Prosím o kontrolu logu

[misak35]

Dobrý den,
dnes mi volal můj, ode dneška už, bývalý poskytovatel internetového připojení, že jdou ode mě DDOS útoky a spamy. Je pravda, že jsem měl veřejnou IP, abych měl přístup do NASu. Nicméně mám od nového poskytovatele nově neveřejnou IP. Prosím ale o kontrolu logu.

Logfile of random's system information tool 1.10 (written by random/random)
Run by misak at 2020-12-14 15:09:13
Microsoft Windows 10 Home
System drive C: has 593 GB (62%) free of 951 GB
Total RAM: 3966 MB (31% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:09:26, on 14.12.2020
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.18362.0001)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe
C:\Users\misak\AppData\Roaming\uTorrent\utorrent.exe
C:\Program Files (x86)\Gaming Keyboard\Monitor.EXE
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Windows\FixCamera.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Gaming Keyboard\OSD.exe
C:\Program Files (x86)\Dropbox\Client\111.4.472\QtWebEngineProcess.exe
C:\Program Files (x86)\Dropbox\Client\111.4.472\QtWebEngineProcess.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Users\misak\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe
C:\Program Files\trend micro\misak.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: PDFsam Enhanced 5 Helper - {00B64D8C-929B-4A37-AAAC-8A545F1E381E} - C:\Program Files (x86)\PDFsam Enhanced 5\creator\plugins\IEAddin\creator-ie-helper.dll
O2 - BHO: True Key Helper - {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.60\BHO\ie_to_edge_bho.dll
O2 - BHO: PDFsam Enhanced Helper - {6401BC8F-9AD0-430B-BF2C-2A34B0E98466} - C:\Program Files (x86)\PDFsam Enhanced\creator-ie-helper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll
O2 - BHO: PDFsam Enhanced 6 Helper - {861A3991-1B45-4F34-96B4-CE30DD4AB339} - C:\Program Files (x86)\PDFsam Enhanced 6\creator\plugins\IEAddin\creator-ie-helper.dll
O2 - BHO: PDFsam Enhanced 4 Helper - {952B1B0C-7ABC-49DD-8CC8-A7E73675E4F0} - C:\Program Files (x86)\PDFsam Enhanced 4\creator-ie-helper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll
O3 - Toolbar: PDFsam Enhanced Toolbar - {AD42CFE2-C0AD-487E-8224-C2AEF09F4CEB} - C:\Program Files (x86)\PDFsam Enhanced\creator-ie-plugin.dll
O3 - Toolbar: PDFsam Enhanced 4 Toolbar - {C33F5D76-0A77-4A99-8274-54AD52AF7D1B} - C:\Program Files (x86)\PDFsam Enhanced 4\creator-ie-plugin.dll
O3 - Toolbar: PDFsam Enhanced 5 Toolbar - {C690FC06-8B1B-4629-9830-89128CDE82CC} - C:\Program Files (x86)\PDFsam Enhanced 5\creator\plugins\IEAddin\creator-ie-plugin.dll
O3 - Toolbar: True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll
O3 - Toolbar: PDFsam Enhanced 6 Toolbar - {6F5E9294-F682-4F06-8DA6-CA13DF1D8B17} - C:\Program Files (x86)\PDFsam Enhanced 6\creator\plugins\IEAddin\creator-ie-plugin.dll
O4 - HKLM\..\Run: [VICTORY Gaming Keyboard] "C:\Program Files (x86)\Gaming Keyboard\Monitor.exe"
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
O4 - HKLM\..\Run: [tsnp325] C:\WINDOWS\tsnp325.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [TC UP] "C:\Program Files (x86)\TC UP\TCUP64.exe" /wnd=max
O4 - HKLM\..\Run: [MagicPlusHelper] "C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\misak\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [uTorrent] "C:\Users\misak\AppData\Roaming\uTorrent\utorrent.exe"
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [VirtualDiskAutomount] rundll32 "C:\Program Files (x86)\TC UP\PLUGINS\wfx\VirtualDisk\VirtualDisk.wfx",MountAfterReboot
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Volume2] C:\Users\misak\Desktop\Volume2\Volume2.exe
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: TVR Scheduler.lnk = C:\Program Files (x86)\honestech\honestech TVR 2.5\scheduleTV.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Adobe Genuine Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_1ec100 - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DbxSvc - Unknown owner - C:\WINDOWS\system32\DbxSvc.exe (file missing)
O23 - Service: Bentley Dgn Index Service (DgnIndexingService) - Bentley Systems Inc. - C:\Program Files (x86)\Common Files\Bentley Shared\Dgn Index Service\DgnIndexServer.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: DroidExplorer Service (DroidExplorerService) - Ryan Conrad - C:\Program Files\Droid Explorer\DroidExplorer.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: PDF Architect 5 Manager - © pdfforge GmbH. - C:\Program Files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe
O23 - Service: PDFsam Enhanced - Andrea Vacondio - C:\Program Files\PDFsam Enhanced\ws.exe
O23 - Service: PDFsam Enhanced 4 - Andrea Vacondio - C:\Program Files\PDFsam Enhanced 4\ws.exe
O23 - Service: PDFsam Enhanced 4 Creator - Andrea Vacondio - C:\Program Files\PDFsam Enhanced 4\creator-ws.exe
O23 - Service: PDFsam Enhanced 5 - Andrea Vacondio - C:\Program Files\PDFsam Enhanced 5\ws.exe
O23 - Service: PDFsam Enhanced 5 Creator - Andrea Vacondio - C:\Program Files\PDFsam Enhanced 5\creator\common\creator-ws.exe
O23 - Service: PDFsam Enhanced 6 - Andrea Vacondio - C:\Program Files\PDFsam Enhanced 6\ws.exe
O23 - Service: PDFsam Enhanced 6 Creator - Andrea Vacondio - C:\Program Files\PDFsam Enhanced 6\creator\common\creator-ws.exe
O23 - Service: PDFsam Enhanced 6 Update Service - Andrea Vacondio - C:\Program Files\PDFsam Enhanced 6\updater-ws.exe
O23 - Service: PDFsam Enhanced CrashHandler - Andrea Vacondio - C:\Program Files\PDFsam Enhanced\crash-handler-ws.exe
O23 - Service: PDFsam Enhanced Creator - Andrea Vacondio - C:\Program Files\PDFsam Enhanced\creator-ws.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: TeamViewer - TeamViewer Germany GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: McAfee True Key (TrueKey) - McAfee, LLC. - C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe
O23 - Service: McAfee True Key Scheduler (TrueKeyScheduler) - McAfee, LLC. - C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe
O23 - Service: McAfee True Key Helper Service (TrueKeyServiceHelper) - McAfee, LLC. - C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14588 bytes

======Listing Processes======








winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-86d2b3c6-698f-4225-9246-d7947869ea0c -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-6fdc2c45-3ab5-4576-807a-49fa55e67e8c -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-6ad97750-f593-4934-9365-44eac3415b33 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-a7e98acf-6c0a-4e55-891e-e49878094a32 -LifetimeId:498bca20-e6de-4862-98b6-84ac5d1ae264 -DeviceGroupId:WudfDefaultDevicePool -HostArg:0
"fontdrvhost.exe"
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s LSM
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s lfsvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s nsi
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Themes
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s EventSystem
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s SENS

C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s FontCache
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s Dnscache
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s NlaSvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s DispBrokerDesktopSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s netprofm
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s NcdAutoSetup
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s fdPHost
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s FDResPub
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
"C:\Program Files\PDFsam Enhanced 4\creator-ws.exe"
"C:\Program Files\PDFsam Enhanced 5\creator\common\creator-ws.exe"
"C:\Program Files\PDFsam Enhanced\creator-ws.exe"
"C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe"
"C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe"
"C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
"C:\Program Files\PDFsam Enhanced 6\updater-ws.exe"
"C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe"
"C:\Program Files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe"
C:\WINDOWS\system32\DbxSvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s CryptSvc
C:\WINDOWS\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s WdiServiceHost
dashost.exe {d10d457f-f207-42dd-b7310363875620eb}

"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV
"C:\Program Files\PDFsam Enhanced 6\ws.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted -p -s PolicyAgent
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s upnphost
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Browser

C:\WINDOWS\system32\svchost.exe -k LocalService -p -s CDPSvc

"C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe" /c
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc
"C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe"

C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UsoSvc

C:\WINDOWS\System32\svchost.exe -k netsvcs -p

C:\WINDOWS\System32\svchost.exe -k LocalService -p -s LicenseManager
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wuauserv
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-567fdfb2-114c-4385-ab0b-963bcaf11e50 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-d8f46e04-e093-4a2b-b112-a2cc41869280 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-9b314315-e656-4bed-833f-472a39c08286 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-36eae8ce-978b-417b-8067-66a52daa7027 -LifetimeId:9892c9f5-e04d-4108-acca-d0836775dc78 -DeviceGroupId:WpdFsGroup -HostArg:0
sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
"ctfmon.exe"
"C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe"
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\TeamViewer\TeamViewer.exe"
"C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe" -m
C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
"C:\Program Files (x86)\TeamViewer\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer15_Logfile.log
"C:\Program Files (x86)\TeamViewer\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer15_Logfile.log
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20111.125.0_x64__8wekyb3d8bbwe\YourPhone.exe" -ServerName:App.AppX9yct9q388jvt4h7y0gn06smzkxcsnt8m.mca
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\System32\SecurityHealthSystray.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Users\misak\AppData\Roaming\uTorrent\utorrent.exe"
"C:\Program Files (x86)\Gaming Keyboard\Monitor.EXE"
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
"C:\Windows\FixCamera.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" -type:crashpad-handler --no-upload-gzip --no-rate-limit --capture-python --no-identify-client-via-url --database=C:\Users\misak\AppData\Local\Dropbox\Crashpad --metrics-dir=0 --url=https://d.dropbox.com/report_crashpad_minidump --https-pin=0x23,0xf2,0xed,0xff,0x3e,0xde,0x90,0x25,0x9a,0x9e,0x30,0xf4,0xa,0xf8,0xf9,0x12,0xa5,0xe5,0xb3,0x69,0x4e,0x69,0x38,0x44,0x3,0x41,0xf6,0x6,0xe,0x1,0x4f,0xfa --https-pin=0xaf,0xf9,0x88,0x90,0x6d,0xde,0x12,0x95,0x5d,0x9b,0xeb,0xbf,0x92,0x8f,0xdc,0xc3,0x1c,0xce,0x32,0x8d,0x5b,0x93,0x84,0xf2,0x1c,0x89,0x41,0xca,0x26,0xe2,0x3,0x91 --https-pin=0x5a,0x88,0x96,0x47,0x22,0xe,0x54,0xd6,0xbd,0x8a,0x16,0x81,0x72,0x24,0x52,0xb,0xb5,0xc7,0x8e,0x58,0x98,0x4b,0xd5,0x70,0x50,0x63,0x88,0xb9,0xde,0xf,0x7,0x5f --https-pin=0xfe,0xa2,0xb7,0xd6,0x45,0xfb,0xa7,0x3d,0x75,0x3c,0x1e,0xc9,0xa7,0x87,0xc,0x40,0xe1,0xf7,0xb0,0xc5,0x61,0xe9,0x27,0xb9,0x85,0xbf,0x71,0x18,0x66,0xe3,0x6f,0x22 --https-pin=0x76,0xee,0x85,0x90,0x37,0x4c,0x71,0x54,0x37,0xbb,0xca,0x6b,0xba,0x60,0x28,0xea,0xdd,0xe2,0xdc,0x6d,0xbb,0xb8,0xc3,0xf6,0x10,0xe8,0x51,0xf1,0x1d,0x1a,0xb7,0xf5 --https-pin=0x6d,0xbf,0xae,0x0,0xd3,0x7b,0x9c,0xd7,0x3f,0x8f,0xb4,0x7d,0xe6,0x59,0x17,0xaf,0x0,0xe0,0xdd,0xdf,0x42,0xdb,0xce,0xac,0x20,0xc1,0x7c,0x2,0x75,0xee,0x20,0x95 --https-pin=0x1e,0xa3,0xc5,0xe4,0x3e,0xd6,0x6c,0x2d,0xa2,0x98,0x3a,0x42,0xa4,0xa7,0x9b,0x1e,0x90,0x67,0x86,0xce,0x9f,0x1b,0x58,0x62,0x14,0x19,0xa0,0x4,0x63,0xa8,0x7d,0x38 --https-pin=0x87,0xaf,0x34,0xd6,0x6f,0xb3,0xf2,0xfd,0xf3,0x6e,0x9,0x11,0x1e,0x9a,0xba,0x2f,0x6f,0x44,0xb2,0x7,0xf3,0x86,0x3f,0x3d,0xb,0x54,0xb2,0x50,0x23,0x90,0x9a,0xa5 --https-pin=0xbc,0xfb,0x44,0xaa,0xb9,0xad,0x2,0x10,0x15,0x70,0x6b,0x41,0x21,0xea,0x76,0x1c,0x81,0xc9,0xe8,0x89,0x67,0x59,0xf,0x6f,0x94,0xae,0x74,0x4d,0xc8,0x8b,0x78,0xfb --https-pin=0xab,0x98,0x49,0x52,0x76,0xad,0xf1,0xec,0xaf,0xf2,0x8f,0x35,0xc5,0x30,0x48,0x78,0x1e,0x5c,0x17,0x18,0xda,0xb9,0xc8,0xe6,0x7a,0x50,0x4f,0x4f,0x6a,0x51,0x32,0x8f --https-pin=0x49,0x5,0x46,0x66,0x23,0xab,0x41,0x78,0xbe,0x92,0xac,0x5c,0xbd,0x65,0x84,0xf7,0xa1,0xe1,0x7f,0x27,0x65,0x2d,0x5a,0x85,0xaf,0x89,0x50,0x4e,0xa2,0x39,0xaa,0xaa --https-pin=0x56,0x32,0xd9,0x7b,0xfa,0x77,0x5b,0xf3,0xc9,0x9d,0xde,0xa5,0x2f,0xc2,0x55,0x34,0x10,0x86,0x40,0x16,0x72,0x9c,0x52,0xdd,0x65,0x24,0xc8,0xa9,0xc3,0xb4,0x48,0x9f --https-pin=0x2a,0x8f,0x2d,0x8a,0xf0,0xeb,0x12,0x38,0x98,0xf7,0x4c,0x86,0x6a,0xc3,0xfa,0x66,0x90,0x54,0xe2,0x3c,0x17,0xbc,0x7a,0x95,0xbd,0x2,0x34,0x19,0x2d,0xc6,0x35,0xd0 --https-pin=0x32,0xb6,0x4b,0x66,0x72,0x7a,0x20,0x63,0xe4,0x6,0x6f,0x3b,0x95,0x8c,0xb0,0xaa,0xee,0x57,0x6a,0x5e,0xce,0xfd,0x95,0x33,0x99,0xbb,0x88,0x74,0x73,0x1d,0x95,0x87 --https-pin=0xf5,0x3c,0x22,0x5,0x98,0x17,0xdd,0x96,0xf4,0x0,0x65,0x16,0x39,0xd2,0xf8,0x57,0xe2,0x10,0x70,0xa5,0x9a,0xbe,0xd9,0x7,0x94,0x0,0xd9,0xf6,0x95,0x50,0x69,0x0 --https-pin=0x67,0xdc,0x4f,0x32,0xfa,0x10,0xe7,0xd0,0x1a,0x79,0xa0,0x73,0xaa,0xc,0x9e,0x2,0x12,0xec,0x2f,0xfc,0x3d,0x77,0x9e,0xa,0xa7,0xf9,0xc0,0xf0,0xe1,0xc2,0xc8,0x93 --https-pin=0x19,0x6,0xc6,0x12,0x4d,0xbb,0x43,0x85,0x78,0xd0,0xe,0x6,0x6d,0x50,0x54,0xc6,0xc3,0x7f,0xf,0xa6,0x2,0x8c,0x5,0x54,0x5e,0x9,0x94,0xed,0xda,0xec,0x86,0x29 --https-pin=0x1d,0x75,0xd0,0x83,0x1b,0x9e,0x8,0x85,0x39,0x4d,0x32,0xc7,0xa1,0xbf,0xdb,0x3d,0xbc,0x1c,0x28,0xe2,0xb0,0xe8,0x39,0x1f,0xb1,0x35,0x98,0x1d,0xbc,0x5b,0xa9,0x36 --annotation=host_int_account1_boot=5650078009 --annotation=machine_id=18fb51ef-b2a1-4458-9c3a-8852aadd65fc --annotation=platform=win "--annotation=platform_version=10 1909" --initial-client-data=0x284,0x288,0x28c,0x260,0x290,0x70ec75e8,0x70ec7610,0x70ec75f8
"C:\Program Files (x86)\TC UP\TCUP64.exe" /wnd=max
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" -type:exit-monitor -method:collectupload -session-token:c9f29c2c-49fc-4b20-9771-ab9c68bd98fd -target-handle:692 -target-shutdown-event:656 -target-restart-event:608 "-target-command-line:\"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe\" /systemstartup" -python-version:3.7.9 -handler-pipe:\\.\pipe\crashpad_8760_ZDYTNBBWSQEZEWHP
"C:\Program Files (x86)\Gaming Keyboard\OSD.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Dropbox\Client\111.4.472\QtWebEngineProcess.exe" --type=renderer --disable-gpu-memory-buffer-video-frames --enable-threaded-compositing --use-gl=egl --enable-features=AllowContentInitiatedDataUrlNavigations --disable-features=BackgroundFetch,MojoVideoCapture,SurfaceSynchronization,UsePdfCompositorServiceForPrint,UserActivationV2,VizDisplayCompositor --disable-databases --service-pipe-token=1370283768260951185 --lang=cs --webengine-schemes=dbx-local:hs;qrc:sLV --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=1370283768260951185 --renderer-client-id=3 --mojo-platform-channel-handle=6652 /prefetch:1
"C:\Program Files (x86)\Dropbox\Client\111.4.472\QtWebEngineProcess.exe" --type=renderer --disable-gpu-memory-buffer-video-frames --enable-threaded-compositing --use-gl=egl --enable-features=AllowContentInitiatedDataUrlNavigations --disable-features=BackgroundFetch,MojoVideoCapture,SurfaceSynchronization,UsePdfCompositorServiceForPrint,UserActivationV2,VizDisplayCompositor --disable-databases --service-pipe-token=11131715519282933220 --lang=cs --webengine-schemes=dbx-local:hs;qrc:sLV --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=11131715519282933220 --renderer-client-id=4 --mojo-platform-channel-handle=8060 /prefetch:1
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -critical
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.20090.1002.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc

C:\WINDOWS\system32\svchost.exe -k LocalService -p -s WebClient
"C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe" -ServerName:WindowsDefaultLockScreen.AppX7y4nbzq37zn4ks9k7amqjywdat7d3j2z.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s BthAvctpSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts

C:\WINDOWS\System32\WaaSMedicAgent.exe 429e8746cd54dbe72d47a9b15a251eca IZa8/34vMUiMlqhgeV6PPQ.0.1.0.0.0
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13228.41011.0_x64__8wekyb3d8bbwe\HxTsr.exe" -ServerName:Hx.IPC.Server
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\misak\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\misak\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\misak\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=87.0.4280.88 --initial-client-data=0x90,0xf4,0xf8,0xd0,0xfc,0x7fff159f0eb0,0x7fff159f0ec0,0x7fff159f0ed0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1680,16268145006986215462,7087198704178445625,131072 --gpu-preferences=MAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --mojo-platform-channel-handle=1692 /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1680,16268145006986215462,7087198704178445625,131072 --lang=cs --service-sandbox-type=network --mojo-platform-channel-handle=2068 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1680,16268145006986215462,7087198704178445625,131072 --lang=cs --service-sandbox-type=utility --mojo-platform-channel-handle=2356 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1680,16268145006986215462,7087198704178445625,131072 --lang=cs --extension-process --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3788 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1680,16268145006986215462,7087198704178445625,131072 --lang=cs --extension-process --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4068 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1680,16268145006986215462,7087198704178445625,131072 --lang=cs --extension-process --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4140 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1680,16268145006986215462,7087198704178445625,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3192 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1680,16268145006986215462,7087198704178445625,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4604 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1680,16268145006986215462,7087198704178445625,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5816 /prefetch:1
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\WINDOWS\system32\wermgr.exe -upload
"C:\Program Files\CCleaner\CCUpdate.exe"
C:\Windows\system32\msfeedssync.exe sync
C:\Windows\System32\usocoreworker.exe -Embedding
C:\WINDOWS\system32\compattelrunner.exe
C:\WINDOWS\system32\devicecensus.exe
C:\Users\misak\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe" -mode=scheduled
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe" /from_scheduler:1
"C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe"
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s BITS
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1680,16268145006986215462,7087198704178445625,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6244 /prefetch:1
C:\WINDOWS\system32\AUDIODG.EXE 0x240
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 780 784 792 8192 788
C:\WINDOWS\system32\CompatTelRunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun -cv:UWjWLcc3z0aLN69h.1
"C:\Users\misak\Downloads\RSITx64 (1).exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\WINDOWS\tasks\DropboxUpdateTaskMachineCore1d5d6cba22c2779.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\WINDOWS\tasks\DropboxUpdateTaskMachineUA1d5d6cba2571108.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\misak\AppData\Roaming\Mozilla\Firefox\Profiles\4dczc3fl.default

"pdfsam_enhanced_conv@pdfsam.com"=C:\Program Files\PDFsam Enhanced\resources\pdfsamenhancedfirefoxextension\
"pdfsam_enhanced6_conv@pdfsam.com"=C:\Program Files\PDFsam Enhanced 6\creator\plugins\FirefoxAddin\pdfsam_enhanced6_conv@pdfsam.com.xpi


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 25.0.0.127 Plugin
"Path"=C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_25_0_0_127.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.151.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.151.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\PDFsam Enhanced]
"Description"=
"Path"=C:\Program Files (x86)\PDFsam Enhanced\np-previewer.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\PDFsam Enhanced 4]
"Description"=
"Path"=C:\Program Files (x86)\PDFsam Enhanced 4\np-previewer.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 25.0.0.127 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.151.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.151.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\PDFsam Enhanced 5]
"Description"=
"Path"=C:\Program Files\PDFsam Enhanced 5\np-previewer.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00B64D8C-929B-4A37-AAAC-8A545F1E381E}]
PDFsam Enhanced 5 Helper - C:\Program Files\PDFsam Enhanced 5\creator\plugins\IEAddin\creator-ie-helper.dll [2018-06-27 76616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23 1452072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.60\BHO\ie_to_edge_bho_64.dll [2020-12-12 532880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-10-26 571968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{861A3991-1B45-4F34-96B4-CE30DD4AB339}]
PDFsam Enhanced 6 Helper - C:\Program Files\PDFsam Enhanced 6\creator\plugins\IEAddin\creator-ie-helper.dll [2019-10-23 81104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-26 235584]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00B64D8C-929B-4A37-AAAC-8A545F1E381E}]
PDFsam Enhanced 5 Helper - C:\Program Files (x86)\PDFsam Enhanced 5\creator\plugins\IEAddin\creator-ie-helper.dll [2018-06-27 64840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23 1073880]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.60\BHO\ie_to_edge_bho.dll [2020-12-12 414096]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6401BC8F-9AD0-430B-BF2C-2A34B0E98466}]
PDFsam Enhanced Helper - C:\Program Files (x86)\PDFsam Enhanced\creator-ie-helper.dll [2016-07-06 39488]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-10-26 473664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{861A3991-1B45-4F34-96B4-CE30DD4AB339}]
PDFsam Enhanced 6 Helper - C:\Program Files (x86)\PDFsam Enhanced 6\creator\plugins\IEAddin\creator-ie-helper.dll [2019-10-23 68304]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{952B1B0C-7ABC-49DD-8CC8-A7E73675E4F0}]
PDFsam Enhanced 4 Helper - C:\Program Files (x86)\PDFsam Enhanced 4\creator-ie-helper.dll [2017-08-02 64248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-26 187968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{C690FC06-8B1B-4629-9830-89128CDE82CC} - PDFsam Enhanced 5 Toolbar - C:\Program Files\PDFsam Enhanced 5\creator\plugins\IEAddin\creator-ie-plugin.dll [2018-06-27 660808]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23 1452072]
{6F5E9294-F682-4F06-8DA6-CA13DF1D8B17} - PDFsam Enhanced 6 Toolbar - C:\Program Files\PDFsam Enhanced 6\creator\plugins\IEAddin\creator-ie-plugin.dll [2019-10-23 483536]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{AD42CFE2-C0AD-487E-8224-C2AEF09F4CEB} - PDFsam Enhanced Toolbar - C:\Program Files (x86)\PDFsam Enhanced\creator-ie-plugin.dll [2016-07-06 548416]
{C33F5D76-0A77-4A99-8274-54AD52AF7D1B} - PDFsam Enhanced 4 Toolbar - C:\Program Files (x86)\PDFsam Enhanced 4\creator-ie-plugin.dll [2017-08-02 536312]
{C690FC06-8B1B-4629-9830-89128CDE82CC} - PDFsam Enhanced 5 Toolbar - C:\Program Files (x86)\PDFsam Enhanced 5\creator\plugins\IEAddin\creator-ie-plugin.dll [2018-06-27 536904]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23 1073880]
{6F5E9294-F682-4F06-8DA6-CA13DF1D8B17} - PDFsam Enhanced 6 Toolbar - C:\Program Files (x86)\PDFsam Enhanced 6\creator\plugins\IEAddin\creator-ie-plugin.dll [2019-10-23 402640]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2020-07-01 84992]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2015-06-13 8484056]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2018-04-10 509936]
"AdobeGCInvoker-1.0"=C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2020-09-23 3402832]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\misak\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2020-10-29 1938296]
"uTorrent"=C:\Users\misak\AppData\Roaming\uTorrent\utorrent.exe [2015-02-22 416168]
"GoogleDriveSync"=C:\Program Files\Google\Drive\googledrivesync.exe [2020-11-03 50010064]
"VirtualDiskAutomount"=rundll32 C:\Program Files (x86)\TC UP\PLUGINS\wfx\VirtualDisk\VirtualDisk.wfx,MountAfterReboot []
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2016-01-15 4177784]
"Volume2"=C:\Users\misak\Desktop\Volume2\Volume2.exe [2016-02-10 1577984]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2020-12-08 32414392]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"VICTORY Gaming Keyboard"=C:\Program Files (x86)\Gaming Keyboard\Monitor.exe [2013-04-09 270336]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2020-12-01 7992832]
"BrMfcWnd"=C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [2012-09-25 1163264]
"ControlCenter3"=C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [2008-12-24 114688]
"FixCamera"=C:\WINDOWS\FixCamera.exe [2007-02-12 20480]
"tsnp325"=C:\WINDOWS\tsnp325.exe [2007-04-21 270336]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-09-05 587288]
"TC UP"=C:\Program Files (x86)\TC UP\TCUP64.exe [2016-06-29 1833472]
"MagicPlusHelper"=C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe [2016-07-08 2499208]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
TVR Scheduler.lnk - C:\Program Files (x86)\honestech\honestech TVR 2.5\scheduleTV.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
"C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
"C:\Program Files\McAfee\TrueKey\McAfeeTrueKeyPasswordFilter"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinQuic]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - "C:\Program Files (x86)\PSPad editor\PSPad.exe" "%1"

======List of files/folders created in the last 1 month======

2020-12-13 11:48:45 ----D---- C:\ProgramData\AVG
2020-12-09 19:23:26 ----A---- C:\WINDOWS\SYSWOW64\fveapibase.dll
2020-12-09 19:23:26 ----A---- C:\WINDOWS\SYSWOW64\fveapi.dll
2020-12-09 19:23:26 ----A---- C:\WINDOWS\system32\fveapibase.dll
2020-12-09 19:23:26 ----A---- C:\WINDOWS\system32\fveapi.dll
2020-12-09 19:23:25 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2020-12-09 19:23:24 ----A---- C:\WINDOWS\system32\cdp.dll
2020-12-09 19:23:24 ----A---- C:\WINDOWS\system32\AppReadiness.dll
2020-12-09 19:23:14 ----A---- C:\WINDOWS\SYSWOW64\wpdshext.dll
2020-12-09 19:23:14 ----A---- C:\WINDOWS\SYSWOW64\DolbyDecMFT.dll
2020-12-09 19:23:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Streaming.dll
2020-12-09 19:23:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2020-12-09 19:23:13 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
2020-12-09 19:23:13 ----A---- C:\WINDOWS\SYSWOW64\dlnashext.dll
2020-12-09 19:23:12 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Audio.dll
2020-12-09 19:23:12 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2020-12-09 19:23:12 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2020-12-09 19:23:12 ----A---- C:\WINDOWS\system32\SettingsHandlers_AnalogShell.dll
2020-12-09 19:23:12 ----A---- C:\WINDOWS\system32\DolbyDecMFT.dll
2020-12-09 19:23:11 ----A---- C:\WINDOWS\system32\HolographicRuntimes.dll
2020-12-09 19:23:11 ----A---- C:\WINDOWS\system32\HologramCompositor.dll
2020-12-09 19:23:11 ----A---- C:\WINDOWS\system32\DHolographicDisplay.dll
2020-12-09 19:23:10 ----A---- C:\WINDOWS\system32\Hydrogen.dll
2020-12-09 19:23:09 ----A---- C:\WINDOWS\system32\wpdshext.dll
2020-12-09 19:23:09 ----A---- C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-12-09 19:23:09 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2020-12-09 19:23:09 ----A---- C:\WINDOWS\system32\DMRServer.dll
2020-12-09 19:23:09 ----A---- C:\WINDOWS\system32\dlnashext.dll
2020-12-09 19:23:08 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2020-12-09 19:23:08 ----A---- C:\WINDOWS\system32\mfsvr.dll
2020-12-09 19:23:08 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-12-09 19:23:08 ----A---- C:\WINDOWS\system32\mfcore.dll
2020-12-09 19:23:07 ----A---- C:\WINDOWS\system32\Windows.Media.Audio.dll
2020-12-09 19:23:07 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2020-12-09 19:23:06 ----A---- C:\WINDOWS\SYSWOW64\Windows.Mirage.Internal.dll
2020-12-09 19:23:05 ----A---- C:\WINDOWS\SYSWOW64\Windows.Mirage.dll
2020-12-09 19:23:05 ----A---- C:\WINDOWS\SYSWOW64\iemigplugin.dll
2020-12-09 19:23:05 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2020-12-09 19:23:05 ----A---- C:\WINDOWS\SYSWOW64\Chakrathunk.dll
2020-12-09 19:23:05 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2020-12-09 19:23:04 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2020-12-09 19:23:03 ----A---- C:\WINDOWS\SYSWOW64\wsecedit.dll
2020-12-09 19:23:03 ----A---- C:\WINDOWS\SYSWOW64\wecutil.exe
2020-12-09 19:23:03 ----A---- C:\WINDOWS\SYSWOW64\wecapi.dll
2020-12-09 19:23:03 ----A---- C:\WINDOWS\SYSWOW64\packager.dll
2020-12-09 19:23:03 ----A---- C:\WINDOWS\SYSWOW64\net1.exe
2020-12-09 19:23:03 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2020-12-09 19:23:03 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2020-12-09 19:22:59 ----A---- C:\WINDOWS\system32\Spectrum.exe
2020-12-09 19:22:59 ----A---- C:\WINDOWS\system32\RDXTaskFactory.dll
2020-12-09 19:22:59 ----A---- C:\WINDOWS\system32\ListSvc.dll
2020-12-09 19:22:59 ----A---- C:\WINDOWS\system32\dsregcmd.exe
2020-12-09 19:22:58 ----A---- C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2020-12-09 19:22:58 ----A---- C:\WINDOWS\system32\Windows.Mirage.dll
2020-12-09 19:22:58 ----A---- C:\WINDOWS\system32\FsNVSDeviceSource.dll
2020-12-09 19:22:58 ----A---- C:\WINDOWS\system32\drivers\rdpdr.sys
2020-12-09 19:22:58 ----A---- C:\WINDOWS\system32\CMFNVSDeviceBridge.dll
2020-12-09 19:22:57 ----A---- C:\WINDOWS\system32\rdpnano.dll
2020-12-09 19:22:57 ----A---- C:\WINDOWS\system32\iemigplugin.dll
2020-12-09 19:22:57 ----A---- C:\WINDOWS\system32\ieframe.dll
2020-12-09 19:22:57 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2020-12-09 19:22:56 ----A---- C:\WINDOWS\system32\Chakrathunk.dll
2020-12-09 19:22:56 ----A---- C:\WINDOWS\system32\Chakra.dll
2020-12-09 19:22:54 ----A---- C:\WINDOWS\system32\wsecedit.dll
2020-12-09 19:22:54 ----A---- C:\WINDOWS\system32\wecutil.exe
2020-12-09 19:22:54 ----A---- C:\WINDOWS\system32\wecsvc.dll
2020-12-09 19:22:54 ----A---- C:\WINDOWS\system32\wecapi.dll
2020-12-09 19:22:54 ----A---- C:\WINDOWS\system32\StorSvc.dll
2020-12-09 19:22:54 ----A---- C:\WINDOWS\system32\packager.dll
2020-12-09 19:22:54 ----A---- C:\WINDOWS\system32\mshtml.dll
2020-12-09 19:22:54 ----A---- C:\WINDOWS\system32\jscript.dll
2020-12-09 19:22:53 ----A---- C:\WINDOWS\system32\net1.exe
2020-12-09 19:22:53 ----A---- C:\WINDOWS\system32\MDMAppInstaller.exe
2020-12-09 19:22:53 ----A---- C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2020-12-09 19:22:53 ----A---- C:\WINDOWS\system32\edpcsp.dll
2020-12-09 19:22:51 ----A---- C:\WINDOWS\system32\tcbloader.dll
2020-12-09 19:22:51 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2020-12-09 19:22:51 ----A---- C:\WINDOWS\system32\skci.dll
2020-12-09 19:22:51 ----A---- C:\WINDOWS\system32\sdshext.dll
2020-12-09 19:22:51 ----A---- C:\WINDOWS\system32\sdrsvc.dll
2020-12-09 19:22:51 ----A---- C:\WINDOWS\system32\sdengin2.dll
2020-12-09 19:22:51 ----A---- C:\WINDOWS\system32\sdclt.exe
2020-12-09 19:22:50 ----A---- C:\WINDOWS\system32\vertdll.dll
2020-12-09 19:22:50 ----A---- C:\WINDOWS\system32\hvix64.exe
2020-12-09 19:22:50 ----A---- C:\WINDOWS\system32\hvax64.exe
2020-12-09 19:22:49 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.FileExplorer.dll
2020-12-09 19:22:49 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2020-12-09 19:22:49 ----A---- C:\WINDOWS\SYSWOW64\twext.dll
2020-12-09 19:22:49 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2020-12-09 19:22:49 ----A---- C:\WINDOWS\SYSWOW64\rasman.dll
2020-12-09 19:22:49 ----A---- C:\WINDOWS\SYSWOW64\ntshrui.dll
2020-12-09 19:22:49 ----A---- C:\WINDOWS\SYSWOW64\comdlg32.dll
2020-12-09 19:22:48 ----A---- C:\WINDOWS\SYSWOW64\rasapi32.dll
2020-12-09 19:22:48 ----A---- C:\WINDOWS\SYSWOW64\netshell.dll
2020-12-09 19:22:48 ----A---- C:\WINDOWS\SYSWOW64\netid.dll
2020-12-09 19:22:48 ----A---- C:\WINDOWS\SYSWOW64\netcfgx.dll
2020-12-09 19:22:47 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2020-12-09 19:22:47 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2020-12-09 19:22:46 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2020-12-09 19:22:46 ----A---- C:\WINDOWS\SYSWOW64\unenrollhook.dll
2020-12-09 19:22:46 ----A---- C:\WINDOWS\SYSWOW64\omadmapi.dll
2020-12-09 19:22:46 ----A---- C:\WINDOWS\SYSWOW64\mdmlocalmanagement.dll
2020-12-09 19:22:46 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2020-12-09 19:22:46 ----A---- C:\WINDOWS\SYSWOW64\enterpriseresourcemanager.dll
2020-12-09 19:22:46 ----A---- C:\WINDOWS\SYSWOW64\enrollmentapi.dll
2020-12-09 19:22:46 ----A---- C:\WINDOWS\SYSWOW64\dmenrollengine.dll
2020-12-09 19:22:46 ----A---- C:\WINDOWS\SYSWOW64\DMAlertListener.ProxyStub.dll
2020-12-09 19:22:45 ----A---- C:\WINDOWS\SYSWOW64\policymanager.dll
2020-12-09 19:22:45 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2020-12-09 19:22:45 ----A---- C:\WINDOWS\SYSWOW64\gmsaclient.dll
2020-12-09 19:22:45 ----A---- C:\WINDOWS\SYSWOW64\dmcmnutils.dll
2020-12-09 19:22:45 ----A---- C:\WINDOWS\SYSWOW64\dmcfgutils.dll
2020-12-09 19:22:38 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2020-12-09 19:22:38 ----A---- C:\WINDOWS\SYSWOW64\weretw.dll
2020-12-09 19:22:38 ----A---- C:\WINDOWS\SYSWOW64\werdiagcontroller.dll
2020-12-09 19:22:38 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2020-12-09 19:22:38 ----A---- C:\WINDOWS\SYSWOW64\ncryptprov.dll
2020-12-09 19:22:38 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2020-12-09 19:22:38 ----A---- C:\WINDOWS\SYSWOW64\logoncli.dll
2020-12-09 19:22:38 ----A---- C:\WINDOWS\SYSWOW64\dtdump.exe
2020-12-09 19:22:37 ----A---- C:\WINDOWS\SYSWOW64\wldp.dll
2020-12-09 19:22:37 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll
2020-12-09 19:22:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2020-12-09 19:22:37 ----A---- C:\WINDOWS\SYSWOW64\wincorlib.dll
2020-12-09 19:22:37 ----A---- C:\WINDOWS\SYSWOW64\dcomp.dll
2020-12-09 19:22:37 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2020-12-09 19:22:36 ----A---- C:\WINDOWS\SYSWOW64\winipcsecproc.dll
2020-12-09 19:22:36 ----A---- C:\WINDOWS\SYSWOW64\winipcfile.dll
2020-12-09 19:22:36 ----A---- C:\WINDOWS\SYSWOW64\SHCore.dll
2020-12-09 19:22:36 ----A---- C:\WINDOWS\SYSWOW64\shacct.dll
2020-12-09 19:22:36 ----A---- C:\WINDOWS\SYSWOW64\cldapi.dll
2020-12-09 19:22:36 ----A---- C:\WINDOWS\SYSWOW64\CertPolEng.dll
2020-12-09 19:22:36 ----A---- C:\WINDOWS\SYSWOW64\btpanui.dll
2020-12-09 19:22:36 ----A---- C:\WINDOWS\SYSWOW64\AppResolver.dll
2020-12-09 19:22:35 ----A---- C:\WINDOWS\SYSWOW64\winmsipc.dll
2020-12-09 19:22:35 ----A---- C:\WINDOWS\SYSWOW64\win32u.dll
2020-12-09 19:22:35 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2020-12-09 19:22:35 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2020-12-09 19:22:35 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2020-12-09 19:22:35 ----A---- C:\WINDOWS\SYSWOW64\mdmregistration.dll
2020-12-09 19:22:34 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2020-12-09 19:22:34 ----A---- C:\WINDOWS\SYSWOW64\ngccredprov.dll
2020-12-09 19:22:34 ----A---- C:\WINDOWS\SYSWOW64\InstallServiceTasks.dll
2020-12-09 19:22:34 ----A---- C:\WINDOWS\SYSWOW64\InstallService.dll
2020-12-09 19:22:34 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2020-12-09 19:22:34 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2020-12-09 19:22:33 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2020-12-09 19:22:33 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2020-12-09 19:22:33 ----A---- C:\WINDOWS\SYSWOW64\mssprxy.dll
2020-12-09 19:22:33 ----A---- C:\WINDOWS\SYSWOW64\InputHost.dll
2020-12-09 19:22:32 ----A---- C:\WINDOWS\SYSWOW64\UserDeviceRegistration.dll
2020-12-09 19:22:32 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2020-12-09 19:22:32 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2020-12-09 19:22:32 ----A---- C:\WINDOWS\SYSWOW64\SearchFilterHost.exe
2020-12-09 19:22:32 ----A---- C:\WINDOWS\SYSWOW64\Search.ProtocolHandler.MAPI2.dll
2020-12-09 19:22:32 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2020-12-09 19:22:32 ----A---- C:\WINDOWS\SYSWOW64\mssph.dll
2020-12-09 19:22:32 ----A---- C:\WINDOWS\SYSWOW64\mssitlb.dll
2020-12-09 19:22:32 ----A---- C:\WINDOWS\SYSWOW64\msscntrs.dll
2020-12-09 19:22:32 ----A---- C:\WINDOWS\SYSWOW64\dsregtask.dll
2020-12-09 19:22:32 ----A---- C:\WINDOWS\SYSWOW64\ActivationManager.dll
2020-12-09 19:22:31 ----A---- C:\WINDOWS\SYSWOW64\UserDeviceRegistration.Ngc.dll
2020-12-09 19:22:31 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2020-12-09 19:22:31 ----A---- C:\WINDOWS\SYSWOW64\dsreg.dll
2020-12-09 19:22:31 ----A---- C:\WINDOWS\SYSWOW64\directmanipulation.dll
2020-12-09 19:22:31 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2020-12-09 19:22:30 ----A---- C:\WINDOWS\SYSWOW64\Wpc.dll
2020-12-09 19:22:30 ----A---- C:\WINDOWS\SYSWOW64\winshfhc.dll
2020-12-09 19:22:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Input.Inking.dll
2020-12-09 19:22:30 ----A---- C:\WINDOWS\SYSWOW64\TaskSchdPS.dll
2020-12-09 19:22:30 ----A---- C:\WINDOWS\SYSWOW64\taskschd.dll
2020-12-09 19:22:30 ----A---- C:\WINDOWS\SYSWOW64\taskcomp.dll
2020-12-09 19:22:30 ----A---- C:\WINDOWS\SYSWOW64\schtasks.exe
2020-12-09 19:22:30 ----A---- C:\WINDOWS\SYSWOW64\netplwiz.dll
2020-12-09 19:22:30 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2020-12-09 19:22:29 ----A---- C:\WINDOWS\SYSWOW64\SpatialAudioLicenseSrv.exe
2020-12-09 19:22:29 ----A---- C:\WINDOWS\SYSWOW64\sechost.dll
2020-12-09 19:22:29 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2020-12-09 19:22:29 ----A---- C:\WINDOWS\SYSWOW64\FlightSettings.dll
2020-12-09 19:22:29 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2020-12-09 19:22:29 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2020-12-09 19:22:29 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2020-12-09 19:22:28 ----A---- C:\WINDOWS\SYSWOW64\remoteaudioendpoint.dll
2020-12-09 19:22:28 ----A---- C:\WINDOWS\SYSWOW64\OneCoreCommonProxyStub.dll
2020-12-09 19:22:28 ----A---- C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2020-12-09 19:22:28 ----A---- C:\WINDOWS\system32\twext.dll
2020-12-09 19:22:28 ----A---- C:\WINDOWS\system32\comdlg32.dll
2020-12-09 19:22:27 ----A---- C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2020-12-09 19:22:27 ----A---- C:\WINDOWS\system32\vbscript.dll
2020-12-09 19:22:27 ----A---- C:\WINDOWS\system32\RASMM.dll
2020-12-09 19:22:27 ----A---- C:\WINDOWS\system32\rasmans.dll
2020-12-09 19:22:27 ----A---- C:\WINDOWS\system32\rasman.dll
2020-12-09 19:22:27 ----A---- C:\WINDOWS\system32\rascustom.dll
2020-12-09 19:22:27 ----A---- C:\WINDOWS\system32\rasapi32.dll
2020-12-09 19:22:26 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-12-09 19:22:26 ----A---- C:\WINDOWS\system32\netshell.dll
2020-12-09 19:22:26 ----A---- C:\WINDOWS\system32\netcfgx.dll
2020-12-09 19:22:25 ----A---- C:\WINDOWS\system32\netid.dll
2020-12-09 19:22:20 ----A---- C:\WINDOWS\system32\SDDS.dll
2020-12-09 19:22:20 ----A---- C:\WINDOWS\system32\JpnServiceDS.dll
2020-12-09 19:22:20 ----A---- C:\WINDOWS\system32\FilterDS.dll
2020-12-09 19:22:20 ----A---- C:\WINDOWS\system32\DDDS.dll
2020-12-09 19:22:20 ----A---- C:\WINDOWS\system32\BingFilterDS.dll
2020-12-09 19:22:20 ----A---- C:\WINDOWS\system32\BingASDS.dll
2020-12-09 19:22:19 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-12-09 19:22:19 ----A---- C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2020-12-09 19:22:19 ----A---- C:\WINDOWS\system32\profsvcext.dll
2020-12-09 19:22:18 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-12-09 19:22:18 ----A---- C:\WINDOWS\system32\MdmDiagnostics.dll
2020-12-09 19:22:18 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2020-12-09 19:22:18 ----A---- C:\WINDOWS\system32\gdi32full.dll
2020-12-09 19:22:18 ----A---- C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-12-09 19:22:17 ----A---- C:\WINDOWS\system32\unenrollhook.dll
2020-12-09 19:22:17 ----A---- C:\WINDOWS\system32\omadmclient.exe
2020-12-09 19:22:17 ----A---- C:\WINDOWS\system32\omadmapi.dll
2020-12-09 19:22:17 ----A---- C:\WINDOWS\system32\mdmpostprocessevaluator.dll
2020-12-09 19:22:17 ----A---- C:\WINDOWS\system32\mdmmigrator.dll
2020-12-09 19:22:17 ----A---- C:\WINDOWS\system32\mdmlocalmanagement.dll
2020-12-09 19:22:17 ----A---- C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-12-09 19:22:17 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2020-12-09 19:22:17 ----A---- C:\WINDOWS\system32\dmenterprisediagnostics.dll
2020-12-09 19:22:17 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2020-12-09 19:22:16 ----A---- C:\WINDOWS\system32\policymanager.dll
2020-12-09 19:22:16 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2020-12-09 19:22:16 ----A---- C:\WINDOWS\system32\DMPushRouterCore.dll
2020-12-09 19:22:16 ----A---- C:\WINDOWS\system32\dmcsps.dll
2020-12-09 19:22:16 ----A---- C:\WINDOWS\system32\dmcmnutils.dll
2020-12-09 19:22:16 ----A---- C:\WINDOWS\system32\dmcfgutils.dll
2020-12-09 19:22:16 ----A---- C:\WINDOWS\system32\dmcertinst.exe
2020-12-09 19:22:16 ----A---- C:\WINDOWS\system32\coredpus.dll
2020-12-09 19:22:16 ----A---- C:\WINDOWS\system32\configmanager2.dll
2020-12-09 19:22:15 ----A---- C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-09 19:22:15 ----A---- C:\WINDOWS\system32\SecurityHealthService.exe
2020-12-09 19:22:15 ----A---- C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-12-09 19:22:15 ----A---- C:\WINDOWS\system32\SecurityHealthHost.exe
2020-12-09 19:22:15 ----A---- C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-12-09 19:22:15 ----A---- C:\WINDOWS\system32\LogonController.dll
2020-12-09 19:22:15 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2020-12-09 19:22:14 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2020-12-09 19:22:14 ----A---- C:\WINDOWS\SYSWOW64\bcryptprimitives.dll
2020-12-09 19:22:14 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-12-09 19:22:14 ----A---- C:\WINDOWS\system32\netlogon.dll
2020-12-09 19:22:14 ----A---- C:\WINDOWS\system32\gmsaclient.dll
2020-12-09 19:22:14 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2020-12-09 19:22:13 ----A---- C:\WINDOWS\system32\sechost.dll
2020-12-09 19:22:13 ----A---- C:\WINDOWS\system32\KernelBase.dll
2020-12-09 19:22:13 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2020-12-09 19:22:13 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2020-12-09 19:22:13 ----A---- C:\WINDOWS\system32\bcryptprimitives.dll
2020-12-09 19:22:12 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2020-12-09 19:22:12 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2020-12-09 19:22:12 ----A---- C:\WINDOWS\system32\drivers\msrpc.sys
2020-12-09 19:22:11 ----A---- C:\WINDOWS\system32\wermgr.exe
2020-12-09 19:22:11 ----A---- C:\WINDOWS\system32\weretw.dll
2020-12-09 19:22:11 ----A---- C:\WINDOWS\system32\werdiagcontroller.dll
2020-12-09 19:22:11 ----A---- C:\WINDOWS\system32\wer.dll
2020-12-09 19:22:11 ----A---- C:\WINDOWS\system32\runexehelper.exe
2020-12-09 19:22:11 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2020-12-09 19:22:10 ----A---- C:\WINDOWS\system32\utcutil.dll
2020-12-09 19:22:10 ----A---- C:\WINDOWS\system32\offlinelsa.dll
2020-12-09 19:22:10 ----A---- C:\WINDOWS\system32\lsasrv.dll
2020-12-09 19:22:10 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2020-12-09 19:22:10 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2020-12-09 19:22:10 ----A---- C:\WINDOWS\system32\diagtrack.dll
2020-12-09 19:22:09 ----A---- C:\WINDOWS\system32\WinTypes.dll
2020-12-09 19:22:09 ----A---- C:\WINDOWS\system32\wincorlib.dll
2020-12-09 19:22:09 ----A---- C:\WINDOWS\system32\rpcss.dll
2020-12-09 19:22:09 ----A---- C:\WINDOWS\system32\ncryptprov.dll
2020-12-09 19:22:09 ----A---- C:\WINDOWS\system32\msv1_0.dll
2020-12-09 19:22:09 ----A---- C:\WINDOWS\system32\logoncli.dll
2020-12-09 19:22:08 ----A---- C:\WINDOWS\system32\WPTaskScheduler.dll
2020-12-09 19:22:08 ----A---- C:\WINDOWS\system32\wldp.dll
2020-12-09 19:22:08 ----A---- C:\WINDOWS\system32\TaskSchdPS.dll
2020-12-09 19:22:08 ----A---- C:\WINDOWS\system32\taskschd.dll
2020-12-09 19:22:08 ----A---- C:\WINDOWS\system32\taskcomp.dll
2020-12-09 19:22:08 ----A---- C:\WINDOWS\system32\schedsvc.dll
2020-12-09 19:22:08 ----A---- C:\WINDOWS\system32\combase.dll
2020-12-09 19:22:08 ----A---- C:\WINDOWS\system32\ci.dll
2020-12-09 19:22:08 ----A---- C:\WINDOWS\system32\bcrypt.dll
2020-12-09 19:22:07 ----A---- C:\WINDOWS\system32\taskhostw.exe
2020-12-09 19:22:07 ----A---- C:\WINDOWS\system32\sppobjs.dll
2020-12-09 19:22:07 ----A---- C:\WINDOWS\system32\schtasks.exe
2020-12-09 19:22:06 ----A---- C:\WINDOWS\system32\shell32.dll
2020-12-09 19:22:06 ----A---- C:\WINDOWS\system32\ntshrui.dll
2020-12-09 19:22:05 ----A---- C:\WINDOWS\system32\winresume.exe
2020-12-09 19:22:05 ----A---- C:\WINDOWS\system32\uDWM.dll
2020-12-09 19:22:05 ----A---- C:\WINDOWS\system32\drivers\wof.sys
2020-12-09 19:22:05 ----A---- C:\WINDOWS\system32\drivers\cldflt.sys
2020-12-09 19:22:05 ----A---- C:\WINDOWS\system32\dcomp.dll
2020-12-09 19:22:05 ----A---- C:\WINDOWS\system32\CertPolEng.dll
2020-12-09 19:22:04 ----A---- C:\WINDOWS\system32\winload.exe
2020-12-09 19:22:04 ----A---- C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
2020-12-09 19:22:04 ----A---- C:\WINDOWS\system32\shacct.dll
2020-12-09 19:22:04 ----A---- C:\WINDOWS\system32\cldapi.dll
2020-12-09 19:22:04 ----A---- C:\WINDOWS\system32\btpanui.dll
2020-12-09 19:21:55 ----A---- C:\WINDOWS\system32\Windows.SharedPC.CredentialProvider.dll
2020-12-09 19:21:55 ----A---- C:\WINDOWS\system32\UsoClient.exe
2020-12-09 19:21:55 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2020-12-09 19:21:55 ----A---- C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-12-09 19:21:55 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-12-09 19:21:55 ----A---- C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2020-12-09 19:21:55 ----A---- C:\WINDOWS\system32\AppResolver.dll
2020-12-09 19:21:54 ----A---- C:\WINDOWS\system32\winipcsecproc.dll
2020-12-09 19:21:54 ----A---- C:\WINDOWS\system32\winipcfile.dll
2020-12-09 19:21:54 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2020-12-09 19:21:54 ----A---- C:\WINDOWS\system32\usosvc.dll
2020-12-09 19:21:54 ----A---- C:\WINDOWS\system32\usocoreworker.exe
2020-12-09 19:21:54 ----A---- C:\WINDOWS\system32\SHCore.dll
2020-12-09 19:21:54 ----A---- C:\WINDOWS\system32\RasMediaManager.dll
2020-12-09 19:21:53 ----A---- C:\WINDOWS\system32\winmsipc.dll
2020-12-09 19:21:53 ----A---- C:\WINDOWS\system32\win32u.dll
2020-12-09 19:21:53 ----A---- C:\WINDOWS\system32\win32kfull.sys
2020-12-09 19:21:53 ----A---- C:\WINDOWS\system32\win32k.sys
2020-12-09 19:21:53 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2020-12-09 19:21:53 ----A---- C:\WINDOWS\system32\drivers\bindflt.sys
2020-12-09 19:21:53 ----A---- C:\WINDOWS\system32\bindflt.dll
2020-12-09 19:21:52 ----A---- C:\WINDOWS\system32\wintrust.dll
2020-12-09 19:21:52 ----A---- C:\WINDOWS\system32\user32.dll
2020-12-09 19:21:52 ----A---- C:\WINDOWS\system32\fwmdmcsp.dll
2020-12-09 19:21:51 ----A---- C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-12-09 19:21:51 ----A---- C:\WINDOWS\system32\WaaSMedicPS.dll
2020-12-09 19:21:51 ----A---- C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-12-09 19:21:51 ----A---- C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-12-09 19:21:51 ----A---- C:\WINDOWS\system32\InstallServiceTasks.dll
2020-12-09 19:21:51 ----A---- C:\WINDOWS\system32\InstallService.dll
2020-12-09 19:21:51 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-12-09 19:21:50 ----A---- C:\WINDOWS\system32\tquery.dll
2020-12-09 19:21:50 ----A---- C:\WINDOWS\system32\mssrch.dll
2020-12-09 19:21:50 ----A---- C:\WINDOWS\system32\mssprxy.dll
2020-12-09 19:21:50 ----A---- C:\WINDOWS\system32\InputHost.dll
2020-12-09 19:21:49 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2020-12-09 19:21:49 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2020-12-09 19:21:49 ----A---- C:\WINDOWS\system32\SearchFilterHost.exe
2020-12-09 19:21:49 ----A---- C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-12-09 19:21:49 ----A---- C:\WINDOWS\system32\mssvp.dll
2020-12-09 19:21:49 ----A---- C:\WINDOWS\system32\mssph.dll
2020-12-09 19:21:49 ----A---- C:\WINDOWS\system32\mssitlb.dll
2020-12-09 19:21:49 ----A---- C:\WINDOWS\system32\msscntrs.dll
2020-12-09 19:21:48 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2020-12-09 19:21:48 ----A---- C:\WINDOWS\system32\dosvc.dll
2020-12-09 19:21:48 ----A---- C:\WINDOWS\system32\domgmt.dll
2020-12-09 19:21:47 ----A---- C:\WINDOWS\system32\win32kbase.sys
2020-12-09 19:21:47 ----A---- C:\WINDOWS\system32\ngccredprov.dll
2020-12-09 19:21:47 ----A---- C:\WINDOWS\system32\gdi32.dll
2020-12-09 19:21:47 ----A---- C:\WINDOWS\system32\drivers\watchdog.sys
2020-12-09 19:21:47 ----A---- C:\WINDOWS\system32\drivers\ClipSp.sys
2020-12-09 19:21:47 ----A---- C:\WINDOWS\system32\ActivationManager.dll
2020-12-09 19:21:46 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2020-12-09 19:21:46 ----A---- C:\WINDOWS\system32\directmanipulation.dll
2020-12-09 19:21:46 ----A---- C:\WINDOWS\system32\CustomInstallExec.exe
2020-12-09 19:21:46 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-12-09 19:21:46 ----A---- C:\WINDOWS\system32\aadtb.dll
2020-12-09 19:21:45 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-12-09 19:21:45 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-12-09 19:21:45 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-12-09 19:21:45 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-12-09 19:21:45 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2020-12-09 19:21:44 ----A---- C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2020-12-09 19:21:44 ----A---- C:\WINDOWS\system32\netplwiz.dll
2020-12-09 19:21:43 ----A---- C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-12-09 19:21:43 ----A---- C:\WINDOWS\system32\winshfhc.dll
2020-12-09 19:21:43 ----A---- C:\WINDOWS\system32\WiFiConfigSP.dll
2020-12-09 19:21:43 ----A---- C:\WINDOWS\system32\StartTileData.dll
2020-12-09 19:21:43 ----A---- C:\WINDOWS\system32\pkeyhelper.dll
2020-12-09 19:21:43 ----A---- C:\WINDOWS\system32\dsregtask.dll
2020-12-09 19:21:43 ----A---- C:\WINDOWS\system32\dafWfdProvider.dll
2020-12-09 19:21:42 ----A---- C:\WINDOWS\system32\wmicmiplugin.dll
2020-12-09 19:21:42 ----A---- C:\WINDOWS\system32\UtcDecoderHost.exe
2020-12-09 19:21:42 ----A---- C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2020-12-09 19:21:42 ----A---- C:\WINDOWS\system32\UserDeviceRegistration.dll
2020-12-09 19:21:42 ----A---- C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2020-12-09 19:21:42 ----A---- C:\WINDOWS\system32\netman.dll
2020-12-09 19:21:42 ----A---- C:\WINDOWS\system32\localspl.dll
2020-12-09 19:21:42 ----A---- C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-12-09 19:21:42 ----A---- C:\WINDOWS\system32\dsreg.dll
2020-12-09 19:21:41 ----A---- C:\WINDOWS\system32\WpcTok.exe
2020-12-09 19:21:41 ----A---- C:\WINDOWS\system32\WpcMon.exe
2020-12-09 19:21:41 ----A---- C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-12-09 19:21:41 ----A---- C:\WINDOWS\system32\Wpc.dll
2020-12-09 19:21:41 ----A---- C:\WINDOWS\system32\spoolsv.exe
2020-12-09 19:21:41 ----A---- C:\WINDOWS\splwow64.exe
2020-12-09 19:21:40 ----A---- C:\WINDOWS\system32\WpcRefreshTask.dll
2020-12-09 19:21:40 ----A---- C:\WINDOWS\system32\RjvMDMConfig.dll
2020-12-09 19:21:40 ----A---- C:\WINDOWS\system32\MDMAgent.exe
2020-12-09 19:21:40 ----A---- C:\WINDOWS\system32\FlightSettings.dll
2020-12-09 19:21:40 ----A---- C:\WINDOWS\system32\audioresourceregistrar.dll
2020-12-09 19:21:40 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2020-12-09 19:21:40 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-12-09 19:21:40 ----A---- C:\WINDOWS\system32\audiodg.exe
2020-12-09 19:21:39 ----A---- C:\WINDOWS\system32\Windows.Management.Service.dll
2020-12-09 19:21:39 ----A---- C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-12-09 19:21:39 ----A---- C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-12-09 19:21:39 ----A---- C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-12-09 19:21:39 ----A---- C:\WINDOWS\system32\autopilot.dll
2020-12-09 19:21:39 ----A---- C:\WINDOWS\system32\audiosrv.dll
2020-12-09 19:21:39 ----A---- C:\WINDOWS\system32\AudioSes.dll
2020-12-09 19:21:39 ----A---- C:\WINDOWS\system32\AudioEng.dll
2020-12-09 19:21:38 ----A---- C:\WINDOWS\system32\OneCoreCommonProxyStub.dll
2020-12-09 19:21:38 ----A---- C:\WINDOWS\system32\ManageCI.dll
2020-12-06 15:50:34 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2020-12-06 15:36:25 ----D---- C:\WINDOWS\Minidump
2020-12-01 23:10:50 ----A---- C:\WINDOWS\system32\drivers\dbx-stable.sys
2020-12-01 23:10:50 ----A---- C:\WINDOWS\system32\drivers\dbx-dev.sys
2020-12-01 23:10:50 ----A---- C:\WINDOWS\system32\drivers\dbx-canary.sys
2020-12-01 23:10:50 ----A---- C:\WINDOWS\system32\DbxSvc.exe

======List of files/folders modified in the last 1 month======

2020-12-14 15:09:21 ----D---- C:\WINDOWS\Temp
2020-12-14 15:09:19 ----D---- C:\Program Files\trend micro
2020-12-14 15:09:07 ----D---- C:\WINDOWS\Prefetch
2020-12-14 15:07:37 ----D---- C:\WINDOWS\system32\sru
2020-12-14 15:04:34 ----D---- C:\WINDOWS\system32\SleepStudy
2020-12-14 15:04:34 ----D---- C:\Users\misak\AppData\Roaming\uTorrent
2020-12-13 19:59:30 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2020-12-13 17:31:59 ----AD---- C:\Program Files\CCleaner
2020-12-13 17:31:10 ----D---- C:\WINDOWS\System32
2020-12-13 17:31:10 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2020-12-13 17:30:55 ----D---- C:\Windows
2020-12-13 17:30:53 ----D---- C:\WINDOWS\INF
2020-12-13 14:43:01 ----D---- C:\WINDOWS\AppReadiness
2020-12-13 13:58:33 ----SHD---- C:\System Volume Information
2020-12-13 13:38:21 ----AD---- C:\Program Files (x86)\TeamViewer
2020-12-13 13:37:58 ----D---- C:\Program Files
2020-12-13 13:37:53 ----SHD---- C:\Config.Msi
2020-12-13 13:37:53 ----D---- C:\WINDOWS\system32\drivers
2020-12-13 13:37:53 ----D---- C:\Program Files\Common Files
2020-12-13 12:39:38 ----D---- C:\WINDOWS\system32\Tasks
2020-12-13 12:22:54 ----SHDC---- C:\WINDOWS\Installer
2020-12-13 12:22:54 ----RD---- C:\Program Files (x86)
2020-12-13 12:09:07 ----D---- C:\Program Files (x86)\Common Files
2020-12-13 12:08:25 ----D---- C:\WINDOWS\system32\catroot2
2020-12-13 12:04:32 ----D---- C:\Users\misak\AppData\Roaming\TeamViewer
2020-12-13 11:57:38 ----DC---- C:\WINDOWS\Panther
2020-12-13 11:57:37 ----D---- C:\WINDOWS\debug
2020-12-13 11:50:49 ----HD---- C:\WINDOWS\ELAMBKUP
2020-12-13 11:50:45 ----SHD---- C:\Recovery
2020-12-13 11:49:40 ----D---- C:\TEMP
2020-12-13 11:48:45 ----HD---- C:\ProgramData
2020-12-13 06:58:31 ----D---- C:\WINDOWS\Logs
2020-12-13 04:25:07 ----RD---- C:\WINDOWS\Microsoft.NET
2020-12-12 08:54:34 ----D---- C:\WINDOWS\system32\config
2020-12-12 05:13:16 ----HD---- C:\Program Files\WindowsApps
2020-12-11 00:26:02 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-11 00:23:30 ----D---- C:\WINDOWS\WinSxS
2020-12-11 00:21:45 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2020-12-11 00:19:32 ----D---- C:\WINDOWS\SYSWOW64\migration
2020-12-11 00:19:32 ----D---- C:\WINDOWS\SYSWOW64\en-US
2020-12-11 00:19:32 ----D---- C:\WINDOWS\SYSWOW64\Dism
2020-12-11 00:19:32 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2020-12-11 00:19:32 ----D---- C:\WINDOWS\SysWOW64
2020-12-11 00:19:22 ----D---- C:\WINDOWS\SystemResources
2020-12-11 00:19:22 ----D---- C:\WINDOWS\system32\zh-TW
2020-12-11 00:19:22 ----D---- C:\WINDOWS\system32\oobe
2020-12-11 00:19:21 ----D---- C:\WINDOWS\system32\migration
2020-12-11 00:19:21 ----D---- C:\WINDOWS\system32\en-US
2020-12-11 00:19:20 ----D---- C:\WINDOWS\system32\drivers\en-US
2020-12-11 00:19:20 ----D---- C:\WINDOWS\system32\Dism
2020-12-11 00:19:19 ----D---- C:\WINDOWS\system32\cs-CZ
2020-12-11 00:19:19 ----D---- C:\WINDOWS\system32\Boot
2020-12-11 00:19:02 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2020-12-11 00:19:02 ----D---- C:\WINDOWS\ShellExperiences
2020-12-11 00:19:02 ----D---- C:\WINDOWS\bcastdvr
2020-12-11 00:19:02 ----D---- C:\WINDOWS\apppatch
2020-12-11 00:19:01 ----D---- C:\Program Files\Windows Defender
2020-12-11 00:19:01 ----D---- C:\Program Files (x86)\Windows Defender
2020-12-11 00:18:52 ----D---- C:\WINDOWS\system32\DriverStore
2020-12-09 19:30:05 ----D---- C:\WINDOWS\CbsTemp
2020-12-09 18:00:47 ----D---- C:\WINDOWS\system32\LogFiles
2020-12-06 16:04:50 ----D---- C:\Program Files (x86)\Dropbox
2020-12-06 15:52:09 ----D---- C:\WINDOWS\system32\drivers\wd
2020-11-20 18:24:55 ----D---- C:\WINDOWS\system32\Logs
2020-11-20 18:24:54 ----D---- C:\Program Files\Microsoft Update Health Tools
2020-11-15 10:14:09 ----AD---- C:\VKM5

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2019-03-19 56632]
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\WINDOWS\system32\drivers\SgrmAgent.sys [2019-03-19 89096]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2020-08-13 40960]
R1 AsIO;AsIO; C:\WINDOWS\SysWow64\drivers\AsIO.sys [2014-01-28 15232]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2019-03-19 70456]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2019-03-19 59392]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2019-03-19 8704]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2020-12-09 457216]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2019-03-19 53760]
R3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2020-12-09 117064]
R3 dtlitescsibus;@oem23.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2016-02-29 30264]
R3 dtliteusbbus;@oem78.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2016-02-29 47672]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2017-10-20 7963632]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-06-19 4496600]
R3 MEIx64;@oem7.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2017-10-17 206496]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2019-03-19 662528]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2019-03-19 42808]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2019-03-19 319528]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2019-03-19 885048]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2019-03-19 148520]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2019-03-19 124448]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2019-03-19 128528]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2019-03-19 75280]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2019-03-19 94736]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2019-03-19 58896]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2019-03-19 68624]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2019-03-19 41784]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2020-07-01 151352]
S2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys [2005-06-14 296448]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2019-03-19 20992]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys [2020-07-01 337920]
S3 amdgpio2;@amdgpio2.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio2.sys [2019-03-19 18432]
S3 amdi2c;@amdi2c.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\WINDOWS\System32\drivers\amdi2c.sys [2019-03-19 37888]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2020-10-14 18432]
S3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys [2020-07-01 231936]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2020-07-01 114688]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2019-03-19 97280]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2020-07-01 36864]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2020-07-01 1428992]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2020-07-01 99328]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2019-03-19 43008]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2019-03-19 64312]
S3 FreshIO;FreshIO; \??\C:\Program Files (x86)\FreshDevices\FreshDiagnose\FreshIO.sys [2004-10-26 2410]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_b9c53b80e63af230\genericusbfn.sys [2020-07-01 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2019-03-19 53560]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2020-10-14 64512]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2020-11-11 84280]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2019-03-19 28672]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2019-03-19 1866768]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2019-03-19 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2019-03-19 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2019-03-19 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2019-03-19 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2019-03-19 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2019-03-19 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2019-03-19 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2019-03-19 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [2019-03-19 180736]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [2019-03-19 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2019-03-19 566800]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2019-03-19 46592]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel Power Limit Driver; C:\WINDOWS\System32\drivers\intelpmax.sys [2019-03-19 28672]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2019-03-19 54584]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2019-03-19 535864]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2019-03-19 62264]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2020-07-01 359424]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2019-03-19 64512]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2019-03-19 1150480]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2019-03-19 153616]
S3 NDKPing;NDKPing Driver; C:\WINDOWS\system32\drivers\NDKPing.sys [2019-03-19 63488]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2019-03-19 187904]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2019-03-19 158520]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfdx64.sys [2012-06-11 26112]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2020-11-11 97088]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2019-03-19 127800]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2019-03-19 17408]
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [2019-03-19 25600]
S3 ptun0901;TAP Adapter V9 for Private Tunnel; C:\WINDOWS\System32\drivers\ptun0901.sys [2016-06-15 27136]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2020-07-01 986936]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2019-03-19 211456]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2019-03-19 113152]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2019-03-19 33592]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2019-03-19 32568]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2020-11-03 170056]
R2 AGMService;Adobe Genuine Monitor Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2020-09-23 3739728]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2020-09-23 3511376]
R2 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [2014-01-28 936728]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 CDPUserSvc_1ec100;Uživatelská služba platformy připojených zařízení_1ec100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 DbxSvc;DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [2020-12-01 44552]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2017-10-20 365040]
R2 OneSyncSvc_1ec100;Hostitel synchronizace_1ec100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 PDF Architect 5 Manager;PDF Architect 5 Manager; C:\Program Files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe [2017-05-16 985848]
R2 PDFsam Enhanced 4 Creator;PDFsam Enhanced 4 Creator; C:\Program Files\PDFsam Enhanced 4\creator-ws.exe [2017-08-02 757496]
R2 PDFsam Enhanced 5 Creator;PDFsam Enhanced 5 Creator; C:\Program Files\PDFsam Enhanced 5\creator\common\creator-ws.exe [2018-06-27 758600]
R2 PDFsam Enhanced 6 Update Service;PDFsam Enhanced 6 Update Service; C:\Program Files\PDFsam Enhanced 6\updater-ws.exe [2019-10-23 1716944]
R2 PDFsam Enhanced Creator;PDFsam Enhanced Creator; C:\Program Files\PDFsam Enhanced\creator-ws.exe [2016-07-06 734272]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 cbdhsvc_1ec100;Uživatelská služba schránky_1ec100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2020-07-01 43704]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 PDFsam Enhanced 6;PDFsam Enhanced 6; C:\Program Files\PDFsam Enhanced 6\ws.exe [2019-10-23 2464464]
R3 PimIndexMaintenanceSvc_1ec100;Data kontaktů_1ec100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2020-12-09 942104]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-09-09 143144]
S2 DroidExplorerService;DroidExplorer Service; C:\Program Files\Droid Explorer\DroidExplorer.Service.exe [2015-09-18 257024]
S2 edgeupdate;Služba Microsoft Edge Update (edgeupdate); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-06 224160]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-30 144200]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AarSvc_1ec100;Agent Activation Runtime_1ec100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-17 271960]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BcastDVRUserService_1ec100;Uživatelská služba pro GameDVR a vysílání her_1ec100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BluetoothUserService_1ec100;Služba pro podporu uživatelů Bluetooth_1ec100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 CaptureService_1ec100;CaptureService_1ec100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 ConsentUxUserSvc_1ec100;ConsentUX_1ec100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2017-10-20 494056]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2020-10-14 381656]
S3 CredentialEnrollmentManagerUserSvc_1ec100;CredentialEnrollmentManagerUserSvc_1ec100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2020-10-14 381656]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-09-09 143144]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DeviceAssociationBrokerSvc_1ec100;DeviceAssociationBroker_1ec100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicePickerUserSvc_1ec100;DevicePicker_1ec100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicesFlowUserSvc_1ec100;Tok zařízení_1ec100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DgnIndexingService;Bentley Dgn Index Service; C:\Program Files (x86)\Common Files\Bentley Shared\Dgn Index Service\DgnIndexServer.exe [2012-04-13 137728]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2020-09-08 97792]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2016-01-15 1369464]
S3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 edgeupdatem;Služba Microsoft Edge Update (edgeupdatem); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-06 224160]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\elevation_service.exe [2020-12-02 1426928]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-30 144200]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 MessagingService_1ec100;Služba zasílání zpráv_1ec100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 MicrosoftEdgeElevationService;Microsoft Edge Elevation Service; C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.60\elevation_service.exe [2020-12-12 1573776]
S3 MixedRealityOpenXRSvc;@%SystemRoot%\system32\MixedRealityRuntime.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2020-12-06 220368]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 PDFsam Enhanced 4;PDFsam Enhanced 4; C:\Program Files\PDFsam Enhanced 4\ws.exe [2017-08-02 2005744]
S3 PDFsam Enhanced 5;PDFsam Enhanced 5; C:\Program Files\PDFsam Enhanced 5\ws.exe [2018-06-27 2004808]
S3 PDFsam Enhanced 6 Creator;PDFsam Enhanced 6 Creator; C:\Program Files\PDFsam Enhanced 6\creator\common\creator-ws.exe [2019-10-23 577232]
S3 PDFsam Enhanced CrashHandler;PDFsam Enhanced CrashHandler; C:\Program Files\PDFsam Enhanced\crash-handler-ws.exe [2016-07-06 921664]
S3 PDFsam Enhanced;PDFsam Enhanced; C:\Program Files\PDFsam Enhanced\ws.exe [2016-07-06 2322496]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2019-03-19 103424]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PrintWorkflowUserSvc_1ec100;PrintWorkflow_1ec100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2019-03-19 1264128]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]

-----------------EOF-----------------

[Rudy]

Zdravím!
Dejte logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 . RSIT není s desítkami plně kompatibilní.

[misak35]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2020
Ran by misak (administrator) on MICHAL-PC (ASUS All Series) (15-12-2020 21:48:50)
Running from C:\Users\misak\Desktop
Loaded Profiles: misak
Platform: Windows 10 Home Version 1909 18363.1256 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Gaming Keyboard\Monitor.EXE
() [File not signed] C:\Program Files (x86)\Gaming Keyboard\OSD.exe
() [File not signed] C:\Windows\FixCamera.exe
(2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.) C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(ANDREA VACONDIO -> Andrea Vacondio) C:\Program Files\PDFsam Enhanced 4\creator-ws.exe
(ANDREA VACONDIO -> Andrea Vacondio) C:\Program Files\PDFsam Enhanced\creator-ws.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\111.4.472\QtWebEngineProcess.exe <2>
(Ghisler Software GmbH -> Ghisler Software GmbH) C:\Program Files (x86)\TC UP\TOTALCMD64.EXE
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <25>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(LENOVO -> Lenovo) [File not signed] C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(pdfforge GmbH -> © pdfforge GmbH.) C:\Program Files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio) C:\Program Files\PDFsam Enhanced 5\creator\common\creator-ws.exe
(SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio) C:\Program Files\PDFsam Enhanced 6\updater-ws.exe
(SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio) C:\Program Files\PDFsam Enhanced 6\ws.exe
(TC UP Team) [File not signed] C:\Program Files (x86)\TC UP\TCUP64.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8484056 2015-06-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [VICTORY Gaming Keyboard] => C:\Program Files (x86)\Gaming Keyboard\Monitor.exe [270336 2013-04-09] () [File not signed]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7992832 2020-12-01] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2012-09-25] () [File not signed]
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [FixCamera] => C:\WINDOWS\FixCamera.exe [20480 2007-02-12] () [File not signed]
HKLM-x32\...\Run: [tsnp325] => C:\WINDOWS\tsnp325.exe [270336 2007-04-21] () [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [TC UP] => C:\Program Files (x86)\TC UP\TCUP64.exe [1833472 2016-06-29] (TC UP Team) [File not signed]
HKLM-x32\...\Run: [MagicPlusHelper] => C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe [2499208 2016-07-08] (LENOVO -> Lenovo) [File not signed]
HKU\S-1-5-21-3050821526-3358219123-440924525-1001\...\Run: [uTorrent] => C:\Users\misak\AppData\Roaming\uTorrent\utorrent.exe [416168 2015-02-22] (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
HKU\S-1-5-21-3050821526-3358219123-440924525-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [50010064 2020-11-03] (Google LLC -> )
HKU\S-1-5-21-3050821526-3358219123-440924525-1001\...\Run: [VirtualDiskAutomount] => C:\Program Files (x86)\TC UP\PLUGINS\wfx\VirtualDisk\VirtualDisk.wfx [139264 2011-01-30] (CaptainFlint Software) [File not signed]
HKU\S-1-5-21-3050821526-3358219123-440924525-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4177784 2016-01-15] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-3050821526-3358219123-440924525-1001\...\Run: [Volume2] => C:\Users\misak\Desktop\Volume2\Volume2.exe [1577984 2016-02-10] (Irza Alexander) [File not signed]
HKU\S-1-5-21-3050821526-3358219123-440924525-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32414392 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\...\Print\Monitors\Bullzip PDF Print Monitor: C:\Program Files\Common Files\Bullzip\PDF Printer\Ports\BULLZIP\bzpdf.dll [219136 2015-08-27] (Bullzip) [File not signed]
HKLM\...\Print\Monitors\FPR8:: C:\WINDOWS\system32\fpmon8.dll [578264 2013-11-18] (FinePrint Software, LLC -> FinePrint Software, LLC)
HKLM\...\Print\Monitors\HP D811 Status Monitor: C:\WINDOWS\system32\hpinkstsD811LM.dll [393352 2017-04-05] (Hewlett Packard -> HP Inc.)
HKLM\...\Print\Monitors\PDFsam Enhanced 6 Monitor: C:\WINDOWS\system32\spool\DRIVERS\x64\pdfsam enhanced_pdfpmon_v.4.12.26.3.dll [932984 2020-02-09] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com))
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-06] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{B7724AE5-1135-4889-8A5F-CA98BE6CA1ED}] -> C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.CredentialProvider.dll [2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" "C:\Program Files\McAfee\TrueKey\McAfeeTrueKeyPasswordFilter"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TVR Scheduler.lnk [2017-11-04]
ShortcutTarget: TVR Scheduler.lnk -> C:\Program Files (x86)\honestech\honestech TVR 2.5\scheduleTV.exe () [File not signed]
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0CA1011A-3B17-4219-9D1C-D2895494F396} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {0F5FBB12-E7B2-44FA-A3BC-0CF1F18705BE} - System32\Tasks\vypnutí PC (příkaz) => C:\Windows\System32\shutdown.exe [26624 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {12B4EA3E-9D74-40D3-8FF8-90702843D072} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [126152 2020-04-22] (Mozilla Corporation -> Mozilla Foundation)
Task: {14C15532-66F6-48CD-AA80-D686E7783D67} - System32\Tasks\GoogleUpdateTaskMachineUA1d57d5c3a8e3610 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-30] (Google Inc -> Google Inc.)
Task: {41745E0F-0E62-4B3C-9DFE-F01767C24989} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4639280 2018-12-02] (McAfee, Inc. -> McAfee, Inc.)
Task: {4326ACD8-6562-495F-88F0-A03F8EED26A2} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {43958E43-6DF7-45D4-AA10-59C40EC304E8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4E168211-979D-4DC7-BE66-2E450975A429} - System32\Tasks\2BrightSparks\SyncBackFree\MICHAL-PC-misak\SyncBackFree => C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe [27620920 2018-02-01] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.)
Task: {5293340E-B8B2-4C52-AB60-51488559687B} - System32\Tasks\Opera scheduled Autoupdate 1451482647 => C:\Program Files (x86)\Opera\launcher.exe [1030744 2017-02-27] (Opera Software AS -> Opera Software)
Task: {556C8C28-4622-4F01-8F67-C5E1AE82E9E7} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-09] (Dropbox, Inc -> Dropbox, Inc.)
Task: {634A4774-F84E-4D45-B236-C172FE446447} - System32\Tasks\DropboxUpdateTaskMachineCore1d5d6cba22c2779 => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-09] (Dropbox, Inc -> Dropbox, Inc.)
Task: {65630535-93DA-4300-B89E-698C7123D2DA} - System32\Tasks\DropboxUpdateTaskMachineUA1d5d6cba2571108 => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-09] (Dropbox, Inc -> Dropbox, Inc.)
Task: {6FF748CA-638F-467E-96C5-11506ECBDA5A} - System32\Tasks\lenovo mobile auto run => C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe [2499208 2016-07-08] (LENOVO -> Lenovo) [File not signed]
Task: {710FA897-6B9E-489A-B887-82153A7763FD} - System32\Tasks\{D377ADF2-AAB3-4384-9D5F-0D27E181F873} => "c:\program files (x86)\google\chrome\application\chrome.exe" http://www.skype.com/go/downloading?sou ... tError=404
Task: {91A97EF3-EB6F-413E-BA0E-15193B19C4B9} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [271960 2017-03-17] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {96139FF0-81EB-4187-9CAF-91545BF055FF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {96DF6E9C-D34D-4011-9422-4E6E3041F3DE} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-09] (Dropbox, Inc -> Dropbox, Inc.)
Task: {9E1D5459-DDFD-46D2-AEA5-37BCA2768F2A} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {A9984137-99FA-4674-BBD0-1640975F199B} - System32\Tasks\GoogleUpdateTaskMachineCore1d57d5c3a78c14c => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-30] (Google Inc -> Google Inc.)
Task: {AFAED719-3667-40B5-88B1-22A3126D0A12} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_25_0_0_127_pepper.exe [1277016 2017-03-17] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {BC4E4EE8-DBCE-4143-8583-5569E4DC52D8} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-09-18] (Avast Software s.r.o. -> Avast Software)
Task: {BE0758B3-4763-4DB1-B607-C907C428CB46} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BF3ECD0D-3DA0-4EA6-A1C1-53C7AE103C5A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {C85DFAD5-7BD6-4063-9227-43E174F6A5A3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-30] (Google Inc -> Google Inc.)
Task: {C88835A3-FBEA-4441-911D-89E329E15932} - System32\Tasks\2BrightSparks\SyncBackFree\MICHAL-PC-misak\SyncBackFree metrix => C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe [27620920 2018-02-01] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.)
Task: {D7C05AA1-BBAA-4D11-9571-93BAACE7A45D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F93D4FC7-34D5-4BED-8525-175D91A0E226} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-30] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore1d5d6cba22c2779.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA1d5d6cba2571108.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4460aeae-148b-4aaf-886a-f14fc94b3afb}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{7d9f608b-68cd-421a-a496-7eee047af1f2}: [DhcpNameServer] 192.168.0.1

Edge:
======
Edge Profile: C:\Users\misak\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-13]

FireFox:
========
FF DefaultProfile: 4dczc3fl.default
FF ProfilePath: C:\Users\misak\AppData\Roaming\Mozilla\Firefox\Profiles\4dczc3fl.default [2020-12-15]
FF DownloadDir: S:\_seriály\Skrytá vášeň
FF Extension: (Seznam pro Firefox - Email) - C:\Users\misak\AppData\Roaming\Mozilla\Firefox\Profiles\4dczc3fl.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2017-11-29]
FF HKLM\...\Firefox\Extensions: [pdfsam_enhanced_conv@pdfsam.com] - C:\Program Files\PDFsam Enhanced\resources\pdfsamenhancedfirefoxextension
FF Extension: (PDFsam Enhanced Creator) - C:\Program Files\PDFsam Enhanced\resources\pdfsamenhancedfirefoxextension [2016-11-23] [Legacy] [not signed]
FF HKLM\...\Firefox\Extensions: [pdfsam_enhanced6_conv@pdfsam.com] - C:\Program Files\PDFsam Enhanced 6\creator\plugins\FirefoxAddin\pdfsam_enhanced6_conv@pdfsam.com.xpi
FF Extension: (PDFsam Enhanced 6 Creator) - C:\Program Files\PDFsam Enhanced 6\creator\plugins\FirefoxAddin\pdfsam_enhanced6_conv@pdfsam.com.xpi [2019-10-17]
FF HKLM-x32\...\Firefox\Extensions: [pdfsam_enhanced6_conv@pdfsam.com] - C:\Program Files\PDFsam Enhanced 6\creator\plugins\FirefoxAddin\pdfsam_enhanced6_conv@pdfsam.com.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-16] (Adobe Systems Incorporated -> )
FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin: PDFsam Enhanced 5 -> C:\Program Files\PDFsam Enhanced 5\np-previewer.dll [2018-06-27] (SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-16] (Adobe Systems Incorporated -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: PDFsam Enhanced -> C:\Program Files (x86)\PDFsam Enhanced\np-previewer.dll [2016-07-06] (ANDREA VACONDIO -> Andrea Vacondio)
FF Plugin-x32: PDFsam Enhanced 4 -> C:\Program Files (x86)\PDFsam Enhanced 4\np-previewer.dll [2017-08-02] (ANDREA VACONDIO -> Andrea Vacondio)

Chrome:
=======
CHR Profile: C:\Users\misak\AppData\Local\Google\Chrome\User Data\Default [2020-12-15]
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Extension: (Prezentace) - C:\Users\misak\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-09-15]
CHR Extension: (h264ify) - C:\Users\misak\AppData\Local\Google\Chrome\User Data\Default\Extensions\aleakchihdccplidncghkekgioiakgal [2019-09-15]
CHR Extension: (Dokumenty) - C:\Users\misak\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-09-15]
CHR Extension: (Disk Google) - C:\Users\misak\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-29]
CHR Extension: (Seznam doplněk - Email) - C:\Users\misak\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2020-04-08]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\misak\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2019-10-12]
CHR Extension: (YouTube) - C:\Users\misak\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-09-15]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\misak\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-12-15]
CHR Extension: (Tampermonkey) - C:\Users\misak\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2020-11-23]
CHR Extension: (Dark Reader) - C:\Users\misak\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2020-12-06]
CHR Extension: (Tabulky) - C:\Users\misak\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-09-15]
CHR Extension: (ZyXEL NAS Link Capture) - C:\Users\misak\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjchadhilcichebeadpoppalaidalfcg [2019-09-15]
CHR Extension: (Vzdálená plocha Chrome) - C:\Users\misak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-09-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\misak\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-23]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\misak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-12-14]
CHR Extension: (Reklamy blokátor pro YouTube ™) - C:\Users\misak\AppData\Local\Google\Chrome\User Data\Default\Extensions\hflefjhkfeiaignkclmphmokmmbhbhik [2019-09-15]
CHR Extension: (Google Keep – poznámky a seznamy) - C:\Users\misak\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2020-12-13]
CHR Extension: (CrxMouse Chrome™ Gestures) - C:\Users\misak\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlgkpaicikihijadgifklkbpdajbkhjo [2020-03-14]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\misak\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2020-10-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\misak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-06]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\misak\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2020-04-08]
CHR Extension: (Gmail) - C:\Users\misak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-29]
CHR Extension: (Chrome Media Router) - C:\Users\misak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-25]
CHR Profile: C:\Users\misak\AppData\Local\Google\Chrome\User Data\System Profile [2020-12-13]
CHR HKU\S-1-5-21-3050821526-3358219123-440924525-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

Opera:
=======
OPR DownloadDir: E:\_seriály\Skrytá vášeň

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [271960 2017-03-17] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-28] (ASUSTeK Computer Inc. -> )
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-09] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-09] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44552 2020-12-01] (Dropbox, Inc -> Dropbox, Inc.)
S3 DgnIndexingService; C:\Program Files (x86)\Common Files\Bentley Shared\Dgn Index Service\DgnIndexServer.exe [137728 2012-04-13] (Bentley Systems Inc.) [File not signed]
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1369464 2016-01-15] (Disc Soft Ltd -> Disc Soft Ltd)
S2 DroidExplorerService; C:\Program Files\Droid Explorer\DroidExplorer.Service.exe [257024 2015-09-18] (Ryan Conrad) [File not signed]
R2 PDF Architect 5 Manager; C:\Program Files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe [985848 2017-05-16] (pdfforge GmbH -> © pdfforge GmbH.)
S3 PDFsam Enhanced; C:\Program Files\PDFsam Enhanced\ws.exe [2322496 2016-07-06] (ANDREA VACONDIO -> Andrea Vacondio)
S3 PDFsam Enhanced 4; C:\Program Files\PDFsam Enhanced 4\ws.exe [2005744 2017-08-02] (ANDREA VACONDIO -> Andrea Vacondio)
R2 PDFsam Enhanced 4 Creator; C:\Program Files\PDFsam Enhanced 4\creator-ws.exe [757496 2017-08-02] (ANDREA VACONDIO -> Andrea Vacondio)
S3 PDFsam Enhanced 5; C:\Program Files\PDFsam Enhanced 5\ws.exe [2004808 2018-06-27] (SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio)
R2 PDFsam Enhanced 5 Creator; C:\Program Files\PDFsam Enhanced 5\creator\common\creator-ws.exe [758600 2018-06-27] (SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio)
R3 PDFsam Enhanced 6; C:\Program Files\PDFsam Enhanced 6\ws.exe [2464464 2019-10-23] (SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio)
S3 PDFsam Enhanced 6 Creator; C:\Program Files\PDFsam Enhanced 6\creator\common\creator-ws.exe [577232 2019-10-23] (SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio)
R2 PDFsam Enhanced 6 Update Service; C:\Program Files\PDFsam Enhanced 6\updater-ws.exe [1716944 2019-10-23] (SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio)
S3 PDFsam Enhanced CrashHandler; C:\Program Files\PDFsam Enhanced\crash-handler-ws.exe [921664 2016-07-06] (ANDREA VACONDIO -> Andrea Vacondio)
R2 PDFsam Enhanced Creator; C:\Program Files\PDFsam Enhanced\creator-ws.exe [734272 2016-07-06] (ANDREA VACONDIO -> Andrea Vacondio)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12720144 2020-11-18] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 TrueKey; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe [421432 2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
R2 TrueKeyScheduler; C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe [421432 2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
R2 TrueKeyServiceHelper; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe [194168 2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-28] (ASUSTeK Computer Inc. -> )
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-02-29] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-02-29] (Disc Soft Ltd -> Disc Soft Ltd)
S3 FreshIO; C:\Program Files (x86)\FreshDevices\FreshDiagnose\FreshIO.sys [2410 2004-10-26] () [File not signed]
S2 Hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [296448 2005-06-14] (Aladdin Knowledge Systems Ltd.) [File not signed]
S3 pccsmcfd; C:\WINDOWS\system32\DRIVERS\pccsmcfdx64.sys [26112 2012-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 ptun0901; C:\WINDOWS\System32\drivers\ptun0901.sys [27136 2016-06-15] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2017-10-10] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [222872 2018-06-29] (Oracle Corporation -> Oracle Corporation)
R1 VD_FileDisk; C:\Windows\System32\Drivers\VD_FileDisk.sys [30312 2011-01-26] (Ghisler Software GmbH -> CaptainFlint Software)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-12-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-12-06] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-06] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-12-15 21:48 - 2020-12-15 21:50 - 000031265 _____ C:\Users\misak\Desktop\FRST.txt
2020-12-15 21:47 - 2020-12-15 21:47 - 002286592 _____ (Farbar) C:\Users\misak\Desktop\FRST64.exe
2020-12-14 15:08 - 2020-12-14 15:08 - 001222144 _____ C:\Users\misak\Downloads\RSITx64 (1).exe
2020-12-13 11:48 - 2020-12-13 13:37 - 000000000 ____D C:\ProgramData\AVG
2020-12-13 11:47 - 2020-12-13 11:47 - 030536752 _____ (Piriform Software Ltd) C:\Users\misak\Downloads\ccsetup575.exe
2020-12-09 19:22 - 2020-12-09 19:22 - 002045952 _____ C:\WINDOWS\system32\rdpnano.dll
2020-12-09 19:22 - 2020-12-09 19:22 - 001756600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-09 19:22 - 2020-12-09 19:22 - 001366144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-09 19:22 - 2020-12-09 19:22 - 000171008 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2020-12-09 19:22 - 2020-12-09 19:22 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-09 19:22 - 2020-12-09 19:22 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-09 19:22 - 2020-12-09 19:22 - 000059392 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-09 19:22 - 2020-12-09 19:22 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-09 19:22 - 2020-12-09 19:22 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth14.bin
2020-12-09 19:22 - 2020-12-09 19:22 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth13.bin
2020-12-09 19:22 - 2020-12-09 19:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-12-09 19:22 - 2020-12-09 19:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-12-09 19:22 - 2020-12-09 19:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-12-09 19:22 - 2020-12-09 19:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-12-09 19:22 - 2020-12-09 19:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-12-09 19:22 - 2020-12-09 19:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-12-09 19:22 - 2020-12-09 19:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-12-09 19:22 - 2020-12-09 19:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-12-09 19:22 - 2020-12-09 19:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2020-12-09 19:22 - 2020-12-09 19:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2020-12-09 19:22 - 2020-12-09 19:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2020-12-09 19:22 - 2020-12-09 19:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2020-12-09 19:22 - 2020-12-09 19:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-12-09 19:22 - 2020-12-09 19:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-12-09 19:22 - 2020-12-09 19:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-12-09 19:22 - 2020-12-09 19:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-12-06 16:03 - 2020-12-06 16:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-12-06 15:50 - 2020-12-07 17:30 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2020-12-06 15:36 - 2020-12-13 11:57 - 000000000 ____D C:\WINDOWS\Minidump
2020-12-01 23:10 - 2020-12-01 23:10 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2020-12-01 23:10 - 2020-12-01 23:10 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2020-12-01 23:10 - 2020-12-01 23:10 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2020-12-01 23:10 - 2020-12-01 23:10 - 000044552 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-12-15 21:49 - 2017-12-18 14:45 - 000000000 ____D C:\FRST
2020-12-15 21:46 - 2020-07-01 00:11 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-15 21:46 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-15 18:17 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-15 18:17 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-12-15 16:14 - 2020-07-01 00:49 - 000004198 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{FF8153D5-DC6A-450B-9DF4-76BF49748363}
2020-12-15 15:07 - 2015-12-30 12:43 - 000000000 ____D C:\Program Files\CCleaner
2020-12-14 15:21 - 2019-10-04 03:59 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-12-14 15:21 - 2019-10-04 03:59 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-12-14 15:13 - 2017-09-06 18:30 - 000000000 ____D C:\Users\misak\AppData\Local\CrashDumps
2020-12-14 15:13 - 2016-01-09 16:44 - 000000000 ____D C:\Users\misak\AppData\Roaming\uTorrent
2020-12-14 15:09 - 2016-11-18 10:59 - 000000000 ____D C:\Program Files\trend micro
2020-12-13 17:31 - 2017-05-12 12:02 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2020-12-13 17:31 - 2015-12-30 12:38 - 000000000 __SHD C:\Users\misak\IntelGraphicsProfiles
2020-12-13 17:30 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-12-13 13:38 - 2020-07-01 00:49 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-12-13 13:38 - 2015-12-30 12:58 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-12-13 13:37 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-12-13 12:24 - 2018-07-18 10:41 - 000000000 ____D C:\Users\misak\AppData\Local\AVAST Software
2020-12-13 12:07 - 2017-09-29 08:09 - 000000000 ____D C:\Users\misak\Documents\ccleaner zaloha registru
2020-12-13 12:04 - 2015-12-30 13:02 - 000000000 ____D C:\Users\misak\AppData\Roaming\TeamViewer
2020-12-13 11:57 - 2020-06-13 17:58 - 000000000 ___DC C:\WINDOWS\Panther
2020-12-13 11:50 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-12-13 11:49 - 2017-08-31 08:00 - 000000000 ____D C:\TEMP
2020-12-13 11:48 - 2020-07-01 00:49 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-12-13 11:48 - 2017-09-03 08:49 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-12-13 11:48 - 2017-09-03 08:49 - 000000863 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-12-13 11:39 - 2017-10-19 08:01 - 000000000 ___RD C:\Users\misak\3D Objects
2020-12-13 11:39 - 2015-12-01 02:54 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-12-12 01:41 - 2020-06-06 17:16 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-12 01:41 - 2020-06-06 17:16 - 000002257 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-12-12 01:41 - 2020-06-06 17:16 - 000002257 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-12-11 00:26 - 2020-07-01 00:31 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-11 00:26 - 2019-03-19 12:55 - 000716944 _____ C:\WINDOWS\system32\perfh005.dat
2020-12-11 00:26 - 2019-03-19 12:55 - 000145024 _____ C:\WINDOWS\system32\perfc005.dat
2020-12-11 00:23 - 2020-07-01 00:18 - 000000000 ____D C:\Users\krcma
2020-12-11 00:22 - 2020-07-01 00:10 - 000500112 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-11 00:21 - 2016-01-03 13:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-12-11 00:19 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-12-11 00:19 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-11 00:19 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-11 00:19 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-12-11 00:19 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-11 00:19 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-12-11 00:19 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-11 00:19 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-11 00:19 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-10 18:13 - 2020-06-09 18:07 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-12-09 19:30 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-07 17:47 - 2019-09-15 10:01 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-12-07 17:47 - 2019-09-15 10:01 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-12-07 17:47 - 2019-09-15 10:01 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-12-07 17:31 - 2017-02-16 20:33 - 000000000 ____D C:\Users\misak\AppData\LocalLow\Mozilla
2020-12-07 17:30 - 2016-01-03 13:29 - 000001278 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2020-12-06 16:05 - 2020-07-01 00:49 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-12-06 16:05 - 2020-07-01 00:49 - 000003502 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA1d57d5c3a8e3610
2020-12-06 16:05 - 2020-07-01 00:49 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-12-06 16:05 - 2020-07-01 00:49 - 000003378 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore1d57d5c3a78c14c
2020-12-06 16:04 - 2016-09-09 09:56 - 000000000 ____D C:\Program Files (x86)\Dropbox
2020-12-06 15:52 - 2018-02-28 08:25 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-11-25 17:22 - 2020-07-01 00:49 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-11-20 18:24 - 2020-09-30 00:50 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2020-11-15 10:14 - 2015-12-30 14:11 - 000000000 ____D C:\VKM5
2020-11-15 10:04 - 2017-08-31 08:56 - 000000000 ____D C:\Users\misak\Documents\GtechCz

==================== Files in the root of some directories ========

2017-06-27 12:45 - 2017-06-27 12:45 - 000000087 _____ () C:\Users\misak\AppData\Roaming\1de0de73-de3e-46c6-81b0-f6455f081644
2016-09-30 11:27 - 2016-09-30 11:27 - 000000050 _____ () C:\Users\misak\AppData\Roaming\Camdata.ini
2016-09-30 11:27 - 2016-09-30 11:27 - 000000408 _____ () C:\Users\misak\AppData\Roaming\CamLayout.ini
2016-09-30 11:27 - 2016-09-30 11:27 - 000000408 _____ () C:\Users\misak\AppData\Roaming\CamShapes.ini
2016-09-30 11:27 - 2016-09-30 11:27 - 000004521 _____ () C:\Users\misak\AppData\Roaming\CamStudio.cfg
2017-03-10 15:06 - 2020-02-23 11:40 - 000099384 _____ () C:\Users\misak\AppData\Roaming\inst.exe
2017-03-10 15:06 - 2020-02-23 11:40 - 000007859 _____ () C:\Users\misak\AppData\Roaming\pcouffin.cat
2017-03-10 15:06 - 2020-02-23 11:40 - 000001167 _____ () C:\Users\misak\AppData\Roaming\pcouffin.inf
2017-03-10 15:06 - 2020-02-23 11:40 - 000000055 _____ () C:\Users\misak\AppData\Roaming\pcouffin.log
2017-03-10 15:06 - 2020-02-23 11:40 - 000082816 _____ (VSO Software) C:\Users\misak\AppData\Roaming\pcouffin.sys
2017-03-10 14:12 - 2017-03-10 15:00 - 000008192 _____ () C:\Users\misak\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-09-27 17:17 - 2020-11-20 18:04 - 000001845 _____ () C:\Users\misak\AppData\Local\oobelibMkey.log
2019-03-03 19:37 - 2019-03-03 19:37 - 000000927 _____ () C:\Users\misak\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2020
Ran by misak (15-12-2020 21:54:56)
Running from C:\Users\misak\Desktop
Windows 10 Home Version 1909 18363.1256 (X64) (2020-06-30 23:50:40)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3050821526-3358219123-440924525-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3050821526-3358219123-440924525-503 - Limited - Disabled)
Guest (S-1-5-21-3050821526-3358219123-440924525-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3050821526-3358219123-440924525-1007 - Limited - Enabled)
krcma (S-1-5-21-3050821526-3358219123-440924525-1005 - Limited - Enabled) => C:\Users\krcma
ludmi (S-1-5-21-3050821526-3358219123-440924525-1004 - Limited - Disabled)
misak (S-1-5-21-3050821526-3358219123-440924525-1001 - Administrator - Enabled) => C:\Users\misak
WDAGUtilityAccount (S-1-5-21-3050821526-3358219123-440924525-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DMark06 (HKLM-x32\...\{7F3AD00A-1819-4B15-BB7D-08B3586336D7}) (Version: 1.1.0 - Futuremark)
ABRA FlexiBee (HKLM-x32\...\WinStrom 10) (Version: - FlexiBee Systems s.r.o.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Adobe Flash Player 25 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0_1) (Version: 18.0.1 - Adobe Systems Incorporated)
Any DVD Converter Professional 6.2.2 (HKLM-x32\...\Any DVD Converter Professional_is1) (Version: - Any-DVD-Converter.com)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Audiograbber 1.83 SE (HKLM-x32\...\Audiograbber) (Version: 1.83 SE - Audiograbber)
Backup and Sync from Google (HKLM\...\{3A8CD593-8CF9-45B4-9932-FC41CBC14E15}) (Version: 3.53.3404.7585 - Google, Inc.)
Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
BdeD7 (HKLM-x32\...\{B02A434C-4B77-4C86-B30D-EC75BED719AD}) (Version: 1.00.0000 - ZKGEO)
Bentley DGN IFilter (HKLM\...\{2E873893-A883-4C06-8308-7B491D58F3D6}) (Version: 1.0.1.11 - Bentley Systems, Incorporated)
Bentley DGN Index Service (HKLM-x32\...\{A753B088-3FCE-4F1C-BF92-8E6931DE261E}) (Version: 08.11.09030 - Bentley Systems, Incorporated)
Bentley DGN Preview Handler (HKLM-x32\...\{264B522D-1B7F-4AAF-A32B-55A6BF5679F2}) (Version: 8.11.8004 - Bentley Systems, Incorporated)
Bentley DGN Thumbnail Provider (HKLM\...\{74A8C1AF-75E5-4653-95AF-222725B7D877}) (Version: 8.11.7.410 - Bentley Systems, Incorporated)
Bentley V8i (SELECTseries 3) - Autodesk® RealDWG™ 2012 (HKLM-x32\...\{23D46254-9D4C-446C-900A-F53AF1D12A90}) (Version: 8.11.9.357 - Bentley Systems, Incorporated)
Bentley V8i (SELECTseries 3) - Autodesk® RealDWG™ 2013 (HKLM-x32\...\{9E55146A-4686-476F-8999-F0760A99EC39}) (Version: 08.11.09.357 - Bentley Systems, Incorporated)
Brother BRAdmin Light 1.29.0000 (HKLM-x32\...\{DB75941E-30C4-4D97-B000-D17C764B998C}) (Version: 1.29.0000 - Brother)
Brother MFL-Pro Suite MFC-6490CW (HKLM-x32\...\{20E970DF-A7B2-4345-9DEB-72213A29645E}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
Bullzip PDF Printer 10.19.0.2457 (HKLM\...\Bullzip PDF Printer_is1) (Version: 10.19.0.2457 - Bullzip)
Call of Duty 4 - Modern Warfare verze 1.7 (HKLM-x32\...\{826D7727-6105-4C5D-A049-E4BADBC8BAAB}_is1) (Version: 1.7 - tomi2k9)
CamStudio 2.7 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7 - CamStudio Open Source)
CCleaner (HKLM\...\CCleaner) (Version: 5.75 - Piriform)
CONNECTION client (HKLM\...\{D03E0EB3-5E30-3271-A152-7B736DD0E711}) (Version: 10.00.04.021 - Bentley Systems, Incorporated) Hidden
CONNECTION client (HKLM-x32\...\{44c537c4-45cf-4df2-b42e-252dc7a25112}) (Version: 10.0.4.21 - Bentley Systems, Incorporated)
CONNECTION client Czech-Language Pack (HKLM\...\{5629A17A-9348-37E9-960D-0A31B95CB975}) (Version: 10.00.04.024 - Bentley Systems, Incorporated) Hidden
CONNECTION client Czech-Language pack (HKLM-x32\...\{f35def82-7450-440f-81f7-aad6c66d7424}) (Version: 10.0.4.24 - Bentley Systems, Incorporated)
Convert WAV To MP3 1.0 (HKLM-x32\...\Convert WAV To MP3_is1) (Version: - A Software Plus)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0115 - Disc Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0002 - Microsoft Corporation)
Droid Explorer 0.9.0.4 (x64) (HKLM\...\{0716A981-E2D4-44B1-B940-EDA12E38699F}) (Version: 0.9.0.4 - Ryan Conrad)
Dropbox (HKLM-x32\...\Dropbox) (Version: 111.4.472 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.377.1 - Dropbox, Inc.) Hidden
DVDFab 10.0.3.9 (16/05/2017) (HKLM-x32\...\DVDFab 10) (Version: 10.0.3.9 - Fengtao Software Inc.)
Etcher 1.3.1 (only current user) (HKU\S-1-5-21-3050821526-3358219123-440924525-1001\...\573339af-d9e1-5dd3-804c-e0162fac1f41) (Version: 1.3.1 - Resin Inc.)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
FinePrint (HKLM\...\FinePrint) (Version: 8.01 - FinePrint Software, LLC)
Free Business Card Maker (HKLM-x32\...\{F269168D-3E36-44A5-A3FE-5F0682752BED}) (Version: 1.0.0 - Media Freeware)
FreshDiagnose (HKLM-x32\...\FreshDevices - FreshDiagnose_is1) (Version: - )
Fushicai VIDEO DVR (HKLM-x32\...\{989BAFE8-E777-43D7-9749-9810E0E9FF48}) (Version: 2013.5.6 - Fushicai)
Gaming Keyboard Driver (HKLM-x32\...\{B3CDED64-7DC2-429D-A325-BBC3CF793AA6}) (Version: 1.0 - Senbiz)
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
hama PC-Webcam AC-140 (HKLM-x32\...\{F9466082-90E9-4BE4-92F0-CF0AF195B0CF}) (Version: 0.1.0.000 - Sonix)
HDR Preview (HKLM\...\{9F7815C9-A323-4215-905C-73137D21BCC0}) (Version: 1.0.0.2 - Bentley Systems, Incorporated)
honestechTVR2.5 (HKLM-x32\...\{ABADD11D-1B48-4F23-BEBA-6B22CE8F5E58}) (Version: 2.5 - honestech)
honestechTVR2.5 (HKLM-x32\...\{B1DE0E2A-C1B1-4A61-A622-1F52CB37B183}) (Version: 2.5 - honestech) Hidden
i-model ODBC Driver for Windows 7 (HKLM-x32\...\{775616F7-2D4C-4D73-8773-A66C0BCECB38}) (Version: 01.00.00020 - Bentley Systems, Incorporated)
i-model ODBC Driver for Windows 7 (x64) (HKLM\...\{454AD0FD-21D2-4E73-99E9-A40CAC75A636}) (Version: 01.00.00020 - Bentley Systems, Incorporated)
Intel(R) Chipset Device Software (HKLM-x32\...\{d4874f67-8c81-475b-91e0-8de9b2892499}) (Version: 10.1.1.12 - Intel(R) Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
Java 8 Update 151 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Jihosoft ISO Maker version 3.0 (HKLM-x32\...\{FA289A40-0F71-428E-B3A2-546EDC04DB93}_is1) (Version: 3.0 - Jihosoft Studio)
Lame ACM MP3 Codec (HKLM-x32\...\LameACM) (Version: - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Lenovo Phone Manager (HKLM-x32\...\{63190DFB-529A-4F6E-B6E6-A207712256F4}) (Version: 1.4.1.14211 - Lenovo)
LibreOffice 6.0 Help Pack (Czech) (HKLM\...\{2399A9CD-148D-4BE2-9C56-F712AFF3B8AD}) (Version: 6.0.2.1 - The Document Foundation)
LibreOffice 6.0.5.2 (HKLM\...\{9645CDEF-085C-45F7-A3CD-B4B7046EF78C}) (Version: 6.0.5.2 - The Document Foundation)
Livestream Procaster (HKLM-x32\...\{68E4C751-272B-44E1-94C7-4E1FDC40F7DA}) (Version: 20.3.25 - Procaster)
Manager (HKLM-x32\...\{8DED36D9-54D6-4127-A112-5A1BA1CDD66B}) (Version: 5.0.26.33533 - 2017 pdfforge GmbH. All rights reserved) Hidden
McAfee True Key (HKLM\...\TrueKey) (Version: 5.3.138.1 - McAfee, LLC)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.60 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft OneDrive (HKU\S-1-5-21-3050821526-3358219123-440924525-1001\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MicroStation V8i (SELECTseries 3) 08.11.09.357 (HKLM-x32\...\{37E6B330-81D1-4318-9B0B-95169F60D8E7}) (Version: 08.11.09.357 - Bentley Systems, Incorporated)
MKVToolNix 15.0.0 (32-bit) (HKLM-x32\...\MKVToolNix) (Version: 15.0.0 - Moritz Bunkus)
Mozilla Firefox 75.0 (x64 cs) (HKLM\...\Mozilla Firefox 75.0 (x64 cs)) (Version: 75.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 78.5.0.7639 - Mozilla)
Mozilla Thunderbird 78.5.1 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 78.5.1 (x86 cs)) (Version: 78.5.1 - Mozilla)
MSVC80_x64_v2 (HKLM\...\{4D668D4F-FAA2-4726-834C-31F4614F312E}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (HKLM-x32\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.8 - F.J. Wechselberger)
NAS Starter Utility (HKLM-x32\...\NAS Starter Utility) (Version: - ZyXEL)
Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
NVIDIA PhysX (HKLM-x32\...\{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}) (Version: 9.10.0514 - NVIDIA Corporation)
Opera Stable 43.0.2442.1144 (HKLM-x32\...\Opera 43.0.2442.1144) (Version: 43.0.2442.1144 - Opera Software)
Oracle VM VirtualBox 5.2.14 (HKLM\...\{BEE6540B-718F-4E91-8166-BB101FCCD070}) (Version: 5.2.14 - Oracle Corporation)
Paragon Partition Manager™ 15 Professional -nSane- (HKLM\...\{A35001F0-F1E4-11DD-A38B-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PC Connectivity Solution (HKLM-x32\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
PDFsam Basic (HKLM\...\{545E19E6-FB13-493C-B515-B49DA3BD2B46}) (Version: 4.1.1.0 - Sober Lemur S.a.s. di Vacondio Andrea)
PDFsam Enhanced (HKLM-x32\...\PDFsam Enhanced) (Version: 3.0.31.29080 - Copyright 2015 Andrea Vacondio)
PDFsam Enhanced 4 (HKLM-x32\...\PDFsam Enhanced 4) (Version: 4.0.3.32301 - Copyright 2017 Andrea Vacondio)
PDFsam Enhanced 4 Asian Fonts Pack (HKLM\...\{23186912-8615-4924-B677-D032739A0861}) (Version: 4.1.11.34362 - Andrea Vacondio) Hidden
PDFsam Enhanced 4 Convert Module (HKLM\...\{82E16ABB-95AB-43E7-A402-1638B03C8391}) (Version: 4.1.11.34362 - Andrea Vacondio) Hidden
PDFsam Enhanced 4 Create Module (HKLM\...\{DB8BDD2C-FA37-4B7C-B43A-443FB1D268F6}) (Version: 4.1.11.34362 - Andrea Vacondio) Hidden
PDFsam Enhanced 4 Edit Module (HKLM\...\{93082EB3-E24B-44A0-9ACB-F1F700F8977F}) (Version: 4.1.11.34362 - Andrea Vacondio) Hidden
PDFsam Enhanced 4 Forms Module (HKLM\...\{D66F2332-0894-4B48-99E7-3C25C108ECE8}) (Version: 4.1.11.34362 - Andrea Vacondio) Hidden
PDFsam Enhanced 4 Insert Module (HKLM\...\{57DCEFC3-54A2-40C8-B833-3CAE945FFC0C}) (Version: 4.1.11.34362 - Andrea Vacondio) Hidden
PDFsam Enhanced 4 OCR Module (HKLM\...\{41B8D2E1-47FC-4BB4-A4EA-BC2F1471996D}) (Version: 4.1.11.34362 - Andrea Vacondio) Hidden
PDFsam Enhanced 4 Review Module (HKLM\...\{A8BEAD35-464C-459E-B572-06CF3270370D}) (Version: 4.1.11.34362 - Andrea Vacondio) Hidden
PDFsam Enhanced 4 Secure Module (HKLM\...\{C66640E8-BAEB-43FB-BE87-C184E866405F}) (Version: 4.1.11.34362 - Andrea Vacondio) Hidden
PDFsam Enhanced 4 View Module (HKLM\...\{193A600E-D248-4D12-95BE-8FD5B25DD0AD}) (Version: 4.1.11.34362 - Andrea Vacondio) Hidden
PDFsam Enhanced 5 (HKLM-x32\...\PDFsam Enhanced 5) (Version: 5.0.21.675 - SOBER LEMUR SAS DI VACONDIO ANDREA)
PDFsam Enhanced 5 Asian Fonts Pack (HKLM\...\{F6F33FB8-7590-4BE0-B035-9C5585240CB4}) (Version: 5.0.19.38650 - Andrea Vacondio) Hidden
PDFsam Enhanced 5 Convert Module (HKLM\...\{CDEC48A9-3B47-4D96-9F83-6CDC3B44CC45}) (Version: 5.0.19.38650 - Andrea Vacondio) Hidden
PDFsam Enhanced 5 Create Module (HKLM\...\{F94AA218-F7A7-4A9C-B51D-B19FE160E9BC}) (Version: 5.0.19.38650 - Andrea Vacondio) Hidden
PDFsam Enhanced 5 Edit Module (HKLM\...\{F6D4013F-76FA-4D2A-A16E-0311339F5FB1}) (Version: 5.0.19.38650 - Andrea Vacondio) Hidden
PDFsam Enhanced 5 Forms Module (HKLM\...\{87352A7C-B62E-457E-A175-7923944BCE5E}) (Version: 5.0.19.38650 - Andrea Vacondio) Hidden
PDFsam Enhanced 5 Insert Module (HKLM\...\{C0C46B7D-71DA-4068-8369-799065DC8366}) (Version: 5.0.19.38650 - Andrea Vacondio) Hidden
PDFsam Enhanced 5 Review Module (HKLM\...\{DF27981F-0014-4E6C-AD66-11CF6B786624}) (Version: 5.0.19.38650 - Andrea Vacondio) Hidden
PDFsam Enhanced 5 Secure Module (HKLM\...\{FF829A00-07FF-46C9-AC34-0F04299001A3}) (Version: 5.0.19.38650 - Andrea Vacondio) Hidden
PDFsam Enhanced 5 View Module (HKLM\...\{1408D07C-5699-4894-94FE-054302B0B603}) (Version: 5.0.19.38650 - Andrea Vacondio) Hidden
PDFsam Enhanced 6 (HKLM-x32\...\PDFsam Enhanced 6) (Version: 6.1.12.1769 - SOBER LEMUR SAS DI VACONDIO ANDREA)
PDFsam Enhanced 6 Asian Fonts Pack (HKLM\...\{AD872FD7-E383-4730-90DD-DBC6085FA707}) (Version: 6.1.14.5050 - Andrea Vacondio) Hidden
PDFsam Enhanced 6 Convert Module (HKLM\...\{97B3B4E7-98E4-496D-978E-7846D01DA279}) (Version: 6.1.14.5050 - Andrea Vacondio) Hidden
PDFsam Enhanced 6 Create Module (HKLM\...\{AB55FD1D-9E1F-4606-8587-B8548C72DB6A}) (Version: 6.1.14.5050 - Andrea Vacondio) Hidden
PDFsam Enhanced 6 Edit Module (HKLM\...\{3EB8F0AB-575B-4EC3-8011-F35E3CA6BA7E}) (Version: 6.1.14.5050 - Andrea Vacondio) Hidden
PDFsam Enhanced 6 Forms Module (HKLM\...\{FD343EE1-C0AB-432E-8777-2F3B5F0C9E1B}) (Version: 6.1.14.5050 - Andrea Vacondio) Hidden
PDFsam Enhanced 6 Insert Module (HKLM\...\{4CEFA15B-4CEF-42C1-833E-E5305F9B4BEA}) (Version: 6.1.14.5050 - Andrea Vacondio) Hidden
PDFsam Enhanced 6 Review Module (HKLM\...\{F96CE21B-3FD4-49CB-AEED-A65702CE4D03}) (Version: 6.1.14.5050 - Andrea Vacondio) Hidden
PDFsam Enhanced 6 Secure Module (HKLM\...\{78B8FA91-2850-465D-8D8F-7DD46EDA98C6}) (Version: 6.1.14.5050 - Andrea Vacondio) Hidden
PDFsam Enhanced 6 View Module (HKLM\...\{4ABC92E5-382F-4E49-AFD8-7BBA142F226A}) (Version: 6.1.14.5050 - Andrea Vacondio) Hidden
PDFsam Enhanced Asian Fonts Pack (HKLM\...\{817881FA-BD07-4A50-8F77-DA9AA6009093}) (Version: 3.1.14.28668 - Andrea Vacondio) Hidden
PDFsam Enhanced Convert Module (HKLM\...\{C3946663-4609-4158-A3AD-B9BFB16496F1}) (Version: 3.1.14.28668 - Andrea Vacondio) Hidden
PDFsam Enhanced Create Module (HKLM\...\{F790A93F-B881-4316-BDB4-D02783850695}) (Version: 3.1.14.28668 - Andrea Vacondio) Hidden
PDFsam Enhanced Edit Module (HKLM\...\{C584AD88-AFC9-4030-B391-49C0D04F6F1A}) (Version: 3.1.14.28668 - Andrea Vacondio) Hidden
PDFsam Enhanced Forms Module (HKLM\...\{3CAC256B-9C84-44F4-AC26-50B07FEA56B6}) (Version: 3.1.14.28668 - Andrea Vacondio) Hidden
PDFsam Enhanced Insert Module (HKLM\...\{A06D8CE0-76AA-4968-AC8B-221BE5128646}) (Version: 3.1.14.28668 - Andrea Vacondio) Hidden
PDFsam Enhanced OCR Module (HKLM\...\{B83B283F-87BB-4C61-8F50-E45EDD0C7C8C}) (Version: 3.1.14.28668 - Andrea Vacondio) Hidden
PDFsam Enhanced Review Module (HKLM\...\{35AF9861-0E3C-4C81-AFCC-73461EBC00B7}) (Version: 3.1.14.28668 - Andrea Vacondio) Hidden
PDFsam Enhanced Secure Module (HKLM\...\{3B633A35-AE66-4AC3-B4A1-D2ED2594D368}) (Version: 3.1.14.28668 - Andrea Vacondio) Hidden
PDFsam Enhanced View Module (HKLM\...\{972049F9-650B-4430-82ED-6080470D27BA}) (Version: 3.1.14.28668 - Andrea Vacondio) Hidden
Prolink Version 1.15 (HKLM-x32\...\{D7BEBBEE-5AF1-4FBB-B666-2CAD7F7646BB}) (Version: - )
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.1.2730 - Jan Fiala)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
Seznam Software (HKU\S-1-5-21-3050821526-3358219123-440924525-1001\...\SeznamInstall) (Version: - Seznam.cz)
SyncBackFree (HKLM-x32\...\SyncBackFree_is1) (Version: 8.5.26.0 - 2BrightSparks)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.12.4 - TeamViewer)
Total Commander Ultima Prime 7.1 (HKLM-x32\...\TC UP) (Version: 7.1.0.1266 - TC UP Team)
TP-LINK TL-WN721N_TL-WN722N Driver (HKLM-x32\...\{86A7EED0-02D0-4D91-8183-8D2F23F5E6AE}) (Version: 1.3.1 - TP-LINK)
Visualization Content (HKLM-x32\...\{A12C2FC2-6122-4107-A6AE-677339873A24}) (Version: 8.11.9.292 - Bentley Systems, Incorporated)
VKM 0.1 (HKLM-x32\...\VKM_WSGP_is1) (Version: - Ing. Svatopluk Sedláček)
VKM 5.1 (HKLM-x32\...\VKM5_is1) (Version: - Ing. Svatopluk Sedláček)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
VNC Viewer 6.18.907 (HKLM\...\{59A8848C-F4C8-415E-8DA3-2D94716A7268}) (Version: 6.18.907.38355 - RealVNC Ltd)
WhatsApp (HKU\S-1-5-21-3050821526-3358219123-440924525-1001\...\WhatsApp) (Version: 2.2021.4 - WhatsApp)
Windows Desktop Gadgets (HKLM\...\Windows Desktop Gadgets_is1) (Version: 2.0 - hxxp://gadgetsrevived.com)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
XnView 2.34 (HKLM-x32\...\XnView_is1) (Version: 2.34 - Gougelet Pierre-e)
ZPS 19 CZ v.19.2004.2.250 - 03.06.2020 (HKLM-x32\...\ZPS 19 CZ v.19.2004.2.250 - 03.06.2020) (Version: v.19.2004.2.250 - 03.06.2020 - Libbi)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-05] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.0.83.0_x86__kgqvnymyfvs32 [2020-12-07] (king.com)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-01-20] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_121.1.193.0_x64__v10z8vjag6ke6 [2020-11-04] (HP Inc.)
Islands in the Sun -> C:\Program Files\WindowsApps\Microsoft.IslandsintheSun_1.0.0.0_neutral__8wekyb3d8bbwe [2018-01-05] (Microsoft Corporation)
Keeper - Password Manager & Secure File Storage -> C:\Program Files\WindowsApps\KeeperSecurityInc.Keeper_14.0.33.0_x64__kejf07qmg0jnm [2019-07-30] (Keeper Security Inc)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_5.3.0.5_x86__h6adky7gbf63m [2020-12-15] (Gameloft SE)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2020-07-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-04] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-04] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-25] (Microsoft Studios) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
NengGao Mountain -> C:\Program Files\WindowsApps\Microsoft.NengGaoMountain_1.0.0.0_neutral__8wekyb3d8bbwe [2018-01-19] (Microsoft Corporation)
TuneIn Radio -> C:\Program Files\WindowsApps\TuneIn.TuneInRadio_4.0.7.0_x64__6bhtb546zcxnj [2019-09-20] (TuneIn) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3050821526-3358219123-440924525-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\misak\Dropbox [2016-09-09 10:00]
CustomCLSID: HKU\S-1-5-21-3050821526-3358219123-440924525-1001_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll () [File not signed]
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-11-03] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-11-03] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-11-03] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-11-03] (Google LLC -> Google)
ContextMenuHandlers1: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll [2008-05-22] (MagicISO, Inc.) [File not signed]
ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger) [File not signed]
ContextMenuHandlers1: [PDFsamEnhanced5_ManagerExt] -> {6202C8EB-F149-41FE-A360-8FFAA4D3105B} => C:\Program Files\PDFsam Enhanced 5\context-menu.dll [2018-06-27] (SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio)
ContextMenuHandlers1: [PDFsamEnhanced6_ManagerExt] -> {7631D455-88D9-4774-83C6-D6A2B78182BF} => C:\Program Files\PDFsam Enhanced 6\context-menu.dll [2019-10-23] (SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio)
ContextMenuHandlers1: [TCUPShellExt] -> {544F5441-4C43-4D44-5550-5348454C4C00} => C:\Program Files (x86)\TC UP\LIB\TCUPShellExt.dll [2014-01-31] () [File not signed]
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-11-03] (Google LLC -> Google)
ContextMenuHandlers4: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll [2008-05-22] (MagicISO, Inc.) [File not signed]
ContextMenuHandlers4: [TCUPShellExt] -> {544F5441-4C43-4D44-5550-5348454C4C00} => C:\Program Files (x86)\TC UP\LIB\TCUPShellExt.dll [2014-01-31] () [File not signed]
ContextMenuHandlers4: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\SysWOW64\LameACM.acm [756224 2014-08-19] (hxxp://www.mp3dev.org/) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\misak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Google Keep – poznámky a seznamy.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\misak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Vzdálená plocha Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\misak\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2017-05-12 12:02 - 2020-12-13 13:38 - 000026112 _____ () [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2016-07-31 11:38 - 2012-11-05 07:37 - 000061440 _____ () [File not signed] C:\Program Files (x86)\Gaming Keyboard\hiddriver.dll
2016-07-31 11:38 - 2012-11-05 07:09 - 000057344 _____ () [File not signed] C:\Program Files (x86)\Gaming Keyboard\lan.dll
2014-01-31 16:43 - 2014-01-31 16:43 - 002669568 _____ () [File not signed] C:\Program Files (x86)\TC UP\LIB\TCUPShellExt.dll
2015-12-30 16:34 - 2005-04-22 13:36 - 000143360 _____ () [File not signed] C:\WINDOWS\system32\BrSNMP64.dll
2015-12-30 16:34 - 2012-07-05 20:32 - 000084480 _____ (Brother Industries, Ltd.) [File not signed] C:\WINDOWS\system32\BrNetSti.dll
2015-12-30 16:38 - 2015-08-27 12:37 - 000219136 _____ (Bullzip) [File not signed] C:\Program Files\Common Files\Bullzip\PDF Printer\Ports\BULLZIP\bzpdf.dll
2016-07-08 10:01 - 2016-07-08 10:01 - 000109704 _____ (LENOVO -> ) [File not signed] C:\Program Files (x86)\MagicPlus\crashreport.dll
2016-07-08 10:01 - 2016-07-08 10:01 - 000354440 _____ (LENOVO -> ) [File not signed] C:\Program Files (x86)\MagicPlus\UsbHelper.dll
2016-07-08 10:01 - 2016-07-08 10:01 - 000418952 _____ (LENOVO -> Microsoft Corporation) [File not signed] C:\Program Files (x86)\MagicPlus\MSVCP100.dll
2016-07-08 10:01 - 2016-07-08 10:01 - 000771720 _____ (LENOVO -> Microsoft Corporation) [File not signed] C:\Program Files (x86)\MagicPlus\MSVCR100.dll
2018-07-10 10:27 - 2008-05-22 22:25 - 000043520 ____N (MagicISO, Inc.) [File not signed] C:\Program Files (x86)\MagicISO\misosh64.dll
2018-12-10 10:29 - 2018-12-10 10:29 - 000438272 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] C:\Program Files\PDFsam Enhanced 6\libcurl.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: PDFsam Enhanced 5 Helper -> {00B64D8C-929B-4A37-AAAC-8A545F1E381E} -> C:\Program Files\PDFsam Enhanced 5\creator\plugins\IEAddin\creator-ie-helper.dll [2018-06-27] (SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio)
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-10-26] (Oracle America, Inc. -> Oracle Corporation)
BHO: PDFsam Enhanced 6 Helper -> {861A3991-1B45-4F34-96B4-CE30DD4AB339} -> C:\Program Files\PDFsam Enhanced 6\creator\plugins\IEAddin\creator-ie-helper.dll [2019-10-23] (SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-26] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: PDFsam Enhanced 5 Helper -> {00B64D8C-929B-4A37-AAAC-8A545F1E381E} -> C:\Program Files (x86)\PDFsam Enhanced 5\creator\plugins\IEAddin\creator-ie-helper.dll [2018-06-27] (SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
BHO-x32: PDFsam Enhanced Helper -> {6401BC8F-9AD0-430B-BF2C-2A34B0E98466} -> C:\Program Files (x86)\PDFsam Enhanced\creator-ie-helper.dll [2016-07-06] (ANDREA VACONDIO -> Andrea Vacondio)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-10-26] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: PDFsam Enhanced 6 Helper -> {861A3991-1B45-4F34-96B4-CE30DD4AB339} -> C:\Program Files (x86)\PDFsam Enhanced 6\creator\plugins\IEAddin\creator-ie-helper.dll [2019-10-23] (SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio)
BHO-x32: PDFsam Enhanced 4 Helper -> {952B1B0C-7ABC-49DD-8CC8-A7E73675E4F0} -> C:\Program Files (x86)\PDFsam Enhanced 4\creator-ie-helper.dll [2017-08-02] (ANDREA VACONDIO -> Andrea Vacondio)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-26] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - PDFsam Enhanced 5 Toolbar - {C690FC06-8B1B-4629-9830-89128CDE82CC} - C:\Program Files\PDFsam Enhanced 5\creator\plugins\IEAddin\creator-ie-plugin.dll [2018-06-27] (SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
Toolbar: HKLM - PDFsam Enhanced 6 Toolbar - {6F5E9294-F682-4F06-8DA6-CA13DF1D8B17} - C:\Program Files\PDFsam Enhanced 6\creator\plugins\IEAddin\creator-ie-plugin.dll [2019-10-23] (SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio)
Toolbar: HKLM-x32 - PDFsam Enhanced Toolbar - {AD42CFE2-C0AD-487E-8224-C2AEF09F4CEB} - C:\Program Files (x86)\PDFsam Enhanced\creator-ie-plugin.dll [2016-07-06] (ANDREA VACONDIO -> Andrea Vacondio)
Toolbar: HKLM-x32 - PDFsam Enhanced 4 Toolbar - {C33F5D76-0A77-4A99-8274-54AD52AF7D1B} - C:\Program Files (x86)\PDFsam Enhanced 4\creator-ie-plugin.dll [2017-08-02] (ANDREA VACONDIO -> Andrea Vacondio)
Toolbar: HKLM-x32 - PDFsam Enhanced 5 Toolbar - {C690FC06-8B1B-4629-9830-89128CDE82CC} - C:\Program Files (x86)\PDFsam Enhanced 5\creator\plugins\IEAddin\creator-ie-plugin.dll [2018-06-27] (SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
Toolbar: HKLM-x32 - PDFsam Enhanced 6 Toolbar - {6F5E9294-F682-4F06-8DA6-CA13DF1D8B17} - C:\Program Files (x86)\PDFsam Enhanced 6\creator\plugins\IEAddin\creator-ie-plugin.dll [2019-10-23] (SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 08:24 - 2020-06-21 12:08 - 000000265 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 activate.adobe.com
0.0.0.0 account.zoner.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\PC Connectivity Solution\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Bitvise SSH Client;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Common Files\Borland Shared\BDE
HKU\S-1-5-21-3050821526-3358219123-440924525-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\misak\AppData\Local\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

Network Binding:
=============
Ethernet 2: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "TVR Scheduler.lnk"
HKLM\...\StartupApproved\Run32: => "tsnp325"
HKLM\...\StartupApproved\Run32: => "ControlCenter3"
HKLM\...\StartupApproved\Run32: => "BrMfcWnd"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "AdobeGCInvoker-1.0"
HKU\S-1-5-21-3050821526-3358219123-440924525-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3050821526-3358219123-440924525-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-3050821526-3358219123-440924525-1001\...\StartupApproved\Run: => "Volume2"
HKU\S-1-5-21-3050821526-3358219123-440924525-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3050821526-3358219123-440924525-1001\...\StartupApproved\Run: => "NokiaSuite.exe"
HKU\S-1-5-21-3050821526-3358219123-440924525-1001\...\StartupApproved\Run: => "VirtualDiskAutomount"
HKU\S-1-5-21-3050821526-3358219123-440924525-1001\...\StartupApproved\Run: => "AutoStartNPSAgent"
HKU\S-1-5-21-3050821526-3358219123-440924525-1001\...\StartupApproved\Run: => "Uninstall C:\Users\misak\AppData\Local\Microsoft\OneDrive\17.3.6302.0225"
HKU\S-1-5-21-3050821526-3358219123-440924525-1001\...\StartupApproved\Run: => "Uninstall C:\Users\misak\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"
HKU\S-1-5-21-3050821526-3358219123-440924525-1001\...\StartupApproved\Run: => "Uninstall C:\Users\misak\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"
HKU\S-1-5-21-3050821526-3358219123-440924525-1001\...\StartupApproved\Run: => "Uninstall C:\Users\misak\AppData\Local\Microsoft\OneDrive\17.3.6386.0412"
HKU\S-1-5-21-3050821526-3358219123-440924525-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_F9FFE42676A4922756CFCD598199662C"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{7B9F3F57-917C-40F3-87B8-CDB0E8791D2C}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [TCP Query User{5A42FCEE-C041-4FBA-9421-9E030E82B5A5}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [UDP Query User{BB2FCC34-3C99-4CB6-BF27-15EE4D50D496}C:\program files (x86)\tc up\totalcmd64.exe] => (Allow) C:\program files (x86)\tc up\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [TCP Query User{01A72CF9-0949-4CAC-85EC-50365EC38C6F}C:\program files (x86)\tc up\totalcmd64.exe] => (Allow) C:\program files (x86)\tc up\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{7C2DE93D-3BE6-4B6B-B7FB-3B532F252260}C:\program files (x86)\java\jre1.8.0_151\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_151\bin\java.exe
FirewallRules: [TCP Query User{13138E50-527F-4E40-93EB-48A970450D8E}C:\program files (x86)\java\jre1.8.0_151\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_151\bin\java.exe
FirewallRules: [{3859E0E7-DD6B-4ADF-92E1-573645CE6E5E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{160EF249-194C-4FF1-A05D-7C21FAC8808A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{58E7A335-67F1-4041-825A-8CDB2091C8EC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{BAFE63B4-3EA7-48FF-B8D1-6107A84AC99B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A6483BE3-C777-4934-92C9-13D2152ACCB1}] => (Allow) C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{A4E710EE-57AF-4138-9936-219A9C103CB9}] => (Block) C:\program files (x86)\tc up\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{6F8094B8-97FD-4ED5-91D4-30BBE94CEB3C}] => (Block) C:\program files (x86)\tc up\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{35F6A811-728A-4CCB-9E21-BFEA4DCC6A33}C:\program files (x86)\tc up\totalcmd.exe] => (Allow) C:\program files (x86)\tc up\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [TCP Query User{9CDD9A7A-4ED3-430E-90EC-13E95FACBB88}C:\program files (x86)\tc up\totalcmd.exe] => (Allow) C:\program files (x86)\tc up\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{04600255-2E55-4515-8105-24B3E582AEA8}] => (Allow) LPort=54925
FirewallRules: [{50843913-DA38-4420-97E7-A01EB96E6D57}] => (Allow) C:\Program Files (x86)\Brother\BRAdmin Light\BRAdmLight.exe (Brother Industries, Ltd.) [File not signed]
FirewallRules: [{619D76B6-8D66-4112-933A-DEF81A1FB2B8}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{FDC083ED-27C4-4145-9281-9A70BB8E96DE}C:\users\misak\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\misak\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{08B8210D-58D2-456F-B7F5-99DBEB44E7B0}C:\users\misak\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\misak\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{C37DF2F0-9ECD-47F5-806E-4E603882EA15}] => (Block) C:\users\misak\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{C3F1F966-B4A8-4A48-9A9B-5856138C76DE}] => (Block) C:\users\misak\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{BB473314-9186-41D8-A543-5A4CA71A9F51}C:\program files (x86)\zyxel\nas starter utility\nas starter utility.exe] => (Allow) C:\program files (x86)\zyxel\nas starter utility\nas starter utility.exe () [File not signed]
FirewallRules: [UDP Query User{7659C950-388F-4E69-9CB8-27B75DE131B8}C:\program files (x86)\zyxel\nas starter utility\nas starter utility.exe] => (Allow) C:\program files (x86)\zyxel\nas starter utility\nas starter utility.exe () [File not signed]
FirewallRules: [{15A8BA42-61CA-4018-9C47-95F83AA091B7}] => (Block) C:\program files (x86)\zyxel\nas starter utility\nas starter utility.exe () [File not signed]
FirewallRules: [{5ED1094C-5121-46E9-9F65-BFDB988C1EF7}] => (Block) C:\program files (x86)\zyxel\nas starter utility\nas starter utility.exe () [File not signed]
FirewallRules: [{655599C9-9217-4EBF-A8D5-5680419390F2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A552A52E-F876-4092-8CF7-F5F2CC7766A8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F01AF4F5-EB23-4316-B584-84073A7BB1B9}] => (Allow) LPort=443
FirewallRules: [TCP Query User{C76D698D-E7FE-4896-9D68-8C92C5729596}C:\program files (x86)\dvdfab 10\dvdfab.exe] => (Block) C:\program files (x86)\dvdfab 10\dvdfab.exe (Fengtao Software Inc. -> FengTao Software Inc.)
FirewallRules: [UDP Query User{681278DB-B63B-4CBE-999A-6C88BADB4215}C:\program files (x86)\dvdfab 10\dvdfab.exe] => (Block) C:\program files (x86)\dvdfab 10\dvdfab.exe (Fengtao Software Inc. -> FengTao Software Inc.)
FirewallRules: [{B8F82100-2C83-4926-998A-F6DE19F3565E}] => (Allow) C:\Program Files (x86)\Common Files\Bentley Shared\Dgn Index Service\DgnIndexServer.exe (Bentley Systems Inc.) [File not signed]
FirewallRules: [{58B1EBA0-9B75-4155-8697-99FF00940A29}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{D4FA8636-7790-4FE7-87AA-787BF9482DE6}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [TCP Query User{F4104CF3-AF19-4170-AC76-A044EDCD61C7}C:\program files (x86)\magicplus\magicplus.exe] => (Allow) C:\program files (x86)\magicplus\magicplus.exe (LENOVO -> Lenovo) [File not signed]
FirewallRules: [UDP Query User{028D006C-218B-432E-86BA-C178DF1D6D0F}C:\program files (x86)\magicplus\magicplus.exe] => (Allow) C:\program files (x86)\magicplus\magicplus.exe (LENOVO -> Lenovo) [File not signed]
FirewallRules: [{4F1DC5AD-694E-4977-AF66-E09342635DE5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{ED5B065B-48EE-417E-8ABB-E2F9E802E43C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{FD99C2B5-87B2-40EE-872F-CD4FCE4D7D58}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{30F54854-CF6B-4941-8CB6-EFBDF9F31F3D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{12A76EDA-4F89-4981-A628-8EE029B08E5D}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{6DC3616D-3352-464B-8454-DC8C0DAD2C5A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{A949622E-2BF6-4147-8B4D-8230692075AF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.87.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E7A67498-5B6A-4204-A06F-D1D8A2EE2048}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.87.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A1E7D01C-8BC6-4AE3-9491-DAF99BAAE21B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.87.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1FF98C7A-5689-49E8-9FFD-D6B9D15541C0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.87.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

14-12-2020 15:46:09 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (12/15/2020 09:47:40 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\MagicPlus\MagicPlus.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.1256_none_9e7e379be45e40e2.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.1256_none_e62b6e72f8da69e8.manifest.

Error: (12/15/2020 06:22:57 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (15992,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/15/2020 06:18:03 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\MagicPlus\MagicPlus.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.1256_none_9e7e379be45e40e2.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.1256_none_e62b6e72f8da69e8.manifest.

Error: (12/15/2020 06:16:58 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\MagicPlus\MagicPlus.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.1256_none_9e7e379be45e40e2.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.1256_none_e62b6e72f8da69e8.manifest.

Error: (12/15/2020 06:01:54 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14416,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/15/2020 05:46:51 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7532,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/14/2020 07:06:22 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\MagicPlus\MagicPlus.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.1256_none_9e7e379be45e40e2.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.1256_none_e62b6e72f8da69e8.manifest.

Error: (12/14/2020 06:58:42 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\MagicPlus\MagicPlus.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.1256_none_9e7e379be45e40e2.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.1256_none_e62b6e72f8da69e8.manifest.


System errors:
=============
Error: (12/15/2020 09:15:02 PM) (Source: DCOM) (EventID: 10010) (User: MICHAL-PC)
Description: Server Microsoft.SkypeApp_15.67.87.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/15/2020 08:15:02 PM) (Source: DCOM) (EventID: 10010) (User: MICHAL-PC)
Description: Server Microsoft.SkypeApp_15.67.87.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/15/2020 07:52:30 PM) (Source: DCOM) (EventID: 10010) (User: MICHAL-PC)
Description: Server Microsoft.SkypeApp_15.67.87.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/15/2020 07:14:00 PM) (Source: DCOM) (EventID: 10010) (User: MICHAL-PC)
Description: Server Microsoft.SkypeApp_15.67.87.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/15/2020 06:15:02 PM) (Source: DCOM) (EventID: 10010) (User: MICHAL-PC)
Description: Server Microsoft.SkypeApp_15.67.87.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/15/2020 05:15:02 PM) (Source: DCOM) (EventID: 10010) (User: MICHAL-PC)
Description: Server Microsoft.SkypeApp_15.67.87.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/15/2020 04:15:02 PM) (Source: DCOM) (EventID: 10010) (User: MICHAL-PC)
Description: Server Microsoft.SkypeApp_15.67.87.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/15/2020 03:15:02 PM) (Source: DCOM) (EventID: 10010) (User: MICHAL-PC)
Description: Server Microsoft.SkypeApp_15.67.87.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
===================================
Date: 2020-12-15 17:40:02.524
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {D15FFF00-DD9D-49BF-8CD3-D691ECA1C6F0}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-12-13 04:25:03.401
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {B1606FD3-C745-48BF-8826-4DBB9F74D77A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-12-09 19:38:17.438
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {C116B191-20A8-4303-A7FD-C97C72ADB0CE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-11-26 20:31:19.889
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {65D50A72-E919-46EF-9B5D-6F80BC0AC880}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-11-25 18:32:24.983
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {CB9D8E4B-3E89-43DD-9A8D-146194266F6A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-12-06 17:59:43.599
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.327.1582.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2020-12-06 17:59:43.598
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.327.1582.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2020-12-06 17:59:43.597
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.327.1582.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2020-12-06 17:59:43.344
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.327.1582.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Date: 2020-12-06 17:59:43.343
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.327.1582.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

CodeIntegrity:
===================================

Date: 2020-12-13 13:39:48.351
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-13 11:52:09.963
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-13 11:52:09.930
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-13 11:52:09.899
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-13 11:52:08.759
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-13 11:52:08.724
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-11 00:24:25.162
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-06 15:42:01.457
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 2304 06/04/2015
Motherboard: ASUSTeK COMPUTER INC. H81M-P
Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 79%
Total physical RAM: 3966.05 MB
Available physical RAM: 805.34 MB
Total Virtual: 6910.05 MB
Available Virtual: 2784.06 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:928.41 GB) (Free:570.74 GB) NTFS

\\?\Volume{02d03d3d-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:3.1 GB) (Free:2.64 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 02D03D3D)
Partition 1: (Active) - (Size=3.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=928.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle America, Inc. -> Oracle Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {14C15532-66F6-48CD-AA80-D686E7783D67} - System32\Tasks\GoogleUpdateTaskMachineUA1d57d5c3a8e3610 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-30] (Google Inc -> Google Inc.)
Task: {A9984137-99FA-4674-BBD0-1640975F199B} - System32\Tasks\GoogleUpdateTaskMachineCore1d57d5c3a78c14c => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-30] (Google Inc -> Google Inc.)
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA1d57d5c3a8e3610
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore1d57d5c3a78c14c
C:\Users\misak\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File
ContextMenuHandlers4: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File

EmptyTemp:
Hosts:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[misak35]

Fix result of Farbar Recovery Scan Tool (x64) Version: 14-12-2020
Ran by misak (19-12-2020 14:00:29) Run:2
Running from C:\Users\misak\Desktop
Loaded Profiles: misak
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle America, Inc. -> Oracle Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {14C15532-66F6-48CD-AA80-D686E7783D67} - System32\Tasks\GoogleUpdateTaskMachineUA1d57d5c3a8e3610 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-30] (Google Inc -> Google Inc.)
Task: {A9984137-99FA-4674-BBD0-1640975F199B} - System32\Tasks\GoogleUpdateTaskMachineCore1d57d5c3a78c14c => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-30] (Google Inc -> Google Inc.)
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA1d57d5c3a8e3610
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore1d57d5c3a78c14c
C:\Users\misak\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File
ContextMenuHandlers4: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => not found
"C:\WINDOWS\system32\GroupPolicy\Machine" => not found
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{14C15532-66F6-48CD-AA80-D686E7783D67}" => not found
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d57d5c3a8e3610" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA1d57d5c3a8e3610" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A9984137-99FA-4674-BBD0-1640975F199B}" => not found
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1d57d5c3a78c14c" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore1d57d5c3a78c14c" => not found
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA1d57d5c3a8e3610" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore1d57d5c3a78c14c" => not found
"C:\Users\misak\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini" => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\UnLockerMenu => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\UnLockerMenu => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\UnLockerMenu => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 21289597 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 3794533 B
Edge => 0 B
Chrome => 9733229 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 7104 B
misak => 97529 B
krcma => 97529 B

RecycleBin => 0 B
EmptyTemp: => 43.2 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 14:00:59 ====

[Rudy]

Zkuste to ještě jednou, se stejným fixlistem, ale vypnutým antivirem. Ne vše bylo smazáno.

[misak35]

Fix result of Farbar Recovery Scan Tool (x64) Version: 14-12-2020
Ran by misak (19-12-2020 18:58:00) Run:3
Running from C:\Users\misak\Desktop
Loaded Profiles: misak
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle America, Inc. -> Oracle Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {14C15532-66F6-48CD-AA80-D686E7783D67} - System32\Tasks\GoogleUpdateTaskMachineUA1d57d5c3a8e3610 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-30] (Google Inc -> Google Inc.)
Task: {A9984137-99FA-4674-BBD0-1640975F199B} - System32\Tasks\GoogleUpdateTaskMachineCore1d57d5c3a78c14c => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-30] (Google Inc -> Google Inc.)
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA1d57d5c3a8e3610
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore1d57d5c3a78c14c
C:\Users\misak\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File
ContextMenuHandlers4: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => not found
"C:\WINDOWS\system32\GroupPolicy\Machine" => not found
"C:\ProgramData\NTUSER.pol" => not found
HKLM\SOFTWARE\Policies\Mozilla => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{14C15532-66F6-48CD-AA80-D686E7783D67}" => not found
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d57d5c3a8e3610" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA1d57d5c3a8e3610" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A9984137-99FA-4674-BBD0-1640975F199B}" => not found
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1d57d5c3a78c14c" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore1d57d5c3a78c14c" => not found
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA1d57d5c3a8e3610" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore1d57d5c3a78c14c" => not found
"C:\Users\misak\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini" => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\UnLockerMenu => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\UnLockerMenu => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\UnLockerMenu => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 21318917 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 22010 B
Edge => 0 B
Chrome => 10408981 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 2708 B
misak => 35172 B
krcma => 35172 B

RecycleBin => 0 B
EmptyTemp: => 40.1 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:58:47 ====

[Rudy]

OK. Smazáno, log je již OK. Změnilo se něco? AV opět zapněte.

[misak35]

Zapnuto. Já jsem ani předtím nepociťoval nějaké výrazné zpomalení PC. Chtěl jsem ho zkontrolovat na základě telefonátu od poskytovatele připojení.

[Rudy]

Jistě. Zkusili jsme smazat vše, co v PC být nemusí. Tím by měl být pryč i původce DDoS útoků (pokud tam byl). A když mám už před sebou log, smažu vše, co tam být nemusí.

[misak35]

Jestli je to vše, tak Vám mockrát děkuji. Jenom ještě dotaz jestli můžu. Nejsem na toto odborník.... Ddos útoky by se mohli konat i přes datové centrum? Je to starší typ Zyxel N320S? Jestli ho mám pro jistotu zformátovat a zatím používat jen na domácí síti, než koupím nový třeba od Synology, kde to mají, podle toho co jsem vyčetl, řešené aplikací, takže uživatele nepotřebuje veřejnou IP.

[Rudy]

Teoreticky mohou DDoS útoky probíhat přes jakýkoliv aktivní prvek. Pokud můžete (a útok by se opakoval) zformátujte. Data musíte zazálohovat.

[misak35]

Udělám to. Ještě jednou děkuji a přeji pěkný večer.

[Rudy]

Hezký den i vám a nemáte zač!