VIRY.CZ

OK. Zkusím KVRT ještě jednou

Našel tohle

Dal jsem smazat. Co dál?

Vloz este raz oba logy FRST, posledne ten prvy nebol uplny a zajtra napisem na docistenie fixlist,
ale vypada to iba na falosny poplach Avastu

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-07-2023
Ran by WinCan (administrator) on DESKTOP-Q0QN2E9 (23-07-2023 11:06:44)
Running from C:\Users\WinCan\Desktop\LOGY\FRST64.exe
Loaded Profiles: WinCan
Platform: Microsoft Windows 10 Pro Version 22H2 19045.3208 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxEM.exe
(Kilonova LLC -> Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.7\Lightshot.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.3205_none_7e1f4da67c811930\TiWorker.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (DTS, Inc. -> ) C:\Windows\System32\DTS\PC\APO3x\DTSAPO3Service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_c2ac023763d5d3ad\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Memeo) [File not signed] C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (SafeNet, Inc. -> SafeNet Inc.) C:\Windows\System32\hasplms.exe
(services.exe ->) (WDC) [File not signed] C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
(svchost.exe ->) () [File not signed] C:\Program Files\SystemSecurity\config\ConfigSecurityPolicy.exe
(svchost.exe ->) (Axis Communications AB -> Axis Communications AB) C:\Program Files\Axis Communications\AXIS Device Manager\AdmAdmin.exe
(svchost.exe ->) (Microsoft Corporation) [File not signed] C:\Users\WinCan\AppData\Roaming\Mozilla\SystemExtensionsDev\DYYHXHYNDOFXWVHK.exe <4>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [838432 2019-03-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [220056 2023-07-10] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [DriverUpdUI.exe] => C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe [4992920 2023-07-22] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226728 2019-07-22] (Kilonova LLC -> )
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-21-3710502255-1612003614-3486849990-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3710502255-1612003614-3486849990-1001\...\Run: [AvastBrowserAutoLaunch_0CA051CF8065D8F1D67A1DD7052AD263] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3364752 2023-06-27] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-3710502255-1612003614-3486849990-1001\...\Run: [Microsoft Edge Update] => C:\Users\WinCan\AppData\Local\Microsoft\EdgeUpdate\1.3.177.11\MicrosoftEdgeUpdateCore.exe [263648 2023-07-08] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3710502255-1612003614-3486849990-1001\...\Run: [MicrosoftEdgeAutoLaunch_CCCDB6D5B6877A23EE2B9C7196BB003D] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4113856 2023-07-13] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3710502255-1612003614-3486849990-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [41572768 2023-07-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-3710502255-1612003614-3486849990-1001\...\MountPoints2: {d88fbe70-226d-11eb-bd8a-0492265a3e51} - "E:\WD SmartWare.exe" autoplay=true
HKLM\...\Windows x64\Print Processors\Canon MG3000 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDG.DLL [30720 2016-06-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon MX920 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBL.DLL [30208 2012-09-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor MX920 series: C:\Windows\system32\CNCALBL.DLL [303104 2012-09-21] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3000 series: C:\Windows\system32\CNMLMDG.DLL [485376 2016-06-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MX920 series: C:\Windows\system32\CNMLMBL.DLL [390656 2012-09-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\EPSON L6190 Series 64MonitorBE: C:\Windows\system32\E_YLMBSPE.DLL [184832 2017-07-14] (Seiko Epson Corporation) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\114.0.5735.199\Installer\chrmstp.exe [2023-06-29] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\114.0.21608.199\Installer\chrmstp.exe [2023-07-05] (Avast Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk [2020-11-09]
ShortcutTarget: WDDMStatus.lnk -> C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (Western Digital Technologies Inc. -> WDC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDSmartWare.lnk [2020-11-09]
ShortcutTarget: WDSmartWare.lnk -> C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe (Western Digital Technologies Inc. -> Western Digital)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {AEE994CE-6466-43BE-8E34-1B61EFC380D8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {F9A7B516-C01A-440D-84DF-7D39BA549BB3} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4940696 2023-07-10] (Avast Software s.r.o. -> AVAST Software)
Task: {25EB46AC-A90A-4671-9B26-D546D4667EE0} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3364752 2023-06-27] (Avast Software s.r.o. -> AVAST Software)
Task: {AB1187C5-5050-45D6-8014-C6DEE75CC49E} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3364752 2023-06-27] (Avast Software s.r.o. -> AVAST Software)
Task: {4256A6C7-5A33-48A1-8B8E-AACA7B730960} - System32\Tasks\Avast Software\Avast Driver Updater BugReport => C:\Program Files\Avast Software\Driver Updater\AvBugReport.exe [4758936 2023-07-22] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 148 --programpath "C:\Program Files\Avast Software\Driver Updater\Setup\.." --configpath "C:\Program Files\Avast Software\Driver Updater\Setup" --path "C:\ProgramData\Avast Software\Driver Updater\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --log (the data entry has 99 more characters).
Task: {3074A3F5-455A-4DBE-BA47-89E75B32A5D2} - System32\Tasks\Avast Software\Avast Driver Updater Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-du\icarus.exe [7212952 2023-07-19] (Avast Software s.r.o. -> Avast Software)
Task: {29F3202B-48E4-4BD9-A215-B29D3476F643} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2135448 2023-04-13] (Avast Software s.r.o. -> Avast Software)
Task: {CA065467-4B5A-4612-ACD1-AA2CB4444EC9} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
Task: {5C2C1653-C49C-45BE-8A3C-A0AB0FECB80B} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
Task: {DC520875-FD18-4568-B9F7-3AA7B5655C16} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-07-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {48383A43-BB47-458A-9EBA-833B7C4D3BC5} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-07-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "8ffb5afa-46a3-4e3d-9335-c2913cb9ae13" --version "6.14.10584" --silent
Task: {572B0F52-B36F-44D9-A0E4-7A1D6A4ACFF2} - System32\Tasks\CCleanerSkipUAC - WinCan => C:\Program Files\CCleaner\CCleaner.exe [34677664 2023-07-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {9358FD62-420A-4437-B963-DBDE25460E9C} - System32\Tasks\DYYHXHYNDOFXWVHK_run => C:\Users\WinCan\AppData\Roaming\Mozilla\SystemExtensionsDev\DYYHXHYNDOFXWVHK.exe [972800 2023-06-05] (Microsoft Corporation) [File not signed]
Task: {A8712104-4751-4351-9955-A78727B3D950} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-09-30] (Google Inc -> Google LLC)
Task: {481758C4-8511-47FB-B6A7-420974A1D8C1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-09-30] (Google Inc -> Google LLC)
Task: {D39878F8-39F5-46AA-88CD-36D9A6B81DE9} - System32\Tasks\HPCustParticipation HP OfficeJet 200 Mobile Series => "C:\Program Files\HP\HP OfficeJet 200 Mobile Series\Bin\HPCustPartic.exe" /UA 16.5 (No File)
Task: {FBA14432-5F90-4239-8EC7-8A2CAE20D3FC} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation)
Task: {FF0D34D1-109F-47C1-97A1-C7477A1CDB17} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2113024 2023-05-12] () [File not signed]
Task: {70B399D4-1026-494B-BCD6-1CE1488E4962} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24257912 2018-12-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {17BF3C50-985F-422C-B74F-8B43EF4F904B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24257912 2018-12-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {3677C24E-C532-4B61-9A7C-77F82BF3AA1C} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [123168 2022-04-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {1DDEF508-8FAF-45E1-8484-18A0F0D7AE62} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [123168 2022-04-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {02E1ABC8-FBB4-4880-B73A-FA668694E9C5} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2139424 2022-04-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {85D3EA01-14AC-4D72-811B-307B20393BAD} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2139424 2022-04-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {D20EBBB1-55CD-47A9-9962-E16B57D92CA0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3398344 2022-04-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {3ADB4836-F7CC-465F-8863-98C4B816405B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3398344 2022-04-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {82FE661D-EBEA-4C7D-AD42-95C213A01623} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3710502255-1612003614-3486849990-1001Core => C:\Users\WinCan\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205744 2022-07-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {BEB3D2DC-FFC2-482C-A3A3-DFE361843847} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3710502255-1612003614-3486849990-1001UA => C:\Users\WinCan\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205744 2022-07-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {10B09F56-3773-4DFE-A2FD-505198512A1E} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [686496 2023-07-12] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {0D625E02-0B12-474F-972E-03FCF5486274} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [724384 2023-07-12] (Mozilla Corporation -> Mozilla Foundation)
Task: {E8E76E1C-66ED-4B27-BDB4-DB32F860BDF0} - System32\Tasks\PinnacleStudio24Notifier => C:\Program Files\Pinnacle\Studio 24\programs\PinnacleNotifierWrapper.exe [18016 2020-08-09] (Corel Corporation -> Pinnacle)
Task: {BB6D84D3-646D-4419-9603-6D45676AF2C4} - System32\Tasks\PinnacleStudio24Updater => C:\Program Files\Pinnacle\Studio 24\programs\PSNotification.exe [933512 2020-08-06] (Corel Corporation -> )
Task: {4A10B2A5-8664-4EA9-BA5B-0068E1E78413} - System32\Tasks\Start AdmAdmin => C:\Program Files\Axis Communications\AXIS Device Manager\AdmAdmin.exe [971856 2018-08-30] (Axis Communications AB -> Axis Communications AB)
Task: {05377FCC-740C-4B42-B62A-94EC7735BE16} - System32\Tasks\SystemSecurity => C:\Program Files\SystemSecurity\config\ConfigSecurityPolicy.exe [2336663460 2023-06-23] () [File not signed] <==== ATTENTION
Task: {8B0A5DAB-758B-42C2-9DF7-79C89F64A39E} - System32\Tasks\Teamviewer-QS-updater-4ddf6hs => C:\Users\WinCan\AppData\Local\TeamViewer\CustomConfigs\4ddf6hs\TeamViewer.exe [36779288 2021-02-18] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
Task: {979BAF55-3D9F-40E0-9FF9-5748880F8FEF} - System32\Tasks\update-S-1-5-21-3710502255-1612003614-3486849990-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {0458FF29-A5E5-45CB-9F27-EB03127CFB4F} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\Teamviewer-QS-updater-4ddf6hs.job => C:\Users\WinCan\AppData\Local\TeamViewer\CustomConfigs\4ddf6hs\TeamViewer.exe
Task: C:\WINDOWS\Tasks\update-S-1-5-21-3710502255-1612003614-3486849990-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 195.250.128.34 212.20.96.34 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{ffdec9c8-ae1c-4630-8bde-449ed677045f}: [DhcpNameServer] 195.250.128.34 212.20.96.34 8.8.8.8 192.168.1.1

Edge:
=======
DownloadDir: C:\Users\WinCan\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-3710502255-1612003614-3486849990-1001 -> hxxps://www.google.cz/
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\WinCan\AppData\Local\Microsoft\Edge\User Data\Default [2023-07-21]
Edge DownloadDir: Default -> C:\Users\WinCan\Downloads
Edge HomePage: Default -> hxxps://www.google.cz/
Edge StartupUrls: Default -> "hxxps://www.google.cz/"
Edge Extension: (Edge relevant text changes) - C:\Users\WinCan\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-05-10]

FireFox:
========
FF DefaultProfile: ul0pjuxr.default
FF ProfilePath: C:\Users\WinCan\AppData\Roaming\Mozilla\Firefox\Profiles\ul0pjuxr.default [2020-11-02]
FF NewTab: Mozilla\Firefox\Profiles\ul0pjuxr.default -> hxxps://securesearch.org/homepage?hp=2&pId=BT170603&iDate=2020-11-02 06:07:45&bName=
FF ProfilePath: C:\Users\WinCan\AppData\Roaming\Mozilla\Firefox\Profiles\lcrq4t87.default-release [2023-07-23]
FF Homepage: Mozilla\Firefox\Profiles\lcrq4t87.default-release -> hxxps://www.seznam.cz/
FF NewTab: Mozilla\Firefox\Profiles\lcrq4t87.default-release -> hxxps://securesearch.org/homepage?hp=2&pId=BT170603&iDate=2020-11-02 06:07:45&bName=
FF Notifications: Mozilla\Firefox\Profiles\lcrq4t87.default-release -> hxxps://www.tipli.cz; hxxps://www.muziker.cz; hxxps://www.luxor.cz
FF Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\WinCan\AppData\Roaming\Mozilla\Firefox\Profiles\lcrq4t87.default-release\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2023-03-06]
FF Extension: (TinEye Reverse Image Search) - C:\Users\WinCan\AppData\Roaming\Mozilla\Firefox\Profiles\lcrq4t87.default-release\Extensions\tineye@ideeinc.com.xpi [2023-02-23]
FF Extension: (Audio Equalizer) - C:\Users\WinCan\AppData\Roaming\Mozilla\Firefox\Profiles\lcrq4t87.default-release\Extensions\{63d150c4-394c-4275-bc32-c464e76a891c}.xpi [2022-07-06]
FF Extension: (Flash Player 2021) - C:\Users\WinCan\AppData\Roaming\Mozilla\Firefox\Profiles\lcrq4t87.default-release\Extensions\{6cc0a66e-ae3d-4cd8-9a03-5cd93b392903}.xpi [2022-01-02]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-07-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2019-07-02] (CANON INC.) [File not signed]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @photodex.com/PhotodexPresenter -> C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll [2023-05-25] () [File not signed]
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2022-12-13] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2022-12-13] (Avast Software s.r.o. -> AVAST Software)

Chrome:
=======
CHR Profile: C:\Users\WinCan\AppData\Local\Google\Chrome\User Data\Default [2023-07-22]
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR Extension: (Dokumenty Google offline) - C:\Users\WinCan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-07-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\WinCan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-03]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8892824 2023-07-10] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [578968 2023-07-10] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [579992 2023-07-10] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\114.0.21608.199\elevation_service.exe [2035232 2023-06-27] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-06-06] (Avast Software s.r.o. -> AVAST Software)
R2 AXIS Device Manager; C:\Program Files\Axis Communications\AXIS Device Manager\AdmService.exe [19456 2018-08-30] (Axis Communications AB) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9619824 2018-12-26] (Microsoft Corporation -> Microsoft Corporation)
R2 DriverUpdSvc; C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe [9687960 2023-07-22] (Avast Software s.r.o. -> AVAST Software)
R2 DTSAPO3Service; C:\WINDOWS\System32\DTS\PC\APO3x\DTSAPO3Service.exe [206720 2018-09-05] (DTS, Inc. -> )
R2 hasplms; C:\Windows\system32\hasplms.exe [4665168 2015-09-24] (SafeNet, Inc. -> SafeNet Inc.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [443344 2020-05-25] (Canon Inc. -> )
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2010-06-16] () [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9267376 2023-07-20] (Malwarebytes Inc. -> Malwarebytes)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402216 2023-07-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [130048 2010-01-21] (WDC) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\NisSrv.exe [2372048 2020-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WDSmartWareBackgroundService; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [20480 2009-06-16] (Memeo) [File not signed]
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MsMpEng.exe [128376 2020-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [31368 2023-07-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [237424 2023-07-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [392832 2023-07-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [297832 2023-07-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [95960 2023-07-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2022-10-14] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [39600 2023-07-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [272016 2023-07-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [556576 2023-07-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [105248 2023-07-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [80416 2023-07-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [943456 2023-07-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [704264 2023-07-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [212632 2023-07-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [319512 2023-07-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 DSoftAPRtlWlanu; C:\WINDOWS\System32\drivers\DSoftAPrtwlanu.sys [5608960 2016-11-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R3 e1dexpress; C:\WINDOWS\System32\DriverStore\FileRepository\e1d.inf_amd64_e64afe811c7e4662\e1d.sys [607400 2022-02-22] (Intel Corporation -> Intel Corporation)
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [42616 2017-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [350552 2015-09-24] (SafeNet, Inc. -> SafeNet Inc.)
S4 IObitUnlocker; C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [41536 2022-08-17] (Microsoft Windows Hardware Compatibility Publisher -> IObit Information Technology)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2023-07-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-07-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-11-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [428264 2020-11-02] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69864 2020-11-02] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-07-22 10:52 - 2023-07-22 19:58 - 000000000 ____D C:\KVRT2020_Data
2023-07-21 20:27 - 2023-07-21 20:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2023-07-21 20:26 - 2023-07-22 08:16 - 000000000 ____D C:\Program Files\CCleaner
2023-07-20 18:48 - 2023-07-23 11:05 - 000000000 ____D C:\Users\WinCan\AppData\Local\Malwarebytes
2023-07-20 18:48 - 2023-07-20 18:48 - 000002044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-07-20 18:48 - 2023-07-20 18:48 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-07-20 18:48 - 2023-07-20 18:48 - 000000000 ____D C:\Program Files\Malwarebytes
2023-07-20 18:34 - 2023-07-20 18:34 - 000000000 ____D C:\Users\WinCan\AppData\Local\mbam
2023-07-19 17:54 - 2023-07-20 18:32 - 000000000 ____D C:\AdwCleaner
2023-07-18 18:13 - 2023-07-23 11:08 - 000000000 ____D C:\FRST
2023-07-18 18:10 - 2023-07-23 11:07 - 000000000 ____D C:\Users\WinCan\Desktop\LOGY
2023-07-17 08:06 - 2023-07-20 19:33 - 000002402 _____ C:\WINDOWS\system32\Tasks\SystemSecurity
2023-07-17 08:04 - 2023-07-17 08:06 - 000000000 __SHD C:\Program Files\SystemSecurity
2023-07-17 08:04 - 2023-07-17 08:04 - 000000000 ____D C:\Program Files\Google
2023-07-15 20:39 - 2023-07-15 20:39 - 000017439 _____ C:\Users\WinCan\Downloads\[SkT]Tri_zivoty_(TV_film)(2007)(CZ)[WebRip][1080pHD]_=_CSFD_55%.torrent
2023-07-15 12:33 - 2023-07-22 20:02 - 000002395 _____ C:\Users\WinCan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-07-15 12:28 - 2023-07-15 12:28 - 000000000 ___HD C:\$WinREAgent
2023-07-12 17:09 - 2023-07-13 09:19 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-07-10 19:57 - 2023-07-10 19:57 - 000313240 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2023-07-10 10:52 - 2023-07-10 10:52 - 000040226 _____ C:\Users\WinCan\Downloads\Album Archive.webp
2023-07-10 10:26 - 2023-07-10 10:26 - 000034410 _____ C:\Users\WinCan\Downloads\Seamless kids friendship pattern 2 vector image on VectorStock-1.webp
2023-07-10 10:26 - 2023-07-10 10:26 - 000034410 _____ C:\Users\WinCan\Downloads\Seamless kids friendship pattern 2 vector image on VectorStock.webp
2023-07-10 10:06 - 2023-07-10 20:50 - 000000000 ____D C:\Users\WinCan\Desktop\skolicka
2023-07-08 19:57 - 2023-07-08 19:57 - 000086052 _____ C:\Users\WinCan\Downloads\[SkT]Ostrov_(2023)(CZ)[WebRip][1080p]_=_CSFD_56%-1.torrent
2023-07-08 19:56 - 2023-07-08 19:56 - 000017922 _____ C:\Users\WinCan\Downloads\[SkT]Přání_k_narozeninám_(2022)(CZ)[WEB-DL][1080p]_=_CSFD_65%.torrent
2023-07-06 09:37 - 2023-07-06 09:37 - 000000000 ____D C:\Users\WinCan\AppData\Local\Corel
2023-07-06 09:07 - 2023-07-06 09:07 - 000024290 _____ C:\Users\WinCan\Downloads\[SkT]Zoner_Photo_Studio_X_19.2303.2.447_(x86_x64)_CZ.torrent
2023-07-06 09:07 - 2023-07-06 09:07 - 000012452 _____ C:\Users\WinCan\Downloads\[SkT]Zoner_Photo_Studio_16.0.1.3_Professional_(CZ,EN)-1.torrent
2023-07-06 09:06 - 2023-07-06 09:06 - 000012452 _____ C:\Users\WinCan\Downloads\[SkT]Zoner_Photo_Studio_16.0.1.3_Professional_(CZ,EN).torrent
2023-07-01 19:05 - 2023-07-01 19:05 - 000020141 _____ C:\Users\WinCan\Downloads\[SkT]Luca_(2021)(CZ)[1080p]_=_CSFD_76%.torrent
2023-07-01 19:01 - 2023-07-01 19:01 - 000024616 _____ C:\Users\WinCan\Downloads\[SkT]_Mumie___Mummies_(2023)(CZ_SK_EN)[WebRip][1080p]_=_CSFD_63%.torrent
2023-06-25 10:41 - 2023-07-21 20:28 - 000000000 ____D C:\Users\WinCan\AppData\Roaming\MPC-HC
2023-06-25 10:36 - 2023-06-25 10:36 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2023-06-25 10:29 - 2023-07-20 19:33 - 000003024 _____ C:\WINDOWS\system32\Tasks\klcp_update
2023-06-25 10:29 - 2023-06-25 10:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2023-06-25 10:29 - 2023-06-25 10:29 - 000000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2023-06-25 10:29 - 2019-12-28 11:00 - 000784384 _____ C:\WINDOWS\system32\xvidcore.dll
2023-06-25 10:29 - 2019-12-28 11:00 - 000681984 _____ C:\WINDOWS\SysWOW64\xvidcore.dll
2023-06-25 10:29 - 2019-12-28 11:00 - 000310784 _____ C:\WINDOWS\system32\xvidvfw.dll
2023-06-25 10:29 - 2019-12-28 11:00 - 000284160 _____ C:\WINDOWS\SysWOW64\xvidvfw.dll
2023-06-25 10:29 - 2017-07-30 12:50 - 003850240 _____ (x264vfw project) C:\WINDOWS\SysWOW64\x264vfw.dll
2023-06-25 10:29 - 2017-07-30 12:50 - 003799552 _____ (x264vfw project) C:\WINDOWS\system32\x264vfw64.dll
2023-06-25 10:29 - 2012-07-21 12:55 - 000180736 _____ (fccHandler) C:\WINDOWS\system32\ac3acm.acm
2023-06-25 10:29 - 2012-07-21 12:54 - 000122880 _____ (fccHandler) C:\WINDOWS\SysWOW64\ac3acm.acm
2023-06-25 10:29 - 2011-12-07 19:37 - 000148992 _____ ( ) C:\WINDOWS\system32\lagarith.dll
2023-06-25 10:29 - 2011-12-07 19:32 - 000216064 _____ ( ) C:\WINDOWS\SysWOW64\lagarith.dll
2023-06-25 10:21 - 2023-06-25 10:22 - 000000000 ____D C:\Users\Public\Documents\Triple Scoop Music
2023-06-25 10:19 - 2023-06-25 10:19 - 000000000 ____D C:\Users\WinCan\Documents\Pinnacle
2023-06-25 09:42 - 2023-06-25 16:59 - 000000000 ____D C:\Users\WinCan\temp
2023-06-25 09:42 - 2023-06-25 16:59 - 000000000 ____D C:\Users\WinCan\AppData\Local\Pinnacle
2023-06-25 09:42 - 2023-06-25 11:24 - 000004608 _____ C:\Users\WinCan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2023-06-25 09:42 - 2023-06-25 09:42 - 000000208 _____ C:\Users\WinCan\AppData\Roaming\DESKTOP-Q0QN2E9.MTBF.txt
2023-06-25 09:42 - 2023-06-25 09:42 - 000000000 ____D C:\Users\WinCan\Documents\Projekty aplikace Pinnacle
2023-06-25 09:42 - 2023-06-25 09:42 - 000000000 ____D C:\ProgramData\UniqueId
2023-06-25 09:42 - 2023-06-25 09:42 - 000000000 ____D C:\ProgramData\Corel
2023-06-25 09:38 - 2023-07-21 09:37 - 000000349 _____ C:\Users\Public\Documents\PCLECHAL.INI
2023-06-25 09:38 - 2023-06-25 12:45 - 000000000 ____D C:\Users\WinCan\AppData\Local\Pinnacle_Studio_24
2023-06-25 09:38 - 2023-06-25 09:38 - 000002296 _____ C:\Users\Public\Desktop\Pinnacle Studio 24.lnk
2023-06-25 09:38 - 2023-06-25 09:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Studio 24
2023-06-25 09:37 - 2023-07-20 19:33 - 000002524 _____ C:\WINDOWS\system32\Tasks\PinnacleStudio24Updater
2023-06-25 09:37 - 2023-07-20 19:33 - 000002442 _____ C:\WINDOWS\system32\Tasks\PinnacleStudio24Notifier
2023-06-25 09:37 - 2023-06-25 09:37 - 000000000 ____D C:\Users\Public\Documents\Pinnacle
2023-06-25 09:37 - 2023-06-25 09:37 - 000000000 ____D C:\Program Files\Pinnacle
2023-06-25 09:36 - 2023-06-25 09:36 - 000000000 ____D C:\ProgramData\Pinnacle

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-07-23 11:09 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-07-23 11:07 - 2021-12-16 17:54 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-07-23 11:07 - 2019-09-30 08:31 - 000000000 ____D C:\Program Files (x86)\Google
2023-07-23 11:07 - 2019-08-07 11:05 - 000000000 ____D C:\ProgramData\firebird
2023-07-23 11:04 - 2020-11-16 11:43 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-07-23 11:04 - 2020-11-02 20:17 - 000000000 ____D C:\ProgramData\Avast Software
2023-07-23 11:04 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-07-23 11:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-07-23 11:04 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-07-23 11:04 - 2019-07-26 08:35 - 000000000 __SHD C:\Users\WinCan\IntelGraphicsProfiles
2023-07-23 11:04 - 2019-07-26 08:35 - 000000000 ____D C:\Intel
2023-07-22 20:50 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-07-22 20:50 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-07-22 20:02 - 2021-12-12 20:55 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3710502255-1612003614-3486849990-1001
2023-07-22 20:02 - 2020-11-16 11:43 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3710502255-1612003614-3486849990-1001
2023-07-22 20:01 - 2020-11-16 11:43 - 002575330 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-07-22 20:01 - 2020-11-16 11:01 - 000732278 _____ C:\WINDOWS\system32\perfh007.dat
2023-07-22 20:01 - 2020-11-16 11:01 - 000149678 _____ C:\WINDOWS\system32\perfc007.dat
2023-07-22 20:01 - 2019-12-07 16:43 - 000716770 _____ C:\WINDOWS\system32\perfh005.dat
2023-07-22 20:01 - 2019-12-07 16:43 - 000144948 _____ C:\WINDOWS\system32\perfc005.dat
2023-07-22 11:28 - 2020-11-16 11:38 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-07-22 10:54 - 2022-02-21 20:02 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-07-22 08:16 - 2022-10-01 08:52 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-07-21 20:28 - 2020-11-02 20:07 - 000000000 ____D C:\Users\WinCan\AppData\Roaming\uTorrent
2023-07-21 20:28 - 2019-11-14 13:24 - 000000000 ____D C:\Users\WinCan\AppData\Roaming\TeamViewer
2023-07-21 20:27 - 2022-10-01 08:52 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-07-21 20:27 - 2022-10-01 08:52 - 000003476 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-07-21 20:27 - 2022-10-01 08:47 - 000002908 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - WinCan
2023-07-21 20:27 - 2020-11-10 13:26 - 000000000 ____D C:\Users\WinCan\AppData\Local\CrashDumps
2023-07-21 19:53 - 2023-05-08 09:45 - 000000000 ____D C:\Program Files (x86)\Photodex ProShow Producer
2023-07-21 19:53 - 2020-11-16 11:16 - 000000000 ____D C:\Users\WinCan
2023-07-21 19:53 - 2019-11-14 14:06 - 000000436 _____ C:\WINDOWS\Tasks\Teamviewer-QS-updater-4ddf6hs.job
2023-07-21 19:53 - 2019-09-30 11:48 - 000000422 _____ C:\WINDOWS\Tasks\update-sys.job
2023-07-21 19:53 - 2019-09-30 11:48 - 000000422 _____ C:\WINDOWS\Tasks\update-S-1-5-21-3710502255-1612003614-3486849990-1001.job
2023-07-20 19:33 - 2023-06-05 18:52 - 000002424 _____ C:\WINDOWS\system32\Tasks\DYYHXHYNDOFXWVHK_run
2023-07-20 19:33 - 2022-07-07 16:16 - 000003748 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3710502255-1612003614-3486849990-1001UA
2023-07-20 19:33 - 2022-07-07 16:16 - 000003656 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3710502255-1612003614-3486849990-1001Core
2023-07-20 19:33 - 2020-11-16 11:43 - 000003568 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-07-20 19:33 - 2020-11-16 11:43 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-07-20 19:33 - 2020-11-16 11:43 - 000003410 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-07-20 19:33 - 2020-11-16 11:43 - 000003344 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-07-20 19:33 - 2020-11-16 11:43 - 000003220 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification
2023-07-20 19:33 - 2020-11-16 11:43 - 000003186 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-07-20 19:33 - 2020-11-16 11:43 - 000003058 _____ C:\WINDOWS\system32\Tasks\update-S-1-5-21-3710502255-1612003614-3486849990-1001
2023-07-20 19:33 - 2020-11-16 11:43 - 000002930 _____ C:\WINDOWS\system32\Tasks\Teamviewer-QS-updater-4ddf6hs
2023-07-20 19:33 - 2020-11-16 11:43 - 000002802 _____ C:\WINDOWS\system32\Tasks\update-sys
2023-07-20 19:33 - 2020-11-16 11:43 - 000002692 _____ C:\WINDOWS\system32\Tasks\HPCustParticipation HP OfficeJet 200 Mobile Series
2023-07-20 19:33 - 2020-11-16 11:43 - 000002096 _____ C:\WINDOWS\system32\Tasks\Start AdmAdmin
2023-07-20 19:33 - 2020-11-16 11:43 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2023-07-20 18:48 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-07-20 18:32 - 2020-11-02 20:07 - 000000000 ____D C:\Users\WinCan\AppData\Roaming\Lavasoft
2023-07-20 18:32 - 2020-11-02 20:07 - 000000000 ____D C:\Users\WinCan\AppData\Local\Lavasoft
2023-07-20 18:32 - 2020-11-02 20:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2023-07-20 18:32 - 2020-11-02 20:07 - 000000000 ____D C:\ProgramData\Lavasoft
2023-07-20 18:32 - 2020-11-02 20:07 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2023-07-18 18:01 - 2023-06-13 18:44 - 000000000 ____D C:\Users\WinCan\AppData\Local\User Data
2023-07-18 16:32 - 2021-06-06 12:13 - 000000000 ____D C:\Users\WinCan\AppData\Local\Avast Software
2023-07-17 19:05 - 2019-09-06 12:37 - 000000000 ____D C:\Users\WinCan\AppData\Local\D3DSCache
2023-07-17 07:57 - 2020-11-16 11:43 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2023-07-17 07:15 - 2020-11-02 20:08 - 000000000 ____D C:\Users\WinCan\AppData\Local\BitTorrentHelper
2023-07-15 13:45 - 2020-11-16 11:38 - 000530624 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-07-15 13:44 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-07-15 13:44 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-07-15 13:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-07-15 13:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-07-15 13:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-07-15 13:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-07-15 13:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-07-15 13:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-07-15 12:35 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-07-15 12:34 - 2023-01-17 16:59 - 000002285 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-07-15 12:34 - 2020-06-18 11:09 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-07-15 12:32 - 2020-11-16 11:43 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-07-13 09:19 - 2019-07-26 10:50 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-07-12 20:34 - 2019-07-26 10:50 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-07-12 17:27 - 2019-07-26 08:38 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-07-12 17:17 - 2019-07-26 08:38 - 173351160 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-07-11 20:20 - 2022-10-12 15:15 - 000002084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-07-11 20:20 - 2022-10-12 15:15 - 000002072 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-07-10 19:57 - 2020-11-02 20:18 - 000943456 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2023-07-10 19:57 - 2020-11-02 20:18 - 000704264 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2023-07-10 19:57 - 2020-11-02 20:18 - 000556576 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2023-07-10 19:57 - 2020-11-02 20:18 - 000392832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2023-07-10 19:57 - 2020-11-02 20:18 - 000319512 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2023-07-10 19:57 - 2020-11-02 20:18 - 000297832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2023-07-10 19:57 - 2020-11-02 20:18 - 000272016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2023-07-10 19:57 - 2020-11-02 20:18 - 000237424 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2023-07-10 19:57 - 2020-11-02 20:18 - 000105248 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2023-07-10 19:57 - 2020-11-02 20:18 - 000095960 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2023-07-10 19:57 - 2020-11-02 20:18 - 000080416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2023-07-10 19:57 - 2020-11-02 20:18 - 000039600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2023-07-10 19:57 - 2020-11-02 20:18 - 000031368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2023-07-05 19:21 - 2019-09-02 13:33 - 000000000 ____D C:\ProgramData\CanonIJPLM
2023-07-05 19:03 - 2022-04-21 17:29 - 000002509 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2023-07-05 19:03 - 2022-04-21 17:29 - 000002474 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2023-06-29 06:25 - 2019-09-30 08:34 - 000002312 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-06-27 19:43 - 2019-09-18 10:33 - 000000000 ____D C:\Users\WinCan\AppData\Roaming\Microsoft\Word
2023-06-26 06:24 - 2020-11-16 11:38 - 000008192 ___SH C:\DumpStack.log.tmp
2023-06-25 10:18 - 2019-07-26 10:57 - 000000000 ____D C:\Users\WinCan\AppData\Roaming\vlc
2023-06-25 10:01 - 2019-10-15 09:55 - 000000000 ____D C:\Users\WinCan\AppData\Roaming\avidemux
2023-06-25 09:21 - 2023-05-25 17:27 - 000001192 _____ C:\Users\WinCan\Desktop\Heic to Jpg Converter.lnk
2023-06-25 09:21 - 2023-05-08 09:45 - 000001203 _____ C:\Users\WinCan\Desktop\Photodex ProShow Producer.lnk
2023-06-25 09:21 - 2023-04-18 15:36 - 000002241 _____ C:\Users\WinCan\Desktop\WhatsApp (Outdated).lnk
2023-06-25 09:21 - 2023-01-05 19:55 - 000002120 _____ C:\Users\WinCan\Desktop\Pepakura Designer 5.lnk
2023-06-25 09:21 - 2022-04-08 20:03 - 000001107 _____ C:\Users\WinCan\Desktop\Adobe Photoshop 2020.lnk
2023-06-25 09:21 - 2022-04-07 19:15 - 000001880 _____ C:\Users\WinCan\Desktop\ZPS 19 CZ.lnk
2023-06-25 09:21 - 2022-01-18 13:57 - 000002219 _____ C:\Users\WinCan\Desktop\WhatsApp.lnk
2023-06-25 09:21 - 2021-12-02 19:17 - 000001238 _____ C:\Users\WinCan\Desktop\ABCgames Cheater.lnk
2023-06-25 09:21 - 2021-10-22 15:59 - 000001993 _____ C:\Users\WinCan\Desktop\Šachy 2002.lnk
2023-06-25 09:21 - 2020-11-12 09:19 - 000001356 _____ C:\Users\WinCan\Desktop\Need for Speed Underground 2.lnk
2023-06-25 09:21 - 2020-05-13 12:45 - 000001459 _____ C:\Users\WinCan\Desktop\HD Video Converter Factory.lnk
2023-06-25 09:21 - 2019-11-14 14:06 - 000001385 _____ C:\Users\WinCan\Desktop\Team wiever.lnk
2023-06-25 09:21 - 2019-11-05 14:27 - 000001024 _____ C:\Users\WinCan\Desktop\aviedimux.lnk
2023-06-24 12:34 - 2023-02-10 21:58 - 000000000 ____D C:\Users\WinCan\Desktop\Colin McRae Rally 2
2023-06-24 10:47 - 2019-10-21 10:57 - 000000000 ____D C:\Users\WinCan\AppData\Roaming\Microsoft\Excel

==================== Files in the root of some directories ========

2019-07-26 11:17 - 2019-07-26 11:36 - 000334840 _____ (Lua.org) C:\Program Files (x86)\lua5.1.dll
2019-07-26 11:36 - 2019-07-26 11:36 - 001389056 _____ (Indigo Rose Corporation) C:\Program Files (x86)\uninstallVXDriver.exe
2019-07-26 11:17 - 2019-07-26 11:17 - 001389056 _____ (Indigo Rose Corporation) C:\Program Files (x86)\uninstallWinCanVX.exe
2023-06-25 09:42 - 2023-06-25 09:42 - 000000208 _____ () C:\Users\WinCan\AppData\Roaming\DESKTOP-Q0QN2E9.MTBF.txt
2023-06-25 09:42 - 2023-06-25 11:24 - 000004608 _____ () C:\Users\WinCan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-09-30 11:48 - 2019-09-30 11:48 - 000000003 _____ () C:\Users\WinCan\AppData\Local\updater.log
2019-09-30 11:48 - 2022-03-06 12:00 - 000000424 _____ () C:\Users\WinCan\AppData\Local\UserProducts.xml

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-07-2023
Ran by WinCan (23-07-2023 11:09:37)
Running from C:\Users\WinCan\Desktop\LOGY
Microsoft Windows 10 Pro Version 22H2 19045.3208 (X64) (2020-11-16 09:43:49)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3710502255-1612003614-3486849990-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3710502255-1612003614-3486849990-503 - Limited - Disabled)
Guest (S-1-5-21-3710502255-1612003614-3486849990-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3710502255-1612003614-3486849990-504 - Limited - Disabled)
WinCan (S-1-5-21-3710502255-1612003614-3486849990-1001 - Administrator - Enabled) => C:\Users\WinCan

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4K YouTube to MP3 (HKLM\...\{BF3E867E-D2A9-4C5D-968C-A145A597A031}) (Version: 4.9.1.5242 - Open Media LLC) Hidden
4K YouTube to MP3 (HKLM-x32\...\{99f62fdb-39bb-4336-8efe-c47307bd56c8}) (Version: 4.9.1.5242 - Open Media LLC)
7-Zip 22.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-2200-000001000000}) (Version: 22.00.00.0 - Igor Pavlov)
7-Zip 22.01 (x64) (HKLM\...\7-Zip) (Version: 22.01 - Igor Pavlov)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 23.003.20244 - Adobe)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_0_1) (Version: 21.0.1 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Asian Language And Spelling Dictionaries Support For Adobe Acrobat Reader (HKLM\...\{AC76BA86-7AD7-0000-0000-BC16014E7500}) (Version: 22.001.20085 - Adobe Systems Incorporated)
Audacity 3.2.1 (HKLM\...\Audacity_is1) (Version: 3.2.1 - Audacity Team)
Avast Driver Updater (HKLM\...\Avast Driver Updater) (Version: 23.2.3774.14614 - Avast Software)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 23.6.6070 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 114.0.21608.199 - Autoři prohlížeče Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1579.3 - AVAST Software) Hidden
Avidemux VC++ 64bits (HKU\S-1-5-21-3710502255-1612003614-3486849990-1001\...\{1ae8e4e5-b412-4a2c-97a5-a5600de76af7}) (Version: 2.7.5 - Mean)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version: - )
AXIS Device Manager 5.03 (HKLM\...\{DB5112F7-9C59-4cc0-B10F-119FE07D38E8}_is1) (Version: 5.03.002 - Axis Communications AB)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.7.0 - Canon Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.3.1.4 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.3.0 - Canon Inc.)
Canon MG3000 series Elektronická příručka (HKLM-x32\...\Canon MG3000 series Elektronická příručka) (Version: 1.3.0 - Canon Inc.)
Canon MG3000 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3000_series) (Version: 1.03 - Canon Inc.)
Canon MX920 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX920_series) (Version: 1.01 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.4 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Nástroj pro rychlou volbu (HKLM-x32\...\Speed Dial Utility) (Version: 1.6.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.14 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7035 - CDBurnerXP)
D-Link DWA-131 - V5.04b03 (HKLM-x32\...\{B7C11488-750D-4E48-A9A4-7207A335984D}) (Version: 5.00.0000 - D-Link)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 114.0.5735.199 - Google LLC)
HappyFoto (HKLM-x32\...\{621A70CA-32A5-4F50-A66C-C9C792580415}_is1) (Version: - Happy Foto CZ)
HD Video Converter Factory 16.0 (HKLM-x32\...\HD Video Converter Factory) (Version: 16.0 - WonderFox Soft, Inc.)
Heic to Jpg Converter 12.1 (HKLM-x32\...\Heic to Jpg Converter_is1) (Version: 12.1 - SoftOrbits)
HP Dropbox Plugin (HKLM-x32\...\{1E18E86D-632C-48B5-962C-B60C2E53A478}) (Version: 36.0.41.58587 - HP)
HP Google Drive Plugin (HKLM-x32\...\{039DDA62-50CC-4E7F-9D54-7CF032A2D362}) (Version: 36.0.41.58587 - HP)
HP OfficeJet 200 Mobile Series Hilfe (HKLM-x32\...\{56622DE2-3A79-4B0D-9EA5-0E1F2468AA5E}) (Version: 38.0.0 - HP)
HWiNFO64 Version 6.32 (HKLM\...\HWiNFO64_is1) (Version: 6.32 - Martin Malik - REALiX)
Img Converter (HKLM-x32\...\{88795C3F-0BF1-4BC4-BB63-A6B76BABA652}_is1) (Version: - Img Converter, David Esperalta)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.6912 - Intel Corporation)
IObit Unlocker (HKLM-x32\...\IObit Unlocker_is1) (Version: 1.3.0.11 - IObit)
JamManagerXT version 2.0 (HKLM-x32\...\{777248DB-00AD-4567-9382-E991118BC6CC}_is1) (Version: 2.0 - Harman International, Inc.)
K-Lite Mega Codec Pack 17.6.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 17.6.0 - KLCP)
Kodi (HKU\S-1-5-21-3710502255-1612003614-3486849990-1001\...\Kodi) (Version: - XBMC Foundation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Lightshot-5.5.0.7 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.5.0.7 - Skillbrains)
Malwarebytes version 4.5.33.272 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.33.272 - Malwarebytes)
Microsoft Access MUI (Czech) 2013 (HKLM-x32\...\{90150000-0015-0405-0000-0000000FF1CE}) (Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 114.0.1823.82 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 114.0.1823.82 - Microsoft Corporation)
Microsoft Excel MUI (Czech) 2013 (HKLM-x32\...\{90150000-0016-0405-0000-0000000FF1CE}) (Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Microsoft Groove MUI (Czech) 2013 (HKLM-x32\...\{90150000-00BA-0405-0000-0000000FF1CE}) (Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (Czech) 2013 (HKLM-x32\...\{90150000-0044-0405-0000-0000000FF1CE}) (Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Microsoft Lync MUI (Czech) 2013 (HKLM-x32\...\{90150000-012B-0405-0000-0000000FF1CE}) (Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (HKLM-x32\...\{90150000-001F-0407-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Czech) 2013 (HKLM-x32\...\{90150000-00E1-0405-0000-0000000FF1CE}) (Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Czech) 2013 (HKLM-x32\...\{90150000-00E2-0405-0000-0000000FF1CE}) (Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\Proplus2019Retail - cs-cz) (Version: 16.0.11126.20188 - Microsoft Corporation)
Microsoft Office Proofing (Czech) 2013 (HKLM-x32\...\{90150000-002C-0405-0000-0000000FF1CE}) (Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (HKLM-x32\...\{90150000-001F-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2013 (HKLM-x32\...\{90150000-006E-0405-0000-0000000FF1CE}) (Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3710502255-1612003614-3486849990-1001\...\OneDriveSetup.exe) (Version: 23.137.0702.0001 - Microsoft Corporation)
Microsoft OneNote MUI (Czech) 2013 (HKLM-x32\...\{90150000-00A1-0405-0000-0000000FF1CE}) (Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Czech) 2013 (HKLM-x32\...\{90150000-001A-0405-0000-0000000FF1CE}) (Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Czech) 2013 (HKLM-x32\...\{90150000-0018-0405-0000-0000000FF1CE}) (Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (Czech) 2013 (HKLM-x32\...\{90150000-0019-0405-0000-0000000FF1CE}) (Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Microsoft SharePoint Designer MUI (Czech) 2013 (HKLM-x32\...\{90150000-0017-0405-0000-0000000FF1CE}) (Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31332 (HKLM-x32\...\{3746f21b-c990-4045-bb33-1cf98cff7a68}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31332 (HKLM-x32\...\{a98dc6ff-d360-4878-9f0a-915eba86eaf3}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31332 (HKLM\...\{F4499EE3-A166-496C-81BB-51D1BCDC70A9}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31332 (HKLM\...\{3407B900-37F5-4CC2-B612-5CD5D580A163}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Word MUI (Czech) 2013 (HKLM-x32\...\{90150000-001B-0405-0000-0000000FF1CE}) (Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Microsoft X MUI (Czech) 2013 (HKLM-x32\...\{90150000-0101-0405-0000-0000000FF1CE}) (Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 115.0.2 (x64 cs)) (Version: 115.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.0.1 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM-x32\...\{90150000-001F-0405-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM-x32\...\{90150000-001F-041B-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Need for Speed Underground 2 (HKLM-x32\...\Need for Speed Underground 2) (Version: - )
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.4.6 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11126.20188 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11126.20188 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.11126.20188 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Pepakura Designer 5 (HKLM\...\pepakura_designer5) (Version: - TamaSoftware Ltd.)
Photodex Presenter (HKLM-x32\...\Photodex Presenter) (Version: - Photodex Corporation)
Pinnacle Studio 24 (HKLM\...\{0F0E21A5-6F97-4AA7-B69A-E4F9D7AFBD29}) (Version: 24.0.1.183 - Corel Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.053.1001.2021 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8666 - Realtek Semiconductor Corp.)
Registrace uživatele zařízení Canon MG3000 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG3000 series) (Version: - ‭Canon Inc.)
Revo Uninstaller 2.1.7 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.7 - VS Revo Group, Ltd.)
Sothink Movie DVD Maker (HKLM-x32\...\{4F94119D-1B71-400e-9F04-B4E5CEAE71F8}_is1) (Version: 3.7 - SourceTec Software Co., LTD)
Studie zur Verbesserung von HP OfficeJet 200 Mobile Series (HKLM\...\{95FCBD7B-D791-4BAB-BF8B-563D9EA3CEFA}) (Version: 40.11.1144.17166 - HP Inc.)
Šachy 2002 (HKLM-x32\...\Chess 2002) (Version: - )
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
WD SmartWare (HKLM\...\{604CB4FC-3D32-405F-A109-165F170529B6}) (Version: 1.2.0.20 - Western Digital)
WhatsApp (Outdated) (HKU\S-1-5-21-3710502255-1612003614-3486849990-1001\...\WhatsApp) (Version: 2.2317.11 - WhatsApp)
WinCan VX (HKLM-x32\...\WinCan VX) (Version: 1.2019.6.0 - CD Lab AG)
WinCan VX Driver (HKLM-x32\...\WinCan VX Driver1.0) (Version: 1.0 - CD Lab AG)
Windows Driver Package - Digitech (usbser) Ports (04/24/2009 1.1.2600.0) (HKLM\...\9A5D99BED6F7F105B74795DCF16F3088223BEFBB) (Version: 04/24/2009 1.1.2600.0 - Digitech)
Windows-Treiberpaket - VITEC Multimedia (VMx) MEDIA (02/25/2015 4.0.3.0) (HKLM\...\212DF3ED83CD24D2A506FCE7EA5B32305933B000) (Version: 02/25/2015 4.0.3.0 - VITEC Multimedia)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
ZPS 19 CZ (HKU\S-1-5-21-3710502255-1612003614-3486849990-1001\...\{E83AA227-7862-F115-2E87-46DCA9E3D879}) (Version: v.19.2004.2.262 - 18.08.2020 - libbi)

Packages:
=========
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_3.3.2.0_x64__kgqvnymyfvs32 [2023-07-05] (king.com)
DTS Headphone:X v1 -> C:\Program Files\WindowsApps\DTSInc.DTSHeadphoneXv1_1.2.4.0_x64__t5j2fzbtdg37r [2019-07-26] (DTS, Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_147.1.1079.0_x64__v10z8vjag6ke6 [2023-07-15] (HP Inc.)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-03-23] (INTEL CORP)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-07-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-07-26] (Microsoft Corporation) [MS Ad]
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5131.0_x64__8j3eq9eme6ctt [2023-07-05] (INTEL CORP) [Startup Task]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.2.175.0_x64__dt26b99r8h8gj [2019-07-26] (Realtek Semiconductor Corp)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-05-07] (Microsoft Corporation)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-03-20] (Microsoft Studios) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3710502255-1612003614-3486849990-1001_Classes\CLSID\{2EF7E390-2F7C-4F9A-9B7D-4A87B56B711D}\InprocServer32 -> C:\Users\WinCan\AppData\Local\Microsoft\EdgeUpdate\1.3.173.51\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3710502255-1612003614-3486849990-1001_Classes\CLSID\{38971E90-14FD-44F6-AA45-1447B653F873}\InprocServer32 -> C:\Users\WinCan\AppData\Local\Microsoft\EdgeUpdate\1.3.173.45\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3710502255-1612003614-3486849990-1001_Classes\CLSID\{5EA43877-C6D8-4885-B77A-C0BB27E94372}\InprocServer32 -> C:\Users\WinCan\AppData\Local\Microsoft\EdgeUpdate\1.3.177.11\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3710502255-1612003614-3486849990-1001_Classes\CLSID\{608D599A-DCA6-4A7C-BED7-AFCD8465345A}\InprocServer32 -> C:\Users\WinCan\AppData\Local\Microsoft\EdgeUpdate\1.3.175.29\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3710502255-1612003614-3486849990-1001_Classes\CLSID\{64C6EFB9-8F79-4106-B975-067448DC768F}\InprocServer32 -> C:\Users\WinCan\AppData\Local\Microsoft\EdgeUpdate\1.3.177.11\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3710502255-1612003614-3486849990-1001_Classes\CLSID\{7C9A348D-C321-47AC-904F-150312A5430F}\InprocServer32 -> C:\Users\WinCan\AppData\Local\Microsoft\EdgeUpdate\1.3.175.27\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3710502255-1612003614-3486849990-1001_Classes\CLSID\{81093D63-7825-417B-BFC8-ADC63FA4E53D}\InprocServer32 -> C:\Users\WinCan\AppData\Local\Microsoft\EdgeUpdate\1.3.177.11\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3710502255-1612003614-3486849990-1001_Classes\CLSID\{88B20FC8-EBD6-4181-B5F6-50F45BFF722E}\InprocServer32 -> C:\Users\WinCan\AppData\Local\Microsoft\EdgeUpdate\1.3.167.21\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3710502255-1612003614-3486849990-1001_Classes\CLSID\{997809F3-33FD-4FD6-A2ED-CEF50F3263B1}\InprocServer32 -> C:\Users\WinCan\AppData\Local\Microsoft\EdgeUpdate\1.3.169.31\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3710502255-1612003614-3486849990-1001_Classes\CLSID\{ABF66F82-B04C-4FE4-8272-661539463FE1}\InprocServer32 -> C:\Users\WinCan\AppData\Local\Microsoft\EdgeUpdate\1.3.171.37\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3710502255-1612003614-3486849990-1001_Classes\CLSID\{B29F5F83-90DF-479A-BDE7-8A9F4412E394}\InprocServer32 -> C:\Users\WinCan\AppData\Local\Microsoft\EdgeUpdate\1.3.171.39\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3710502255-1612003614-3486849990-1001_Classes\CLSID\{E8791438-3525-48BF-A600-C577AD1674C2}\InprocServer32 -> C:\Users\WinCan\AppData\Local\Microsoft\EdgeUpdate\1.3.173.49\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3710502255-1612003614-3486849990-1001_Classes\CLSID\{F1CBF5EB-347F-4E4C-90AC-E43339FC34EC}\InprocServer32 -> C:\Users\WinCan\AppData\Local\Microsoft\EdgeUpdate\1.3.173.55\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-07-10] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-07-10] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2019-06-17] (Notepad++ -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-07-10] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2020-10-10] (IObit Information Technology -> IObit Information Technology)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-07-10] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DLLRegSvr] -> {8AB81E72-CB2F-11D3-8D3B-AC2F34F1FA3C} => C:\Program Files (x86)\Heic to Jpg Converter\DLLReg-x64.dll [2015-09-23] () [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-07-20] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2020-10-10] (IObit Information Technology -> IObit Information Technology)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-07-10] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-07-20] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2020-10-10] (IObit Information Technology -> IObit Information Technology)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [310784 2019-12-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284160 2019-12-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\WinCan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Kamera1.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) -> hxxp://root:root@192.168.188.21/mjpg/video.mjpg?camera=1 :network-caching=0 --qt-minimal-view --meta-title="Kamera1" --zoom 1.8
ShortcutWithArgument: C:\Users\WinCan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Kamera2.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) -> hxxp://root:root@192.168.188.21/mjpg/video.mjpg?camera=2 :network-caching=0 --qt-minimal-view --meta-title="Kamera2" --zoom 1.8

==================== Loaded Modules (Whitelisted) =============

2023-05-25 17:27 - 2015-09-23 13:42 - 000126464 _____ () [File not signed] C:\Program Files (x86)\Heic to Jpg Converter\DLLReg-x64.dll
2019-09-02 13:33 - 2020-03-04 17:08 - 000123904 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJPLM\CNMPU.DLL
2019-08-07 11:04 - 2017-03-20 11:38 - 005664256 _____ (Firebird Project) [File not signed] C:\Program Files\Axis Communications\AXIS Device Manager\fbembed.DLL
2019-08-07 11:04 - 2017-03-20 11:38 - 000008192 _____ (Firebird Project) [File not signed] C:\Program Files\Axis Communications\AXIS Device Manager\ib_util.dll
2019-08-07 11:04 - 2017-03-20 11:38 - 001558016 _____ (IBM Corporation and others) [File not signed] C:\Program Files\Axis Communications\AXIS Device Manager\icudt30.dll
2019-08-07 11:04 - 2017-03-20 11:38 - 000935936 _____ (IBM Corporation and others) [File not signed] C:\Program Files\Axis Communications\AXIS Device Manager\icuuc30.dll
2022-10-01 08:48 - 2022-07-15 16:00 - 000094720 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2009-06-16 09:58 - 2009-06-16 09:58 - 000028672 _____ (Memeo) [File not signed] C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\MemeoRemoteCore.dll
2009-07-12 00:14 - 2009-07-12 00:14 - 001655296 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\MFC80U.DLL
2020-07-09 08:15 - 2017-07-14 04:13 - 000184832 _____ (Seiko Epson Corporation) [File not signed] C:\WINDOWS\System32\E_YLMBSPE.DLL

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-3710502255-1612003614-3486849990-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=BT170603&iDate=2020-11-02 06:07:45&bName=
SearchScopes: HKU\S-1-5-21-3710502255-1612003614-3486849990-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO: No Name -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> No File
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-04-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - No Name - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - No File
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-04-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-04-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-04-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-04-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-04-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-04-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-04-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-04-05] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3710502255-1612003614-3486849990-1001\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 06:49 - 2023-05-25 16:05 - 000001632 ___SH C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.0 account.zoner.com
127.0.0.1 license.piriform.com
127.0.0.1 www.license.piriform.com
127.0.0.1 speccy.piriform.com
127.0.0.1 www.speccy.piriform.com
127.0.0.1 recuva.piriform.com
127.0.0.1 www.recuva.piriform.com
127.0.0.1 defraggler.piriform.com
127.0.0.1 www.defraggler.piriform.com
127.0.0.1 ccleaner.piriform.com
127.0.0.1 www.ccleaner.piriform.com
127.0.0.1 license-api.ccleaner.com
0.0.0.0 photodex.com
0.0.0.0 slideshowblog.com
0.0.0.0 picturecd.org
0.0.0.0 picturecd.net
0.0.0.0 cpic.com
0.0.0.0 picturecd.com
0.0.0.0 kb.photodex.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3710502255-1612003614-3486849990-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\WinCan\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 195.250.128.34 - 212.20.96.34
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "Dell Display Manager.lnk"
HKLM\...\StartupApproved\StartupFolder: => "WDDMStatus.lnk"
HKLM\...\StartupApproved\StartupFolder: => "WDSmartWare.lnk"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "DriverUpdUI.exe"
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKLM\...\StartupApproved\Run32: => "EEventManager"
HKLM\...\StartupApproved\Run32: => "FUFAXRCV"
HKLM\...\StartupApproved\Run32: => "FUFAXSTM"
HKU\S-1-5-21-3710502255-1612003614-3486849990-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-3710502255-1612003614-3486849990-1001\...\StartupApproved\Run: => "ut"
HKU\S-1-5-21-3710502255-1612003614-3486849990-1001\...\StartupApproved\Run: => "CCXProcess"
HKU\S-1-5-21-3710502255-1612003614-3486849990-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_0CA051CF8065D8F1D67A1DD7052AD263"
HKU\S-1-5-21-3710502255-1612003614-3486849990-1001\...\StartupApproved\Run: => "Microsoft Edge Update"
HKU\S-1-5-21-3710502255-1612003614-3486849990-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_CCCDB6D5B6877A23EE2B9C7196BB003D"
HKU\S-1-5-21-3710502255-1612003614-3486849990-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{3C11F3F5-A4FD-45E6-A835-B7A61658B509}] => (Allow) C:\Users\WinCan\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{A5B7C368-F2CB-45A3-8CE7-75F275AB282D}] => (Allow) C:\Users\WinCan\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{1637CBAA-95D5-4984-AA49-471B9B27E06E}] => (Allow) C:\Program Files (x86)\D-Link\DWA-131 revE\IHV\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{93750F76-E968-4BF2-BBAE-CC84E78FD560}] => (Allow) C:\Program Files (x86)\D-Link\DWA-131 revE\IHV\PortableWiFi.exe (D-Link Corporation -> D-Link Corp.)
FirewallRules: [{A5A30DBE-483B-4C91-BB1B-54D175987DBE}] => (Allow) C:\Program Files (x86)\D-Link\DWA-131 revE\IHV\PortableWiFi.exe (D-Link Corporation -> D-Link Corp.)
FirewallRules: [{76E2D9E5-3612-45C7-90FF-F3EC6C211008}] => (Allow) C:\Program Files (x86)\D-Link\DWA-131 revE\IHV\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{8B45759A-07AB-4EAE-A27E-B52CA32F21AB}] => (Allow) LPort=5357
FirewallRules: [{43506B05-DE3C-4759-9965-A134BD193BAF}] => (Allow) C:\Program Files\Axis Communications\AXIS Device Manager\Client 5.03.002\AdmClient.exe (Axis Communications AB -> Axis Communications AB)
FirewallRules: [{CE518E5D-8E1E-46BE-88A5-E1A166458315}] => (Allow) LPort=55765
FirewallRules: [{76D287F4-0C31-43C0-995F-46DB22364D9B}] => (Allow) LPort=55762
FirewallRules: [{D0C2F875-A111-4B25-B487-DC7F3639316F}] => (Allow) C:\Program Files\Axis Communications\AXIS Device Manager\AdmService.exe (Axis Communications AB) [File not signed]
FirewallRules: [UDP Query User{B9E5D143-92C6-4D17-B39D-1966CFA6547A}C:\program files (x86)\cdlab\wincanvx\wincanvx.exe] => (Allow) C:\program files (x86)\cdlab\wincanvx\wincanvx.exe (CD Lab AG, 3280 Murten, Switzerland) [File not signed]
FirewallRules: [TCP Query User{B5484A1F-D118-4048-8677-7114C3B04316}C:\program files (x86)\cdlab\wincanvx\wincanvx.exe] => (Allow) C:\program files (x86)\cdlab\wincanvx\wincanvx.exe (CD Lab AG, 3280 Murten, Switzerland) [File not signed]
FirewallRules: [{1D03EF9A-CED5-4E4B-85E3-518CFA64FDDE}] => (Allow) C:\Windows\system32\hasplms.exe (SafeNet, Inc. -> SafeNet Inc.)
FirewallRules: [{A5842179-AA5C-4E3A-A73A-DA40296F55EB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{45286C8A-3F35-4594-BA4D-476B6589221F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0D7CE25C-B3F9-4F51-AF16-DCBE8FD530BD}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{6020407F-DA9C-4299-B96C-44B4EFB74FA7}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{2AB42C7C-2118-40E9-8E06-BA5320256A5E}] => (Allow) C:\Users\WinCan\Desktop\sim city\SimCity\SimCity 2013 Offline\SimCity\SimCity.exe => No File
FirewallRules: [{17A293F6-5B66-40AE-97FD-08AC8743BCEA}] => (Allow) C:\Users\WinCan\Desktop\sim city\SimCity\SimCity 2013 Offline\SimCity\SimCity.exe => No File
FirewallRules: [TCP Query User{B3F461A3-DC57-4EA0-A936-56807F11DB73}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{8B3DC743-5F97-425F-806A-C690154D2F42}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{688443ED-31A0-4F01-8591-9B4F9162DD7E}C:\users\wincan\appdata\roaming\utorrent\updates\3.5.5_46304.exe] => (Allow) C:\users\wincan\appdata\roaming\utorrent\updates\3.5.5_46304.exe => No File
FirewallRules: [UDP Query User{DE755A01-342A-45DB-842E-520803053781}C:\users\wincan\appdata\roaming\utorrent\updates\3.5.5_46304.exe] => (Allow) C:\users\wincan\appdata\roaming\utorrent\updates\3.5.5_46304.exe => No File
FirewallRules: [{F06597DB-4CD0-4044-AFF3-DD8FC6D4E7FE}] => (Allow) C:\Program Files (x86)\R.G. Mechanics\SimCity\SimCity\SimCity.exe => No File
FirewallRules: [{F06B62F0-3438-4AF3-B268-4FB04703C06D}] => (Allow) C:\Program Files (x86)\R.G. Mechanics\SimCity\SimCity\SimCity.exe => No File
FirewallRules: [{9B820931-C86B-477F-A8A1-1686F720BCA1}] => (Allow) C:\Users\WinCan\Desktop\SimCity\SimCity 2013 Offline\SimCity\SimCity.exe (Electronic Arts -> Electronic Arts Inc.) [File not signed]
FirewallRules: [{BFD3DE9B-A247-4ACA-8E49-FF6AA65C5190}] => (Allow) C:\Users\WinCan\Desktop\SimCity\SimCity 2013 Offline\SimCity\SimCity.exe (Electronic Arts -> Electronic Arts Inc.) [File not signed]
FirewallRules: [{F4130DB8-E068-4F24-A8D7-9B2F96EA1297}] => (Allow) C:\Users\WinCan\AppData\Local\Temp\utorrent\utorrent.exe => No File
FirewallRules: [{16DCAB27-B19D-49D8-925C-38B04C6F3FEA}] => (Allow) C:\Users\WinCan\AppData\Local\Temp\utorrent\utorrent.exe => No File
FirewallRules: [{50E5914C-9A4D-494F-8D25-C746F92A757F}] => (Allow) C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{B96E9285-7013-41D0-AFD7-C031C3DB19FB}] => (Allow) C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{031F6DA3-30FE-4A20-AE05-E3EE125B3AA7}] => (Allow) C:\Program Files\Pinnacle\Studio 24\programs\RM.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{24DA7230-2513-4A41-8F78-14943EBC3125}] => (Allow) C:\Program Files\Pinnacle\Studio 24\programs\RM.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{A83371E7-7806-4A73-A9A8-B9E9726656D2}] => (Allow) C:\Program Files\Pinnacle\Studio 24\programs\NGStudio.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{AF156709-0C63-4407-8287-0C7A6074E588}] => (Allow) C:\Program Files\Pinnacle\Studio 24\programs\NGStudio.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{175D818B-40B2-43D6-B6A1-F16B59DEA0FD}] => (Allow) C:\Program Files\Pinnacle\Studio 24\programs\UMI.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{CB2F74B3-39FA-4638-ADB3-507D866FC944}] => (Allow) C:\Program Files\Pinnacle\Studio 24\programs\UMI.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{68EABC2D-B291-41F3-B6FF-BC467FF4794F}] => (Block) C:\Program Files\Pinnacle\Studio 24\programs\PinnacleStudio.EXE (Corel Corporation -> Pinnacle)
FirewallRules: [{E165D54C-5BD4-4678-A1F7-95ADDA7D9858}] => (Block) C:\Program Files\Pinnacle\Studio 24\programs\PinnacleStudio.EXE (Corel Corporation -> Pinnacle)
FirewallRules: [{1F6D6616-0527-4452-BCBF-8A1A5144CB0A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{07F3FCD3-4FCE-4CFA-A42A-DD8C5E2A7663}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{AA61CF3D-473B-46D9-A888-EE9C95CBDEBB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3403.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{01B3D82C-00C1-4BC0-BD3A-9607EF1BBD41}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3403.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E27A3DE1-7A93-4E16-920F-118575E80EAB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3403.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{88CFB5B6-B76B-4E25-836D-79062FA0E03D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3403.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3B60D86B-7B1A-4513-A29A-04C54D5284AB}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\114.0.1823.82\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

15-07-2023 12:27:16 Instalační služba modulů systému Windows
15-07-2023 12:27:50 Instalační služba modulů systému Windows
15-07-2023 12:28:20 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (07/23/2023 11:06:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ConfigSecurityPolicy.exe, verze: 0.0.0.0, časové razítko: 0x64958fc2
Název chybujícího modulu: ConfigSecurityPolicy.exe, verze: 0.0.0.0, časové razítko: 0x64958fc2
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000000165c
ID chybujícího procesu: 0x538
Čas spuštění chybující aplikace: 0x01d9bd44bcea54e4
Cesta k chybující aplikaci: C:\Program Files\SystemSecurity\config\ConfigSecurityPolicy.exe
Cesta k chybujícímu modulu: C:\Program Files\SystemSecurity\config\ConfigSecurityPolicy.exe
ID zprávy: 11e4fdb0-01ef-4936-8f86-f1f4e8592027
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (07/23/2023 11:04:53 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\MFC80U.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (07/22/2023 07:59:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ConfigSecurityPolicy.exe, verze: 0.0.0.0, časové razítko: 0x64958fc2
Název chybujícího modulu: ConfigSecurityPolicy.exe, verze: 0.0.0.0, časové razítko: 0x64958fc2
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000000165c
ID chybujícího procesu: 0x848
Čas spuštění chybující aplikace: 0x01d9bcc5e9036c72
Cesta k chybující aplikaci: C:\Program Files\SystemSecurity\config\ConfigSecurityPolicy.exe
Cesta k chybujícímu modulu: C:\Program Files\SystemSecurity\config\ConfigSecurityPolicy.exe
ID zprávy: 5ab78205-cd46-4ba4-8987-e890a1f41226
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (07/22/2023 07:57:01 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\MFC80U.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (07/22/2023 10:55:03 AM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (07/22/2023 10:49:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ConfigSecurityPolicy.exe, verze: 0.0.0.0, časové razítko: 0x64958fc2
Název chybujícího modulu: ConfigSecurityPolicy.exe, verze: 0.0.0.0, časové razítko: 0x64958fc2
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000000165c
ID chybujícího procesu: 0x7dc
Čas spuštění chybující aplikace: 0x01d9bc791660d020
Cesta k chybující aplikaci: C:\Program Files\SystemSecurity\config\ConfigSecurityPolicy.exe
Cesta k chybujícímu modulu: C:\Program Files\SystemSecurity\config\ConfigSecurityPolicy.exe
ID zprávy: 605fcf12-2b4d-4875-b00b-e8cbfc44ea6a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (07/22/2023 10:47:06 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\MFC80U.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (07/22/2023 08:18:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ConfigSecurityPolicy.exe, verze: 0.0.0.0, časové razítko: 0x64958fc2
Název chybujícího modulu: ConfigSecurityPolicy.exe, verze: 0.0.0.0, časové razítko: 0x64958fc2
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000000165c
ID chybujícího procesu: 0x834
Čas spuštění chybující aplikace: 0x01d9bc640c04e0a4
Cesta k chybující aplikaci: C:\Program Files\SystemSecurity\config\ConfigSecurityPolicy.exe
Cesta k chybujícímu modulu: C:\Program Files\SystemSecurity\config\ConfigSecurityPolicy.exe
ID zprávy: 38b97f54-d3e1-45f0-b3d2-3d1f6679234b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (07/23/2023 11:06:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba WinRing0_1_2_0 neuspěla při spuštění v důsledku následující chyby:
Přístup byl odepřen.

Error: (07/23/2023 11:05:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba WinRing0_1_2_0 neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (07/22/2023 08:21:14 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (07/22/2023 08:13:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba WinRing0_1_2_0 neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (07/22/2023 07:59:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba WinRing0_1_2_0 neuspěla při spuštění v důsledku následující chyby:
Přístup byl odepřen.

Error: (07/22/2023 10:59:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba WinRing0_1_2_0 neuspěla při spuštění v důsledku následující chyby:
Přístup byl odepřen.

Error: (07/22/2023 10:49:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba WinRing0_1_2_0 neuspěla při spuštění v důsledku následující chyby:
Přístup byl odepřen.

Error: (07/22/2023 10:47:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba WinRing0_1_2_0 neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.


CodeIntegrity:
===============
Date: 2023-07-23 11:05:55
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2009.7-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2023-07-23 11:05:23
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 0801 04/24/2019
Motherboard: ASUSTeK COMPUTER INC. PRIME Z370-A II
Processor: Intel(R) Core(TM) i5-8600K CPU @ 3.60GHz
Percentage of memory in use: 62%
Total physical RAM: 16246.96 MB
Available physical RAM: 6094.83 MB
Total Virtual: 32630.96 MB
Available Virtual: 22279.87 MB

==================== Drives ================================

Drive c: (SSD1_SYSTEM) (Fixed) (Total:222.49 GB) (Free:36.83 GB) (Model: INTEL SSDSC2KB240G8) NTFS
Drive d: (SSD2_DATA) (Fixed) (Total:447.13 GB) (Free:76.66 GB) (Model: INTEL SSDSC2KB480G8) NTFS

\\?\Volume{1b2b2591-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.57 GB) (Free:0.13 GB) NTFS
\\?\Volume{1b2b2591-0000-0000-0000-80c337000000}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 1B2B2591)
Partition 1: (Active) - (Size=579 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=222.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=526 MB) - (Type=27)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 447.1 GB) (Disk ID: 9FC5B07B)
Partition 1: (Not Active) - (Size=447.1 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Sotva jsem zapl pc, opět hláška z avastu

pouzi fixlist.txt

Fix result of Farbar Recovery Scan Tool (x64) Version: 18-07-2023
Ran by WinCan (23-07-2023 18:54:10) Run:1
Running from C:\Users\WinCan\Desktop\LOGY
Loaded Profiles: WinCan
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:

(svchost.exe ->) () [File not signed] C:\Program Files\SystemSecurity\config\ConfigSecurityPolicy.exe
(svchost.exe ->) (Microsoft Corporation) [File not signed] C:\Users\WinCan\AppData\Roaming\Mozilla\SystemExtensionsDev\DYYHXHYNDOFXWVHK.exe <4>
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3710502255-1612003614-3486849990-1001\...\MountPoints2: {d88fbe70-226d-11eb-bd8a-0492265a3e51} - "E:\WD SmartWare.exe" autoplay=true
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTIONTask: {9358FD62-420A-4437-B963-DBDE25460E9C} - System32\Tasks\DYYHXHYNDOFXWVHK_run => C:\Users\WinCan\AppData\Roaming\Mozilla\SystemExtensionsDev\DYYHXHYNDOFXWVHK.exe [972800 2023-06-05] (Microsoft Corporation) [File not signed]
Task: {A8712104-4751-4351-9955-A78727B3D950} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-09-30] (Google Inc -> Google LLC)
Task: {481758C4-8511-47FB-B6A7-420974A1D8C1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-09-30] (Google Inc -> Google LLC)
Task: {D39878F8-39F5-46AA-88CD-36D9A6B81DE9} - System32\Tasks\HPCustParticipation HP OfficeJet 200 Mobile Series => "C:\Program Files\HP\HP OfficeJet 200 Mobile Series\Bin\HPCustPartic.exe" /UA 16.5 (No File)
ask: {05377FCC-740C-4B42-B62A-94EC7735BE16} - System32\Tasks\SystemSecurity => C:\Program Files\SystemSecurity\config\ConfigSecurityPolicy.exe [2336663460 2023-06-23] () [File not signed] <==== ATTENTION
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2010-06-16] () [File not signed]
Toolbar: HKLM - No Name - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - No File
FirewallRules: [{3C11F3F5-A4FD-45E6-A835-B7A61658B509}] => (Allow) C:\Users\WinCan\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{A5B7C368-F2CB-45A3-8CE7-75F275AB282D}] => (Allow) C:\Users\WinCan\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [TCP Query User{688443ED-31A0-4F01-8591-9B4F9162DD7E}C:\users\wincan\appdata\roaming\utorrent\updates\3.5.5_46304.exe] => (Allow) C:\users\wincan\appdata\roaming\utorrent\updates\3.5.5_46304.exe => No File
FirewallRules: [UDP Query User{DE755A01-342A-45DB-842E-520803053781}C:\users\wincan\appdata\roaming\utorrent\updates\3.5.5_46304.exe] => (Allow) C:\users\wincan\appdata\roaming\utorrent\updates\3.5.5_46304.exe => No File
FirewallRules: [{F06597DB-4CD0-4044-AFF3-DD8FC6D4E7FE}] => (Allow) C:\Program Files (x86)\R.G. Mechanics\SimCity\SimCity\SimCity.exe => No File
FirewallRules: [{F06B62F0-3438-4AF3-B268-4FB04703C06D}] => (Allow) C:\Program Files (x86)\R.G. Mechanics\SimCity\SimCity\SimCity.exe => No File



EmptyTemp:
Hosts:
Reboot:
End

*****************

Processes closed successfully.
C:\Program Files\SystemSecurity\config\ConfigSecurityPolicy.exe => No running process found
C:\Users\WinCan\AppData\Roaming\Mozilla\SystemExtensionsDev\DYYHXHYNDOFXWVHK.exe => No running process found
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKU\S-1-5-21-3710502255-1612003614-3486849990-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d88fbe70-226d-11eb-bd8a-0492265a3e51} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION{9358FD62-420A-4437-B963-DBDE25460E9C}" => not found
"C:\WINDOWS\HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTIONSystem32\Tasks\DYYHXHYNDOFXWVHK_run" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\TreeHKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION\DYYHXHYNDOFXWVHK_run" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A8712104-4751-4351-9955-A78727B3D950}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A8712104-4751-4351-9955-A78727B3D950}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{481758C4-8511-47FB-B6A7-420974A1D8C1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{481758C4-8511-47FB-B6A7-420974A1D8C1}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D39878F8-39F5-46AA-88CD-36D9A6B81DE9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D39878F8-39F5-46AA-88CD-36D9A6B81DE9}" => removed successfully
C:\WINDOWS\System32\Tasks\HPCustParticipation HP OfficeJet 200 Mobile Series => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPCustParticipation HP OfficeJet 200 Mobile Series" => removed successfully
ask: {05377FCC-740C-4B42-B62A-94EC7735BE16} - System32\Tasks\SystemSecurity => C:\Program Files\SystemSecurity\config\ConfigSecurityPolicy.exe [2336663460 2023-06-23] () [File not signed] <==== ATTENTION => Error: No automatic fix found for this entry.
HKLM\System\CurrentControlSet\Services\KMService => removed successfully
KMService => service removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3C11F3F5-A4FD-45E6-A835-B7A61658B509}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A5B7C368-F2CB-45A3-8CE7-75F275AB282D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{688443ED-31A0-4F01-8591-9B4F9162DD7E}C:\users\wincan\appdata\roaming\utorrent\updates\3.5.5_46304.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{DE755A01-342A-45DB-842E-520803053781}C:\users\wincan\appdata\roaming\utorrent\updates\3.5.5_46304.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F06597DB-4CD0-4044-AFF3-DD8FC6D4E7FE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F06B62F0-3438-4AF3-B268-4FB04703C06D}" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1048576 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 61552835 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => -11006454 B
Edge => 46080 B
Chrome => 1798880 B
Firefox => 698192476 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 688516197 B
systemprofile32 => 688589119 B
LocalService => 688608859 B
NetworkService => 688608859 B
WinCan => 780911983 B

RecycleBin => 32929586 B
EmptyTemp: => 4 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:54:31 ====

Je po restarte nejaky problem ?

Kromě vyskakujícího okna avastu ne

Nechaj vyhladat na disku wr64.sys a daj ho otestovat na www.virustotal.com

Výsledek viz příloha

pokračování 2

pokračování 3