Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Natažení malware

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
lubo52
Návštěvník
Návštěvník
Příspěvky: 90
Registrován: 05 zář 2012 14:03

Natažení malware

#1 Příspěvek od lubo52 »

Dobrý den, podařilo se mi natáhnout malware. Projevuje se samovyskakujícím okny a kdoví čím ještě :)
Poprosím o pomoc.
posílám logy
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-01-2023
Ran by uzivatel (26-01-2023 11:28:53)
Running from C:\Users\uzivatel\Desktop
Microsoft Windows 10 Home Version 22H2 19045.2486 (X64) (2020-08-27 14:00:02)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2675956952-4226471559-2940555150-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2675956952-4226471559-2940555150-503 - Limited - Disabled)
Guest (S-1-5-21-2675956952-4226471559-2940555150-501 - Limited - Disabled)
info (S-1-5-21-2675956952-4226471559-2940555150-1004 - Limited - Disabled)
postgres (S-1-5-21-2675956952-4226471559-2940555150-1006 - Limited - Enabled) => C:\Users\postgres
uzivatel (S-1-5-21-2675956952-4226471559-2940555150-1001 - Administrator - Enabled) => C:\Users\uzivatel
WDAGUtilityAccount (S-1-5-21-2675956952-4226471559-2940555150-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.003.20314 - Adobe)
Adobe AIR (HKLM-x32\...\{10E33ABF-D7FB-4F47-900A-7973854AB45A}) (Version: 32.0.0.89 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.89 - Adobe Systems Incorporated)
Adobe Bridge 2023 (HKLM-x32\...\KBRG_13_0_1) (Version: 13.0.1 - Adobe Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.9.0.372 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.1.0.3 - Adobe Inc.)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_12_1) (Version: 12.1 - Adobe Inc.)
Adobe Media Encoder 2019 (HKLM-x32\...\AME_13_1) (Version: 13.1 - Adobe Inc.)
Adobe Photoshop 2023 (HKLM-x32\...\PHSP_24_0_1) (Version: 24.0.1.112 - Adobe Inc.)
Adobe Premiere Pro 2019 (HKLM-x32\...\PPRO_13_1_2) (Version: 13.1.2 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AdvancePCPro (HKLM-x32\...\AdvancePCPro) (Version: 1.0.7.10 - Alor Soft Inc)
Altruistic (HKLM\...\Altruistic) (Version: 1.6.7.5 - Altruistic Software)
Application Verifier x64 External Package (HKLM\...\{D9908CED-5ABB-FEE9-FC84-743F4D38637C}) (Version: 10.1.16299.15 - Microsoft) Hidden
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 22.12.6044 - Avast Software)
Avast SecureLine VPN (HKLM\...\Avast SecureLine) (Version: 5.22.7134.6098 - Avast Software)
Backup and Sync from Google (HKLM\...\{696895F7-52C7-4C9E-998B-C7E0CC907092}) (Version: 3.57.4256.0809 - Google, Inc.)
Blackmagic RAW Common Components (HKLM\...\{BF73F11D-8A70-438B-A357-38E1F1A62164}) (Version: 2.8 - Blackmagic Design)
Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
C:\Program Files\Adobe\Adobe Lightroom Classic CC\LRcestina_uninstall.exe (HKLM-x32\...\CZ Lokalizace pro Lightroom CC 2015.8 a 6.8_is1) (Version: 1.1 - )
C:\Program Files\Adobe\Adobe Lightroom Classic CC\LRcestina_uninstall.exe (HKLM-x32\...\CZ Lokalizace pro Lightroom Classic 8.3 a novější_is1) (Version: 1.2 - )
C:\Program Files\Adobe\Adobe Lightroom Classic CC\LRcestina_uninstall.exe (HKLM-x32\...\CZ Lokalizace pro Lightroom Classic CC 2018.1 a novější_is1) (Version: 1.1 - )
Call Of Duty Modern Warfare 2 verze 1.2 CZ (HKLM-x32\...\{318EAFB5-2019-4A09-811D-33A45A4E71D5}_is1) (Version: 1.2 CZ - tomi2k9)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.4.4 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.7.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.20.13 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.0.0 - Canon Inc.)
Canon MG5700 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5700_series) (Version: 1.00 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
Canon Utilities EOS Lens Registration Tool (HKLM-x32\...\EOS Lens Registration Tool) (Version: 1.9.0.0 - Canon Inc.)
Canon Utilities EOS Utility 2 (HKLM-x32\...\EOS Utility 2) (Version: 2.14.20.0 - Canon Inc.)
Canon Utilities EOS Utility 3 (HKLM-x32\...\EOS Utility 3) (Version: 3.9.0.0 - Canon Inc.)
Canon Utilities EOS Web Service Registration Tool (HKLM-x32\...\EOS Web Service Registration Tool) (Version: 1.8.0.0 - Canon Inc.)
Catalyst Browse 2019.2 (HKLM\...\{17C59191-A0B5-11EA-B33C-5CF9DD6B5363}) (Version: 2019.2.2.409 - Sony)
Catalyst Prepare 2019.2 (HKLM\...\{575F1F70-A1D1-11EA-BFA2-5CF9DD6B5363}) (Version: 2019.2.2.409 - Sony)
CCleaner (HKLM\...\CCleaner) (Version: 6.07 - Piriform)
Cortona3D Viewer (HKLM\...\{F61C39E2-C1BC-4DBB-9755-7006A1721DE8}) (Version: 8.8.215 - ParallelGraphics)
CPUID CPU-Z 1.90 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.90 - CPUID, Inc.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.11.0.1001 - Disc Soft Ltd)
DaVinci Resolve (HKLM\...\{FD29F83E-179A-4811-B255-EA57C47B34DC}) (Version: 18.1.10007 - Blackmagic Design)
DaVinci Resolve Control Panels (HKLM\...\{85AC7A9F-9630-42FD-AA1C-58329AB4B7D3}) (Version: 2.0.5.0 - Blackmagic Design)
DaVinci Resolve Keyboards (HKLM\...\{04F776FB-37A2-4116-84F2-6CF3D731999D}) (Version: 1.0.0.0 - Blackmagic Design)
Discord (HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\Discord) (Version: 1.0.9001 - Discord Inc.)
Dolby Audio X2 Windows API SDK (HKLM\...\{F994125B-7BF5-4A38-A569-82833CEB24DC}) (Version: 0.8.4.83 - Dolby Laboratories, Inc.)
eFrame Converter (HKLM-x32\...\{C69173B6-A0F2-4BAB-93C4-3E83A5F85567}) (Version: 1.0.2.7 - HiTi)
Epic Games Launcher (HKLM-x32\...\{FEF3A9BA-A962-4469-AD62-04839D4BB847}) (Version: 1.1.298.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
EventDesiree Deluxe (HKLM-x32\...\{5483D431-43FD-4192-ABCE-7B795C263B80}) (Version: 1.1.8.9 - HiTi)
Facebook Gameroom 1.22.7235.32722 (HKLM-x32\...\{2867E3AE-18BA-4BCF-8268-F797A401ED86}) (Version: 1.22.7235.32722 - Facebook)
Fairlight Audio Accelerator Utility (HKLM\...\FairlightAudioAccelerator_is1) (Version: 1.0.13 - Blackmagic Design)
Fairlight Studio Utility (HKLM\...\{99BCB768-4C60-4944-9E69-DA8808F98661}) (Version: 1.3.0.0 - Blackmagic Design)
FitLinie (HKLM-x32\...\FitLinie_is1) (Version: - Martin Roubec)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 69.0.0.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 109.0.5414.76 - Google LLC)
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.590 - Huawei Technologies Co., Ltd.)
HiTi Photo Printer P510 series (HKLM\...\HiTi Photo Printer P510 series) (Version: - )
HiTi Photo Printer P51x series (HKLM\...\HiTi Photo Printer P51x series) (Version: 3.7.4.35 - HiTi Digital, Inc.)
HiTi PicviteMinilab2 (HKLM-x32\...\{4EC042BD-9464-41D6-9558-3C74BBDAC2B7}) (Version: 2.0.29.43 - HiTi)
HTService (HKLM-x32\...\InstallShield_{EE47F9CD-7979-42A3-88DC-2EAE949110F9}) (Version: - HiTi Digital, Inc.)
IDCreator (HKLM-x32\...\{CA1BF7E1-A0C9-40D3-9E51-3ACB315ADBB5}) (Version: 1.0.5.7 - HiTi)
IDQuickDesiree (HKLM-x32\...\{1C68A3E2-8B47-4FDF-B066-E3E6BFEAD268}) (Version: v1.0.10.6 - HiTi)
Imagenomic Portraiture 2.3 Plug-in (build 2308) (HKLM\...\ImagenomicPortraiturePlugin) (Version: - )
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.5018 - Intel Corporation)
Kits Configuration Installer (HKLM-x32\...\{86E59C8F-61D5-1782-A3CE-60AE7E4D7791}) (Version: 10.1.16299.15 - Microsoft) Hidden
Kontrola stavu osobního počítače s Windows (HKLM\...\{D18FE9D2-2F54-4C68-A2DE-A59D4A80A9BC}) (Version: 3.1.2109.29003 - Microsoft Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LAV Filters 0.74.1 (HKLM-x32\...\lavfilters_is1) (Version: 0.74.1 - Hendrik Leppkes)
Ledger Live 2.25.1 (HKLM\...\c62032b2-0bca-5abc-b458-fd67cfc9e49b) (Version: 2.25.1 - Ledger Live Team)
Messenger (HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\c1b3adcf-2068-5e8d-b25d-30ce588e3a4c) (Version: 138.0.348389699 - Facebook, Inc.)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.1 Doc Redirected Targeting Pack (čeština) (HKLM-x32\...\{9353ED27-6403-4643-8D03-300D2A23ABD5}) (Version: 4.7.02558 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.1 Targeting Pack (HKLM-x32\...\{5686C5E9-A3B3-451E-A2EA-4C246CDE5CC9}) (Version: 4.7.02558 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 109.0.1518.61 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 109.0.1518.61 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\OneDriveSetup.exe) (Version: 23.002.0102.0004 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31326 (HKLM-x32\...\{2d507699-404c-4c8b-a54a-38e352f32cdd}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31326 (HKLM-x32\...\{817e21c1-6b3a-4bc1-8c49-67e4e1887b3a}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Debug Runtime - 14.24.28127 (HKLM\...\{FA9F6687-367D-4760-9E8D-2F0C685E4626}) (Version: 14.24.28127 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Debug Runtime - 14.24.28127 (HKLM-x32\...\{F6B39272-7840-4107-967A-E692E983FBF0}) (Version: 14.24.28127 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31326 (HKLM\...\{38624EB5-356D-4B08-8357-C33D89A5C0C5}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31326 (HKLM\...\{C96241EA-9900-4FE8-85B3-1E238D509DF6}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31326 (HKLM-x32\...\{A250E750-DB3F-40C1-8460-8EF77C7582DA}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31326 (HKLM-x32\...\{46E11E7F-01E1-44D0-BB86-C67342D253DD}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2017 Tools for Unity (HKLM-x32\...\{1AD79405-0A2D-43D6-82AE-8CB8B212D906}) (Version: 3.9.0.3 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2019 Tools for Unity (HKLM-x32\...\{35DB99DB-B265-4A29-8A53-F5E5912D5634}) (Version: 4.4.2.0 - Microsoft Corporation) Hidden
Microsoft Visual Studio Setup Configuration (HKLM-x32\...\{EECD89A4-F3F0-47BE-ACCF-ADFFCF2E1769}) (Version: 2.3.2200.14893 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2017 Update 9 Office Integration (x64) (HKLM\...\{90735D32-441A-3FFB-97E2-02A165F29DD1}) (Version: 15.129.29514 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2017 Update 9 Office Integration Language Pack (x64) - ENU (HKLM\...\{D8158932-4BB2-3411-B708-78998AD95F9F}) (Version: 15.129.29514 - Microsoft Corporation) Hidden
Mozilla Firefox 72.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 72.0.2 (x64 cs)) (Version: 72.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0.1 - Mozilla)
MSI Development Tools (HKLM-x32\...\{973CACA2-E018-065B-0580-F2784802E299}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
MSVCRT Redists (HKLM\...\{1C0F98B0-A5D6-11EA-8305-001C42B07B15}) (Version: 1.0 - Sony Creative Software Inc.) Hidden
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
NVIDIA CUDA Development 10.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDADevelopment_10.1) (Version: 10.1 - NVIDIA Corporation)
NVIDIA CUDA Documentation 10.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDADocument_10.1) (Version: 10.1 - NVIDIA Corporation)
NVIDIA CUDA Runtime 10.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDARuntimes_10.1) (Version: 10.1 - NVIDIA Corporation)
NVIDIA CUDA Samples 10.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_samples_10.1) (Version: 10.1 - NVIDIA Corporation)
NVIDIA CUDA Visual Studio Integration 10.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_visual_studio_integration_10.1) (Version: 10.1 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation)
NVIDIA Nsight Compute v2019.1 (HKLM\...\{A6575507-1758-44F6-B68A-7FB16826550F}) (Version: 19.1.0.0 - NVIDIA Corporation)
NVIDIA Nsight Systems v2018.3.3 (HKLM\...\{27969759-4685-4B75-A2D9-569EF76B0F7A}) (Version: 18.3.3.31 - NVIDIA Corporation)
NVIDIA Nsight Visual Studio Edition 2019.1.0.19017 (HKLM\...\{3D4CA9A5-E49A-4D71-A991-134A2B389033}) (Version: 19.1.0.19017 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 511.79 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 511.79 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA Tools Extension SDK (NVTX) - 64 bit (HKLM\...\{B56D2F88-8865-40FD-B7AC-F074EE4D201D}) (Version: 1.00.00.00 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 25.0.8 - OBS Project)
OpenOffice 4.1.5 (HKLM-x32\...\{2FEA9841-64DE-4FA5-A36F-1CD23E2790EB}) (Version: 4.15.9789 - Apache Software Foundation)
PerformanceTest v9.0 (HKLM\...\PerformanceTest 9_is1) (Version: 9.0.1034.0 - Passmark Software)
PostgreSQL 9.5 (HKLM\...\PostgreSQL 9.5) (Version: 9.5 - PostgreSQL Global Development Group)
ProFact 2017 (HKLM-x32\...\ProFact_is1) (Version: - eXmind)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Registrace uživatele zařízení Canon MG5700 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG5700 series) (Version: - ‭Canon Inc.)
Room Arranger (64-bit) (HKLM-x32\...\Room Arranger x64) (Version: 9.5.5 - Jan Adamec)
Saal Designer (HKLM-x32\...\{CDB7C673-311A-AB20-D4A4-8F67E39CDFCD}) (Version: 4.0 - Saal Digital Fotoservice GmbH) Hidden
Saal Designer (HKLM-x32\...\SaalDesigner) (Version: 4.0 - Saal Digital Fotoservice GmbH)
Safer Web (HKLM\...\SaferWeb) (Version: 2.3.0 - Reason Cybersecurity Inc.)
Screaming Frog SEO Spider (HKLM-x32\...\Screaming Frog SEO Spider) (Version: 12.6 - Screaming Frog Ltd)
SDK ARM Additions (HKLM-x32\...\{7922BB77-0B59-840A-AC80-D560A34D75C5}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
SDK ARM Redistributables (HKLM-x32\...\{C87DF65C-A672-7E08-A083-E7D48FE8DB70}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Skype verze 8.59 (HKLM-x32\...\Skype_is1) (Version: 8.59 - Skype Technologies S.A.)
Software602 Signer (HKLM-x32\...\{8F4B06F9-7493-4BA9-9E43-BC0DAF5D3524}) (Version: 3.8.3.1021 - Software602 a.s.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sublime Text Build 3176 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
Sweet Home 3D version 6.4.2 (HKLM\...\Sweet Home 3D_is1) (Version: 6.4.2 - eTeks)
Taskbar system version 1.0.6.2 (HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\{C40E1200-5BEC-410C-B3C5-F7B475729D42}_is1) (Version: 1.0.6.2 - Taskbar system) <==== ATTENTION
Telegram Desktop version 4.2.4 (HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.2.4 - Telegram FZ-LLC)
Tools for .Net 3.5 - CSY Lang Pack (HKLM-x32\...\{F7673291-61EE-4D0E-B563-1A1BBB847213}) (Version: 3.11.50727 - Microsoft Corporation) Hidden
Tools for .Net 3.5 (HKLM-x32\...\{1690CE56-2231-4E59-9006-A0876D949EA8}) (Version: 3.11.50727 - Microsoft Corporation) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.21a - Ghisler Software GmbH)
TreeSize Free V4.2.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.2.2 - JAM Software)
Universal CRT Extension SDK (HKLM-x32\...\{A5FA2886-1925-133F-0D41-B9A8ECEA0A2D}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{B739B4C5-EEEC-8E70-0276-38C4779AF398}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{A9D6F52C-694E-3E41-7AB8-5BEB644742A5}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{E053089E-7953-3219-814F-F485FC151C54}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{B9424F08-0617-C4F6-A798-5A9250C1A738}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{D261CEA1-AB8D-9CFA-4407-BCEFC78661AC}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
vcpp_crt.redist.clickonce (HKLM-x32\...\{548647C7-4C0F-4DC4-8DAA-F46C67158370}) (Version: 14.24.28127 - Microsoft Corporation) Hidden
Visual SEO Studio (HKLM\...\{8C06DE71-E203-4FA4-B750-0FCBC4602D61}) (Version: 2.0.0.0 - aStonish Studio) Hidden
Visual SEO Studio (HKLM-x32\...\{eba42d56-4abc-4c33-9e8f-e096a534bea9}) (Version: 2.0.0.0 - aStonish Studio)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
VPN by RAV (HKLM\...\RAVVPN) (Version: 1.4.2 - Reason Cybersecurity Inc.)
VS Script Debugging Common (HKLM\...\{D8B26CBD-15D2-440B-BCBD-5616D74EFC7D}) (Version: 16.0.98.0 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{D885E075-8219-4378-9D28-3F76A6FE758E}) (Version: 16.4.29430 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{72E86320-AFF2-44F8-9C8B-0BD51E5B14DE}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{AD0C92A4-1514-4BC1-A723-A272A8343924}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{2C6EB385-1400-4B2E-8AE9-1F01FC236772}) (Version: 16.4.29411 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{AF6BD1E3-7FE3-4DED-B9A0-D564B0F4C349}) (Version: 16.4.29411 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{692A0FB3-E6A2-4D41-AC03-4136B4312DC0}) (Version: 16.3.29209 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{27B16914-BC5D-4018-8074-071262A27F6D}) (Version: 16.2.28917 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{4B6D2CD8-324E-4462-AFD6-8F33E08BB214}) (Version: 16.4.29411 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{68B8AD33-CE97-4C3D-9583-669C39D21BA5}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{DA2B1838-3B2E-4220-8B2E-796F4624D463}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{E208E682-50EE-4F2F-9860-C91B906B8A03}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0-3) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Wargaming.net Game Center (HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\Wargaming.net Game Center) (Version: 22.6.0.1216 - Wargaming.net)
WD My Cloud (HKLM\...\{4B86F896-11DC-4711-BB60-81104832FA44}) (Version: 1.0.7.17 - Western Digital Technologies, Inc.)
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.800 - McAfee, LLC)
WhatsApp (HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\WhatsApp) (Version: 0.3.2848 - WhatsApp)
WinAppDeploy (HKLM-x32\...\{9690D51C-4435-1C20-7819-66CCAB0F03F9}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows App Certification Kit Native Components (HKLM\...\{09215AC7-B15F-A151-B90A-6B432EAD80A8}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows App Certification Kit SupportedApiList x86 (HKLM-x32\...\{6BC13537-D39F-5BF2-85F3-E073AE3ED446}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows App Certification Kit x64 (HKLM-x32\...\{0D9BEF83-4D44-5BCA-353F-07BA0A16CA46}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows Desktop Extension SDK (HKLM-x32\...\{8358B2F8-FEE0-7FBA-14E5-AC84A7E61552}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows Desktop Extension SDK Contracts (HKLM-x32\...\{44B8DFA4-495D-9972-F663-557B1BC0CB71}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows IoT Extension SDK (HKLM-x32\...\{5899CA05-6772-95EC-4261-A09E5EE0FBF2}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows IoT Extension SDK Contracts (HKLM-x32\...\{58BC56B7-DCB8-EE66-AA40-2EAE7E2EB0F2}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows IP Over USB (HKLM-x32\...\{8CBFAC58-3058-B2AD-10E2-9E2A859B554B}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows Mobile Extension SDK (HKLM-x32\...\{93BEE599-02CB-18E1-744E-D95724E81157}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows Mobile Extension SDK Contracts (HKLM-x32\...\{D7A6AB64-9E5C-E5E2-5438-655F7D36475D}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows SDK (HKLM-x32\...\{921D9904-2313-037F-31B4-D62B9988E236}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows SDK AddOn (HKLM-x32\...\{350F0ECD-0783-4529-8797-98F0AD33EAC0}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows SDK ARM Desktop Tools (HKLM-x32\...\{CBACB843-4AEF-D40C-B9BE-CCA402D2B980}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers arm (HKLM-x32\...\{CD480276-2E5A-3FE0-D40C-D7C55617F98B}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers arm64 (HKLM-x32\...\{97AA8169-0E70-3B19-46C5-D4453608D589}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers x64 (HKLM-x32\...\{20630AC0-B423-2229-3399-A0B5285CB325}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers x86 (HKLM-x32\...\{4616D3B4-B5F0-ECBF-4617-0345C9550649}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs arm (HKLM-x32\...\{1FEC7E98-2A0A-11F9-1321-5F27304A3E4E}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs arm64 (HKLM-x32\...\{A6B742A8-13BA-4A15-0056-E9F2354FADA4}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs x64 (HKLM-x32\...\{DAE5B0BB-F2BC-98F5-6147-A83B6DF4B2AA}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs x86 (HKLM-x32\...\{82BEC2F8-2758-E0A4-F14B-CAAF3234FE00}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows SDK Desktop Tools arm64 (HKLM-x32\...\{399E1622-1DD3-2284-510C-3ABEBEB4B4FA}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows SDK Desktop Tools x64 (HKLM-x32\...\{8105E4C5-379E-F713-8A4D-14A2317A7ABE}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows SDK Desktop Tools x86 (HKLM-x32\...\{5169186A-B6CA-38E6-BC29-54ABFAFD3721}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows SDK DirectX x64 Remote (HKLM\...\{A60760B2-EF83-1EB6-BC8E-B9A7EC91D3D6}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows SDK DirectX x86 Remote (HKLM-x32\...\{A6EFB3CD-C4B4-878E-1DFF-F01FAF9A1A34}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows SDK EULA (HKLM-x32\...\{A2528C8D-B98A-D28F-C650-722503516A93}) (Version: 10.1.16299.15 - Microsoft Corporations) Hidden
Windows SDK Facade Windows WinMD Versioned (HKLM-x32\...\{F76495AC-2A86-BD70-3F0A-20D33E6A3300}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps (HKLM-x32\...\{B5CEC165-2F1F-4348-37A3-BB31DA90BD68}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Contracts (HKLM-x32\...\{7736BDAD-A5B6-8BE7-E34B-F53280448C29}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps DirectX x64 Remote (HKLM\...\{45D32E0E-27C5-82DE-B739-6A9608A2411A}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps DirectX x86 Remote (HKLM-x32\...\{1D42A0CE-494E-EDB0-9613-553487B5953D}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Headers (HKLM-x32\...\{07C90F9B-3020-AD74-53A2-404D0A77E6A8}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Libs (HKLM-x32\...\{57186CA6-5B4D-1D1E-0AF0-A6F5244BBA36}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Metadata (HKLM-x32\...\{ECA49B9D-E452-169B-F8E2-E9E415F0190D}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Tools (HKLM-x32\...\{CB17BD4C-C6D7-E5D7-5031-F37645D22579}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Managed Apps Libs (HKLM-x32\...\{458C3A87-069F-E8E2-AF52-43152BA91548}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows SDK Modern Non-Versioned Developer Tools (HKLM-x32\...\{454B446B-6DC1-3524-53D5-4439D56358EF}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows SDK Modern Versioned Developer Tools (HKLM-x32\...\{79513535-6F89-55F0-E50F-5D563C4DEAF7}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows SDK Redistributables (HKLM-x32\...\{380602CD-5F67-486B-8F98-36A5EAD1A89F}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows SDK Signing Tools (HKLM-x32\...\{3ED687AC-3F6D-819B-3948-F0CB24111524}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows Software Development Kit - Windows 10.0.16299.15 (HKLM-x32\...\{6195c203-b53c-4bb7-983a-6070a902e704}) (Version: 10.1.16299.15 - Microsoft Corporation)
Windows Team Extension SDK (HKLM-x32\...\{3BFC920A-C3C0-2DFB-7509-03F5EFC95654}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows Team Extension SDK Contracts (HKLM-x32\...\{B155C75C-1567-ECA5-D71B-86F5CF1DE1ED}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinHTTrack Website Copier 3.49-2 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.49.2 - HTTrack)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{385A1387-A488-9E90-3635-086129610034}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{D7DD3171-DA58-52A1-95B2-4769640855AF}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{7336279F-8F8F-5530-A543-3BE963846C0A}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{E414A474-0A87-4F66-C409-A4D9857CFD34}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{CE760B86-975B-F514-5673-0ED4332B801B}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{5E67F8BE-D8D2-257F-CE19-419A2D5125C7}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{A2AA063E-AF50-A1F5-8925-A06EB1556644}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{7D4C7F4A-02A9-E434-6451-C8787DF28C1F}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{BC467065-9374-5345-DA3F-FCF073304A25}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)
Wondershare Recoverit(Build 9.7.2.12) (HKLM-x32\...\{829555DC-31E5-4FEA-B350-8FCF24CECD95}_is1) (Version: 9.7.2.12 - Wondershare Software Co.,Ltd.)
World of Tanks EU (HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\WOT.EU.PRODUCTION) (Version: - Wargaming.net)
World_of_Warships_EU (HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\WOWS.EU.PRODUCTION) (Version: - Wargaming.net)
Zoner Photo Studio 18 (HKLM\...\ZonerPhotoStudio18_CZ_is1) (Version: 18.0.1.10 - ZONER software)

Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc [2022-04-24] (Adobe Systems Incorporated)
Asphalt 9: Legends -> C:\Program Files\WindowsApps\A278AB0D.Asphalt9_3.8.110.2_x64__h6adky7gbf63m [2023-01-19] (Gameloft SE)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2440.1.0_x64__kgqvnymyfvs32 [2023-01-20] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.234.200.0_x64__kgqvnymyfvs32 [2023-01-13] (king.com)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-02-18] (Canon Inc.)
Code of War -> C:\Program Files\WindowsApps\CND4528B94-2EA2-4D85-B0B7.CodeofWar_3.17.0.0_x64__zxxvj7ezs5pcc [2022-11-23] (Extreme Developers)
Code of War: Gun Shooting Games -> C:\Program Files\WindowsApps\XDEVS.CodeofWarGunShootingGames_3.17.5.0_x64__7yw2516a0mwqy [2023-01-19] (XDEVS LIMITED)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.16.345.0_x64__rz1tebttyb220 [2023-01-22] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-06-22] (Microsoft Corporation)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.19.0_neutral__8xx8rvfyw5nnt [2021-11-04] (Instagram)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Neat Office -> C:\Program Files\WindowsApps\15191PeakPlayer.NeatOffice_3.4.2.0_x86__y5c4dfz5b21fm [2022-08-13] (Any DVD &amp; Office App)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2022-10-16] (NVIDIA Corp.)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4478.0_x64__8j3eq9eme6ctt [2023-01-14] (INTEL CORP) [Startup Task]
Raw Image Extension -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.0.40041.0_x64__8wekyb3d8bbwe [2023-01-26] (Microsoft Corporation)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-04-27] (Microsoft Corporation)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2022-12-08] (Microsoft Studios) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2675956952-4226471559-2940555150-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-7B886B5D728C} -> [Creative Cloud Files] => C:\Users\uzivatel\Creative Cloud Files [2018-09-03 18:20]
CustomCLSID: HKU\S-1-5-21-2675956952-4226471559-2940555150-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-2675956952-4226471559-2940555150-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\69.0.0.0\drivefsext.dll [2023-01-19] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\69.0.0.0\drivefsext.dll [2023-01-19] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\69.0.0.0\drivefsext.dll [2023-01-19] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\69.0.0.0\drivefsext.dll [2023-01-19] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-11-30] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-11-30] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-11-30] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-12-13] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-12-13] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-11-30] (Adobe Inc. -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-12-13] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\69.0.0.0\drivefsext.dll [2023-01-19] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers1: [Long-Term Docs Signer] -> {8B7B7594-9951-4D5A-BBCC-EB9AEE81CB12} => C:\Program Files (x86)\Software602\Signer\ContextMenu64.dll [2019-04-17] (Software602) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\programy\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\programy\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-12-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-12-13] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-12-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\69.0.0.0\drivefsext.dll [2023-01-19] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\69.0.0.0\drivefsext.dll [2023-01-19] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_dd5d08598ac3d75d\igfxDTCM.dll [2018-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_ce837e92efe9cbc4\nvshext.dll [2022-02-10] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-11-30] (Adobe Inc. -> )
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-12-13] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\programy\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\programy\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\uzivatel\Desktop\WDMyCloudDL4100 – zástupce.lnk -> hxxp://192.168.0.109
ShortcutWithArgument: C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\WarThunder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --app=hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=1&aff_sub2=J9hsHlDYGGRRqBhpU61oZEqpaT4EisjwisVvxpaVeuOHBVr2lsSq3ipJgAAAGadXlwie&click_id=4c334ae3130d58dcb9d76153793992a35ec2dd51 --app-window-size=2560,1440
ShortcutWithArgument: C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Instagram.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=maonlnecdeecdljpahhnnlmhbmalehlm
ShortcutWithArgument: C:\Users\uzivatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --app=hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=1&aff_sub2=J9hsHlDYGGRRqBhpU61oZEqpaT4EisjwisVvxpaVeuOHBVr2lsSq3ipJgAAAGadXlwie&click_id=4c334ae3130d58dcb9d76153793992a35ec2dd51 --app-window-size=2560,1440

==================== Loaded Modules (Whitelisted) =============

2018-11-12 09:03 - 2015-03-17 08:51 - 000375296 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-01-07 12:49 - 2019-12-25 20:46 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;C:\Program Files\NVIDIA GPU Computing Toolkit\CUDA\v10.1\bin;C:\Program Files\NVIDIA GPU Computing Toolkit\CUDA\v10.1\libnvvp;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\Nsight Compute 2019.1\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\GtkSharp\2.12\bin
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-2675956952-4226471559-2940555150-1006\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 10.112.1.1 - 10.112.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: avast => 2
MSCONFIG\Services: avastm => 3
MSCONFIG\Services: AvastSecureBrowserElevationService => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: IJPLMSVC => 2
MSCONFIG\Services: McAfee WebAdvisor => 2
MSCONFIG\Services: MozillaMaintenance => 3
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX"
HKLM\...\StartupApproved\Run32: => "OnScreen Control"
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\StartupApproved\StartupFolder: => "EOS Utility.lnk"
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\StartupApproved\StartupFolder: => "Facebook Gameroom.lnk"
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\StartupApproved\Run: => "World of Tanks"
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_C77CE8056B4BBFFA3D13F6056A9B5F7A"
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\StartupApproved\Run: => "CCXProcess"
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\StartupApproved\Run: => "Wargaming.net Game Center"
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\StartupApproved\Run: => "WindowGrid"
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\StartupApproved\Run: => "GoogleDriveFS"
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\StartupApproved\Run: => "com.messenger"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{26C9E4F3-2010-4369-AA83-E313FEC3BA23}D:\users\lkos\dokumenty\fotky\2020\videoprohlídka\malé\vtour\tour_testingserver.exe] => (Allow) D:\users\lkos\dokumenty\fotky\2020\videoprohlídka\malé\vtour\tour_testingserver.exe (krpano Gesellschaft mbH -> )
FirewallRules: [TCP Query User{9A89411D-C1DE-4992-A3CB-99A579F1ED29}D:\users\lkos\dokumenty\fotky\2020\videoprohlídka\malé\vtour\tour_testingserver.exe] => (Allow) D:\users\lkos\dokumenty\fotky\2020\videoprohlídka\malé\vtour\tour_testingserver.exe (krpano Gesellschaft mbH -> )
FirewallRules: [{7C5C8B3A-57F2-4B64-8BA2-11DF546CF35C}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{645B36A9-AE70-4CF8-8ED4-4A7BF09D57FF}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{96332945-9D71-48FB-B172-AAB279AF8CC0}D:\world_of_tanks\win64\worldoftanks.exe] => (Allow) D:\world_of_tanks\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{570BBB0C-F24B-4FA8-AB90-3741E5519C7B}D:\world_of_tanks\win64\worldoftanks.exe] => (Allow) D:\world_of_tanks\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{B750EF61-AB1F-4F05-9300-1CBDEA4F211D}D:\users\lkos\downloads\anydesk.exe] => (Allow) D:\users\lkos\downloads\anydesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [TCP Query User{8E9E45D0-499F-4C56-8F6A-412260A11C32}D:\users\lkos\downloads\anydesk.exe] => (Allow) D:\users\lkos\downloads\anydesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [UDP Query User{837B5E62-8F2A-4233-953D-57E344E9F47B}D:\utorrent\utorrent.exe] => (Allow) D:\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{3D740462-F01E-45B8-9847-85614281A298}D:\utorrent\utorrent.exe] => (Allow) D:\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{B57525F3-51FC-4925-9161-985D86A89B2F}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{C158F96A-4830-4873-BBCE-91ADB577723F}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{4B3BD563-A5BE-4306-B66A-91A8A92DB0BC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B57DA34F-0918-41B9-A129-46A7F57E1253}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C1976364-9FB0-4C1B-A574-49D553E643BE}] => (Allow) D:\World_of_Tanks\WoTLauncher.exe (Wargaming PCL -> Wargaming.net)
FirewallRules: [{97B8E480-CB42-4758-BC5E-7B4A0E75CC8F}] => (Allow) D:\World_of_Tanks\WoTLauncher.exe (Wargaming PCL -> Wargaming.net)
FirewallRules: [{AFF4D487-28BE-4381-A8B1-4F66CCB2BB9C}] => (Allow) D:\World_of_Tanks\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{46C8B258-2C48-4583-A592-EB34B32227E3}] => (Allow) D:\World_of_Tanks\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{3CB9B532-F8E0-48BD-A15C-C0A3AFB03A61}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{9053854E-FCA0-4CFB-A97E-F4ADE4A4249D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{787A8297-AC0B-4275-9DAE-FD1B1BD027FA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{78701CCE-B75C-44C2-BD84-D862D4A83295}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{AB64709F-7EC5-43A9-AD6E-56FBB424CA59}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{6F8DE259-C769-44C8-B416-10AB5506F329}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{6D5A4298-DF07-49B1-8705-B4D205E02718}] => (Allow) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe (Canon Inc. -> CANON INC.)
FirewallRules: [{37EED083-B1D8-42BA-82AB-6DCEDCF9FD24}] => (Allow) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe (Canon Inc. -> CANON INC.)
FirewallRules: [{4F65A1F4-4EF0-4503-A157-FA25F9E8908A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{88700993-841B-43A7-995E-275FA0F7CDF2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{5E50F660-BF5B-4C6F-B0AF-6DB8E4F7E951}D:\world_of_tanks\win32\worldoftanks.exe] => (Allow) D:\world_of_tanks\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{E80196F8-9A81-4414-98CA-39BB944E1955}D:\world_of_tanks\win32\worldoftanks.exe] => (Allow) D:\world_of_tanks\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{AC8DD71B-1E49-4063-B16D-0DEEDE722973}D:\wargaming.net\gamecenter\wgc.exe] => (Allow) D:\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{06BD2B38-4C67-47CD-A84D-042E3E4094F9}D:\wargaming.net\gamecenter\wgc.exe] => (Allow) D:\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{7B816216-65AA-41D1-97A9-EDE2EFB45C55}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe => No File
FirewallRules: [UDP Query User{D467D6E0-D448-4FA6-A5FE-BBC36830E02D}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe => No File
FirewallRules: [TCP Query User{6EFC31C2-1EBC-4E12-9A90-DADCEB7729D7}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{5091432C-170F-4B93-861B-57583BB7959D}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{FF546684-E6BD-481B-AD92-43D7989D7CF4}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [UDP Query User{F4BDC077-51B9-48F2-AA41-E87CC30055B0}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{A40B97F8-2F75-400E-905E-E2C9DA871EAF}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{F79C95AA-81C1-4040-B49E-302BD1BA2698}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{90541E89-4A67-480C-AACA-CEB2BE21764D}C:\program files (x86)\blackmagic design\fairlight panels\panel setup utility\fairlight panel setup.exe] => (Block) C:\program files (x86)\blackmagic design\fairlight panels\panel setup utility\fairlight panel setup.exe (Blackmagic Design) [File not signed]
FirewallRules: [UDP Query User{36D901EE-FEDB-4C59-8D6A-B2A00E505B91}C:\program files (x86)\blackmagic design\fairlight panels\panel setup utility\fairlight panel setup.exe] => (Block) C:\program files (x86)\blackmagic design\fairlight panels\panel setup utility\fairlight panel setup.exe (Blackmagic Design) [File not signed]
FirewallRules: [TCP Query User{73FAD00A-B1BC-48C7-9FEA-D9396371D598}C:\program files\avast software\avast\avastui.exe] => (Allow) C:\program files\avast software\avast\avastui.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [UDP Query User{9DF1962E-7EE1-4364-AA60-A71EC37A2207}C:\program files\avast software\avast\avastui.exe] => (Allow) C:\program files\avast software\avast\avastui.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{6EEFF591-E061-4A27-A3B8-9BA357F5F85C}C:\program files (x86)\blackmagic design\davinci control panels\setup utility\davinci control panels setup.exe] => (Allow) C:\program files (x86)\blackmagic design\davinci control panels\setup utility\davinci control panels setup.exe (Blackmagic Design Pty Ltd -> Blackmagic Design)
FirewallRules: [UDP Query User{B0A529D1-CA59-4EDD-A2FB-6F416FF1D5A5}C:\program files (x86)\blackmagic design\davinci control panels\setup utility\davinci control panels setup.exe] => (Allow) C:\program files (x86)\blackmagic design\davinci control panels\setup utility\davinci control panels setup.exe (Blackmagic Design Pty Ltd -> Blackmagic Design)
FirewallRules: [{846A49FF-392E-4F52-853F-6AAF3243F4A1}] => (Allow) LPort=57209
FirewallRules: [{6676C866-857E-4D5D-BF94-35AF973F08AC}] => (Allow) LPort=57210
FirewallRules: [{9DA14626-EC9E-44EE-BE51-3C28FBF20809}] => (Allow) LPort=57211
FirewallRules: [{06F3FB30-385A-4877-81A1-CDA23238E2BA}] => (Allow) LPort=57212
FirewallRules: [{74DC10F3-B3F5-4018-9B04-B5F455099C38}] => (Allow) LPort=57213
FirewallRules: [{3C11E09A-D925-4D81-8439-B028BBB6B1B0}] => (Allow) LPort=57214
FirewallRules: [{57B2A2BC-604D-41F8-85B3-DEA2CE703573}] => (Allow) LPort=57215
FirewallRules: [{67446446-F053-466B-B3B6-070F85D5ABB5}] => (Allow) LPort=57216
FirewallRules: [{3E73B93C-7E3C-4176-A709-D4B187E33859}] => (Allow) LPort=57217
FirewallRules: [{4C15B4CF-783F-4F6E-8842-F916C1DC8560}] => (Allow) LPort=57218
FirewallRules: [{EFD15BA5-D495-43B5-9D33-C4BEFAC8D12C}] => (Allow) LPort=57209
FirewallRules: [{1E18F3AB-4F62-4815-BDB2-626D8DB44CD7}] => (Allow) LPort=57210
FirewallRules: [{387B8BF8-D4C5-4162-8243-36A1BD2262DD}] => (Allow) LPort=57211
FirewallRules: [{99699546-7182-44B5-B3F0-0D38D98049C0}] => (Allow) LPort=57212
FirewallRules: [{55A97704-F7EB-4FEE-B23A-D807BD0F005B}] => (Allow) LPort=57213
FirewallRules: [{B55F5754-8091-45E7-BF3F-DA448F6F3940}] => (Allow) LPort=57214
FirewallRules: [{70D7821C-A61E-4E52-B09D-067618D5D86D}] => (Allow) LPort=57215
FirewallRules: [{288BFA13-FDA9-495F-B7D2-EDB2E8C0F009}] => (Allow) LPort=57216
FirewallRules: [{0157E027-7BAA-43D1-9162-5E55BFA226D6}] => (Allow) LPort=57217
FirewallRules: [{C9D2665C-F1B9-4220-AE61-B17C3DAF9395}] => (Allow) LPort=57218
FirewallRules: [{A212F782-65BF-479F-8E17-6EDA74CC2790}] => (Allow) LPort=63007
FirewallRules: [{8E46EA3A-3881-4211-8E21-F009B37F4389}] => (Allow) LPort=63008
FirewallRules: [{0EC1A2A2-5799-4F9D-8BA6-B5A0177A77AF}] => (Allow) LPort=63009
FirewallRules: [{A21B4C7E-E152-4CA6-93D2-BDA15DBB9CC0}] => (Allow) LPort=63010
FirewallRules: [{12522F56-B9A4-44C2-9110-F2D4E20A6811}] => (Allow) LPort=63011
FirewallRules: [{D0C31B24-D57B-4252-9C2C-6220015A0360}] => (Allow) LPort=63012
FirewallRules: [{90B9BED8-74AC-4C37-9E4F-DEEECFBACA93}] => (Allow) LPort=63013
FirewallRules: [{87AFBC1D-1CBB-4EEA-BC83-8A8D7A306866}] => (Allow) LPort=63014
FirewallRules: [{5C1EAA18-23E6-488F-9418-23C110F40E81}] => (Allow) LPort=63015
FirewallRules: [{6022A45D-C9C4-4741-ADD5-740DF70B4A72}] => (Allow) LPort=63016
FirewallRules: [{38C1EF0A-2BF8-4063-9CE2-E7BCFD2E483D}] => (Allow) LPort=63007
FirewallRules: [{80C64D30-B7F6-4A81-AFE4-324B64F4F086}] => (Allow) LPort=63008
FirewallRules: [{82F8F967-E536-4F08-AF29-B6E0DBEB2150}] => (Allow) LPort=63009
FirewallRules: [{95950DF5-4B5A-45AD-B255-9F64E41A4DCB}] => (Allow) LPort=63010
FirewallRules: [{3E96E131-CE74-49F4-8968-2A6598518214}] => (Allow) LPort=63011
FirewallRules: [{5A51AE89-42E9-4FBB-9FAA-8D63D68A3AEB}] => (Allow) LPort=63012
FirewallRules: [{4833C30C-141B-46DE-832E-FE6B8C3E1AD6}] => (Allow) LPort=63013
FirewallRules: [{78BF4CBE-C39F-45EA-ACDF-A7139BA11173}] => (Allow) LPort=63014
FirewallRules: [{E4C13705-6EAF-4E29-8071-24C58AB310C7}] => (Allow) LPort=63015
FirewallRules: [{74838132-CDA9-40AC-B226-455B63D39D8E}] => (Allow) LPort=63016
FirewallRules: [{B94E1EE9-9E17-4B13-AEDB-4223C56243DD}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{58187B22-A7C8-4E60-8479-64059512067B}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{F272FBB0-4061-43AC-99D9-23FEF51BDDB6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C051BCC3-3306-4C8C-9A87-D8DAA168850E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{68037CEB-01D4-4680-BE7C-AF0D8F0A50B0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7BEA1A4D-E246-4D38-90B6-5D5942604707}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D38C1721-AE27-45B4-B888-B6D26250F4B3}] => (Allow) C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{C4037062-5426-41FC-925C-E239F7BABCA8}] => (Allow) C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{873D32BD-6C6A-4BED-9746-F8CE97BCCACD}C:\users\uzivatel\appdata\local\discord\app-1.0.9005\discord.exe] => (Allow) C:\users\uzivatel\appdata\local\discord\app-1.0.9005\discord.exe => No File
FirewallRules: [UDP Query User{ABBEE46A-1D23-48EA-A725-6DAB6A9B4614}C:\users\uzivatel\appdata\local\discord\app-1.0.9005\discord.exe] => (Allow) C:\users\uzivatel\appdata\local\discord\app-1.0.9005\discord.exe => No File
FirewallRules: [TCP Query User{22E713ED-F347-4F14-B3A4-7D917A457853}D:\world_of_tanks\win64\worldoftanks.exe] => (Allow) D:\world_of_tanks\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{136CB068-BD3F-4F89-81BC-81B39DE96C93}D:\world_of_tanks\win64\worldoftanks.exe] => (Allow) D:\world_of_tanks\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{3BCB65A5-63E6-4C71-A91A-6F227C5C5E48}D:\wargaming.net\gamecenter\wgc.exe] => (Allow) D:\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{5F37B432-655C-4523-B367-CADF40804C56}D:\wargaming.net\gamecenter\wgc.exe] => (Allow) D:\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{3D66CFB6-BE01-478D-8B47-8971622470A3}C:\program files (x86)\blackmagic design\davinci control panels\setup utility\davinci control panels setup.exe] => (Allow) C:\program files (x86)\blackmagic design\davinci control panels\setup utility\davinci control panels setup.exe (Blackmagic Design Pty Ltd -> Blackmagic Design)
FirewallRules: [UDP Query User{85FD5EEC-14D1-4A89-9A83-539BEE4C024B}C:\program files (x86)\blackmagic design\davinci control panels\setup utility\davinci control panels setup.exe] => (Allow) C:\program files (x86)\blackmagic design\davinci control panels\setup utility\davinci control panels setup.exe (Blackmagic Design Pty Ltd -> Blackmagic Design)
FirewallRules: [{8D6AF4FB-5CCE-4CF8-BBDF-3FD14891F886}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{95AC6803-8EF5-4866-83B5-1CA1CC51EBE2}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{E7BF1FFA-CDEB-41CF-B3D2-133A8A01A528}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{06A31677-10FD-4B80-A0CF-7B8CEF641D14}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{D7DB5A84-C496-4F24-AD84-7761DF535457}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{F3638F5E-6469-4B2E-A88D-AC7C3FC823F1}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{1710BF05-187E-4EF5-976D-C3C76EADC93F}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File
FirewallRules: [{70EBF1FC-19A5-4205-8F27-E33C0301D043}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{A8C1E1E6-F09A-4FAF-A39E-0DE918DCA5DF}C:\users\uzivatel\appdata\local\discord\app-1.0.9008\discord.exe] => (Allow) C:\users\uzivatel\appdata\local\discord\app-1.0.9008\discord.exe => No File
FirewallRules: [UDP Query User{C572CD98-D09F-49A4-9EE5-0EC4EC0C1B29}C:\users\uzivatel\appdata\local\discord\app-1.0.9008\discord.exe] => (Allow) C:\users\uzivatel\appdata\local\discord\app-1.0.9008\discord.exe => No File
FirewallRules: [{29108D62-060F-40B1-9CEB-F2EBE91715AC}] => (Allow) D:\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{0FBC04AC-67F9-40CD-970C-BBA96AE820FE}] => (Allow) D:\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{35F10381-900D-476A-9B69-289D706919B4}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{09865BE2-15EC-4172-9A89-E3FB308E7E6C}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{5951FE13-4612-4D13-9AA0-04B49DFCC508}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{942FD780-F7EB-44B0-9288-5DF82682D6A5}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{E7D4D9B4-F8CB-4F0A-94FA-54029062E7BB}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.61\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{B5C30967-4A3B-4614-B5E9-97ACDFB89466}D:\games\call of duty modern warfare 2\iw4sp.exe] => (Allow) D:\games\call of duty modern warfare 2\iw4sp.exe (Valve Corporation -> ) [File not signed]
FirewallRules: [UDP Query User{48735072-A843-4CF2-B22B-3F727AB4CB6D}D:\games\call of duty modern warfare 2\iw4sp.exe] => (Allow) D:\games\call of duty modern warfare 2\iw4sp.exe (Valve Corporation -> ) [File not signed]
FirewallRules: [{E722CE42-0BA1-47BA-B979-A618D15BAB23}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2D303875-EED0-4E60-92E0-3E1301680E96}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D8DE1948-4AE4-44AD-856C-16C7DF1976C3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EF75D236-2D62-4FCA-9F1B-106DF2E5C982}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{86DC7DED-0DA6-401B-8EB1-8F3AF8E8881B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/26/2023 11:26:02 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_OFF došlo k chybě.

Error: (01/26/2023 11:17:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AdvancePCPro.exe, verze: 1.0.7.10, časové razítko: 0x6374dff4
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc000041d
Posun chyby: 0x2d0cb530
ID chybujícího procesu: 0x4e2c
Čas spuštění chybující aplikace: 0x01d9316ab95e8c26
Cesta k chybující aplikaci: C:\Program Files (x86)\AdvancePCPro\AdvancePCPro.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 4103ae25-fb17-4513-8f7c-3cb299110a13
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/26/2023 07:12:13 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe, identifikátor PID: 4848, identifikátor PID ProfSvc: 1816.

Error: (01/25/2023 08:29:50 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe, identifikátor PID: 4856, identifikátor PID ProfSvc: 1764.

Error: (01/24/2023 09:40:03 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (01/24/2023 09:40:03 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (01/24/2023 09:40:03 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (01/24/2023 09:40:03 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]


System errors:
=============
Error: (01/26/2023 11:19:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba DNS Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (01/26/2023 11:19:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Reason Security DNS Client Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (01/26/2023 11:19:34 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (01/26/2023 11:19:34 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Windows Phone IP over USB Transport (IpOverUsbSvc) byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/26/2023 11:19:34 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AdobeUpdateService byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/26/2023 11:19:34 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (01/26/2023 11:19:34 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Dolby DAX2 API Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/26/2023 11:19:34 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avast SecureLine VPN byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.


CodeIntegrity:
===============
Date: 2023-01-26 11:26:01
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2023-01-26 11:19:59
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\AdwCleaner\Quarantine\v1\20230126.111924\18\SAFERWEB\rsDwf.sys#4E41885AD86C3278 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2023-01-26 11:19:57
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\AdwCleaner\Quarantine\v1\20230126.111924\12\Web Companion\Service\x64\bddci_core.dll#5AE7215DA30D71C0 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

BIOS: LENOVO E5CN52WW 04/28/2016
Motherboard: LENOVO Lenovo ideapad 700-17ISK
Processor: Intel(R) Core(TM) i7-6700HQ CPU @ 2.60GHz
Percentage of memory in use: 46%
Total physical RAM: 16145.29 MB
Available physical RAM: 8644.79 MB
Total Virtual: 28433.29 MB
Available Virtual: 19537.21 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:118.1 GB) (Free:7.7 GB) (Model: SAMSUNG MZVLV128HCGR-000L2) NTFS
Drive d: (LENOVO) (Fixed) (Total:1862.89 GB) (Free:36.03 GB) (Model: WD20SPZX-21UA7T0) NTFS

\\?\Volume{d0735b2a-de13-4684-8bb4-c526d47bc4b8}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{dbafd1e3-0dd9-476f-b29f-37a1320fa9e9}\ () (Fixed) (Total:0.54 GB) (Free:0.08 GB) NTFS
\\?\Volume{97bfc6ef-4b2f-4d3b-a503-9fcc9a4bae3d}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Size: 119.2 GB) (Disk ID: 215A0EFD)

Partition: GPT.

==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-01-2023
Ran by uzivatel (administrator) on LUBOS_NOTE (LENOVO 80RV) (26-01-2023 11:27:42)
Running from C:\Users\uzivatel\Desktop
Loaded Profiles: uzivatel & postgres
Platform: Microsoft Windows 10 Home Version 22H2 19045.2486 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <6>
(C:\Program Files (x86)\Altruistic\Altruistic.exe ->) (ALT Dev Group -> ) [File not signed] C:\Program Files (x86)\Altruistic\AltruisticApp.exe
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\RAVVPN\rsVPNSvc.exe ->) (Reason Cybersecurity Inc. -> Reason Cybersecurity Ltd.) C:\Program Files\RAVVPN\ui\RAVVPN.exe <5>
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <38>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (ALT Dev Group -> ) [File not signed] [File is in use] C:\Program Files (x86)\Altruistic\Altruistic.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine VPN\VpnSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_1e59f5ec7049260a\aesm_service.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_ce837e92efe9cbc4\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Reason Cybersecurity Inc. -> Reason Software Company Inc.) C:\Program Files\RAVVPN\rsVPNClientSvc.exe
(services.exe ->) (Reason Cybersecurity Inc. -> Reason Software Company Inc.) C:\Program Files\RAVVPN\rsVPNSvc.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476960 2022-09-27] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [215960 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18384352 2017-10-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493984 2017-10-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493984 2017-10-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2015-01-09] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [EventDesireeDeluxe] => C:\Program Files (x86)\HiTi\EveDsirDeluxe\HTPntSplr.exe [176128 2011-06-14] () [File not signed]
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [1068512 2022-09-29] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [AdvancePCPro] => C:\Program Files (x86)\AdvancePCPro\AdvancePCPro.exe [11602536 2023-01-26] (AlorSoftInc -> Alor Soft Inc) [File not signed]
HKLM-x32\...\RunOnce: [ccleaner_update_helper] => C:\Program Files\CCleaner\ccleaner_update_helper.exe [710992 2023-01-26] (PIRIFORM SOFTWARE LIMITED -> Piriform)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\69.0.0.0\GoogleDriveFS.exe [51022104 2023-01-19] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\69.0.0.0\GoogleDriveFS.exe [51022104 2023-01-19] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [194104 2022-11-30] (Adobe Inc. -> Adobe Inc.)
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\Run: [Wargaming.net Game Center] => D:\Wargaming.net\GameCenter\wgc.exe [2176176 2023-01-20] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38916432 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91591032 2020-04-14] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\Run: [EpicGamesLauncher] => D:\Games\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32703952 2022-09-06] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\Run: [Discord] => C:\Users\uzivatel\AppData\Local\Discord\Update.exe [1512040 2021-03-18] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\69.0.0.0\GoogleDriveFS.exe [51022104 2023-01-19] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\Run: [com.messenger] => "C:\Users\uzivatel\AppData\Local\Programs\Messenger\Messenger.exe" messenger://openAtLogin (No File)
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\Run: [Zoner Photo Studio Autoupdate] => D:\programy\Photo Studio 18\Photo Studio 18\Program32\ZPSTRAY.EXE [680520 2017-01-09] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\Run: [Steam] => D:\Steam\steam.exe [4246376 2022-12-15] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\Run: [TaskbarSystem] => C:\Users\uzivatel\AppData\Local\Programs\TaskbarSystem\TaskbarSystem.exe [911360 2022-12-08] (Cleversort FZ-LLC -> )
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\uzivatel\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\uzivatel\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\RunOnce: [Uninstall 22.253.1204.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\uzivatel\AppData\Local\Microsoft\OneDrive\22.253.1204.0001" (No File)
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\MountPoints2: {1138cd60-662e-11ec-8a26-ac2b6ef875f9} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\MountPoints2: {34ab0ae3-04cc-11ec-897a-ac2b6ef875f6} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2675956952-4226471559-2940555150-1006\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\69.0.0.0\GoogleDriveFS.exe [51022104 2023-01-19] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\69.0.0.0\GoogleDriveFS.exe [51022104 2023-01-19] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\Canon MG5700 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCS.DLL [30208 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5700 series: C:\Windows\system32\CNMLMCS.DLL [406528 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [375296 2015-03-17] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\HiTi P510 Language Monitor: C:\Windows\system32\LMonhrak.dll [129024 2015-10-07] (HiTi Digital, Inc. -> HiTi Digital, Inc.)
HKLM\...\Print\Monitors\Software602 XPS port monitor: C:\Windows\system32\602localmon.dll [54864 2018-05-31] (Software602 a.s. -> Windows (R) Win 7 DDK provider)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\109.0.5414.76\Installer\chrmstp.exe [2023-01-26] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\88.0.7842.105\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2022-12-22]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
Startup: C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk [2019-03-18]
ShortcutTarget: EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon Inc. -> Canon INC.)
Startup: C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2019-12-29]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\uzivatel\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook, Inc. -> Facebook)
GroupPolicy: Restriction ? <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {000D7B7D-E4D2-493D-909D-69C7D5F8AC76} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {055673F3-2BC0-4636-B174-74ACA81F2B57} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2250576 2022-05-24] (Avast Software s.r.o. -> Avast Software)
Task: {161B1EC9-C18A-439C-9B86-BB4B53767248} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe (No File)
Task: {1C09FC2B-FD49-49B3-9E10-6C3696DD52B8} - System32\Tasks\WindowGrid => C:\Program Files\WindowGrid\WindowGrid.exe [565760 2016-05-17] (windowgrid.net) [File not signed]
Task: {1E5BD2B4-C819-4A3F-8456-819281AAAB60} - System32\Tasks\Opera scheduled Autoupdate 1577302536 => C:\Users\uzivatel\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {27F78F1C-02C0-4FC9-B05A-A11D69EC3F2B} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4646480 2022-12-21] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\Avast Software\SecureLine VPN\log" --guid aaecb268-3e8a-417d-bb08-db4d4745dc26
Task: {2EACA9B5-6AC5-47EB-9F6E-58F64B1527A6} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4669264 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "f40f5495-19eb-4ef1-bd4f-e83ca1ea3388" --version "6.07.10191" --silent
Task: {2F39C9A8-D94E-42C9-9172-8768863E098B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-12-09] (Piriform Software Ltd -> Piriform)
Task: {39347F88-38DE-416F-9FD4-154D9E54F057} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3F81C5C9-0BBE-48F8-9050-DFDD34EB8708} - System32\Tasks\GoogleUpdateTaskMachineCore{24ED5AFE-A49F-4CEB-9E6C-B2C0F1A97794} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-03] (Google Inc -> Google Inc.)
Task: {4B6FA80C-D2BC-41D4-8362-2C4914F84F7B} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [6694224 2022-11-22] (Avast Software s.r.o. -> Avast Software)
Task: {5200D7B4-5101-4DFB-9CE3-DFCF11795BAE} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5B897CD5-37BD-4919-9318-BB9EB26C8246} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1209424 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
Task: {67FDE05B-6245-47DD-B9E5-815C6B3EA1BD} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6CA2161F-D083-4563-B366-32B986989124} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-lkos@email.cz => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {73ABC7D8-4474-4EE9-8DA6-191AD2C4DA85} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4954008 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
Task: {7AAA4CFD-FB10-4624-A9EC-E761AA5114A4} - System32\Tasks\GoogleUpdateTaskMachineUA{EA5BDC13-DE18-4A0C-B672-96064DCD74A9} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-03] (Google Inc -> Google Inc.)
Task: {81CFEE1A-5EE6-4C22-AFC8-32175C16D363} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A4ADC68F-34BC-4A5F-9CC7-5B7A21AA8C60} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A65DE08A-C43E-481C-B851-0678819B899B} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476960 2022-09-27] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {A9BDD237-8000-4921-9340-D847948F8752} - System32\Tasks\CCleanerSkipUAC - uzivatel => C:\Program Files\CCleaner\CCleaner.exe [32602448 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {AA0DE12B-1829-4EC6-876B-2A2C7D7EF7F2} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B48D7264-690D-46B7-90A0-0BB606F8FD5A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B593B39E-D067-495A-82F0-0D828FA35559} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {BA408925-32B5-4059-8579-C838EC52AB15} - System32\Tasks\Adobe Uninstaller => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [425440 2022-09-29] (Adobe Inc. -> Adobe Inc.)
Task: {BC7829B5-01D9-4779-BDC7-E85ABB9F448C} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D7728714-3BE0-4235-A9BE-1526D9D6E613} - System32\Tasks\Opera scheduled assistant Autoupdate 1577302546 => C:\Users\uzivatel\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\uzivatel\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {E3FF3B71-95D7-4CEC-B897-9D0B00264B00} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.112.1.1 10.112.2.1
Tcpip\..\Interfaces\{1961fd5e-8cb4-400a-af05-853afde3b758}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{4889d55e-0db2-4b0b-96a8-521e56b89848}: [DhcpNameServer] 10.112.1.1 10.112.2.1
Tcpip\..\Interfaces\{a9fbbf52-8c95-4d8e-a930-90118eb1a9a6}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{a9fbbf52-8c95-4d8e-a930-90118eb1a9a6}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\uzivatel\AppData\Local\Microsoft\Edge\User Data\Default [2023-01-20]

FireFox:
========
FF DefaultProfile: 6rklpty8.default
FF ProfilePath: C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\6rklpty8.default [2023-01-26]
FF Homepage: Mozilla\Firefox\Profiles\6rklpty8.default -> hxxps://www.google.com/
FF NewTab: Mozilla\Firefox\Profiles\6rklpty8.default -> hxxps://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=IS210801&iDate=2023-01-26 09:43:46&bName=
FF SearchPlugin: C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\6rklpty8.default\searchplugins\My Bing Search.xml [2023-01-26]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2023-01-26] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @videolan.org/vlc,version=3.0.11 -> D:\programy\vlc\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> D:\programy\vlc\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> D:\programy\vlc\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> D:\programy\vlc\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-01-21] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2022-09-29] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2017-10-17] (CANON INC.) [File not signed]
FF Plugin-x32: @parallelgraphics.com/Cortona -> C:\Program Files (x86)\Common Files\ParallelGraphics\Cortona\npcortona.dll [2020-06-02] (Parallel Graphics Limited -> ParallelGraphics)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2022-09-29] (Adobe Inc. -> Adobe Systems)

Chrome:
=======
CHR Profile: C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default [2023-01-26]
CHR Notifications: Default -> hxxps://aukro.cz; hxxps://business.facebook.com; hxxps://calendar.google.com; hxxps://click-now-extra-special.online; hxxps://cryptosvet.cz; hxxps://drive.google.com; hxxps://meet.google.com; hxxps://paleosnadno.cz; hxxps://twitter.com; hxxps://web.whatsapp.com; hxxps://www.airbaltic.com; hxxps://www.eglobalcentraleu.com; hxxps://www.facebook.com; hxxps://www.fotoskoda.cz; hxxps://www.netflix.com; hxxps://www.pestryjidelnicek.cz; hxxps://www.spuntik.cz; hxxps://www.working-dog.com; hxxps://www.youtube.com
CHR HomePage: Default -> hxxps://seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Extension: (Překladač Google) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-03-10]
CHR Extension: (DeFi Saver Gas Prices Extension) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\afgfdkloegmghldbalmenklokhlifphe [2022-12-09]
CHR Extension: (User-Agent Switcher for Chrome) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg [2021-10-09]
CHR Extension: (Alitools - nákupní asistent) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\eenflijjbchafephdplkdmeenekabdfb [2023-01-22]
CHR Extension: (Avast Passwords) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2020-02-10]
CHR Extension: (Yoroi) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffnbelfdoeiohenkjibnmadjiehjhajb [2022-12-31]
CHR Extension: (Binance Wallet) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhbohimaelbohpjbbldcngcnapndodjp [2022-09-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-01-24]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-12-21]
CHR Extension: (Google Kalendář) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2021-01-09]
CHR Extension: (FormApps Extension) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2022-10-12]
CHR Extension: (WPSNIFFER - WordPress Themes Sniffer) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kihhefcbenhkjgjhchanjfhhflaojldn [2019-10-23]
CHR Extension: (Alt Text Tester) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\koldhcllpbdfcdpfpbldbicbgddglodk [2018-10-31]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-01-24]
CHR Extension: (polkadot{.js} extension) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mopnmbcafieddcagagdcbnhejhlodfdd [2022-06-11]
CHR Extension: (EXIF Viewer) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafpfdcmppffipmhcpkbplhkoiekndck [2018-09-03]
CHR Extension: (MetaMask) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2023-01-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Profile: C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\System Profile [2022-05-04]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

"AltruisticsService" => service was unlocked. <==== ATTENTION

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
S2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [923616 2022-09-29] (Adobe Inc. -> Adobe Inc.)
S2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3866592 2022-09-27] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3702240 2022-09-27] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AltruisticsService; C:\Program Files (x86)\Altruistic\Altruistic.exe [18360896 2023-01-26] (ALT Dev Group -> ) [File not signed] [File is in use]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8553880 2022-12-20] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [597400 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [597400 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-05-21] (Avast Software s.r.o. -> AVAST Software)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4452456 2019-12-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [197120 2017-07-13] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
S2 HiTi Print Service; C:\Program Files (x86)\HiTi\HtService\HTService2.exe [231936 2020-12-22] (HiTi Digital, Inc.) [File not signed]
S2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [236864 2021-11-08] (Huawei Technologies Co., Ltd. -> ) [File not signed]
S4 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [397472 2018-03-15] (Canon Inc. -> )
S2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21304 2017-09-28] (Microsoft Corporation -> Microsoft Corporation)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [850256 2023-01-26] (McAfee, LLC -> McAfee, LLC)
S2 postgresql-x64-9.5; C:\Program Files\PostgreSQL\9.5\bin\pg_ctl.exe [94208 2016-08-09] (PostgreSQL Global Development Group) [File not signed]
R2 rsVPNClientSvc; C:\Program Files\RAVVPN\rsVPNClientSvc.exe [740680 2023-01-26] (Reason Cybersecurity Inc. -> Reason Software Company Inc.)
R2 rsVPNSvc; C:\Program Files\RAVVPN\rsVPNSvc.exe [306504 2023-01-26] (Reason Cybersecurity Inc. -> Reason Software Company Inc.)
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [9461328 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [187904 2017-09-28] (Microsoft Corporation) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [3201616 2019-11-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe [103168 2019-11-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 DCIService; C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_ce837e92efe9cbc4\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_ce837e92efe9cbc4\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
S2 rsDNSClientSvc; C:\Program Files\SaferWeb\rsDNSClientSvc.exe [X]
S2 rsDNSResolver; "C:\Program Files\SaferWeb\rsDNSResolver.exe" [X]
S2 rsDNSSvc; "C:\Program Files\SaferWeb\rsDNSSvc.exe" [X]
S2 rsSyncSvc; C:\Program Files\RAVAntivirus\x64\rsSyncSvc.exe -rpn:ravantivirus -lpn:rav_antivirus -url:hxxps://update.reasonsecurity.com/v1/live -dt:10

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [31424 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [229208 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [391272 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [297832 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [95960 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2022-10-13] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [39648 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [267888 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [555560 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [105248 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [80376 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [852000 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [695496 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [212632 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2022-03-24] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [318456 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R3 aswVpnRdr; C:\WINDOWS\System32\drivers\aswVpnRdr.sys [65944 2022-06-07] (Avast Software s.r.o. -> Avast Software)
R3 aswWintun; C:\WINDOWS\System32\drivers\aswWintun.sys [51112 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
S3 athur; C:\WINDOWS\System32\drivers\athurx.sys [1847296 2010-01-05] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
S2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [367096 2023-01-26] (Bitdefender SRL -> Bitdefender)
S3 DaVinciKeyboards; C:\WINDOWS\System32\drivers\DaVinciKeyboards.sys [28416 2022-10-11] (WDKTestCert build,131958900460134002 -> Blackmagic Design)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2019-12-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2019-12-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2021-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2021-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 rsDwf; C:\WINDOWS\system32\DRIVERS\rsDwf.sys [54144 2023-01-26] (Reason CyberSecurity Inc. -> Reason CyberSecurity Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-11-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [351968 2019-11-06] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-11-06] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-01-26 11:27 - 2023-01-26 11:28 - 000036728 ____C C:\Users\uzivatel\Desktop\FRST.txt
2023-01-26 11:26 - 2023-01-26 11:26 - 002376704 ____C (Farbar) C:\Users\uzivatel\Desktop\FRST64 (1).exe
2023-01-26 11:18 - 2023-01-26 11:18 - 008791352 ____C (Malwarebytes) C:\Users\uzivatel\Desktop\adwcleaner.exe
2023-01-26 10:46 - 2023-01-26 11:19 - 000000000 ____D C:\Users\uzivatel\AppData\Roaming\SaferWeb
2023-01-26 10:46 - 2023-01-26 10:46 - 000001175 ____C C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Safer Web.lnk
2023-01-26 10:45 - 2023-01-26 11:20 - 000000000 ____D C:\Users\uzivatel\AppData\Roaming\RAVVPN
2023-01-26 10:45 - 2023-01-26 11:20 - 000000000 ____D C:\ProgramData\RAVVPNService
2023-01-26 10:45 - 2023-01-26 10:45 - 000054144 _____ (Reason CyberSecurity Inc.) C:\WINDOWS\system32\Drivers\rsDwf.sys
2023-01-26 10:45 - 2023-01-26 10:45 - 000001143 ____C C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RAV VPN.lnk
2023-01-26 10:45 - 2023-01-26 10:45 - 000000000 ____D C:\ProgramData\RAVVPNBackup
2023-01-26 10:44 - 2023-01-26 11:18 - 000000000 ____D C:\ProgramData\AdvancePCPro
2023-01-26 10:44 - 2023-01-26 10:46 - 000000000 ____D C:\Program Files (x86)\rsStubActivator-1.1.1
2023-01-26 10:44 - 2023-01-26 10:45 - 000000000 ____D C:\Program Files\RAVVPN
2023-01-26 10:44 - 2023-01-26 10:44 - 000005016 _____ C:\ProgramData\rsEngine.config.backup
2023-01-26 10:44 - 2023-01-26 10:44 - 000000000 ____D C:\Users\uzivatel\AppData\Local\AdvancePCPro
2023-01-26 10:43 - 2023-01-26 11:19 - 000000000 ____D C:\Users\uzivatel\AppData\Roaming\Lavasoft
2023-01-26 10:43 - 2023-01-26 11:19 - 000000000 ____D C:\Users\uzivatel\AppData\Local\Lavasoft
2023-01-26 10:43 - 2023-01-26 11:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2023-01-26 10:43 - 2023-01-26 11:19 - 000000000 ____D C:\ProgramData\Lavasoft
2023-01-26 10:43 - 2023-01-26 11:19 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2023-01-26 10:43 - 2023-01-26 10:44 - 000000000 ____D C:\Program Files (x86)\AdvancePCPro
2023-01-26 10:43 - 2023-01-26 10:43 - 000367096 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bddci.sys
2023-01-26 10:43 - 2023-01-26 10:43 - 000000000 ___DC C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Taskbar system
2023-01-26 10:43 - 2023-01-26 10:43 - 000000000 ____D C:\Users\uzivatel\AppData\Local\AltruisticApp
2023-01-26 10:43 - 2023-01-26 10:43 - 000000000 ____D C:\Users\uzivatel\AppData\Local\Altruistic
2023-01-26 10:43 - 2023-01-26 10:43 - 000000000 ____D C:\ProgramData\Altruistic
2023-01-26 10:43 - 2023-01-26 10:43 - 000000000 ____D C:\Program Files (x86)\Altruistic
2023-01-26 10:42 - 2023-01-26 10:42 - 000000000 ____D C:\ProgramData\McAfee
2023-01-26 10:42 - 2023-01-26 10:42 - 000000000 ____D C:\Program Files\McAfee
2023-01-26 10:41 - 2023-01-26 10:41 - 000000000 ____D C:\Users\uzivatel\AppData\Roaming\7zip
2023-01-22 16:10 - 2023-01-22 16:10 - 000000797 _____ C:\Users\Public\Desktop\Call Of Duty Modern Warfare 2.lnk
2023-01-22 16:10 - 2023-01-22 16:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call Of Duty Modern Warfare 2
2023-01-20 17:57 - 2023-01-20 17:57 - 000000199 ____C C:\Users\uzivatel\Desktop\Counter-Strike Global Offensive.url
2023-01-20 17:57 - 2023-01-20 17:57 - 000000000 ___DC C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2023-01-20 17:49 - 2023-01-20 17:49 - 000000000 ____D C:\Users\uzivatel\AppData\Local\Steam
2023-01-20 17:48 - 2023-01-20 17:48 - 000000555 _____ C:\Users\Public\Desktop\Steam.lnk
2023-01-20 17:48 - 2023-01-20 17:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2023-01-12 10:04 - 2023-01-12 10:04 - 000000000 ___HD C:\$WinREAgent
2023-01-04 21:08 - 2023-01-04 21:13 - 000000000 ____D C:\ProgramData\FitLinie
2023-01-04 21:08 - 2023-01-04 21:08 - 000001080 ____C C:\Users\uzivatel\Desktop\FitLinie.lnk
2023-01-04 21:08 - 2023-01-04 21:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FitLinie
2023-01-04 21:08 - 2023-01-04 21:08 - 000000000 ____D C:\ProgramData\Microsoft NT Ident
2023-01-04 21:08 - 2023-01-04 21:08 - 000000000 ____D C:\Program Files (x86)\FitLinie
2023-01-04 21:08 - 2001-07-24 17:23 - 000139264 _____ (Soft&Control Technology) C:\WINDOWS\SysWOW64\FODBCLib.dll
2022-12-28 10:15 - 2022-12-28 10:15 - 000710005 ____C C:\Users\uzivatel\Desktop\CZ PRO pricelist 2023_dog.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-01-26 11:28 - 2021-10-09 00:25 - 000000000 ____D C:\FRST
2023-01-26 11:20 - 2018-09-03 12:35 - 000000000 ____D C:\ProgramData\NVIDIA
2023-01-26 11:19 - 2022-03-24 09:59 - 000004028 _____ C:\WINDOWS\system32\Tasks\Avast SecureLine VPN Update
2023-01-26 11:19 - 2021-01-26 17:38 - 000000000 ____D C:\Users\uzivatel\AppData\Roaming\discord
2023-01-26 11:19 - 2018-09-03 18:04 - 000000000 ____D C:\Program Files (x86)\Google
2023-01-26 11:17 - 2018-09-06 12:21 - 000000000 ___DC C:\Users\uzivatel\AppData\Local\CrashDumps
2023-01-26 11:12 - 2021-05-16 19:45 - 000000000 ____D C:\Users\uzivatel\AppData\Local\Discord
2023-01-26 11:11 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-01-26 10:56 - 2022-10-13 13:36 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-01-26 10:56 - 2022-10-13 13:36 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-01-26 10:56 - 2020-08-27 14:59 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-01-26 10:49 - 2018-09-03 18:20 - 000000000 ___RD C:\Users\uzivatel\Creative Cloud Files
2023-01-26 10:48 - 2018-09-11 08:12 - 000000000 ___DC C:\Users\uzivatel\AppData\Local\D3DSCache
2023-01-26 10:28 - 2018-10-03 16:53 - 000000000 ____D C:\Program Files\CCleaner
2023-01-26 09:32 - 2020-08-27 14:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-01-26 07:54 - 2018-09-03 18:05 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-01-26 07:54 - 2018-09-03 18:05 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-01-26 07:25 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-01-26 07:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-01-26 07:20 - 2021-12-13 14:04 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2675956952-4226471559-2940555150-1001
2023-01-26 07:20 - 2020-08-27 14:59 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2675956952-4226471559-2940555150-1001
2023-01-26 07:20 - 2020-08-27 14:44 - 000002390 ____C C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-01-26 07:12 - 2018-09-03 12:27 - 000000000 __SHD C:\Users\uzivatel\IntelGraphicsProfiles
2023-01-26 07:11 - 2022-10-05 07:45 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-01-26 07:11 - 2020-08-27 14:59 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-01-26 07:11 - 2018-09-04 05:34 - 000000000 ____D C:\ProgramData\AVAST Software
2023-01-25 15:40 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-01-25 15:38 - 2022-10-05 07:45 - 000003048 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-01-25 15:38 - 2022-01-22 12:37 - 000003478 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{EA5BDC13-DE18-4A0C-B672-96064DCD74A9}
2023-01-25 15:38 - 2022-01-22 12:37 - 000003254 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{24ED5AFE-A49F-4CEB-9E6C-B2C0F1A97794}
2023-01-25 15:38 - 2021-10-05 10:51 - 000002260 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - uzivatel
2023-01-25 15:38 - 2021-05-19 11:14 - 000002310 _____ C:\WINDOWS\system32\Tasks\Adobe Uninstaller
2023-01-25 15:38 - 2020-08-27 14:59 - 000003872 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1577302546
2023-01-25 15:38 - 2020-08-27 14:59 - 000003612 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1577302536
2023-01-25 15:38 - 2020-08-27 14:59 - 000003568 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-01-25 15:38 - 2020-08-27 14:59 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-01-25 15:38 - 2020-08-27 14:59 - 000003344 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-01-25 15:38 - 2020-08-27 14:59 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-01-25 15:38 - 2020-08-27 14:59 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-01-25 15:38 - 2020-08-27 14:59 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-01-25 15:38 - 2020-08-27 14:59 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-01-25 15:38 - 2020-08-27 14:59 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-01-25 15:38 - 2020-08-27 14:59 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-01-25 15:38 - 2020-08-27 14:59 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-01-25 15:38 - 2020-08-27 14:59 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-01-25 15:38 - 2020-08-27 14:59 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-01-25 15:38 - 2020-08-27 14:59 - 000002792 _____ C:\WINDOWS\system32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-lkos@email.cz
2023-01-25 15:38 - 2020-08-27 14:59 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-01-25 15:38 - 2020-08-27 14:59 - 000002612 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2023-01-25 15:38 - 2020-08-27 14:59 - 000002364 _____ C:\WINDOWS\system32\Tasks\WindowGrid
2023-01-25 15:38 - 2020-08-27 14:59 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2023-01-24 10:00 - 2020-08-24 07:45 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-01-21 14:22 - 2020-08-27 14:43 - 001782064 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-01-21 14:22 - 2019-12-07 15:41 - 000746904 _____ C:\WINDOWS\system32\perfh005.dat
2023-01-21 14:22 - 2019-12-07 15:41 - 000160458 _____ C:\WINDOWS\system32\perfc005.dat
2023-01-21 14:22 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-01-20 18:01 - 2020-06-10 17:40 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-01-20 18:01 - 2020-06-10 17:40 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-01-19 19:06 - 2018-09-03 12:16 - 000000000 ___DC C:\Users\uzivatel\AppData\Local\Packages
2023-01-19 18:46 - 2020-11-19 08:40 - 000000000 ____D C:\WINDOWS\Minidump
2023-01-19 17:55 - 2021-09-24 11:53 - 000002057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2023-01-19 17:55 - 2021-09-24 11:53 - 000001899 _____ C:\Users\Default\Desktop\Google Slides.lnk
2023-01-19 17:55 - 2021-09-24 11:53 - 000001899 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2023-01-19 17:55 - 2021-09-24 11:53 - 000001887 _____ C:\Users\Default\Desktop\Google Docs.lnk
2023-01-19 17:06 - 2018-09-03 12:17 - 000000000 ___DC C:\Users\uzivatel\AppData\Local\PlaceholderTileLogoFolder
2023-01-17 10:26 - 2018-09-14 09:39 - 000000000 ___DC C:\Users\uzivatel\AppData\Roaming\vlc
2023-01-15 20:27 - 2020-08-27 14:59 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2023-01-15 17:08 - 2020-10-07 18:33 - 000000000 ____D C:\Users\uzivatel\AppData\Local\Room Arranger
2023-01-15 10:42 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-01-13 07:48 - 2020-08-27 14:40 - 005029144 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-01-12 21:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-01-12 21:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-01-12 21:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-01-12 21:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-01-12 10:14 - 2020-08-27 14:42 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-01-11 11:02 - 2018-09-03 12:41 - 150199536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-01-11 11:02 - 2018-09-03 12:41 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-01-05 11:32 - 2021-03-25 19:01 - 000000000 ___HD C:\adobeTemp
2023-01-05 08:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState

==================== Files in the root of some directories ========

2022-04-24 17:48 - 2022-04-24 17:48 - 000000664 _____ () C:\Users\uzivatel\AppData\Roaming\OEMSDKHASH.txt
2020-01-24 17:45 - 2020-03-04 12:38 - 000001480 _____ () C:\Users\uzivatel\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2018-11-20 13:05 - 2018-11-20 13:05 - 000000096 ____C () C:\Users\uzivatel\AppData\Local\fusioncache.dat
2018-09-30 18:16 - 2019-10-17 03:00 - 000000410 ____C () C:\Users\uzivatel\AppData\Local\oobelibMkey.log
2019-11-06 18:31 - 2020-03-18 11:34 - 000007601 ____C () C:\Users\uzivatel\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)



testsigning: ==> 'testsigning' is set. Check for possible unsigned driver <==== ATTENTION
==================== End of FRST.txt ========================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Natažení malware

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

lubo52
Návštěvník
Návštěvník
Příspěvky: 90
Registrován: 05 zář 2012 14:03

Re: Natažení malware

#3 Příspěvek od lubo52 »

Zdravím,
scenovatšlo, ale potom nabídl program adwcleaner jen karanténu, nerestartoval počítač log zde:
# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-26-2023
# Duration: 00:00:00
# OS: Windows 10 (Build 19045.2486)
# Cleaned: 0
# Failed: 1


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Not Deleted banggood.com

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2036 octets] - [09/10/2021 22:31:15]
AdwCleaner[C00].txt - [2076 octets] - [09/10/2021 22:32:06]
AdwCleaner[S01].txt - [1589 octets] - [09/10/2021 22:34:00]
AdwCleaner[C01].txt - [1759 octets] - [09/10/2021 22:34:12]
AdwCleaner[S02].txt - [3559 octets] - [26/01/2023 11:19:03]
AdwCleaner[C02].txt - [3361 octets] - [26/01/2023 11:19:37]
AdwCleaner[S03].txt - [1797 octets] - [26/01/2023 14:38:18]
AdwCleaner[S04].txt - [1858 octets] - [26/01/2023 14:38:59]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C04].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Natažení malware

#4 Příspěvek od Rudy »

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
FirewallRules: [TCP Query User{7B816216-65AA-41D1-97A9-EDE2EFB45C55}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe => No File
FirewallRules: [UDP Query User{D467D6E0-D448-4FA6-A5FE-BBC36830E02D}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe => No File
FirewallRules: [TCP Query User{873D32BD-6C6A-4BED-9746-F8CE97BCCACD}C:\users\uzivatel\appdata\local\discord\app-1.0.9005\discord.exe] => (Allow) C:\users\uzivatel\appdata\local\discord\app-1.0.9005\discord.exe => No File
FirewallRules: [UDP Query User{ABBEE46A-1D23-48EA-A725-6DAB6A9B4614}C:\users\uzivatel\appdata\local\discord\app-1.0.9005\discord.exe] => (Allow) C:\users\uzivatel\appdata\local\discord\app-1.0.9005\discord.exe => No File
FirewallRules: [{1710BF05-187E-4EF5-976D-C3C76EADC93F}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File
FirewallRules: [TCP Query User{A8C1E1E6-F09A-4FAF-A39E-0DE918DCA5DF}C:\users\uzivatel\appdata\local\discord\app-1.0.9008\discord.exe] => (Allow) C:\users\uzivatel\appdata\local\discord\app-1.0.9008\discord.exe => No File
FirewallRules: [UDP Query User{C572CD98-D09F-49A4-9EE5-0EC4EC0C1B29}C:\users\uzivatel\appdata\local\discord\app-1.0.9008\discord.exe] => (Allow) C:\users\uzivatel\appdata\local\discord\app-1.0.9008\discord.exe => No File
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\Run: [com.messenger] => "C:\Users\uzivatel\AppData\Local\Programs\Messenger\Messenger.exe" messenger://openAtLogin (No File)
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\uzivatel\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\uzivatel\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\uzivatel\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\RunOnce: [Uninstall 22.253.1204.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\uzivatel\AppData\Local\Microsoft\OneDrive\22.253.1204.0001" (No File)
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\MountPoints2: {1138cd60-662e-11ec-8a26-ac2b6ef875f9} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2675956952-4226471559-2940555150-1001\...\MountPoints2: {34ab0ae3-04cc-11ec-897a-ac2b6ef875f6} - "F:\HiSuiteDownLoader.exe"
Startup: C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk [2019-03-18]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2022-12-22]
Startup: C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2019-12-29]
GroupPolicy: Restriction ? <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {1E5BD2B4-C819-4A3F-8456-819281AAAB60} - System32\Tasks\Opera scheduled Autoupdate 1577302536 => C:\Users\uzivatel\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {3F81C5C9-0BBE-48F8-9050-DFDD34EB8708} - System32\Tasks\GoogleUpdateTaskMachineCore{24ED5AFE-A49F-4CEB-9E6C-B2C0F1A97794} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-03] (Google Inc -> Google Inc.)
Task: {7AAA4CFD-FB10-4624-A9EC-E761AA5114A4} - System32\Tasks\GoogleUpdateTaskMachineUA{EA5BDC13-DE18-4A0C-B672-96064DCD74A9} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-03] (Google Inc -> Google Inc.)
FF NewTab: Mozilla\Firefox\Profiles\6rklpty8.default -> hxxps://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=IS210801&iDate=2023-01-26 09:43:46&bName=
"AltruisticsService" => service was unlocked. <==== ATTENTION
testsigning: ==> 'testsigning' is set. Check for possible unsigned driver <==== ATTENTION

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

lubo52
Návštěvník
Návštěvník
Příspěvky: 90
Registrován: 05 zář 2012 14:03

Re: Natažení malware

#5 Příspěvek od lubo52 »

Dobrý den,
pc jsem dle návodu fixnul:) sám se restartoval. Log se nezobrazil a zase vyskočilo viz příloha
Přílohy
Snímek obrazovky (841).png
Snímek obrazovky (841).png (290.75 KiB) Zobrazeno 482 x

lubo52
Návštěvník
Návštěvník
Příspěvky: 90
Registrován: 05 zář 2012 14:03

Re: Natažení malware

#6 Příspěvek od lubo52 »

jsem ty programy zkusil odinstalovat ručně.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Natažení malware

#7 Příspěvek od Rudy »

To tam máte asi něco nainstalováno, není to klasický malware. Musíte to najít a odinstalovat.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

lubo52
Návštěvník
Návštěvník
Příspěvky: 90
Registrován: 05 zář 2012 14:03

Re: Natažení malware

#8 Příspěvek od lubo52 »

Dobrý den,
děkuji. a jinak je to již čisté?

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Natažení malware

#9 Příspěvek od Rudy »

Čisté a pomocí FRST jsme odstrnili zbytečnosti.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět