=============
Error: (02/10/2021 09:37:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba luafv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (02/10/2021 09:36:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (02/10/2021 09:36:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Acronis Nonstop Backup Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (02/10/2021 09:36:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Acronis Sync Agent Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (02/10/2021 09:36:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Acronis Active Protection (TM) Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (02/10/2021 09:36:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avira Service Host byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (02/10/2021 09:36:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Disc Soft Lite Bus Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/10/2021 09:36:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Acronis Managed Machine Service Mini byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
===================================
Date: 2021-02-10 13:38:10.6260000Z
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Keygen
ID: 2147593794
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\ProgramData\adobe_snr_patch_v2_0_painter0000.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-69LFJ66\Martin
Název procesu: C:\Users\Martin\Desktop\FRST64.exe
Verze bezpečnostních informací: AV: 1.331.650.0, AS: 1.331.650.0, NIS: 1.331.650.0
Verze modulu: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-02-10 13:38:02.8780000Z
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Keygen
ID: 2147593794
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\ProgramData\adobe_snr_patch_v2_0_painter0000.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-69LFJ66\Martin
Název procesu: C:\Users\Martin\Desktop\FRST64.exe
Verze bezpečnostních informací: AV: 1.331.650.0, AS: 1.331.650.0, NIS: 1.331.650.0
Verze modulu: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-02-10 13:37:53.4060000Z
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Keygen
ID: 2147593794
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\ProgramData\adobe_snr_patch_v2_0_painter0000.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-69LFJ66\Martin
Název procesu: C:\Users\Martin\Desktop\FRST64.exe
Verze bezpečnostních informací: AV: 1.331.650.0, AS: 1.331.650.0, NIS: 1.331.650.0
Verze modulu: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-02-10 12:37:51.1450000Z
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.D7!ml
ID: 2147757786
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Martin\Downloads\7zip.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-69LFJ66\Martin
Název procesu: C:\Program Files\Adobe\Adobe Photoshop 2021\Photoshop.exe
Verze bezpečnostních informací: AV: 1.331.633.0, AS: 1.331.633.0, NIS: 1.331.633.0
Verze modulu: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-02-08 08:06:56.4580000Z
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {92475579-9E80-4936-BE59-F8A04DE19FB8}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-02-10 13:38:10.6320000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na kritickou chybu při provádění akce s malwarem nebo jiným potenciálně nežádoucím softwarem.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Keygen
ID: 2147593794
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\ProgramData\adobe_snr_patch_v2_0_painter0000.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-69LFJ66\Martin
Název procesu: C:\Users\Martin\Desktop\FRST64.exe
Akce: Neznámý
Stav akce: No additional actions required
Kód chyby: 0x80508032
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Verze bezpečnostních informací: AV: 1.331.650.0, AS: 1.331.650.0, NIS: 1.331.650.0
Verze modulu: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-01-30 18:35:03.7610000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o obnovení položky z karantény.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Backdoor:Win32/Bladabindi!ml
ID: 2147748148
Závažnost: Vážné
Kategorie: Zadní vrátka
Uživatel: DESKTOP-69LFJ66\Martin
Kód chyby: 0x80508014
Popis chyby: Položku v karanténě nelze obnovit.
Verze bezpečnostních informací: AV: 1.329.3145.0, AS: 1.329.3145.0
Verze modulu: 1.1.17800.5

Date: 2021-01-30 18:33:13.3720000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o obnovení položky z karantény.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Backdoor:Win32/Bladabindi!ml
ID: 2147748148
Závažnost: Vážné
Kategorie: Zadní vrátka
Uživatel: DESKTOP-69LFJ66\Martin
Kód chyby: 0x80508014
Popis chyby: Položku v karanténě nelze obnovit.
Verze bezpečnostních informací: AV: 1.329.3145.0, AS: 1.329.3145.0
Verze modulu: 1.1.17800.5

Date: 2021-01-30 18:31:05.1120000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o obnovení položky z karantény.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Backdoor:Win32/Bladabindi!ml
ID: 2147748148
Závažnost: Vážné
Kategorie: Zadní vrátka
Uživatel: DESKTOP-69LFJ66\Martin
Kód chyby: 0x80508014
Popis chyby: Položku v karanténě nelze obnovit.
Verze bezpečnostních informací: AV: 1.329.3145.0, AS: 1.329.3145.0
Verze modulu: 1.1.17800.5

Date: 2021-01-30 18:30:35.4480000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o obnovení položky z karantény.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Backdoor:Win32/Bladabindi!ml
ID: 2147748148
Závažnost: Vážné
Kategorie: Zadní vrátka
Uživatel: DESKTOP-69LFJ66\Martin
Kód chyby: 0x80508014
Popis chyby: Položku v karanténě nelze obnovit.
Verze bezpečnostních informací: AV: 1.329.3145.0, AS: 1.329.3145.0
Verze modulu: 1.1.17800.5

CodeIntegrity:
===================================

Date: 2020-12-19 14:47:00.3170000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\WWAHost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2020-12-19 14:47:00.3070000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\WWAHost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 0409 08/24/2018
Motherboard: ASUSTeK COMPUTER INC. TUF B450M-PLUS GAMING
Processor: AMD Ryzen 5 1600X Six-Core Processor
Percentage of memory in use: 33%
Total physical RAM: 16318.82 MB
Available physical RAM: 10807.84 MB
Total Virtual: 23486.82 MB
Available Virtual: 15384.45 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.52 GB) (Free:126.03 GB) NTFS
Drive d: (Nový svazek) (Fixed) (Total:931.5 GB) (Free:478.24 GB) NTFS
Drive f: (Windows7_2019) (CDROM) (Total:4.75 GB) (Free:0 GB) UDF

\\?\Volume{eefd00c4-824a-4bda-82d2-b0270ebff817}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.43 GB) NTFS
\\?\Volume{4b740878-0fc8-4a30-a5a9-05aa90f50aad}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{cbbc910d-1694-45ed-b3e9-76e61563b606}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#9 Příspěvek od Diallix »

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\MountPoints2: {60327e6c-13ab-11e9-88ca-0c9d9262121a} - "H:\setup.exe"
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\MountPoints2: {c75b7132-132a-11e9-88c9-0c9d9262121a} - "F:\setup.exe"
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {3DA85365-E7E4-427C-B112-E4FFF539286B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [563000 2015-08-26] (Apple Inc. -> Apple Inc.)
Task: {678CBBC0-4866-4932-B734-44FF637A3CD6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1952709571-807798404-1509361630-1003UA => C:\Users\Martin\AppData\Local\Google\Update\GoogleUpdate.exe [155592 2020-11-05] (Google LLC -> Google LLC)
Task: {7A2B783F-1A40-4E2C-88AE-267E6D8A14EE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {C0502CCE-925F-44CE-A3A7-B0606D3E65F5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1952709571-807798404-1509361630-1003Core => C:\Users\Martin\AppData\Local\Google\Update\GoogleUpdate.exe [155592 2020-11-05] (Google LLC -> Google LLC)
FF NewTab: Mozilla\Firefox\Profiles\dzgrn46h.default -> hxxps://securesearch.org/homepage?hp=2&pId=BT170603&iDate=2021-01-05 07:53:01&iid=ba45a4b4-96ed-4baa-b779-5d62b391a06d&bName=
2021-02-02 16:14 - 2021-02-02 16:14 - 003097697 _____ (ask4pc ) C:\WINDOWS\unins006.exe
2021-02-01 11:03 - 2021-02-01 11:03 - 003097697 _____ (ask4pc ) C:\WINDOWS\unins002.exe
2021-02-01 10:45 - 2021-02-01 10:45 - 002618209 _____ C:\WINDOWS\unins020.exe
2021-02-01 10:45 - 2021-02-01 10:45 - 000061891 _____ C:\WINDOWS\unins020.dat
2021-02-01 10:44 - 2021-02-01 10:44 - 002618209 _____ C:\WINDOWS\unins019.exe
2021-02-01 10:44 - 2021-02-01 10:44 - 000026009 _____ C:\WINDOWS\unins019.dat
2021-02-01 10:43 - 2021-02-01 10:43 - 002618209 _____ C:\WINDOWS\unins018.exe
2021-02-01 10:43 - 2021-02-01 10:43 - 000029659 _____ C:\WINDOWS\unins018.dat
2021-02-01 10:41 - 2021-02-01 10:41 - 002618209 _____ C:\WINDOWS\unins017.exe
2021-02-01 10:41 - 2021-02-01 10:41 - 000091183 _____ C:\WINDOWS\unins017.dat
2021-02-01 10:40 - 2021-02-01 10:40 - 002618209 _____ C:\WINDOWS\unins016.exe
2021-02-01 10:40 - 2021-02-01 10:40 - 000124231 _____ C:\WINDOWS\unins016.dat
2021-02-01 10:36 - 2021-02-01 10:36 - 003097697 _____ (ask4pc ) C:\WINDOWS\unins014.exe
2021-02-01 10:36 - 2021-02-01 10:36 - 002618209 _____ C:\WINDOWS\unins015.exe
2021-02-01 10:36 - 2021-02-01 10:36 - 000050565 _____ C:\WINDOWS\unins014.dat
2021-02-01 10:36 - 2021-02-01 10:36 - 000036577 _____ C:\WINDOWS\unins015.dat
2021-02-01 10:32 - 2021-02-01 10:32 - 002618209 _____ C:\WINDOWS\unins013.exe
2021-02-01 10:32 - 2021-02-01 10:32 - 002618209 _____ C:\WINDOWS\unins012.exe
2021-02-01 10:32 - 2021-02-01 10:32 - 000162189 _____ C:\WINDOWS\unins012.dat
2021-02-01 10:32 - 2021-02-01 10:32 - 000128505 _____ C:\WINDOWS\unins013.dat
2021-02-01 10:21 - 2021-02-01 10:21 - 003097697 _____ (ask4pc ) C:\WINDOWS\unins011.exe
2021-02-01 10:21 - 2021-02-01 10:21 - 000066239 _____ C:\WINDOWS\unins011.dat
2021-02-01 10:20 - 2021-02-01 10:20 - 003097697 _____ (ask4pc ) C:\WINDOWS\unins010.exe
2021-02-01 10:20 - 2021-02-01 10:20 - 003097697 _____ (ask4pc ) C:\WINDOWS\unins009.exe
2021-02-01 10:20 - 2021-02-01 10:20 - 003097697 _____ (ask4pc ) C:\WINDOWS\unins008.exe
2021-02-01 10:20 - 2021-02-01 10:20 - 000127811 _____ C:\WINDOWS\unins010.dat
2021-02-01 10:20 - 2021-02-01 10:20 - 000084751 _____ C:\WINDOWS\unins008.dat
2021-02-01 10:20 - 2021-02-01 10:20 - 000059379 _____ C:\WINDOWS\unins009.dat
2021-02-01 09:35 - 2021-02-01 09:35 - 003097697 _____ (ask4pc ) C:\WINDOWS\unins007.exe
2021-02-01 09:35 - 2021-02-01 09:35 - 000081107 _____ C:\WINDOWS\unins007.dat
2021-02-01 09:34 - 2021-02-02 16:14 - 000127494 _____ C:\WINDOWS\unins006.dat
2021-02-01 09:34 - 2021-02-01 09:34 - 003097697 _____ (ask4pc ) C:\WINDOWS\unins005.exe
2021-02-01 09:34 - 2021-02-01 09:34 - 000080269 _____ C:\WINDOWS\unins005.dat
2021-02-01 09:33 - 2021-02-01 09:33 - 002618209 _____ C:\WINDOWS\unins004.exe
2021-02-01 09:33 - 2021-02-01 09:33 - 002618209 _____ C:\WINDOWS\unins001.exe
2021-02-01 09:33 - 2021-02-01 09:33 - 000032875 _____ C:\WINDOWS\unins004.dat
2021-02-01 09:06 - 2021-02-01 09:06 - 003097697 _____ (ask4pc ) C:\WINDOWS\unins003.exe
2021-02-01 09:06 - 2021-02-01 09:06 - 000086581 _____ C:\WINDOWS\unins003.dat
2021-02-01 09:05 - 2021-02-01 11:03 - 000097618 _____ C:\WINDOWS\unins002.dat
2021-02-01 09:05 - 2021-02-01 09:33 - 000117633 _____ C:\WINDOWS\unins001.dat
2021-02-01 09:05 - 2021-02-01 09:05 - 002618209 _____ C:\WINDOWS\unins000.exe
2021-02-01 09:05 - 2021-02-01 09:05 - 000108171 _____ C:\WINDOWS\unins000.dat
2021-02-05 16:32 - 2020-11-05 11:46 - 000003734 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-1952709571-807798404-1509361630-1003UA
2021-02-05 16:32 - 2020-11-05 11:46 - 000003466 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-1952709571-807798404-1509361630-1003Core
2021-02-10 21:50 - 2020-11-01 01:31 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
CustomCLSID: HKU\S-1-5-21-1952709571-807798404-1509361630-1003_Classes\CLSID\{6D264B70-DA18-401D-910C-B202D89670C6}\InprocServer32 -> C:\Users\Martin\AppData\Local\Google\Update\1.3.36.32\psuser_64.dll => No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
FirewallRules: [{4A6222DA-985D-4441-91F2-A48D91D50603}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe => No File
FirewallRules: [{141EBEC6-9607-494F-AD2F-26D0DACE0AEC}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe => No File
FirewallRules: [UDP Query User{9F4D8D01-64B1-4E6B-90B2-2DDEB83776BD}D:\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [TCP Query User{8D38D1B7-E7EB-4965-9DA4-B1D32BFF70DB}D:\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [UDP Query User{5F5571F8-28D5-4122-9084-4F13623D2A4B}C:\users\martin\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\martin\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe => No File
FirewallRules: [TCP Query User{38047FBD-87A4-4728-983C-83057318927F}C:\users\martin\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\martin\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe => No File
FirewallRules: [UDP Query User{5467B834-12AA-4F4D-BE49-38233F3BA57F}C:\users\martin\appdata\local\fivem\fivem.exe] => (Allow) C:\users\martin\appdata\local\fivem\fivem.exe => No File
FirewallRules: [TCP Query User{17BB8B65-C515-4653-A0E5-415FC691FB34}C:\users\martin\appdata\local\fivem\fivem.exe] => (Allow) C:\users\martin\appdata\local\fivem\fivem.exe => No File
FirewallRules: [{686056B1-05B2-47E4-B520-1DB333E5A8F8}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{42E19EC2-58BD-4B77-B9E5-C01B7BADADC9}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{9D044B38-ACE0-456A-B469-60F981C35A9A}D:\dying light\devtools\dyinglightplayer.exe] => (Allow) D:\dying light\devtools\dyinglightplayer.exe => No File
FirewallRules: [UDP Query User{D9E01699-4A10-4FDC-8528-BC0BD55C287E}D:\dying light\devtools\dyinglightplayer.exe] => (Allow) D:\dying light\devtools\dyinglightplayer.exe => No File
FirewallRules: [TCP Query User{51E506C4-3805-47CA-B43D-43B27A98F55C}D:\dying light\dyinglightgame.exe] => (Allow) D:\dying light\dyinglightgame.exe => No File
FirewallRules: [UDP Query User{8280EF09-BBB4-479D-9814-DF70638989CA}D:\dying light\dyinglightgame.exe] => (Allow) D:\dying light\dyinglightgame.exe => No File
FirewallRules: [TCP Query User{D45BAE82-5571-4D09-AC65-53B0D7651FA1}D:\grand theft auto v\gta5.exe] => (Allow) D:\grand theft auto v\gta5.exe => No File
FirewallRules: [UDP Query User{29D6F94D-2315-44C0-B8B9-B3D3528C120C}D:\grand theft auto v\gta5.exe] => (Allow) D:\grand theft auto v\gta5.exe => No File

EmptyTemp:
Hosts:

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

martin06
Návštěvník
Návštěvník
Příspěvky: 163
Registrován: 07 říj 2006 22:46

Re: Prosím o kontrolu logu

#10 Příspěvek od martin06 »

Díky, zasílám log po rebootu PC

Fix result of Farbar Recovery Scan Tool (x64) Version: 08-02-2021 01
Ran by Martin (11-02-2021 22:19:26) Run:2
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\MountPoints2: {60327e6c-13ab-11e9-88ca-0c9d9262121a} - "H:\setup.exe"
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\MountPoints2: {c75b7132-132a-11e9-88c9-0c9d9262121a} - "F:\setup.exe"
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {3DA85365-E7E4-427C-B112-E4FFF539286B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [563000 2015-08-26] (Apple Inc. -> Apple Inc.)
Task: {678CBBC0-4866-4932-B734-44FF637A3CD6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1952709571-807798404-1509361630-1003UA => C:\Users\Martin\AppData\Local\Google\Update\GoogleUpdate.exe [155592 2020-11-05] (Google LLC -> Google LLC)
Task: {7A2B783F-1A40-4E2C-88AE-267E6D8A14EE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {C0502CCE-925F-44CE-A3A7-B0606D3E65F5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1952709571-807798404-1509361630-1003Core => C:\Users\Martin\AppData\Local\Google\Update\GoogleUpdate.exe [155592 2020-11-05] (Google LLC -> Google LLC)
FF NewTab: Mozilla\Firefox\Profiles\dzgrn46h.default -> hxxps://securesearch.org/homepage?hp=2&pId=BT170603&iDate=2021-01-05 07:53:01&iid=ba45a4b4-96ed-4baa-b779-5d62b391a06d&bName=
2021-02-02 16:14 - 2021-02-02 16:14 - 003097697 _____ (ask4pc ) C:\WINDOWS\unins006.exe
2021-02-01 11:03 - 2021-02-01 11:03 - 003097697 _____ (ask4pc ) C:\WINDOWS\unins002.exe
2021-02-01 10:45 - 2021-02-01 10:45 - 002618209 _____ C:\WINDOWS\unins020.exe
2021-02-01 10:45 - 2021-02-01 10:45 - 000061891 _____ C:\WINDOWS\unins020.dat
2021-02-01 10:44 - 2021-02-01 10:44 - 002618209 _____ C:\WINDOWS\unins019.exe
2021-02-01 10:44 - 2021-02-01 10:44 - 000026009 _____ C:\WINDOWS\unins019.dat
2021-02-01 10:43 - 2021-02-01 10:43 - 002618209 _____ C:\WINDOWS\unins018.exe
2021-02-01 10:43 - 2021-02-01 10:43 - 000029659 _____ C:\WINDOWS\unins018.dat
2021-02-01 10:41 - 2021-02-01 10:41 - 002618209 _____ C:\WINDOWS\unins017.exe
2021-02-01 10:41 - 2021-02-01 10:41 - 000091183 _____ C:\WINDOWS\unins017.dat
2021-02-01 10:40 - 2021-02-01 10:40 - 002618209 _____ C:\WINDOWS\unins016.exe
2021-02-01 10:40 - 2021-02-01 10:40 - 000124231 _____ C:\WINDOWS\unins016.dat
2021-02-01 10:36 - 2021-02-01 10:36 - 003097697 _____ (ask4pc ) C:\WINDOWS\unins014.exe
2021-02-01 10:36 - 2021-02-01 10:36 - 002618209 _____ C:\WINDOWS\unins015.exe
2021-02-01 10:36 - 2021-02-01 10:36 - 000050565 _____ C:\WINDOWS\unins014.dat
2021-02-01 10:36 - 2021-02-01 10:36 - 000036577 _____ C:\WINDOWS\unins015.dat
2021-02-01 10:32 - 2021-02-01 10:32 - 002618209 _____ C:\WINDOWS\unins013.exe
2021-02-01 10:32 - 2021-02-01 10:32 - 002618209 _____ C:\WINDOWS\unins012.exe
2021-02-01 10:32 - 2021-02-01 10:32 - 000162189 _____ C:\WINDOWS\unins012.dat
2021-02-01 10:32 - 2021-02-01 10:32 - 000128505 _____ C:\WINDOWS\unins013.dat
2021-02-01 10:21 - 2021-02-01 10:21 - 003097697 _____ (ask4pc ) C:\WINDOWS\unins011.exe
2021-02-01 10:21 - 2021-02-01 10:21 - 000066239 _____ C:\WINDOWS\unins011.dat
2021-02-01 10:20 - 2021-02-01 10:20 - 003097697 _____ (ask4pc ) C:\WINDOWS\unins010.exe
2021-02-01 10:20 - 2021-02-01 10:20 - 003097697 _____ (ask4pc ) C:\WINDOWS\unins009.exe
2021-02-01 10:20 - 2021-02-01 10:20 - 003097697 _____ (ask4pc ) C:\WINDOWS\unins008.exe
2021-02-01 10:20 - 2021-02-01 10:20 - 000127811 _____ C:\WINDOWS\unins010.dat
2021-02-01 10:20 - 2021-02-01 10:20 - 000084751 _____ C:\WINDOWS\unins008.dat
2021-02-01 10:20 - 2021-02-01 10:20 - 000059379 _____ C:\WINDOWS\unins009.dat
2021-02-01 09:35 - 2021-02-01 09:35 - 003097697 _____ (ask4pc ) C:\WINDOWS\unins007.exe
2021-02-01 09:35 - 2021-02-01 09:35 - 000081107 _____ C:\WINDOWS\unins007.dat
2021-02-01 09:34 - 2021-02-02 16:14 - 000127494 _____ C:\WINDOWS\unins006.dat
2021-02-01 09:34 - 2021-02-01 09:34 - 003097697 _____ (ask4pc ) C:\WINDOWS\unins005.exe
2021-02-01 09:34 - 2021-02-01 09:34 - 000080269 _____ C:\WINDOWS\unins005.dat
2021-02-01 09:33 - 2021-02-01 09:33 - 002618209 _____ C:\WINDOWS\unins004.exe
2021-02-01 09:33 - 2021-02-01 09:33 - 002618209 _____ C:\WINDOWS\unins001.exe
2021-02-01 09:33 - 2021-02-01 09:33 - 000032875 _____ C:\WINDOWS\unins004.dat
2021-02-01 09:06 - 2021-02-01 09:06 - 003097697 _____ (ask4pc ) C:\WINDOWS\unins003.exe
2021-02-01 09:06 - 2021-02-01 09:06 - 000086581 _____ C:\WINDOWS\unins003.dat
2021-02-01 09:05 - 2021-02-01 11:03 - 000097618 _____ C:\WINDOWS\unins002.dat
2021-02-01 09:05 - 2021-02-01 09:33 - 000117633 _____ C:\WINDOWS\unins001.dat
2021-02-01 09:05 - 2021-02-01 09:05 - 002618209 _____ C:\WINDOWS\unins000.exe
2021-02-01 09:05 - 2021-02-01 09:05 - 000108171 _____ C:\WINDOWS\unins000.dat
2021-02-05 16:32 - 2020-11-05 11:46 - 000003734 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-1952709571-807798404-1509361630-1003UA
2021-02-05 16:32 - 2020-11-05 11:46 - 000003466 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-1952709571-807798404-1509361630-1003Core
2021-02-10 21:50 - 2020-11-01 01:31 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
CustomCLSID: HKU\S-1-5-21-1952709571-807798404-1509361630-1003_Classes\CLSID\{6D264B70-DA18-401D-910C-B202D89670C6}\InprocServer32 -> C:\Users\Martin\AppData\Local\Google\Update\1.3.36.32\psuser_64.dll => No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
FirewallRules: [{4A6222DA-985D-4441-91F2-A48D91D50603}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe => No File
FirewallRules: [{141EBEC6-9607-494F-AD2F-26D0DACE0AEC}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe => No File
FirewallRules: [UDP Query User{9F4D8D01-64B1-4E6B-90B2-2DDEB83776BD}D:\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [TCP Query User{8D38D1B7-E7EB-4965-9DA4-B1D32BFF70DB}D:\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [UDP Query User{5F5571F8-28D5-4122-9084-4F13623D2A4B}C:\users\martin\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\martin\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe => No File
FirewallRules: [TCP Query User{38047FBD-87A4-4728-983C-83057318927F}C:\users\martin\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\martin\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe => No File
FirewallRules: [UDP Query User{5467B834-12AA-4F4D-BE49-38233F3BA57F}C:\users\martin\appdata\local\fivem\fivem.exe] => (Allow) C:\users\martin\appdata\local\fivem\fivem.exe => No File
FirewallRules: [TCP Query User{17BB8B65-C515-4653-A0E5-415FC691FB34}C:\users\martin\appdata\local\fivem\fivem.exe] => (Allow) C:\users\martin\appdata\local\fivem\fivem.exe => No File
FirewallRules: [{686056B1-05B2-47E4-B520-1DB333E5A8F8}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{42E19EC2-58BD-4B77-B9E5-C01B7BADADC9}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{9D044B38-ACE0-456A-B469-60F981C35A9A}D:\dying light\devtools\dyinglightplayer.exe] => (Allow) D:\dying light\devtools\dyinglightplayer.exe => No File
FirewallRules: [UDP Query User{D9E01699-4A10-4FDC-8528-BC0BD55C287E}D:\dying light\devtools\dyinglightplayer.exe] => (Allow) D:\dying light\devtools\dyinglightplayer.exe => No File
FirewallRules: [TCP Query User{51E506C4-3805-47CA-B43D-43B27A98F55C}D:\dying light\dyinglightgame.exe] => (Allow) D:\dying light\dyinglightgame.exe => No File
FirewallRules: [UDP Query User{8280EF09-BBB4-479D-9814-DF70638989CA}D:\dying light\dyinglightgame.exe] => (Allow) D:\dying light\dyinglightgame.exe => No File
FirewallRules: [TCP Query User{D45BAE82-5571-4D09-AC65-53B0D7651FA1}D:\grand theft auto v\gta5.exe] => (Allow) D:\grand theft auto v\gta5.exe => No File
FirewallRules: [UDP Query User{29D6F94D-2315-44C0-B8B9-B3D3528C120C}D:\grand theft auto v\gta5.exe] => (Allow) D:\grand theft auto v\gta5.exe => No File

EmptyTemp:
Hosts:

*****************

"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{60327e6c-13ab-11e9-88ca-0c9d9262121a} => removed successfully
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c75b7132-132a-11e9-88c9-0c9d9262121a} => removed successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3DA85365-E7E4-427C-B112-E4FFF539286B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3DA85365-E7E4-427C-B112-E4FFF539286B}" => removed successfully
C:\WINDOWS\System32\Tasks\Apple\AppleSoftwareUpdate => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Apple\AppleSoftwareUpdate" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{678CBBC0-4866-4932-B734-44FF637A3CD6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{678CBBC0-4866-4932-B734-44FF637A3CD6}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1952709571-807798404-1509361630-1003UA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-1952709571-807798404-1509361630-1003UA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7A2B783F-1A40-4E2C-88AE-267E6D8A14EE}" => not found
C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C0502CCE-925F-44CE-A3A7-B0606D3E65F5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C0502CCE-925F-44CE-A3A7-B0606D3E65F5}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1952709571-807798404-1509361630-1003Core => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-1952709571-807798404-1509361630-1003Core" => removed successfully
"Firefox newtab" => removed successfully
C:\WINDOWS\unins006.exe => moved successfully
C:\WINDOWS\unins002.exe => moved successfully
C:\WINDOWS\unins020.exe => moved successfully
C:\WINDOWS\unins020.dat => moved successfully
C:\WINDOWS\unins019.exe => moved successfully
C:\WINDOWS\unins019.dat => moved successfully
C:\WINDOWS\unins018.exe => moved successfully
C:\WINDOWS\unins018.dat => moved successfully
C:\WINDOWS\unins017.exe => moved successfully
C:\WINDOWS\unins017.dat => moved successfully
C:\WINDOWS\unins016.exe => moved successfully
C:\WINDOWS\unins016.dat => moved successfully
C:\WINDOWS\unins014.exe => moved successfully
C:\WINDOWS\unins015.exe => moved successfully
C:\WINDOWS\unins014.dat => moved successfully
C:\WINDOWS\unins015.dat => moved successfully
C:\WINDOWS\unins013.exe => moved successfully
C:\WINDOWS\unins012.exe => moved successfully
C:\WINDOWS\unins012.dat => moved successfully
C:\WINDOWS\unins013.dat => moved successfully
C:\WINDOWS\unins011.exe => moved successfully
C:\WINDOWS\unins011.dat => moved successfully
C:\WINDOWS\unins010.exe => moved successfully
C:\WINDOWS\unins009.exe => moved successfully
C:\WINDOWS\unins008.exe => moved successfully
C:\WINDOWS\unins010.dat => moved successfully
C:\WINDOWS\unins008.dat => moved successfully
C:\WINDOWS\unins009.dat => moved successfully
C:\WINDOWS\unins007.exe => moved successfully
C:\WINDOWS\unins007.dat => moved successfully
C:\WINDOWS\unins006.dat => moved successfully
C:\WINDOWS\unins005.exe => moved successfully
C:\WINDOWS\unins005.dat => moved successfully
C:\WINDOWS\unins004.exe => moved successfully
C:\WINDOWS\unins001.exe => moved successfully
C:\WINDOWS\unins004.dat => moved successfully
C:\WINDOWS\unins003.exe => moved successfully
C:\WINDOWS\unins003.dat => moved successfully
C:\WINDOWS\unins002.dat => moved successfully
C:\WINDOWS\unins001.dat => moved successfully
C:\WINDOWS\unins000.exe => moved successfully
C:\WINDOWS\unins000.dat => moved successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-1952709571-807798404-1509361630-1003UA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-1952709571-807798404-1509361630-1003Core" => not found
"C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task" => not found
HKU\S-1-5-21-1952709571-807798404-1509361630-1003_Classes\CLSID\{6D264B70-DA18-401D-910C-B202D89670C6} => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4A6222DA-985D-4441-91F2-A48D91D50603}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{141EBEC6-9607-494F-AD2F-26D0DACE0AEC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9F4D8D01-64B1-4E6B-90B2-2DDEB83776BD}D:\call of duty modern warfare\modernwarfare.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8D38D1B7-E7EB-4965-9DA4-B1D32BFF70DB}D:\call of duty modern warfare\modernwarfare.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5F5571F8-28D5-4122-9084-4F13623D2A4B}C:\users\martin\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{38047FBD-87A4-4728-983C-83057318927F}C:\users\martin\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5467B834-12AA-4F4D-BE49-38233F3BA57F}C:\users\martin\appdata\local\fivem\fivem.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{17BB8B65-C515-4653-A0E5-415FC691FB34}C:\users\martin\appdata\local\fivem\fivem.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{686056B1-05B2-47E4-B520-1DB333E5A8F8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{42E19EC2-58BD-4B77-B9E5-C01B7BADADC9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9D044B38-ACE0-456A-B469-60F981C35A9A}D:\dying light\devtools\dyinglightplayer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D9E01699-4A10-4FDC-8528-BC0BD55C287E}D:\dying light\devtools\dyinglightplayer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{51E506C4-3805-47CA-B43D-43B27A98F55C}D:\dying light\dyinglightgame.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8280EF09-BBB4-479D-9814-DF70638989CA}D:\dying light\dyinglightgame.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D45BAE82-5571-4D09-AC65-53B0D7651FA1}D:\grand theft auto v\gta5.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{29D6F94D-2315-44C0-B8B9-B3D3528C120C}D:\grand theft auto v\gta5.exe" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 484548293 B
Java, Flash, Steam htmlcache => 362671738 B
Windows/system/drivers => 64072176 B
Edge => 2083535 B
Chrome => 57539014 B
Firefox => 1666362385 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 262144 B
Martin => 5416578517 B

RecycleBin => 0 B
EmptyTemp: => 7.5 GB temporary data Removed.

================================


The system needed a reboot.

==== End 3 Fixlog 22:25:46 ====

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#11 Příspěvek od Diallix »

Supper, ako je na tom pocitac?
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

martin06
Návštěvník
Návštěvník
Příspěvky: 163
Registrován: 07 říj 2006 22:46

Re: Prosím o kontrolu logu

#12 Příspěvek od martin06 »

Řekl bych, že lepší, dokonce i rychlost v prohlížeči se zlepšila.

Super. Díky moc :)

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#13 Příspěvek od Diallix »

V pohode, neni zac, aj na buduce :]]
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Zamčeno