Problém s pc.

[Isoldy]

Dobrý den,

poprosím o kontrolu logu. Asi dva dny zpět se mi povedlo stáhnout virus: Santivirus Realtime Protection Lite. Stávající antivir jej nedokáže odstranit, bohužel mi nelze obnovit ani systém.




Logfile of random's system information tool 1.10 (written by random/random)
Run by Honza at 2020-12-21 23:09:39
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 30 GB (6%) free of 477 GB
Total RAM: 8054 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:09:43, on 21.12.2020
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19597)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
C:\Program Files\trend micro\Wagras.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O4 - HKLM\..\Run: [Avira SystrayStartTrigger] "C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe"
O4 - HKCU\..\Run: [com.squirrel.Teams.Teams] C:\Users\Wagras\AppData\Local\Microsoft\Teams\Update.exe --processStart "Teams.exe" --process-start-args "--system-initiated"
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: Avira Optimizer Host (AviraOptimizerHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
O23 - Service: Avira Phantom VPN (AviraPhantomVPN) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
O23 - Service: Avira Security (AviraSecurity) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
O23 - Service: Avira Updater Service (AviraUpdaterService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: SpyHunter 5 Kernel (EsgShKernel) - EnigmaSoft Limited - C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SAntivirusIC - Unknown owner - C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusIC.exe (file missing)
O23 - Service: SAntivirusSvc - ?orp DCom - C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusService.exe
O23 - Service: SpyHunter 5 Kernel Monitor (ShMonitor) - EnigmaSoft Limited - C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8047 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\Antivirus\sched.exe"
"taskhost.exe"
taskeng.exe {B246008C-79AC-42C9-B0C9-40D1E54306F5}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /c
"C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\Avira\Antivirus\avguard.exe"
"C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe"
"C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe"
"C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe"
C:\Windows\System32\svchost.exe -k utcsvc

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe"

WLIDSvcM.exe 2732
"C:\Program Files (x86)\Avira\Antivirus\avshadow.exe" avshadowcontrol0_00000714
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-ff05d46d-d28f-489e-8f1e-e2e6fdd61e6d -SystemEventPortName:HostProcess-c82d047f-a333-4a47-b235-0060d8c1b716 -IoCancelEventPortName:HostProcess-44f866da-2aa7-40db-8f45-88a89b566d45 -NonStateChangingEventPortName:HostProcess-5b731274-0083-4eed-a10e-6f1dfed51938 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:74478ca4-5d0f-45b8-9ae3-66c754d836f3 -DeviceGroupId:WpdFsGroup
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\system32\wuauclt.exe"
"C:\Users\Wagras\AppData\Local\Microsoft\Teams\current\Teams.exe" --system-initiated
"C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe" /connectToHost
"C:\Users\Wagras\AppData\Local\Microsoft\Teams\current\Teams.exe" --type=gpu-process --field-trial-handle=1160,809811771274241175,10994553221767141649,131072 --enable-features=WebComponentsV0Enabled --disable-features=PictureInPicture,SpareRendererForSitePerProcess --electron-shared-settings=eyJjci5jb21wYW55IjoiTWljcm9zb2Z0IiwiY3IuZHVtcHMiOiJDOlxcVXNlcnNcXFdhZ3Jhc1xcQXBwRGF0YVxcTG9jYWxcXFRlbXBcXG5vbmUgQ3Jhc2hlcyIsImNyLmVuYWJsZWQiOnRydWUsImNyLnByb2R1Y3QiOiJub25lIiwiY3Iuc2Vzc2lvbiI6ImRlc2t0b3AtMDkyN2RhOTUtMmZkOC00YTU5LTlhYmUtNjA1ZmFmOTRiMDMyIiwiY3IudXJsIjoiaHR0cDovL2xvY2FsaG9zdCIsImNyLnZlcnNpb24iOiIxLjMuMDAuMjg3NzkifQ== --gpu-preferences=KAAAAAAAAADgAAAwAAAAAAAAYAAAAAAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --mojo-platform-channel-handle=1172 --ignored=" --type=renderer " /prefetch:2
"C:\Users\Wagras\AppData\Local\Microsoft\Teams\current\Teams.exe" --type=utility --field-trial-handle=1160,809811771274241175,10994553221767141649,131072 --enable-features=WebComponentsV0Enabled --disable-features=PictureInPicture,SpareRendererForSitePerProcess --lang=cs --service-sandbox-type=network --electron-shared-settings=eyJjci5jb21wYW55IjoiTWljcm9zb2Z0IiwiY3IuZHVtcHMiOiJDOlxcVXNlcnNcXFdhZ3Jhc1xcQXBwRGF0YVxcTG9jYWxcXFRlbXBcXG5vbmUgQ3Jhc2hlcyIsImNyLmVuYWJsZWQiOnRydWUsImNyLnByb2R1Y3QiOiJub25lIiwiY3Iuc2Vzc2lvbiI6ImRlc2t0b3AtMDkyN2RhOTUtMmZkOC00YTU5LTlhYmUtNjA1ZmFmOTRiMDMyIiwiY3IudXJsIjoiaHR0cDovL2xvY2FsaG9zdCIsImNyLnZlcnNpb24iOiIxLjMuMDAuMjg3NzkifQ== --mojo-platform-channel-handle=1588 /prefetch:8
"C:\Users\Wagras\AppData\Local\Microsoft\Teams\current\Teams.exe" --type=renderer --autoplay-policy=no-user-gesture-required --disable-background-timer-throttling --field-trial-handle=1160,809811771274241175,10994553221767141649,131072 --enable-features=WebComponentsV0Enabled --disable-features=PictureInPicture,SpareRendererForSitePerProcess --lang=cs --app-user-model-id=com.squirrel.Teams.Teams --app-path="C:\Users\Wagras\AppData\Local\Microsoft\Teams\current\resources\app.asar" --enable-sandbox --native-window-open --preload="C:\Users\Wagras\AppData\Local\Microsoft\Teams\current\resources\app.asar\lib\renderer\notifications\preload_notifications_sandbox.js" --background-color=#fff --enable-websql --electron-shared-settings=eyJjci5jb21wYW55IjoiTWljcm9zb2Z0IiwiY3IuZHVtcHMiOiJDOlxcVXNlcnNcXFdhZ3Jhc1xcQXBwRGF0YVxcTG9jYWxcXFRlbXBcXG5vbmUgQ3Jhc2hlcyIsImNyLmVuYWJsZWQiOnRydWUsImNyLnByb2R1Y3QiOiJub25lIiwiY3Iuc2Vzc2lvbiI6ImRlc2t0b3AtMDkyN2RhOTUtMmZkOC00YTU5LTlhYmUtNjA1ZmFmOTRiMDMyIiwiY3IudXJsIjoiaHR0cDovL2xvY2FsaG9zdCIsImNyLnZlcnNpb24iOiIxLjMuMDAuMjg3NzkifQ== --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2096 /prefetch:1 --msteams-process-type=notificationsManager
"C:\Users\Wagras\AppData\Local\Microsoft\Teams\current\Teams.exe" --type=renderer --autoplay-policy=no-user-gesture-required --disable-background-timer-throttling --field-trial-handle=1160,809811771274241175,10994553221767141649,131072 --enable-features=WebComponentsV0Enabled --disable-features=PictureInPicture,SpareRendererForSitePerProcess --lang=cs --app-user-model-id=com.squirrel.Teams.Teams --app-path="C:\Users\Wagras\AppData\Local\Microsoft\Teams\current\resources\app.asar" --webview-tag --no-sandbox --no-zygote --native-window-open --preload="C:\Users\Wagras\AppData\Local\Microsoft\Teams\current\resources\app.asar\lib\renderer\preload.js" --background-color=#fff --enable-websql --electron-shared-settings=eyJjci5jb21wYW55IjoiTWljcm9zb2Z0IiwiY3IuZHVtcHMiOiJDOlxcVXNlcnNcXFdhZ3Jhc1xcQXBwRGF0YVxcTG9jYWxcXFRlbXBcXG5vbmUgQ3Jhc2hlcyIsImNyLmVuYWJsZWQiOnRydWUsImNyLnByb2R1Y3QiOiJub25lIiwiY3Iuc2Vzc2lvbiI6ImRlc2t0b3AtMDkyN2RhOTUtMmZkOC00YTU5LTlhYmUtNjA1ZmFmOTRiMDMyIiwiY3IudXJsIjoiaHR0cDovL2xvY2FsaG9zdCIsImNyLnZlcnNpb24iOiIxLjMuMDAuMjg3NzkifQ== --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2460 /prefetch:1 --msteams-process-type=mainWindow
"C:\Users\Wagras\AppData\Local\Microsoft\Teams\current\Teams.exe" --type=utility --field-trial-handle=1160,809811771274241175,10994553221767141649,131072 --enable-features=WebComponentsV0Enabled --disable-features=PictureInPicture,SpareRendererForSitePerProcess --lang=cs --service-sandbox-type=audio --electron-shared-settings=eyJjci5jb21wYW55IjoiTWljcm9zb2Z0IiwiY3IuZHVtcHMiOiJDOlxcVXNlcnNcXFdhZ3Jhc1xcQXBwRGF0YVxcTG9jYWxcXFRlbXBcXG5vbmUgQ3Jhc2hlcyIsImNyLmVuYWJsZWQiOnRydWUsImNyLnByb2R1Y3QiOiJub25lIiwiY3Iuc2Vzc2lvbiI6ImRlc2t0b3AtMDkyN2RhOTUtMmZkOC00YTU5LTlhYmUtNjA1ZmFmOTRiMDMyIiwiY3IudXJsIjoiaHR0cDovL2xvY2FsaG9zdCIsImNyLnZlcnNpb24iOiIxLjMuMDAuMjg3NzkifQ== --mojo-platform-channel-handle=2572 /prefetch:8
"C:\Users\Wagras\AppData\Local\Microsoft\Teams\current\Teams.exe" --type=renderer --autoplay-policy=no-user-gesture-required --disable-background-timer-throttling --field-trial-handle=1160,809811771274241175,10994553221767141649,131072 --enable-features=WebComponentsV0Enabled --disable-features=PictureInPicture,SpareRendererForSitePerProcess --lang=cs --app-user-model-id=com.squirrel.Teams.Teams --app-path="C:\Users\Wagras\AppData\Local\Microsoft\Teams\current\resources\app.asar" --enable-sandbox --native-window-open --preload="C:\Users\Wagras\AppData\Local\Microsoft\Teams\current\resources\app.asar\lib\renderer\experienceRenderer\preload_webview_sandbox.js" --background-color=#fff --guest-instance-id=5 --enable-blink-features --disable-blink-features --hidden-page --enable-websql --electron-shared-settings=eyJjci5jb21wYW55IjoiTWljcm9zb2Z0IiwiY3IuZHVtcHMiOiJDOlxcVXNlcnNcXFdhZ3Jhc1xcQXBwRGF0YVxcTG9jYWxcXFRlbXBcXG5vbmUgQ3Jhc2hlcyIsImNyLmVuYWJsZWQiOnRydWUsImNyLnByb2R1Y3QiOiJub25lIiwiY3Iuc2Vzc2lvbiI6ImRlc2t0b3AtMDkyN2RhOTUtMmZkOC00YTU5LTlhYmUtNjA1ZmFmOTRiMDMyIiwiY3IudXJsIjoiaHR0cDovL2xvY2FsaG9zdCIsImNyLnZlcnNpb24iOiIxLjMuMDAuMjg3NzkifQ== --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1824 /prefetch:1 --msteams-process-type=experience-renderer
"C:\Users\Wagras\AppData\Local\Microsoft\Teams\current\Teams.exe" --type=renderer --autoplay-policy=no-user-gesture-required --disable-background-timer-throttling --field-trial-handle=1160,809811771274241175,10994553221767141649,131072 --enable-features=WebComponentsV0Enabled --disable-features=PictureInPicture,SpareRendererForSitePerProcess --lang=cs --app-user-model-id=com.squirrel.Teams.Teams --app-path="C:\Users\Wagras\AppData\Local\Microsoft\Teams\current\resources\app.asar" --no-sandbox --no-zygote --preload="C:\Users\Wagras\AppData\Local\Microsoft\Teams\current\resources\app.asar\lib\pluginhost\preload.js" --background-color=#fff --enable-websql --electron-shared-settings=eyJjci5jb21wYW55IjoiTWljcm9zb2Z0IiwiY3IuZHVtcHMiOiJDOlxcVXNlcnNcXFdhZ3Jhc1xcQXBwRGF0YVxcTG9jYWxcXFRlbXBcXG5vbmUgQ3Jhc2hlcyIsImNyLmVuYWJsZWQiOnRydWUsImNyLnByb2R1Y3QiOiJub25lIiwiY3Iuc2Vzc2lvbiI6ImRlc2t0b3AtMDkyN2RhOTUtMmZkOC00YTU5LTlhYmUtNjA1ZmFmOTRiMDMyIiwiY3IudXJsIjoiaHR0cDovL2xvY2FsaG9zdCIsImNyLnZlcnNpb24iOiIxLjMuMDAuMjg3NzkifQ== --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3148 /prefetch:1 --msteams-process-type=pluginHost
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Wagras\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Wagras\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Wagras\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=87.0.4280.88 --initial-client-data=0xb0,0xb4,0xb8,0x84,0xbc,0x7feea040eb0,0x7feea040ec0,0x7feea040ed0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1084,8244550067571785870,7584179623524669397,131072 --gpu-preferences=MAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --mojo-platform-channel-handle=1044 /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1084,8244550067571785870,7584179623524669397,131072 --lang=cs --service-sandbox-type=network --mojo-platform-channel-handle=1304 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1084,8244550067571785870,7584179623524669397,131072 --lang=cs --service-sandbox-type=utility --mojo-platform-channel-handle=1704 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1084,8244550067571785870,7584179623524669397,131072 --lang=cs --extension-process --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2544 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1084,8244550067571785870,7584179623524669397,131072 --lang=cs --extension-process --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4784 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1084,8244550067571785870,7584179623524669397,131072 --lang=cs --service-sandbox-type=audio --mojo-platform-channel-handle=2440 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1084,8244550067571785870,7584179623524669397,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4688 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1084,8244550067571785870,7584179623524669397,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5696 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1084,8244550067571785870,7584179623524669397,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=94 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4216 /prefetch:1
"C:\Users\Wagras\AppData\Local\Microsoft\Teams\current\Teams.exe" --type=renderer --autoplay-policy=no-user-gesture-required --disable-background-timer-throttling --field-trial-handle=1160,809811771274241175,10994553221767141649,131072 --enable-features=WebComponentsV0Enabled --disable-features=PictureInPicture,SpareRendererForSitePerProcess --lang=cs --app-user-model-id=com.squirrel.Teams.Teams --app-path="C:\Users\Wagras\AppData\Local\Microsoft\Teams\current\resources\app.asar" --electron-shared-settings=eyJjci5jb21wYW55IjoiTWljcm9zb2Z0IiwiY3IuZHVtcHMiOiJDOlxcVXNlcnNcXFdhZ3Jhc1xcQXBwRGF0YVxcTG9jYWxcXFRlbXBcXG5vbmUgQ3Jhc2hlcyIsImNyLmVuYWJsZWQiOnRydWUsImNyLnByb2R1Y3QiOiJub25lIiwiY3Iuc2Vzc2lvbiI6ImRlc2t0b3AtMDkyN2RhOTUtMmZkOC00YTU5LTlhYmUtNjA1ZmFmOTRiMDMyIiwiY3IudXJsIjoiaHR0cDovL2xvY2FsaG9zdCIsImNyLnZlcnNpb24iOiIxLjMuMDAuMjg3NzkifQ== --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=304 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1212 /prefetch:1
taskhost.exe $(Arg0)

"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe10_ Global\UsGthrCtrlFltPipeMssGthrPipe10 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\Wagras\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"com.squirrel.Teams.Teams"=C:\Users\Wagras\AppData\Local\Microsoft\Teams\Update.exe [2020-11-21 2452664]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2020-12-08 32414392]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Avira SystrayStartTrigger"=C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [2020-11-20 705728]
""= []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"shell"=explorer.exe

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2020-12-21 23:03:49 ----D---- C:\rsit
2020-12-21 23:03:49 ----D---- C:\Program Files\trend micro
2020-12-20 13:46:57 ----A---- C:\Windows\system32\drivers\EnigmaFileMonDriver.sys
2020-12-20 13:46:41 ----D---- C:\ProgramData\EnigmaSoft Limited
2020-12-20 13:46:30 ----D---- C:\sh5ldr
2020-12-20 13:45:29 ----D---- C:\Program Files\EnigmaSoft
2020-12-20 13:22:22 ----D---- C:\Windows\ABR
2020-12-20 04:32:27 ----D---- C:\Users\Wagras\AppData\Roaming\santivirusclient
2020-12-20 04:27:59 ----D---- C:\ProgramData\SAntivirus
2020-12-20 04:27:19 ----D---- C:\Program Files (x86)\Digital Communications
2020-12-20 04:27:10 ----D---- C:\ProgramData\Avast Software
2020-12-20 04:25:51 ----D---- C:\Program Files (x86)\SansevieriaFuturekzbSolution
2020-12-20 04:22:57 ----D---- C:\Program Files (x86)\SansevieriaFuturetvoSolution
2020-12-20 04:22:48 ----D---- C:\Users\Wagras\AppData\Roaming\SantolinaFutureSolution

======List of files/folders modified in the last 1 month======

2020-12-21 23:09:43 ----D---- C:\Windows\Temp
2020-12-21 23:03:56 ----D---- C:\Windows\Prefetch
2020-12-21 23:03:49 ----D---- C:\Program Files
2020-12-21 20:42:02 ----D---- C:\Users\Wagras\AppData\Roaming\TS3Client
2020-12-21 15:58:10 ----D---- C:\Windows\system32\config
2020-12-21 15:42:15 ----D---- C:\Program Files\CCleaner
2020-12-21 15:38:54 ----D---- C:\Windows
2020-12-21 15:38:53 ----D---- C:\Windows\system32\wbem
2020-12-21 15:38:08 ----HD---- C:\ProgramData
2020-12-21 15:38:08 ----D---- C:\ProgramData\Package Cache
2020-12-21 15:38:07 ----SHD---- C:\Windows\Installer
2020-12-21 15:38:07 ----SD---- C:\Windows\system32\CompatTel
2020-12-21 15:38:07 ----RSD---- C:\Windows\Fonts
2020-12-21 15:38:07 ----D---- C:\Windows\winsxs
2020-12-21 15:38:07 ----D---- C:\Windows\Tasks
2020-12-21 15:38:07 ----D---- C:\Windows\system32\Wat
2020-12-21 15:38:07 ----D---- C:\Windows\system32\Tasks
2020-12-21 15:38:07 ----D---- C:\Windows\system32\NDF
2020-12-21 15:38:07 ----D---- C:\Windows\system32\DriverStore
2020-12-21 15:38:07 ----D---- C:\Windows\system32\drivers\etc
2020-12-21 15:38:07 ----D---- C:\Windows\system32\drivers
2020-12-21 15:38:07 ----D---- C:\Windows\system32\catroot2
2020-12-21 15:38:07 ----D---- C:\Windows\System32
2020-12-21 15:38:07 ----D---- C:\Windows\Minidump
2020-12-21 15:38:07 ----D---- C:\Windows\inf
2020-12-21 15:38:07 ----D---- C:\Users\Wagras\AppData\Roaming\vlc
2020-12-21 15:38:06 ----D---- C:\Windows\registration
2020-12-21 14:12:18 ----SHD---- C:\System Volume Information
2020-12-20 23:00:01 ----D---- C:\Windows\system32\LogFiles
2020-12-20 19:16:53 ----D---- C:\ProgramData\Microsoft Help
2020-12-20 13:50:42 ----D---- C:\Users\Wagras\AppData\Roaming\DAEMON Tools Lite
2020-12-20 13:50:14 ----D---- C:\Windows\debug
2020-12-20 13:43:08 ----RD---- C:\Program Files (x86)
2020-12-20 13:24:37 ----D---- C:\Program Files\Common Files
2020-12-20 13:23:00 ----D---- C:\Program Files (x86)\SlimDrivers
2020-12-20 13:22:48 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2020-12-20 06:10:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2020-12-20 05:46:59 ----D---- C:\Windows\SysWOW64
2020-12-20 04:35:32 ----D---- C:\ProgramData\McAfee

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 avdevprot;avdevprot; C:\Windows\system32\DRIVERS\avdevprot.sys [2019-06-14 68152]
R0 avusbflt;avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [2019-03-20 35376]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2007-11-09 26968]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2020-05-05 178720]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2019-03-20 36072]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2017-07-05 254528]
R1 TASANTIVIRUSKD;SAntivirus Kernel DriverTA; \??\C:\Program Files (x86)\Digital Communications\SAntivirus\TASAntivirusKD.sys [2020-12-20 85480]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2017-07-05 314016]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2020-11-16 222200]
R2 avnetflt;avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [2019-03-20 78600]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2017-07-05 43680]
R2 speedfan;speedfan; \??\C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R3 EnigmaFileMonDriver;EnigmaFileMonDriver Mini-Filter Driver; \??\C:\Windows\system32\Drivers\EnigmaFileMonDriver.sys [2020-12-21 76744]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2015-06-27 4500184]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2016-11-14 197408]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2016-11-14 56384]
R3 phantomtap;Phantom TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\phantomtap.sys [2017-10-25 35664]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-03-01 187392]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver; C:\Windows\system32\DRIVERS\rtl8192se.sys [2011-06-20 1225832]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 blackberryncm;BlackBerryNCM Service; C:\Windows\system32\DRIVERS\blackberryncm6_AMD64.sys [2014-09-08 25088]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2017-07-05 30264]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2014-03-31 58056]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2017-05-22 35648]
S3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-11-14 27584]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RimUsb;zařízení BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys []
S3 rimvndis;BlackBerry Virtual Private Network; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [2015-03-19 18432]
S3 RimVSerPort;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [2012-12-10 44544]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
S3 RtlWlanu;Realtek Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\rtwlanu.sys [2013-07-04 2943192]
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2018-03-25 16056]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64_prewin8.sys [2018-02-26 31920]
S3 wdm_usb;wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [2016-08-16 159936]
S3 WinUsb;Acer USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [2020-09-30 483432]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\Antivirus\sched.exe [2020-09-30 483432]
R2 Avira.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [2020-11-20 636592]
R2 AviraOptimizerHost;Avira Optimizer Host; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2020-06-03 2988544]
R2 AviraPhantomVPN;Avira Phantom VPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [2020-12-01 384360]
R2 AviraUpdaterService;Avira Updater Service; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [2020-12-16 161072]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EsgShKernel;SpyHunter 5 Kernel; C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe [2020-12-20 12887096]
R2 ShMonitor;SpyHunter 5 Kernel Monitor; C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe [2020-12-20 526904]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [2020-09-30 1205960]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [2020-10-17 573960]
S2 AviraSecurity;Avira Security; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [2020-12-14 245904]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2019-03-28 132792]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2019-03-28 158912]
S2 edgeupdate;Služba Microsoft Edge Update (edgeupdate); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-26 224152]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2020-12-20 155592]
S2 SAntivirusIC;SAntivirusIC; C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusIC.exe -service []
S2 SAntivirusSvc;SAntivirusSvc; C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusService.exe [2020-12-20 628032]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2019-03-28 54912]
S3 edgeupdatem;Služba Microsoft Edge Update (edgeupdatem); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-26 224152]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2014-03-31 1512640]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\elevation_service.exe [2020-12-02 1426928]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2020-12-20 155592]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2019-12-17 116224]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MicrosoftEdgeElevationService;Microsoft Edge Elevation Service (MicrosoftEdgeElevationService); C:\Program Files (x86)\Microsoft\Edge\Application\83.0.478.50\elevation_service.exe [2020-06-12 1507216]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2017-06-27 1255736]
S3 WiaRpc;@%SystemRoot%\system32\wiarpc.dll,-2; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S4 AdAppMgrSvc;Autodesk Application Manager Service; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [2016-02-24 1145928]
S4 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2016-11-14 1163712]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
S4 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2016-11-14 1879488]
S4 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2016-11-14 3632576]
S4 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-11-14 2521024]
S4 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2016-11-14 932728]
S4 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2018-01-28 66872]
S4 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2018-11-26 1684256]
S4 WPSService20;WPS2.0 HW PBC Service; C:\Program Files (x86)\Edimax\Edimax AC600 Wireless LAN Driver\WPSService20.exe [2013-05-15 96768]

-----------------EOF-----------------

[Conder]

Ahoj

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

• Uloz na plochu a ukonci vsetky programy
• Spusti AdwCleaner ako spravca
• Odsuhlas licencne podmienky
• Klikni na Spustit skenovani a pockaj na dokoncenie
• V pripade nalezov nechaj vsetky nalezy oznacene a klikni na Karantena (ak nie su ziadne nalezy, tak na Spustit zakladni opravu)
• V pripade, ze sa detekuje aj "predinstalovany software", tieto programy mozes, ale nemusis zmazat (toto nie su skodlive programy, ale iba zbytocnosti)
• Potvrd vyzvu, pockaj na dokoncenie a potvrd restartovanie PC
• Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
• Otvori sa log, jeho obsah skopiruj a vloz do dalsej odpovede

[Isoldy]

# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2020-12-21.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-21-2020
# Duration: 00:00:04
# OS: Windows 7 Home Premium
# Cleaned: 28
# Failed: 5


***** [ Services ] *****

Deleted SAntivirusIC
Deleted SAntivirusSvc

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Digital Communications
Deleted C:\Program Files (x86)\SlimDrivers
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimDrivers
Deleted C:\ProgramData\SlimWare Utilities, Inc
Deleted C:\Users\Wagras\AppData\Roaming\santivirusclient
Not Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAntivirus
Not Deleted C:\ProgramData\SAntivirus

***** [ Files ] *****

Deleted C:\Users\Public\Desktop\SlimDrivers.lnk
Deleted C:\Users\Wagras\AppData\Local\Google\Chrome\User Data\Default\LOCAL STORAGE\HTTP_EASYPDFCOMBINE.DL.MYWAY.COM_0.LOCALSTORAGE
Deleted C:\Users\Wagras\AppData\Local\Google\Chrome\User Data\Default\LOCAL STORAGE\HTTP_EASYPDFCOMBINE.DL.MYWAY.COM_0.LOCALSTORAGE-JOURNAL
Deleted C:\Users\Wagras\AppData\Local\Google\Chrome\User Data\Default\LOCAL STORAGE\HTTP_EASYPDFCOMBINE.DL.TB.ASK.COM_0.LOCALSTORAGE
Deleted C:\Users\Wagras\AppData\Local\Google\Chrome\User Data\Default\LOCAL STORAGE\HTTP_EASYPDFCOMBINE.DL.TB.ASK.COM_0.LOCALSTORAGE-JOURNAL
Deleted C:\Windows\System32\drivers\swdumon.sys

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\csastats
Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.exe
Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.vshost.exe
Deleted HKLM\SOFTWARE\Microsoft\Windows\SAntivirus
Deleted HKLM\Software\Classes\Installer\Features\952BA647474611149866C1269F6A0E36
Deleted HKLM\Software\Classes\Installer\Products\952BA647474611149866C1269F6A0E36
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\952BA647474611149866C1269F6A0E36
Deleted HKLM\Software\Wow6432Node\SAntivirusProduct
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.exe
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.vshost.exe
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\SAntivirus
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{746AB259-6474-4111-8966-1C62F9A6E063}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\SAntivirus
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\SAntivirusSvc
Not Deleted HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{746AB259-6474-4111-8966-1C62F9A6E063}|Publisher
Not Deleted HKLM\Software\SAntivirus
Not Deleted HKLM\Software\Wow6432Node\SAntivirus

***** [ Chromium (and derivatives) ] *****

Deleted Avira SafeSearch Plus - ipmkfpcnmccejididiaagpgchgjfajgp

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [4694 octets] - [21/12/2020 23:56:01]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

[Conder]

Poprosim o obidva logy z FRST (FRST.txt a Addition.txt) podla tohto navodu: https://forum.viry.cz/viewtopic.php?f=13&t=154679

[Isoldy]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2020
Ran by Wagras (administrator) on WAGRAS-PC (TOSHIBA Satellite A500) (03-01-2021 23:12:48)
Running from C:\Users\Wagras\Desktop
Loaded Profiles: Wagras
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: Opera
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.WebAppHost.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <24>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files\Java\jre1.8.0_131\bin\javaw.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [705728 2020-11-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1827294492-593935411-3334344351-1000\...\Run: [] => [X]
HKU\S-1-5-21-1827294492-593935411-3334344351-1000\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Wagras\AppData\Local\Microsoft\Teams\Update.exe [2452664 2020-11-21] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1827294492-593935411-3334344351-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32414392 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1827294492-593935411-3334344351-1000\...\MountPoints2: {6d32591a-3df0-11e8-a514-705ab685adf2} - G:\NokiaPCIA_Autorun.exe
HKU\S-1-5-21-1827294492-593935411-3334344351-1000\...\Winlogon: [Shell] C:\Windows\explorer.exe [3229696 2016-08-29] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-20] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2A9A2D00-CDEF-4FCB-90EB-34D7DDA69F24} - System32\Tasks\Opera scheduled Autoupdate 1557436489 => C:\Users\Wagras\AppData\Local\Programs\Opera\launcher.exe [1776664 2020-12-16] (Opera Software AS -> Opera Software)
Task: {2CB6923D-6B3A-4375-8CFC-A793E8BECF04} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2649200 2020-09-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {53B5021B-F0AC-4977-947A-177C6E034582} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-20] (Google LLC -> Google LLC)
Task: {796F76A5-CE41-4B3F-9AC8-1BD9B56EADFD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-20] (Google LLC -> Google LLC)
Task: {7C041C69-A807-4235-B8AB-D4413B5AB131} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A4F7DCB6-C424-4A04-BCAF-A43BD2947E23} - \{5E2E9D3F-D0F2-4F46-A60D-16FE57EBC6AE} -> No File <==== ATTENTION
Task: {B2089BC4-6328-477C-971C-AE235B8A1A6D} - System32\Tasks\Opera scheduled assistant Autoupdate 1564478116 => C:\Users\Wagras\AppData\Local\Programs\Opera\launcher.exe [1776664 2020-12-16] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Wagras\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {C227A926-BE21-4F17-B195-DF8B5098D44A} - \SidebarExecute -> No File <==== ATTENTION
Task: {C22C550F-80B6-40A6-AF2E-33E961EB72F5} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [29934096 2020-12-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {F85AF9C0-8F94-4782-A7F1-2AC0DB37AB7F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1E363CEF-004E-4AF4-8CC6-C632D06B2AE9}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{51FBD26A-559F-4947-99B7-498D8DB97EA4}: [DhcpNameServer] 192.168.137.1
Tcpip\..\Interfaces\{F9FB262E-84F0-4412-9787-B01B02540124}: [DhcpNameServer] 192.168.1.1

Edge:
======
Edge Profile: C:\Users\Wagras\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-20]

FireFox:
========
FF ProfilePath: C:\Users\Wagras\AppData\Roaming\Mozilla\Firefox\Profiles\vtLrjii9.default [2019-05-09]
FF Extension: (Avira Browser Safety) - C:\Users\Wagras\AppData\Roaming\Mozilla\Firefox\Profiles\vtLrjii9.default\Extensions\abs@avira.com [2019-05-09]
FF Extension: (Avira Password Manager) - C:\Users\Wagras\AppData\Roaming\Mozilla\Firefox\Profiles\vtLrjii9.default\Extensions\passwordmanager@avira.com [2019-05-09]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-02-06] (Adobe Systems Incorporated -> )
FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-07-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-07-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-06] (Adobe Systems Incorporated -> )
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\Wagras\AppData\Local\Google\Chrome\User Data\Default [2021-01-03]
CHR HomePage: Default -> hxxp://www.topgear4fan.cz/topgearoriginal/bolivijsky-special/
CHR StartupUrls: Default -> "hxxp://www.armadninoviny.cz/"
CHR NewTab: Default -> Not-active:"chrome-extension://cgdjalgfmoekbjoemgjafnlnalnnjgih/newtab.html"
CHR Extension: (Prezentace) - C:\Users\Wagras\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-17]
CHR Extension: (Dokumenty) - C:\Users\Wagras\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-17]
CHR Extension: (Disk Google) - C:\Users\Wagras\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-23]
CHR Extension: (Zhasnout světla) - C:\Users\Wagras\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2020-12-20]
CHR Extension: (YouTube) - C:\Users\Wagras\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-27]
CHR Extension: (Clear) - C:\Users\Wagras\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgdjalgfmoekbjoemgjafnlnalnnjgih [2017-11-01]
CHR Extension: (Tabulky) - C:\Users\Wagras\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-17]
CHR Extension: (Avira Browser Safety) - C:\Users\Wagras\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2020-12-06]
CHR Extension: (Dokumenty Google offline) - C:\Users\Wagras\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-12-06]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Wagras\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-12-20]
CHR Extension: (The West) - C:\Users\Wagras\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilkgeioneoemibpddeiamfgiofnpjifm [2017-06-27]
CHR Extension: (Avira SafeSearch Plus) - C:\Users\Wagras\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp [2020-12-22]
CHR Extension: (Numerics Calculator & Converter) - C:\Users\Wagras\AppData\Local\Google\Chrome\User Data\Default\Extensions\liglcienpnkhdajdfmnpbgmpjglonipe [2017-06-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Wagras\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Late Night) - C:\Users\Wagras\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgbdhkpacgdhfabeceekiafonfkipohm [2017-11-01]
CHR Extension: (Gmail) - C:\Users\Wagras\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\Wagras\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-08]
CHR Extension: (Merk.cz) - C:\Users\Wagras\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmhpdlmhembafjlpohanpgkpmnpanbcd [2020-01-24]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp]

Opera:
=======
OPR Extension: (Avira Safe Shopping) - C:\Users\Wagras\AppData\Roaming\Opera Software\Opera Stable\Extensions\dalelnnofafalcmkmnhdbigbjjkloabo [2020-12-08]
OPR Extension: (Rich Hints Agent) - C:\Users\Wagras\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2020-11-24]
OPR Extension: (Avira Password Manager) - C:\Users\Wagras\AppData\Roaming\Opera Software\Opera Stable\Extensions\ngohaaocccbohaffogpbgfpmpgbcgccg [2020-12-08]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1145928 2016-02-24] (Autodesk, Inc -> Autodesk Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1205960 2020-09-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [483432 2020-09-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [483432 2020-09-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [573960 2020-10-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [636592 2020-11-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2988544 2020-06-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [384360 2020-12-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [245904 2020-12-14] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [161072 2020-12-16] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 EsgShKernel; C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe [12887096 2020-12-20] (EnigmaSoft Limited -> EnigmaSoft Limited)
S4 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2018-01-28] (Even Balance, Inc. -> )
R2 ShMonitor; C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe [526904 2020-12-20] (EnigmaSoft Limited -> EnigmaSoft Limited)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292480 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
S4 WPSService20; C:\Program Files (x86)\Edimax\Edimax AC600 Wireless LAN Driver\WPSService20.exe [96768 2013-05-15] () [File not signed]
S2 SAntivirusIC; C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusIC.exe -service [X] <==== ATTENTION
S2 SAntivirusSvc; C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusService.exe [X] <==== ATTENTION

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2017-07-05] (Tages SA -> )
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [68152 2019-06-14] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [222200 2020-11-16] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [178720 2020-05-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36072 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [35376 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 blackberryncm; C:\Windows\System32\DRIVERS\blackberryncm6_AMD64.sys [25088 2014-09-08] (BlackBerry) [File not signed]
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2017-07-05] (Disc Soft Ltd -> Disc Soft Ltd)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2017-07-05] (DT Soft Ltd -> DT Soft Ltd)
R3 EnigmaFileMonDriver; C:\Windows\system32\Drivers\EnigmaFileMonDriver.sys [76744 2020-12-22] (EnigmaSoft Limited -> EnigmaSoft Limited)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2017-07-05] (Tages SA -> )
R3 phantomtap; C:\Windows\System32\DRIVERS\phantomtap.sys [35664 2017-10-25] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
S3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [18432 2015-03-19] (BlackBerry Limited) [File not signed]
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Microsoft Windows Hardware Compatibility Publisher -> Research in Motion Ltd)
S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [2943192 2013-07-04] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64_prewin8.sys [31920 2018-02-26] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X]
S3 SWDUMon; system32\DRIVERS\SWDUMon.sys [X]
S1 TASANTIVIRUSKD; \??\C:\Program Files (x86)\Digital Communications\SAntivirus\TASAntivirusKD.sys [X] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-03 23:12 - 2021-01-03 23:14 - 000020492 _____ C:\Users\Wagras\Desktop\FRST.txt
2021-01-03 23:11 - 2021-01-03 23:13 - 000000000 ____D C:\FRST
2021-01-03 23:11 - 2021-01-03 23:11 - 101449411 _____ C:\Users\Wagras\Downloads\Czech Home Orgy 10.mp4.9127277073060808686.part
2021-01-03 22:50 - 2021-01-03 22:50 - 002286592 _____ (Farbar) C:\Users\Wagras\Downloads\FRST64 (1).exe
2021-01-03 22:50 - 2021-01-03 22:50 - 002286592 _____ (Farbar) C:\Users\Wagras\Desktop\FRST64.exe
2021-01-03 00:13 - 2021-01-03 00:13 - 000001019 _____ C:\Users\Wagras\Desktop\GameRanger (2).lnk
2020-12-30 06:20 - 2020-12-30 06:22 - 023334950 _____ C:\Users\Wagras\Downloads\sex na hotelu Andrea.mp4
2020-12-30 01:04 - 2020-12-30 01:04 - 000117563 _____ C:\Users\Wagras\Downloads\e_502_eanosII_tl_zm4 (2).pdf
2020-12-30 00:46 - 2020-12-30 00:46 - 000295384 _____ C:\Users\Wagras\Downloads\k_301_kils12_tl_zm6 (1).pdf
2020-12-30 00:33 - 2020-12-30 00:33 - 000152669 _____ C:\Users\Wagras\Downloads\r_301_res51_tl_zm2.pdf
2020-12-29 23:56 - 2020-12-29 23:56 - 000117563 _____ C:\Users\Wagras\Downloads\e_502_eanosII_tl_zm4 (1).pdf
2020-12-29 23:28 - 2020-12-29 23:29 - 001203943 _____ C:\Users\Wagras\Downloads\reidinger_13442_ seminární práce M_LGS.pdf
2020-12-29 19:25 - 2020-12-29 19:25 - 000038735 _____ C:\Users\Wagras\Downloads\F_1329124820.pdf
2020-12-29 19:09 - 2020-12-29 19:09 - 000003664 _____ C:\Windows\system32\Tasks\AviraSystemSpeedupUpdate
2020-12-29 03:49 - 2020-12-29 03:49 - 001417947 _____ C:\Users\Wagras\Downloads\lachmanova-zora-2007.pdf
2020-12-29 03:22 - 2020-12-29 03:22 - 000117563 _____ C:\Users\Wagras\Downloads\e_502_eanosII_tl_zm4.pdf
2020-12-29 03:20 - 2020-12-29 03:20 - 000704959 _____ C:\Users\Wagras\Downloads\f_620_faccpps_foto.pdf
2020-12-29 03:11 - 2020-12-29 03:11 - 000566617 _____ C:\Users\Wagras\Downloads\k_301_kils12_foto.pdf
2020-12-29 03:11 - 2020-12-29 03:11 - 000295384 _____ C:\Users\Wagras\Downloads\k_301_kils12_tl_zm6.pdf
2020-12-29 02:46 - 2020-12-29 02:46 - 002180528 _____ C:\Users\Wagras\Downloads\Příloha č 1 technická specifikace.pdf
2020-12-28 23:30 - 2020-12-28 23:30 - 011390222 _____ C:\Users\Wagras\Downloads\Chvostova+disertacni+prace.pdf
2020-12-28 23:29 - 2020-12-28 23:29 - 020065873 _____ C:\Users\Wagras\Downloads\StechV_StanoveniVlivu_BC_2019.pdf
2020-12-28 02:34 - 2020-12-28 02:34 - 000746278 _____ C:\Users\Wagras\Downloads\VY_32_INOVACE_04102dum (1).pdf
2020-12-28 02:33 - 2020-12-28 02:33 - 000746278 _____ C:\Users\Wagras\Downloads\VY_32_INOVACE_04102dum.pdf
2020-12-25 03:42 - 2020-12-25 03:42 - 000001667 _____ C:\Users\Wagras\Desktop\Rust Legacy.lnk
2020-12-25 03:42 - 2020-12-25 03:42 - 000000000 ____D C:\Users\Wagras\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rusted.cz
2020-12-25 03:40 - 2020-12-25 03:41 - 527408769 _____ (Rusted.cz ) C:\Users\Wagras\Downloads\Rust Legacy 1.9.8.exe
2020-12-22 07:50 - 2020-12-22 07:50 - 000003292 _____ C:\Windows\system32\Tasks\Avira_Antivirus_Systray
2020-12-22 00:16 - 2020-12-22 00:16 - 008447152 _____ (Malwarebytes) C:\Users\Wagras\Downloads\adwcleaner_8.0.8 (1).exe
2020-12-21 23:55 - 2020-12-21 23:56 - 000000000 ____D C:\AdwCleaner
2020-12-21 23:55 - 2020-12-21 23:54 - 008447152 _____ (Malwarebytes) C:\Users\Wagras\Desktop\adwcleaner_8.0.8.exe
2020-12-21 23:54 - 2020-12-21 23:54 - 008447152 _____ (Malwarebytes) C:\Users\Wagras\Downloads\adwcleaner_8.0.8.exe
2020-12-21 23:03 - 2020-12-21 23:09 - 000000000 ____D C:\Program Files\trend micro
2020-12-21 23:03 - 2020-12-21 23:03 - 001222144 _____ C:\Users\Wagras\Desktop\RSITx64.exe
2020-12-21 23:03 - 2020-12-21 23:03 - 000000000 ____D C:\rsit
2020-12-21 09:04 - 2020-12-21 09:05 - 000615224 _____ C:\Windows\Minidump\122120-33259-01.dmp
2020-12-21 09:04 - 2020-12-21 09:04 - 920376116 _____ C:\Windows\MEMORY.DMP
2020-12-20 21:58 - 2020-12-20 21:58 - 000925184 _____ C:\Users\Wagras\Downloads\OV_T3 (3).ppt
2020-12-20 20:20 - 2020-12-20 20:21 - 001138688 _____ C:\Users\Wagras\Downloads\OV_T1.ppt
2020-12-20 20:20 - 2020-12-20 20:20 - 001776444 _____ C:\Users\Wagras\Downloads\zaverecna_prace (8).pdf
2020-12-20 20:20 - 2020-12-20 20:20 - 001776444 _____ C:\Users\Wagras\Downloads\zaverecna_prace (7).pdf
2020-12-20 20:04 - 2020-12-20 20:04 - 001675446 _____ C:\Users\Wagras\Downloads\DPTX_2008_1_11320_NSZZ016_268491_0_48782.pdf
2020-12-20 19:51 - 2020-12-20 19:51 - 002405880 _____ (Opera Software) C:\Users\Wagras\Downloads\OperaSetup.exe
2020-12-20 19:51 - 2020-12-20 19:51 - 000004304 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1564478116
2020-12-20 19:51 - 2020-12-20 19:51 - 000004068 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1557436489
2020-12-20 19:51 - 2020-12-20 19:51 - 000001287 _____ C:\Users\Wagras\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2020-12-20 19:21 - 2020-12-20 19:21 - 005869559 _____ C:\Users\Wagras\Downloads\LiPS-1.11.1.zip
2020-12-20 13:46 - 2020-12-22 00:02 - 000076744 _____ (EnigmaSoft Limited) C:\Windows\system32\Drivers\EnigmaFileMonDriver.sys
2020-12-20 13:46 - 2020-12-21 15:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EnigmaSoft
2020-12-20 13:46 - 2020-12-21 15:38 - 000000000 ____D C:\ProgramData\EnigmaSoft Limited
2020-12-20 13:46 - 2020-12-20 13:46 - 000000970 _____ C:\Users\Public\Desktop\SpyHunter5.lnk
2020-12-20 13:46 - 2020-12-20 13:46 - 000000970 _____ C:\ProgramData\Desktop\SpyHunter5.lnk
2020-12-20 13:46 - 2020-12-20 13:46 - 000000000 ____D C:\sh5ldr
2020-12-20 13:45 - 2020-12-20 13:45 - 000000000 ____D C:\Program Files\EnigmaSoft
2020-12-20 13:44 - 2020-12-20 13:45 - 006565432 _____ (EnigmaSoft Limited) C:\Users\Wagras\Downloads\SpyHunter-Installer.exe
2020-12-20 13:40 - 2020-12-20 13:40 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-12-20 13:40 - 2020-12-20 13:40 - 000002812 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-12-20 13:40 - 2020-12-20 13:40 - 000000782 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-12-20 13:40 - 2020-12-20 13:40 - 000000782 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-12-20 13:39 - 2020-12-20 13:39 - 030536752 _____ (Piriform Software Ltd) C:\Users\Wagras\Downloads\ccsetup575.exe
2020-12-20 13:33 - 2020-12-20 13:33 - 000002255 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-12-20 13:33 - 2020-12-20 13:33 - 000002255 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-12-20 13:32 - 2020-12-20 13:32 - 000003386 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-12-20 13:32 - 2020-12-20 13:32 - 000003258 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-12-20 13:22 - 2020-12-21 15:38 - 000000000 ____D C:\Windows\ABR
2020-12-20 13:15 - 2020-12-21 15:38 - 000000000 ____D C:\Users\Wagras\Downloads\HiJackThis
2020-12-20 13:14 - 2020-12-20 13:14 - 002045714 _____ C:\Users\Wagras\Downloads\HiJackThis.zip
2020-12-20 04:44 - 2020-12-20 04:44 - 000250880 _____ C:\Users\Wagras\Downloads\EDP_P2_Výrobní kapacita.ppt
2020-12-20 04:28 - 2020-12-20 04:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAntivirus
2020-12-20 04:27 - 2020-12-20 13:24 - 000000000 ____D C:\ProgramData\Avast Software
2020-12-20 04:27 - 2020-12-20 04:29 - 000000000 ____D C:\ProgramData\SAntivirus
2020-12-20 04:26 - 2020-12-20 04:26 - 000016438 _____ C:\Users\Wagras\AppData\Local\partner.bmp
2020-12-20 04:25 - 2020-12-20 04:34 - 000000000 ____D C:\Program Files (x86)\SansevieriaFuturekzbSolution
2020-12-20 04:22 - 2020-12-20 04:26 - 000000000 ____D C:\Users\Wagras\AppData\Roaming\SantolinaFutureSolution
2020-12-20 04:22 - 2020-12-20 04:23 - 000000000 ____D C:\Program Files (x86)\SansevieriaFuturetvoSolution
2020-12-20 00:46 - 2020-12-20 00:46 - 000027136 _____ C:\Users\Wagras\Downloads\resitel.xls
2020-12-20 00:43 - 2020-12-20 00:43 - 000925184 _____ C:\Users\Wagras\Downloads\OV_T3 (2).ppt
2020-12-19 22:03 - 2020-12-19 22:03 - 000925184 _____ C:\Users\Wagras\Downloads\OV_T3 (1).ppt
2020-12-19 22:02 - 2020-12-19 22:02 - 000925184 _____ C:\Users\Wagras\Downloads\OV_T3.ppt
2020-12-19 21:58 - 2020-12-19 21:58 - 001776444 _____ C:\Users\Wagras\Downloads\zaverecna_prace (6).pdf
2020-12-14 21:00 - 2020-12-14 21:00 - 001776444 _____ C:\Users\Wagras\Downloads\zaverecna_prace (5).pdf
2020-12-14 20:59 - 2020-12-14 20:59 - 001776444 _____ C:\Users\Wagras\Downloads\zaverecna_prace (4).pdf
2020-12-14 20:46 - 2020-12-14 20:46 - 001776444 _____ C:\Users\Wagras\Downloads\zaverecna_prace (3).pdf
2020-12-12 00:43 - 2020-12-12 00:43 - 001190309 _____ C:\Users\Wagras\Downloads\Optimalni_pracovni_prostredi.pdf
2020-12-12 00:37 - 2020-12-12 00:37 - 000376081 _____ C:\Users\Wagras\Downloads\management-podniku-a-zivotni-prostredi.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-03 21:34 - 2009-07-14 05:45 - 000032640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-01-03 21:34 - 2009-07-14 05:45 - 000032640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-01-03 15:35 - 2017-07-03 21:28 - 000000000 ____D C:\Users\Wagras\AppData\Roaming\vlc
2021-01-03 14:47 - 2017-06-27 12:52 - 000000000 ____D C:\Program Files\CCleaner
2021-01-03 03:11 - 2017-06-27 17:39 - 000000000 ____D C:\Users\Wagras\AppData\Roaming\TS3Client
2021-01-02 00:21 - 2017-12-28 19:10 - 000000000 ____D C:\Users\Wagras\Desktop\Call of Duty 2
2020-12-30 06:33 - 2011-04-12 09:34 - 000668890 _____ C:\Windows\system32\perfh005.dat
2020-12-30 06:33 - 2011-04-12 09:34 - 000141518 _____ C:\Windows\system32\perfc005.dat
2020-12-30 06:33 - 2009-07-14 06:13 - 001583642 _____ C:\Windows\system32\PerfStringBackup.INI
2020-12-30 06:33 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2020-12-30 06:23 - 2017-07-03 21:28 - 000000831 _____ C:\Users\Public\Desktop\VLC media player.lnk
2020-12-30 06:23 - 2017-07-03 21:28 - 000000831 _____ C:\ProgramData\Desktop\VLC media player.lnk
2020-12-28 04:59 - 2017-06-27 17:39 - 000000000 ____D C:\Program Files\TeamSpeak 3 Client
2020-12-25 03:46 - 2017-06-27 13:06 - 000000000 ____D C:\ProgramData\Package Cache
2020-12-25 03:44 - 2017-09-25 22:09 - 000000000 ____D C:\Users\Wagras\AppData\Local\CrashDumps
2020-12-21 23:57 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-12-21 15:38 - 2020-03-06 15:59 - 000000000 ____D C:\Users\Public\Security Sessions
2020-12-21 15:38 - 2019-05-09 22:11 - 000000000 ____D C:\Users\Public\PrivacyPal Sessions
2020-12-21 15:38 - 2018-03-27 03:34 - 000000000 ____D C:\Users\Public\Speedup Sessions
2020-12-21 15:38 - 2017-12-11 03:51 - 000000000 ____D C:\Users\Wagras\AppData\Local\Avira
2020-12-21 15:38 - 2017-10-19 19:50 - 000000000 ____D C:\Windows\Minidump
2020-12-21 15:38 - 2017-07-16 21:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2020-12-21 15:38 - 2017-07-16 21:39 - 000000000 ____D C:\Users\Wagras\AppData\Local\Microsoft Help
2020-12-21 15:38 - 2017-06-29 02:27 - 000000000 ___SD C:\Windows\system32\CompatTel
2020-12-21 15:38 - 2017-06-27 12:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-12-21 15:38 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2020-12-21 15:38 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\registration
2020-12-20 13:50 - 2017-07-05 17:38 - 000000000 ____D C:\Users\Wagras\AppData\Roaming\DAEMON Tools Lite
2020-12-20 13:33 - 2017-06-27 12:27 - 000002296 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-12-20 13:22 - 2017-07-05 17:43 - 000000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2020-12-20 05:56 - 2020-10-21 12:48 - 000587136 _____ C:\Windows\system32\FNTCACHE.DAT
2020-12-20 04:37 - 2020-10-21 12:51 - 000174568 _____ C:\Users\Wagras\AppData\Local\GDIPFONTCACHEV1.DAT
2020-12-20 04:35 - 2017-09-09 15:18 - 000000000 ____D C:\ProgramData\McAfee
2020-12-18 09:57 - 2020-11-26 10:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2020-12-14 20:00 - 2020-07-05 20:09 - 000000000 ____D C:\Users\Wagras\AppData\Local\Windows Live

==================== Files in the root of some directories ========

2017-10-18 13:36 - 2017-10-18 13:36 - 000000288 _____ () C:\ProgramData\fontcacheev1.dat
2017-11-04 23:52 - 2017-11-04 23:58 - 000006144 _____ () C:\Users\Wagras\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-11-08 18:01 - 2017-11-08 18:01 - 000000000 ___SH () C:\Users\Wagras\AppData\Local\LumaEmu
2020-12-20 04:26 - 2020-12-20 04:26 - 000016438 _____ () C:\Users\Wagras\AppData\Local\partner.bmp

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2020-12-23 00:59
==================== End of FRST.txt ========================





Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2020
Ran by Wagras (03-01-2021 23:17:07)
Running from C:\Users\Wagras\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2017-06-27 11:19:46)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1827294492-593935411-3334344351-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-1827294492-593935411-3334344351-501 - Limited - Enabled)
Wagras (S-1-5-21-1827294492-593935411-3334344351-1000 - Administrator - Enabled) => C:\Users\Wagras

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {8EAC8D5C-B3AA-95AA-3DF1-2845CDD09CBE}
AS: Avira Antivirus (Enabled - Up to date) {35CD6CB8-9590-9A24-0741-1337B657D603}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

«The Sims 3 Deluxe Edition» (build 9.0) (HKLM-x32\...\«The Sims 3 Deluxe Edition»_is1) (Version: - R.G. Catalyst)
0.1.2.4 (HKLM-x32\...\Age of Mythology Extended Edition CZ_is1) (Version: - )
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-1827294492-593935411-3334344351-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Aktualizace NVIDIA 2.11.4.125 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.11.4.125 - NVIDIA Corporation) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Audacity 2.4.2 (HKLM-x32\...\Audacity_is1) (Version: 2.4.2 - Audacity Team)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 5.0.142.14 - Autodesk)
Autodesk Design Review 2013 (HKLM-x32\...\{153DB567-6FF3-49AD-AC4F-86F8A3CCFDFB}) (Version: 13.0.0.82 - Autodesk, Inc.) Hidden
Autodesk Design Review 2013 (HKLM-x32\...\Autodesk Design Review 2013) (Version: 13.0.0.82 - Autodesk, Inc.)
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2015 (HKLM-x32\...\{4FBC9635-AC56-4378-8FDE-C4D3ED072681}) (Version: 5.2.9.100 - Autodesk)
Autodesk Revit Interoperability for Inventor 2015 (HKLM\...\{0BB716E0-1500-0210-0000-097DC2F354DF}) (Version: 15.0.166.0 - Autodesk) Hidden
Autodesk Revit Interoperability for Inventor 2015 (HKLM\...\Autodesk Revit Interoperability for Inventor 2015) (Version: 15.0.166.0 - Autodesk)
Avira (HKLM-x32\...\{161e6084-b0f5-43e8-86d8-09eda5c0893d}) (Version: 1.2.153.30452 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{426D1710-5DFD-45E9-B11D-464792C5AD35}) (Version: 1.2.153.30452 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2012.2066 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.37.1.24458 - Avira Operations GmbH & Co. KG) Hidden
Avira Privacy Pal (HKLM-x32\...\{F2BC8305-DFBE-4C02-A906-9BBD8EE299A3}_is1) (Version: 2.2.0.1945 - Avira Operations GmbH & Co. KG)
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.0.42.14100 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version: - Avira Operations GmbH & Co. KG;)
Avira Software Updater (HKLM-x32\...\{9F45C615-6D95-47B5-BB0C-D78F6D15DE21}) (Version: 2.0.6.42639 - Avira Operations GmbH & Co. KG) Hidden
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.9.0.11050 - Avira Operations GmbH & Co. KG) Hidden
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
CCleaner (HKLM\...\CCleaner) (Version: 5.75 - Piriform)
Configurator 360 addin (HKLM-x32\...\{8FE324B0-B934-4D68-BAB5-DE2136036237}) (Version: 19.0.11300.9000 - Autodesk, Inc.)
ContentMod3.0 (HKLM-x32\...\ContentMod_3.0) (Version: - )
Crusader Kings II (HKLM-x32\...\Crusader Kings II_is1) (Version: - )
Crusader Kings II Holy Fury (HKLM-x32\...\Crusader Kings II Holy Fury_is1) (Version: - )
Crusader Kings II version 2.0.1 (HKLM-x32\...\{A30269D0-4F0B-44BB-A169-C665CA856EEC}}_is1) (Version: 2.0.1 - Paradox Interactive)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.40.2.0131 - DT Soft Ltd)
Eco Materials Adviser for Autodesk Inventor 2015 (64-bit) (HKLM\...\{2F7441CB-A646-41F1-B1CB-518AB311138B}) (Version: 5.3.8.0 - Granta Design Limited)
Edimax AC600 Wireless LAN Driver (HKLM-x32\...\{B63CCD1C-A133-4DF8-8306-DA0387231152}) (Version: 1.00.0205.2 - Edimax Technology Co.)
Euro Truck Simulator 2 Italia (HKLM-x32\...\Euro Truck Simulator 2 Italia_is1) (Version: - )
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GameRanger (HKU\S-1-5-21-1827294492-593935411-3334344351-1000\...\GameRanger) (Version: - GameRanger Technologies)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Gothic (HKLM-x32\...\Gothic) (Version: - )
Gothic 3 (HKLM-x32\...\Gothic 3_is1) (Version: - GOG.com)
Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mafia - Definitve Edition (HKLM-x32\...\{D383B15E-3CE1-4B7F-8E88-F93D39BB2E5C}_is1) (Version: - hangar 13)
Mafia (HKLM-x32\...\{C72D7008-266D-4DD8-BF3C-296B736127F6}) (Version: 1.02 - )
Medieval II Total War (HKLM-x32\...\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Americas (HKLM-x32\...\{75983B66-804C-40D1-BA13-64DAF652A6F1}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Britannia (HKLM-x32\...\{CEDDEE73-3D36-41C2-AA40-29355D9FBD63}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Crusades (HKLM-x32\...\{02A10468-2F1C-447C-AD8E-4DEDDEA25AE2}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Teutonic (HKLM-x32\...\{7AEE1963-7001-4C37-BC20-2FAEB74AA41C}) (Version: 1.03.000 - SEGA)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.50 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.129.37 - )
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0405-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1827294492-593935411-3334344351-1000\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1827294492-593935411-3334344351-1000\...\Teams) (Version: 1.3.00.28779 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.21.27702 (HKLM-x32\...\{49697869-be8e-427d-81a0-c334d1d14950}) (Version: 14.21.27702.2 - Microsoft Corporation)
Mockup 360 Addin 2015 (HKLM-x32\...\{E4D4242C-FC14-4B4F-B1D9-6760D8C241D5}) (Version: 1.1.0 - Autodesk)
Movavi Video Editor Plus 2020 (HKU\S-1-5-21-1827294492-593935411-3334344351-1000\...\Movavi Video Editor Plus 2020) (Version: 20.3.0 - Movavi)
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NEF Codec (HKLM-x32\...\{D6506521-0959-4FA3-875F-E2E28830B0D2}) (Version: 1.29.0 - Nikon Corporation)
Neighbours From Hell Compilation (HKLM-x32\...\{5C81E5B5-15C0-4196-8FEC-BE56FFAB9437}) (Version: 1.00.0000 - CD Projekt) Hidden
Neighbours From Hell Compilation (HKLM-x32\...\InstallShield_{5C81E5B5-15C0-4196-8FEC-BE56FFAB9437}) (Version: 1.00.0000 - CD Projekt)
Nokia PC Suite (HKLM-x32\...\{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}) (Version: 7.1.180.94 - Nokia) Hidden
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
NVIDIA GeForce Experience 2.11.4.125 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.125 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{FAAC26AD-73BA-40CE-86AA-C9213F9E064A}) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Opera Stable 73.0.3856.284 (HKU\S-1-5-21-1827294492-593935411-3334344351-1000\...\Opera 73.0.3856.284) (Version: 73.0.3856.284 - Opera Software)
Ovládací panel NVIDIA 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 342.01 - NVIDIA Corporation) Hidden
Patch 4.21 (HKLM-x32\...\{74A84478-70A5-4F7A-966C-FA2771FF91A5}_is1) (Version: - RUNEFORGE Games Studios)
Patch v4.17b Update (HKLM-x32\...\{THEGUILDREN-0010-2010-300520102330}_is1) (Version: - RUNEFORGE Games Studios)
Questpaket 4 Update 2 Deinstallation (HKLM-x32\...\G3QP231012008_is1) (Version: 4.2.0.0 - Humanforce)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7543 - Realtek Semiconductor Corp.)
Risen (HKLM-x32\...\{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}) (Version: 1.00.0000 - Deep Silver)
Rust Legacy Klient 1.9.8 (HKLM-x32\...\Rust Legacy Klient 1.9.8) (Version: 1.9.8 - Rusted.cz)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.4.125 - NVIDIA Corporation) Hidden
Skype verze 8.51 (HKLM-x32\...\Skype_is1) (Version: 8.51 - Skype Technologies S.A.)
Solid Edge ST10 (HKLM\...\{3D4C868F-5CCD-49F9-820C-DA31D714ABF6}) (Version: 110.00.00107 - Siemens)
SpyHunter 5 (HKLM-x32\...\SpyHunter5) (Version: 5.10.7.226 - EnigmaSoft Limited)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.4 - TeamSpeak Systems GmbH)
TES V Skyrim Legendary Edition (HKLM-x32\...\TES V Skyrim Legendary Edition1.9.32.0.8) (Version: 1.9.32.0.8 - Bethesda by Etnik_23)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Vegas Pro 13.0 (64-bit) (HKLM-x32\...\Vegas Pro 13.0 (64-bit)) (Version: 13.0 (64-bit) - Exµs ™)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Wi-Fi Scanner version 3.4.0.121 (HKLM-x32\...\Wi-Fi Scanner_is1) (Version: 3.4.0.121 - LizardSystems)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Wagras\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Wagras\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Wagras\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Wagras\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File
ContextMenuHandlers1: [Autodesk.DWF.ContextMenu] -> [CC]{6C18531F-CA85-45F7-8278-FF33CF0A5964} => -> No File
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-09-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-12-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-12-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-12-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-09-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6_S-1-5-21-1827294492-593935411-3334344351-1000: [InventorMenu] -> [CC]{6FDE7A70-351B-11d6-988B-0010B57A8BB7} => -> No File

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) =============

2020-03-20 04:32 - 2014-05-18 20:32 - 000200192 _____ (Java(TM) Native Access (JNA)) [File not signed] C:\Users\Wagras\Downloads\FreeRapid-0.9u4\FreeRapid-0.9u4\lib\jnidispatch64.dll
2019-03-27 22:48 - 2019-03-27 22:48 - 000115200 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
2012-06-26 12:08 - 2012-06-26 12:08 - 000026624 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
2012-06-26 10:57 - 2012-06-26 10:57 - 000918016 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\NGSCM.DLL
2012-06-26 10:58 - 2012-06-26 10:58 - 001262592 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\NGSCM64.DLL
2012-06-26 12:08 - 2012-06-26 12:08 - 000572928 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
2020-01-16 03:22 - 2020-01-16 03:22 - 000913920 _____ (ServiceStack) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_32\ServiceStack.Text\fb8b5ddcc0ad83257424f5a41accc8e3\ServiceStack.Text.ni.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Version 11) (Whitelisted) ==========

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2017-09-09 17:31 - 000000826 _____ C:\Windows\system32\drivers\etc\hosts

2017-09-21 11:40 - 2018-03-16 15:12 - 000000375 _____ C:\Windows\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared
HKU\S-1-5-21-1827294492-593935411-3334344351-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: AdAppMgrSvc => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 2
MSCONFIG\Services: BlackBerry Device Manager => 2
MSCONFIG\Services: EasyAntiCheat => 2
MSCONFIG\Services: FlexNet Licensing Service 64 => 2
MSCONFIG\Services: GfExperienceService => 2
MSCONFIG\Services: GoogleChromeElevationService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 2
MSCONFIG\Services: mitsijm2015 => 2
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamNetworkSvc => 2
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: PnkBstrA => 2
MSCONFIG\Services: RIM MDNS => 2
MSCONFIG\Services: RIM Tunnel Service => 2
MSCONFIG\Services: Steam Client Service => 2
MSCONFIG\Services: TunngleService => 2
MSCONFIG\Services: WPSService20 => 2

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{3703D1F5-F602-4947-94EF-1B50DD75652F}C:\users\wagras\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\wagras\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [UDP Query User{EAAC9CE5-C6A4-4AE6-BB5D-A12255EABB9C}C:\users\wagras\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\wagras\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [{DC994C9D-9AC1-4CCA-9106-43C5945E3300}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D9C55575-BDE3-45C4-9A0B-D021F1A8823D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C85AEE1C-DC2F-4A03-90B1-941B53AAB8F4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EBE1FC04-B0D3-4366-B0FC-13AF5B1C4C24}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0999D8CF-246B-4843-A43C-0103EE3EE0F4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DE9BDB82-DEEC-4271-B6BC-D78374044B38}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2B58E9A1-EE69-4886-93BB-B7D3547FD2D2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{6974C542-7BAB-4B97-95EB-56B2F7583964}C:\program files\java\jre1.8.0_131\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_131\bin\javaw.exe
FirewallRules: [UDP Query User{996C369E-6909-43ED-8D27-6EB852EF32DA}C:\program files\java\jre1.8.0_131\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_131\bin\javaw.exe
FirewallRules: [{DDCC6A65-9270-49D6-8C89-3EF4B973370F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{9E79AED6-E323-4B1F-AFB6-F4CFD502CD02}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{D6B214C8-D89C-4A52-9362-BE99BDB741BE}C:\program files (x86)\the guild 2 - renaissance\guildii.exe] => (Allow) C:\program files (x86)\the guild 2 - renaissance\guildii.exe (Runeforge Game Studio) [File not signed]
FirewallRules: [UDP Query User{D3A53AFD-C9C3-478A-B982-C14BEF62E1AD}C:\program files (x86)\the guild 2 - renaissance\guildii.exe] => (Allow) C:\program files (x86)\the guild 2 - renaissance\guildii.exe (Runeforge Game Studio) [File not signed]
FirewallRules: [{5758EB7F-6AB7-4CB2-B57E-B90E2FE23D7F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> EasyAntiCheat Ltd) [File not signed]
FirewallRules: [{64651CF4-EB15-464F-8F09-99C07539B13D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> EasyAntiCheat Ltd) [File not signed]
FirewallRules: [TCP Query User{C7F3FE4A-1BF6-4437-BA8C-162D198263C3}C:\users\wagras\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\wagras\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [UDP Query User{BD092A16-7E56-413E-937E-F8FBF99D029E}C:\users\wagras\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\wagras\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [TCP Query User{53B74939-7924-4A6D-93C0-E6579C950CDE}C:\users\wagras\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\wagras\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Technologies -> GameRanger Pty Ltd)
FirewallRules: [UDP Query User{AF9C38A2-05A9-4BC0-95D4-FD79E4FD445D}C:\users\wagras\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\wagras\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Technologies -> GameRanger Pty Ltd)
FirewallRules: [TCP Query User{26768898-5F8B-4031-8454-ADD5205A08AE}C:0\wagras\instalačky\games\warcraft iii 1.26\war3.exe] => (Block) C:0\wagras\instalačky\games\warcraft iii 1.26\war3.exe => No File
FirewallRules: [UDP Query User{191F395E-4724-478B-9D80-B0893308EE66}C:0\wagras\instalačky\games\warcraft iii 1.26\war3.exe] => (Block) C:0\wagras\instalačky\games\warcraft iii 1.26\war3.exe => No File
FirewallRules: [TCP Query User{1AD1A0DA-6139-4145-AC97-E968511B3F2E}C:1\wagras\instalačky\games\call of duty 2\cod2mp_s.exe] => (Allow) C:1\wagras\instalačky\games\call of duty 2\cod2mp_s.exe => No File
FirewallRules: [UDP Query User{3AC6E6D1-97EE-46C2-AD92-9E3F54531EEB}C:1\wagras\instalačky\games\call of duty 2\cod2mp_s.exe] => (Allow) C:1\wagras\instalačky\games\call of duty 2\cod2mp_s.exe => No File
FirewallRules: [TCP Query User{88F207A2-CEA3-4906-8139-23B930876536}C:4\wagras\instalačky\games\warcraft iii 1.26\war3.exe] => (Block) C:4\wagras\instalačky\games\warcraft iii 1.26\war3.exe => No File
FirewallRules: [UDP Query User{19C5A98A-F7EF-4DC0-9D52-7542A417F2B2}C:4\wagras\instalačky\games\warcraft iii 1.26\war3.exe] => (Block) C:4\wagras\instalačky\games\warcraft iii 1.26\war3.exe => No File
FirewallRules: [{9F143197-96D4-4163-800D-11A69F3FA7DE}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{1538248A-C302-4FC6-9EBC-EA2259B053E2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{EDD5BCB6-6B67-41E2-B4F0-953725BFA9B9}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{12AB0270-E603-41BB-AD31-E40F0714D842}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [TCP Query User{22E52456-2AD4-4B50-8A20-1E42BA4E1A04}C:\users\wagras\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\wagras\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Technologies -> GameRanger Pty Ltd)
FirewallRules: [UDP Query User{D07577CF-339C-4189-80E8-E206C0ECE5DF}C:\users\wagras\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\wagras\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Technologies -> GameRanger Pty Ltd)
FirewallRules: [TCP Query User{42D92E9C-853E-4D87-AA7D-B6A37178A16D}I:\nová složka\dragon age origins\bin_ship\daorigins.exe] => (Block) I:\nová složka\dragon age origins\bin_ship\daorigins.exe => No File
FirewallRules: [UDP Query User{AC1B0143-89C6-4F9A-9648-29960FA087F4}I:\nová složka\dragon age origins\bin_ship\daorigins.exe] => (Block) I:\nová složka\dragon age origins\bin_ship\daorigins.exe => No File
FirewallRules: [TCP Query User{5F9C6577-FE77-40CA-A4FA-42A13DCCEC05}I:\nová složka\dragon age origins\bin_ship\daorigins -enabledeveloperconsole.exe] => (Block) I:\nová složka\dragon age origins\bin_ship\daorigins -enabledeveloperconsole.exe => No File
FirewallRules: [UDP Query User{6EC9A6A4-89B7-43B6-822A-CB7DDA98D94F}I:\nová složka\dragon age origins\bin_ship\daorigins -enabledeveloperconsole.exe] => (Block) I:\nová složka\dragon age origins\bin_ship\daorigins -enabledeveloperconsole.exe => No File
FirewallRules: [TCP Query User{633DE226-9EBA-4666-A7B8-41B2E11DBB19}J:\wagras\instalačky\games\warcraft iii 1.26\war3.exe] => (Allow) J:\wagras\instalačky\games\warcraft iii 1.26\war3.exe => No File
FirewallRules: [UDP Query User{0B8261A8-35DA-46D8-87B3-68B9546FA653}J:\wagras\instalačky\games\warcraft iii 1.26\war3.exe] => (Allow) J:\wagras\instalačky\games\warcraft iii 1.26\war3.exe => No File
FirewallRules: [TCP Query User{88123CDD-BC65-4820-A16A-E2811ACE15F7}C:\users\wagras\desktop\call of duty 2\cod2mp_s.exe] => (Block) C:\users\wagras\desktop\call of duty 2\cod2mp_s.exe () [File not signed]
FirewallRules: [UDP Query User{9BB60564-E1C5-46BF-93EF-11854AF48E04}C:\users\wagras\desktop\call of duty 2\cod2mp_s.exe] => (Block) C:\users\wagras\desktop\call of duty 2\cod2mp_s.exe () [File not signed]
FirewallRules: [{39378DC2-9A79-4139-B17C-11F7870ACB4A}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E267B3EE-2BE2-4A88-B38A-EBB686C38118}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{71EC3276-4CD3-499A-A39E-D5A6E6D7E469}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{93B0A63D-E0D7-486E-A437-F64C8ABB6BAA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{1C4ADDF0-BA1D-424D-ACDD-2F3ED8E94D07}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{FC6F3A47-B01C-48DD-B881-6779CB671188}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{D8975B3B-F1F8-4A24-B26C-51CAA6DF7A32}] => (Allow) C:\Users\Wagras\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{945E3821-CC13-4436-85CA-B3661463DB56}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FB34F505-D5C9-4631-887A-FB2BBA2018EF}] => (Allow) LPort=2869
FirewallRules: [{D4B3E42C-A100-4E10-871C-6245450E41B0}] => (Allow) LPort=1900
FirewallRules: [{503AB9D5-D94D-44FB-85DA-5B5B5D3CEFA8}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{857DD4BE-820C-4036-9823-D219723F8FF5}C:\users\wagras\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\wagras\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{FDE8D103-5E5F-448C-9540-F0FD8DC010CB}C:\users\wagras\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\wagras\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{C34A4538-70B5-4272-BEC5-511DAE4A85AF}C:\users\wagras\appdata\local\programs\opera\72.0.3815.320\opera.exe] => (Block) C:\users\wagras\appdata\local\programs\opera\72.0.3815.320\opera.exe => No File
FirewallRules: [UDP Query User{F1EA54B8-72B9-42E4-9149-3F516202AC2E}C:\users\wagras\appdata\local\programs\opera\72.0.3815.320\opera.exe] => (Block) C:\users\wagras\appdata\local\programs\opera\72.0.3815.320\opera.exe => No File
FirewallRules: [{17B7E532-9D5B-4D24-B056-753F45E53B3E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{9D1419F9-E38E-4C04-9A3A-5C6651B1067E}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{00E7A617-5988-43A9-82DA-D75549A839E5}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{3C25D152-D0AC-4CCA-8A46-CC0C2DFC741B}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [TCP Query User{F7E9346B-E8A2-40D8-9E44-40A8FF598272}C:\users\wagras\appdata\local\programs\opera\73.0.3856.284\opera.exe] => (Block) C:\users\wagras\appdata\local\programs\opera\73.0.3856.284\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{0C359CAC-A180-4731-8406-A17807BAF416}C:\users\wagras\appdata\local\programs\opera\73.0.3856.284\opera.exe] => (Block) C:\users\wagras\appdata\local\programs\opera\73.0.3856.284\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [TCP Query User{5425B7E7-C207-42B5-BB05-D7EA32C9F9C4}G:\hry\warcraft iii 1.26\war3.exe] => (Allow) G:\hry\warcraft iii 1.26\war3.exe (Blizzard Entertainment) [File not signed]
FirewallRules: [UDP Query User{A5A2B371-010B-4F1B-A549-5B4E880F20D7}G:\hry\warcraft iii 1.26\war3.exe] => (Allow) G:\hry\warcraft iii 1.26\war3.exe (Blizzard Entertainment) [File not signed]
FirewallRules: [TCP Query User{0A1E986F-63D4-41AC-969A-A360201F892A}C:1\hry\warcraft iii 1.26\war3.exe] => (Block) C:1\hry\warcraft iii 1.26\war3.exe => No File
FirewallRules: [UDP Query User{B76AA4AD-C391-4373-B3FB-B5AAC5D81AD9}C:1\hry\warcraft iii 1.26\war3.exe] => (Block) C:1\hry\warcraft iii 1.26\war3.exe => No File
FirewallRules: [TCP Query User{F1F801F9-A993-4447-BB1D-E1210EE4B35A}C:3\hry\warcraft iii 1.26\war3.exe] => (Allow) C:3\hry\warcraft iii 1.26\war3.exe => No File
FirewallRules: [UDP Query User{3083EEFC-ACCD-45BE-814D-5E17DE3A7407}C:3\hry\warcraft iii 1.26\war3.exe] => (Allow) C:3\hry\warcraft iii 1.26\war3.exe => No File
FirewallRules: [TCP Query User{3AC3B654-3FBD-41A8-BBD4-08E86FD77AEE}C:4\hry\warcraft iii 1.26\war3.exe] => (Block) C:4\hry\warcraft iii 1.26\war3.exe => No File
FirewallRules: [UDP Query User{096ACAF1-1B25-4A60-8AE9-D84EE6DD9BC9}C:4\hry\warcraft iii 1.26\war3.exe] => (Block) C:4\hry\warcraft iii 1.26\war3.exe => No File

==================== Restore Points =========================

28-12-2020 00:52:09 Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.21.27702
28-12-2020 19:06:56 Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.21.27702
29-12-2020 02:18:09 Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.21.27702
29-12-2020 20:53:56 Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.21.27702
02-01-2021 20:07:45 Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.21.27702

==================== Faulty Device Manager Devices ============

Name: SAntivirus Kernel DriverTA
Description: SAntivirus Kernel DriverTA
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: TASANTIVIRUSKD
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Základní systémové zařízení
Description: Základní systémové zařízení
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Základní systémové zařízení
Description: Základní systémové zařízení
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Základní systémové zařízení
Description: Základní systémové zařízení
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (12/25/2020 03:44:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Loader.exe, verze: 1.0.0.0, časové razítko: 0x58fa519f
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x000007fe99171c2d
ID chybujícího procesu: 0x1b48
Čas spuštění chybující aplikace: 0x01d6da67b8a7ef4e
Cesta k chybující aplikaci: C:\Rusted.cz\Rust Legacy 1.9.8\Loader.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 167ca571-465b-11eb-9c00-705ab685adf2

Error: (12/25/2020 03:44:07 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: Loader.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.NullReferenceException
na ..(System.Object, System.IO.FileSystemEventArgs)
na System.IO.FileSystemWatcher.OnCreated(System.IO.FileSystemEventArgs)
na System.IO.FileSystemWatcher.CompletionStatusChanged(UInt32, UInt32, System.Threading.NativeOverlapped*)
na System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)

Error: (12/22/2020 12:01:55 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/21/2020 03:42:24 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: Během obnovení systému došlo k nespecifikované chybě: (Naplánovaný kontrolní bod). Další informace: 0x80070005.

Error: (12/21/2020 03:41:07 PM) (Source: PerfNet) (EventID: 2005) (User: )
Description: Nelze číst data o výkonu ze služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (12/21/2020 03:40:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/21/2020 03:40:01 PM) (Source: Service, Version=1.0.42.14100, Culture=neutral, PublicKeyToken=null) (EventID: 0) (User: )
Description: Failed to verify assemblies: Soubor C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe nebyl nalezen.

Error: (12/21/2020 03:31:39 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: Během obnovení systému došlo k nespecifikované chybě: (Naplánovaný kontrolní bod). Další informace: 0x80070005.


System errors:
=============
Error: (01/03/2021 03:33:24 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 80.

Error: (01/03/2021 03:29:26 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 80.

Error: (01/02/2021 08:11:10 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Instalační služba modulů systému Windows, ale tato akce selhala kvůli následující chybě:
Instance této služby je již spuštěna.

Error: (01/02/2021 08:09:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Instalační služba modulů systému Windows byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (01/02/2021 08:08:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Zasílání zpráv o chybách systému Windows byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (01/02/2021 01:36:45 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 80.

Error: (01/02/2021 01:33:59 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 80.

Error: (01/02/2021 01:33:32 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 80.


==================== Memory info ===========================

BIOS: TOSHIBA 1.60 03/02/10
Motherboard: TOSHIBA NSKAA
Processor: Intel(R) Core(TM) i5 CPU M 430 @ 2.27GHz
Percentage of memory in use: 88%
Total physical RAM: 8053.59 MB
Available physical RAM: 935 MB
Total Virtual: 16105.33 MB
Available Virtual: 7835.25 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.76 GB) (Free:31.15 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive g: (Filmy, hry, seriály) (Fixed) (Total:1862.98 GB) (Free:911.58 GB) NTFS


==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 3455F170)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 16F2A91F)

Partition: GPT.

==================== End of Addition.txt =======================

[Conder]

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start::
  CloseProcesses:
  CreateRestorePoint:
  
  PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
  Folder: C:\Program Files (x86)\Digital Communications
  Folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAntivirus
  Folder: C:\ProgramData\SAntivirus
  ExportKey: HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{746AB259-6474-4111-8966-1C62F9A6E063}
  DeleteKey: HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{746AB259-6474-4111-8966-1C62F9A6E063}
  DeleteKey: HKLM\Software\SAntivirus
  DeleteKey: HKLM\Software\Wow6432Node\SAntivirus
  
  HKLM\...\Run: [] => [X]
  HKLM-x32\...\Run: [] => [X]
  HKU\S-1-5-21-1827294492-593935411-3334344351-1000\...\Run: [] => [X]
  HKU\S-1-5-21-1827294492-593935411-3334344351-1000\...\MountPoints2: {6d32591a-3df0-11e8-a514-705ab685adf2} - G:\NokiaPCIA_Autorun.exe
  Task: {A4F7DCB6-C424-4A04-BCAF-A43BD2947E23} - \{5E2E9D3F-D0F2-4F46-A60D-16FE57EBC6AE} -> No File <==== ATTENTION
  Task: {C227A926-BE21-4F17-B195-DF8B5098D44A} - \SidebarExecute -> No File <==== ATTENTION
  FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
  FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
  S2 SAntivirusIC; C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusIC.exe -service [X] <==== ATTENTION
  S2 SAntivirusSvc; C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusService.exe [X] <==== ATTENTION
  S1 TASANTIVIRUSKD; \??\C:\Program Files (x86)\Digital Communications\SAntivirus\TASAntivirusKD.sys [X] <==== ATTENTION
  C:\Program Files (x86)\Digital Communications
  2020-12-21 23:03 - 2020-12-21 23:09 - 000000000 ____D C:\Program Files\trend micro
  2020-12-21 23:03 - 2020-12-21 23:03 - 001222144 _____ C:\Users\Wagras\Desktop\RSITx64.exe
  2020-12-21 23:03 - 2020-12-21 23:03 - 000000000 ____D C:\rsit
  2020-12-20 04:28 - 2020-12-20 04:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAntivirus
  2020-12-20 04:27 - 2020-12-20 04:29 - 000000000 ____D C:\ProgramData\SAntivirus
  SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File
  ContextMenuHandlers1: [Autodesk.DWF.ContextMenu] -> [CC]{6C18531F-CA85-45F7-8278-FF33CF0A5964} =>  -> No File
  ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} =>  -> No File
  ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> No File
  ContextMenuHandlers6: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} =>  -> No File
  ContextMenuHandlers6: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> No File
  ContextMenuHandlers6_S-1-5-21-1827294492-593935411-3334344351-1000: [InventorMenu] -> [CC]{6FDE7A70-351B-11d6-988B-0010B57A8BB7} =>  -> No File
  
  Hosts:
  EmptyTemp:
  End::

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah skopiruj a vloz do dalsej odpovede

[Isoldy]

Fix result of Farbar Recovery Scan Tool (x64) Version: 09-01-2021
Ran by Wagras (12-01-2021 20:20:25) Run:1
Running from C:\Users\Wagras\Desktop
Loaded Profiles: Wagras
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:
PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
Folder: C:\Program Files (x86)\Digital Communications
Folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAntivirus
Folder: C:\ProgramData\SAntivirus
ExportKey: HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{746AB259-6474-4111-8966-1C62F9A6E063}
DeleteKey: HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{746AB259-6474-4111-8966-1C62F9A6E063}
DeleteKey: HKLM\Software\SAntivirus
DeleteKey: HKLM\Software\Wow6432Node\SAntivirus
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1827294492-593935411-3334344351-1000\...\Run: [] => [X]
HKU\S-1-5-21-1827294492-593935411-3334344351-1000\...\MountPoints2: {6d32591a-3df0-11e8-a514-705ab685adf2} - G:\NokiaPCIA_Autorun.exe
Task: {A4F7DCB6-C424-4A04-BCAF-A43BD2947E23} - \{5E2E9D3F-D0F2-4F46-A60D-16FE57EBC6AE} -> No File <==== ATTENTION
Task: {C227A926-BE21-4F17-B195-DF8B5098D44A} - \SidebarExecute -> No File <==== ATTENTION
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
S2 SAntivirusIC; C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusIC.exe -service [X] <==== ATTENTION
S2 SAntivirusSvc; C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusService.exe [X] <==== ATTENTION
S1 TASANTIVIRUSKD; \??\C:\Program Files (x86)\Digital Communications\SAntivirus\TASAntivirusKD.sys [X] <==== ATTENTION
C:\Program Files (x86)\Digital Communications
2020-12-21 23:03 - 2020-12-21 23:09 - 000000000 ____D C:\Program Files\trend micro
2020-12-21 23:03 - 2020-12-21 23:03 - 001222144 _____ C:\Users\Wagras\Desktop\RSITx64.exe
2020-12-21 23:03 - 2020-12-21 23:03 - 000000000 ____D C:\rsit
2020-12-20 04:28 - 2020-12-20 04:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAntivirus
2020-12-20 04:27 - 2020-12-20 04:29 - 000000000 ____D C:\ProgramData\SAntivirus
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File
ContextMenuHandlers1: [Autodesk.DWF.ContextMenu] -> [CC]{6C18531F-CA85-45F7-8278-FF33CF0A5964} => -> No File
ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6_S-1-5-21-1827294492-593935411-3334344351-1000: [InventorMenu] -> [CC]{6FDE7A70-351B-11d6-988B-0010B57A8BB7} => -> No File
Hosts:
EmptyTemp:

*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 974
Average :
Sum : 25711034687
Maximum :
Minimum :
Property : Length


========= End of Powershell: =========


========================= Folder: C:\Program Files (x86)\Digital Communications ========================

not found.

====== End of Folder: ======


========================= Folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAntivirus ========================

2020-12-20 04:28 - 2020-12-20 04:28 - 000001256 ____N [0EDBA5760A7883EA0F548EE6128F4DF7] () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAntivirus\SAProduct.lnk

====== End of Folder: ======


========================= Folder: C:\ProgramData\SAntivirus ========================

2020-12-20 04:29 - 2020-12-20 04:29 - 038545266 ____A [7A4D3D95362FC8F6B808B7C45BBE94C4] () C:\ProgramData\SAntivirus\b.dat
2020-12-20 04:27 - 2020-12-20 14:40 - 000000000 ____D [00000000000000000000000000000000] () C:\ProgramData\SAntivirus\b
2016-02-04 01:04 - 2016-02-04 01:04 - 001008944 ____A [D09B4A4509907F75F506B996A5FF7554] (Microsoft Corporation) C:\ProgramData\SAntivirus\b\Microsoft.Diagnostics.Tracing.TraceEvent.dll
2020-05-18 16:50 - 2020-05-18 16:50 - 008032432 ____A [57A36C4DF755D1B29CE41878F54E74A4] ( ) C:\ProgramData\SAntivirus\b\Microsoft.mshtml.dll
2017-11-17 03:11 - 2017-11-17 03:11 - 000310784 ____A [1802E6DF96046CFEE62C63C4C8469A3E] (GitHub Community) C:\ProgramData\SAntivirus\b\Microsoft.Win32.TaskScheduler.dll
2020-05-18 16:50 - 2020-05-18 16:50 - 005602736 ____A [61C49D01BCAD16A7254EAA126234F818] (Reason Software Company Inc.) C:\ProgramData\SAntivirus\b\rsEngine.dll
2020-12-20 04:28 - 2020-12-20 04:28 - 000168880 ____A [57B1B942E0275B4236BEE507E8D280BF] (Reason Software Company Inc.) C:\ProgramData\SAntivirus\b\rsEngineHelper.exe
2019-07-03 02:27 - 2019-07-03 02:27 - 000000383 ____A [E3D5F62B7B28176A510484E465FA0F18] () C:\ProgramData\SAntivirus\b\rsEngineHelper.exe.config
2020-05-18 16:50 - 2020-05-18 16:50 - 000244504 ____A [917745C2C9555B8FDE306A9DE137A32A] (Reason Software Company Inc.) C:\ProgramData\SAntivirus\b\rsEngineSDK.dll
2020-12-20 04:28 - 2020-12-20 04:28 - 000000427 ____A [084EBA1074AA32E13673DDBBE794C818] () C:\ProgramData\SAntivirus\b\SAntivirusClient.exe.config
2020-12-20 04:28 - 2020-12-20 04:28 - 001074496 ____A [55037CCBEE56143592AAD2B55743BE22] (Сorp DCom ) C:\ProgramData\SAntivirus\b\SAntivirusEngine.dll
2020-12-20 04:28 - 2020-12-20 04:28 - 000628032 ____A [7C5EAAC8C756691C422027F7B3458759] (Сorp DCom) C:\ProgramData\SAntivirus\b\SAntivirusService.exe
2020-12-20 04:28 - 2020-12-20 04:28 - 000000427 ____A [084EBA1074AA32E13673DDBBE794C818] () C:\ProgramData\SAntivirus\b\SAntivirusService.exe.config
2020-12-20 04:28 - 2020-12-20 04:28 - 000187712 ____A [FCCF4D3C4E8EF9536FE3E3F38C5D1EA2] (Сorp DCom ) C:\ProgramData\SAntivirus\b\SAntivirusShell64_v102222.dll
2020-12-20 04:28 - 2020-12-20 04:28 - 000157504 ____A [11C0AADC5B58B0131F310E222B24B8CB] (Сorp DCom ) C:\ProgramData\SAntivirus\b\SAntivirusShell86_v102222.dll
2020-12-20 04:28 - 2020-12-20 04:28 - 001292096 ____A [68E5063409C638902698694F6B263751] (Сorp DCom) C:\ProgramData\SAntivirus\b\SAntivirusUninstaller.exe
2020-12-20 04:28 - 2020-12-20 04:28 - 000000427 ____A [084EBA1074AA32E13673DDBBE794C818] () C:\ProgramData\SAntivirus\b\SAntivirusUninstaller.exe.config
2012-04-15 10:35 - 2012-04-15 10:35 - 000387408 ____A [F5EE17938D7C545BF62AD955803661C7] (Microsoft Corporation) C:\ProgramData\SAntivirus\b\System.Threading.dll
2020-12-20 04:28 - 2020-12-20 04:28 - 000085480 ____A [754B8A2FED5982EB78148A88573B75A7] (Corp DCom ) C:\ProgramData\SAntivirus\b\TASAntivirusKD.sys
2020-12-20 04:28 - 2020-12-20 04:28 - 000034494 ____A [8932535C912974B87F0155F66B8A0A14] () C:\ProgramData\SAntivirus\b\uni.ico
2020-12-20 04:27 - 2020-12-20 04:28 - 000000000 ____D [00000000000000000000000000000000] () C:\ProgramData\SAntivirus\b\amd64
2016-02-04 01:04 - 2016-02-04 01:04 - 000223008 ____A [23FF4B3EADF12465E19F39B0C19C4361] (Microsoft Corporation) C:\ProgramData\SAntivirus\b\amd64\KernelTraceControl.dll
2016-02-04 01:04 - 2016-02-04 01:04 - 001380512 ____A [C241E5B86B651DA6E2B8FD9B07660635] (Microsoft Corporation) C:\ProgramData\SAntivirus\b\amd64\msdia140.dll
2020-12-20 04:28 - 2020-12-20 04:28 - 000000000 ____D [00000000000000000000000000000000] () C:\ProgramData\SAntivirus\b\x64
2019-07-03 02:27 - 2019-07-03 02:27 - 001646592 ____A [D520AF083B507C0300895B2B970A31E0] (Igor Pavlov) C:\ProgramData\SAntivirus\b\x64\7z64.dll
2019-07-03 02:27 - 2019-07-03 02:27 - 000375576 ____A [710437238AFD49535C6E8E68FED595FE] () C:\ProgramData\SAntivirus\b\x64\ext_x64.dll
2019-07-03 02:27 - 2019-07-03 02:27 - 000119064 ____A [3D92F66EE9E49CEDD6316F8FBBEEB3C8] () C:\ProgramData\SAntivirus\b\x64\lz4_x64.dll
2019-07-03 02:27 - 2019-07-03 02:27 - 000104216 ____A [A82484553DA1A7A4CE4F5EDA236B7207] (Reason Software Company Inc.) C:\ProgramData\SAntivirus\b\x64\rsEngineFW_x64.dll
2019-07-03 02:27 - 2019-07-03 02:27 - 000228120 ____A [15CF59AFCAFF08B12D37F2D7C9F6ED81] (Reason Software Company Inc.) C:\ProgramData\SAntivirus\b\x64\rsEnginePM_x64.dll
2019-07-03 02:27 - 2019-07-03 02:27 - 000821528 ____A [27236A42B9810C5DB8490693C158C838] () C:\ProgramData\SAntivirus\b\x64\rsLggrServer_x64.dll
2019-07-03 02:27 - 2019-07-03 02:27 - 001658136 ____A [E83262D8B431E2FE508BC4A113BAFF16] (Robert Simpson, et al.) C:\ProgramData\SAntivirus\b\x64\System.Data.SQLite.dll
2020-12-20 04:28 - 2020-12-20 04:28 - 000000000 ____D [00000000000000000000000000000000] () C:\ProgramData\SAntivirus\b\x86
2019-07-03 02:27 - 2019-07-03 02:27 - 001113088 ____A [A8F57D77BAC092272792730872A1D8F7] (Igor Pavlov) C:\ProgramData\SAntivirus\b\x86\7z86.dll
2019-07-03 02:27 - 2019-07-03 02:27 - 000280344 ____A [5627CE03CDA5546A942D264C76D6E49F] () C:\ProgramData\SAntivirus\b\x86\ext_x86.dll
2016-02-04 01:04 - 2016-02-04 01:04 - 000167200 ____A [D477038336C4F2F1D2AEE9536ABC4253] (Microsoft Corporation) C:\ProgramData\SAntivirus\b\x86\KernelTraceControl.dll
2019-07-03 02:27 - 2019-07-03 02:27 - 000098584 ____A [CA299E8C7C0292102A144C9F6BF4AC89] () C:\ProgramData\SAntivirus\b\x86\lz4_x86.dll
2016-02-04 01:04 - 2016-02-04 01:04 - 001081656 ____A [DDC85EFF55A22DC0992CBF5A1EA82AAF] (Microsoft Corporation) C:\ProgramData\SAntivirus\b\x86\msdia140.dll
2019-07-03 02:27 - 2019-07-03 02:27 - 000088856 ____A [9F0F9CF8D69F2BC4D7E19FDB038B91BF] (Reason Software Company Inc.) C:\ProgramData\SAntivirus\b\x86\rsEngineFW_x86.dll
2019-07-03 02:27 - 2019-07-03 02:27 - 000190744 ____A [2FA41415A9FCEC04F6E8073BC984DA06] (Reason Software Company Inc.) C:\ProgramData\SAntivirus\b\x86\rsEnginePM_x86.dll
2019-07-03 02:27 - 2019-07-03 02:27 - 000569344 ____A [9733A6CFAFBDB6F0FF1E0B01C8391CF4] () C:\ProgramData\SAntivirus\b\x86\rsLggrServer_x86.dll
2019-07-03 02:27 - 2019-07-03 02:27 - 001209624 ____A [36482F3132134178267EC1E8611F83ED] (Robert Simpson, et al.) C:\ProgramData\SAntivirus\b\x86\System.Data.SQLite.dll

====== End of Folder: ======

================== ExportKey: ===================

"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{746AB259-6474-4111-8966-1C62F9A6E063}" => not found

=== End of ExportKey ===
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{746AB259-6474-4111-8966-1C62F9A6E063} => not found
HKLM\Software\SAntivirus => removed successfully
HKLM\Software\Wow6432Node\SAntivirus => removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKU\S-1-5-21-1827294492-593935411-3334344351-1000\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6d32591a-3df0-11e8-a514-705ab685adf2} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A4F7DCB6-C424-4A04-BCAF-A43BD2947E23}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A4F7DCB6-C424-4A04-BCAF-A43BD2947E23}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5E2E9D3F-D0F2-4F46-A60D-16FE57EBC6AE}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C227A926-BE21-4F17-B195-DF8B5098D44A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C227A926-BE21-4F17-B195-DF8B5098D44A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SidebarExecute" => not found
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\System\CurrentControlSet\Services\SAntivirusIC => removed successfully
SAntivirusIC => service removed successfully
HKLM\System\CurrentControlSet\Services\SAntivirusSvc => removed successfully
SAntivirusSvc => service removed successfully
HKLM\System\CurrentControlSet\Services\TASANTIVIRUSKD => removed successfully
TASANTIVIRUSKD => service removed successfully
"C:\Program Files (x86)\Digital Communications" => not found
C:\Program Files\trend micro => moved successfully
C:\Users\Wagras\Desktop\RSITx64.exe => moved successfully
C:\rsit => moved successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAntivirus => moved successfully
C:\ProgramData\SAntivirus => moved successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220} => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1} => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Autodesk.DWF.ContextMenu => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32 => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32 => removed successfully
HKU\S-1-5-21-1827294492-593935411-3334344351-1000\Software\Classes\Folder\ShellEx\ContextMenuHandlers\InventorMenu => removed successfully
Could not move "C:\Windows\System32\Drivers\etc\hosts" => Scheduled to move on reboot.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9030534 B
Java, Flash, Steam htmlcache => 49033271 B
Windows/system/drivers => 63384370 B
Edge => 0 B
Chrome => 604011381 B
Firefox => 0 B
Opera => 19546713 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 59806 B
Public => 59806 B
ProgramData => 59806 B
systemprofile => 126034 B
systemprofile32 => 192390 B
LocalService => 258618 B
NetworkService => 324846 B
Wagras => 192377877 B
Administrator => 192625549 B

RecycleBin => 0 B
EmptyTemp: => 1.1 GB temporary data Removed.

================================

[Conder]

Ako to vyzera s PC? Nastala nejaka zmena? Poprosim este o obidva nove logy z FRST.

Plocha ma cca 23 GB, co je prilis vela. Odporucam presunut vsetky subory a zlozky z plochy do dokumentov a na ploche nechat iba odkazy/zastupcov. Prilis velka velkost plochy moze sposobit spomalenie systemu.