VIRY.CZ

Prohlížeč je pomalý. Prosím o pomoc.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-10-2020
Ran by Mysak (administrator) on TETREV (08-10-2020 17:06:07)
Running from C:\Users\Mysak\Desktop
Loaded Profiles: Mysak & user
Platform: Windows 10 Home Version 1809 17763.1039 (X64) Language: Čeština (Česko)
Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" -- "%1"
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\APP\sim\sim.exe
() [File not signed] D:\srv_apps\bbgate\Apache.exe <2>
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Autel) [File not signed] C:\Program Files (x86)\Autel\PassThru\Maxi PC Suit\VCIservice\AdapterBtService.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.7.915.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.7.915.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <2>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <21>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(LAVASOFT SOFTWARE CANADA INC -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(LAVASOFT SOFTWARE CANADA INC -> Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Mysak\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Seznam.cz, a.s. -> ) C:\Users\Mysak\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Seznam.cz, a.s. -> ) C:\Users\Mysak\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Seznam.cz, a.s. -> ) C:\Users\Mysak\AppData\Roaming\Seznam.cz\bin\sznpp_64.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(The Firebird Project) [File not signed] C:\AWRoot\bin\lib\firebird\bin\fbguard.exe
(The Firebird Project) [File not signed] C:\AWRoot\bin\lib\firebird\bin\fbserver.exe
(TomTom International BV -> TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
(TomTom International BV -> TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(VIA Technologies Inc. -> VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Volkswagen AG) [File not signed] C:\ElsaWin\bin\LcSvrAdm.exe
(Volkswagen AG) [File not signed] C:\ElsaWin\bin\LcSvrAuf.exe
(Volkswagen AG) [File not signed] C:\ElsaWin\bin\LcSvrDba.exe
(Volkswagen AG) [File not signed] C:\ElsaWin\bin\LcSvrHis.exe
(Volkswagen AG) [File not signed] C:\ElsaWin\bin\LcSvrPas.exe
(Volkswagen AG) [File not signed] C:\ElsaWin\bin\LcSvrSaz.exe
(VOLKSWAGEN AG) [File not signed] D:\srv_apps\bbgate\BBGate.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [109160 2020-08-07] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [SIM] => C:\APP\SIM\SIMBat.lnk [666 2019-01-22] () [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5641776 2020-09-11] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files\Opera\assistant\browser_assistant.exe [3085336 2020-10-06] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-1744585618-2728888235-3045379412-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4836032 2017-08-14] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-1744585618-2728888235-3045379412-1000\...\Run: [Chromium] => "c:\users\mysak\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory=Default --restore-last-session
HKU\S-1-5-21-1744585618-2728888235-3045379412-1000\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [254840 2018-09-11] (TomTom International BV -> TomTom)
HKU\S-1-5-21-1744585618-2728888235-3045379412-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [8160856 2020-06-26] (LAVASOFT SOFTWARE CANADA INC -> Lavasoft)
HKU\S-1-5-21-1744585618-2728888235-3045379412-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [48737752 2020-09-09] (Google LLC -> )
HKU\S-1-5-21-1744585618-2728888235-3045379412-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Mysak\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-1744585618-2728888235-3045379412-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Mysak\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-1744585618-2728888235-3045379412-1000\...\MountPoints2: {7d4da2ac-2c75-11e6-b9d7-3085a93c5813} - "I:\setup.exe"
HKU\S-1-5-21-1744585618-2728888235-3045379412-1000\...\MountPoints2: {85811611-f5cf-11e7-a474-3085a93c5813} - "G:\setup.exe"
HKU\S-1-5-21-1744585618-2728888235-3045379412-1003\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\hpcpp165: C:\Windows\System32\spool\prtprocs\x64\hpcpp165.dll [602912 2014-02-19] (Hewlett-Packard Company -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [65488 2020-05-30] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\WINDOWS\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.121\Installer\chrmstp.exe [2020-09-23] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\85.0.5815.103\Installer\chrmstp.exe [2020-09-21] (Avast Software s.r.o. -> AVAST Software)
Startup: C:\Users\Mysak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\x.vbs [2019-02-25] () [File not signed]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {078B957A-F115-461D-84E1-36059E188EED} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [193688 2020-07-02] (Avast Software s.r.o. -> AVAST Software)
Task: {0971ECC2-F740-4980-87AA-DC4FFB6D2666} - System32\Tasks\KMSAutoNet => C:\ProgramData\KMSAutoS\KMSAuto Net.exe
Task: {10F7B803-0978-40B1-AFE1-1984B4DCAF5B} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2097736 2020-09-09] (Avast Software s.r.o. -> AVAST Software)
Task: {123599F5-20AB-4780-A47F-F16A74685258} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22764408 2020-09-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {1FDA9B6C-43E2-4387-A4F1-51E328AC8F5A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.)
Task: {20470DFA-70B4-4EF3-970A-0B09716CD14B} - System32\Tasks\Opera scheduled assistant Autoupdate 1582525676 => C:\Program Files\Opera\launcher.exe [1712152 2020-09-29] (Opera Software AS -> Opera Software)
Task: {21D5CE66-5E0E-4CA9-9AED-41FED02359E4} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22764408 2020-09-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {24F175EB-49CD-4E63-BB51-07B68A85A9A7} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [91728 2015-08-20] (Hewlett-Packard -> HP Development Company, L.P.)
Task: {31DC937C-F4DA-45D2-B95D-AA8ABBFF8732} - System32\Tasks\Opera scheduled Autoupdate 1511972599 => c:\program files\opera\launcher.exe [1712152 2020-09-29] (Opera Software AS -> Opera Software)
Task: {38AA71BF-53BD-470E-BD1F-6610C112601F} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [193688 2020-07-02] (Avast Software s.r.o. -> AVAST Software)
Task: {532C6CE4-3749-44A6-BFBE-4F37F54385AE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3915168 2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {658A9565-EDE4-4CF0-902E-54EB90F35A98} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-11-28] (Google Inc -> Google Inc.)
Task: {6A048711-7E84-4598-AE8B-8DA7325AACDB} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-09-18] (Avast Software s.r.o. -> Avast Software)
Task: {6FDF709A-D600-4DB5-B6C3-8982F49C2645} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2097736 2020-09-09] (Avast Software s.r.o. -> AVAST Software)
Task: {8EAD6D5E-AFC9-4B80-932F-0A668C7F9FA2} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {ABE00BFA-AA70-4DC1-AF95-D0244750FE4A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-11-28] (Google Inc -> Google Inc.)
Task: {B80C73DF-5EA8-4842-AEE8-0B3335A31A9F} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118120 2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {B83943AF-002B-4704-8C47-96E72A67048F} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118120 2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {C24CA3E2-E352-4B1E-95B6-A9D66B8AA3FE} - System32\Tasks\Chromium ritim => "wscript.exe" "C:\ProgramData\{95075064-1F45-DAA2-9983-44E003C1CF2E}\sida.txt" "68747470733a2f2f6b6174756e61712e636f6d" "//B" "//E:jscript" "--IsErIk" <==== ATTENTION
Task: {C42023EB-E3BC-48BF-AC14-4689B22E8E04} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3915168 2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {D1065D3A-5D64-4E4C-B7A6-7889BD436F15} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [3810408 2020-08-07] (Avast Software s.r.o. -> AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog9 16 C:\WINDOWS\SysWOW64\vsocklib.dll [63088 2011-08-08] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog9 17 C:\WINDOWS\SysWOW64\vsocklib.dll [63088 2011-08-08] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog9-x64 16 C:\Windows\system32\vsocklib.dll [67184 2011-08-08] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog9-x64 17 C:\Windows\system32\vsocklib.dll [67184 2011-08-08] (VMware, Inc. -> VMware, Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.10.1 192.168.10.1
Tcpip\..\Interfaces\{9d7cc867-3e1c-496d-b31b-1844dc052683}: [NameServer] 10.100.1.254
Tcpip\..\Interfaces\{9d7cc867-3e1c-496d-b31b-1844dc052683}: [DhcpNameServer] 192.168.10.1 192.168.10.1

Edge:
======
Edge Profile: C:\Users\Mysak\AppData\Local\Microsoft\Edge\User Data\Default [2020-10-05]

FireFox:
========
FF ProfilePath: C:\Users\Mysak\AppData\Roaming\TomTom\HOME\Profiles\i2xv9kis.default [2018-10-24]
FF ProfilePath: C:\Users\Mysak\AppData\Roaming\Actia\diagnostic2.3.4.3\Profiles\ce92wicm.default [2019-01-23]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2020-05-29]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2020-04-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2020-04-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.7.915.0\npAvastBrowserUpdate3.dll [2020-07-02] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.7.915.0\npAvastBrowserUpdate3.dll [2020-07-02] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2020-09-11] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: ChromeWebPlugin -> C:\Program Files (x86)\WebControl\npGS_ChromePlugins.dll [2015-05-18] () [File not signed]
FF Plugin-x32: FireFoxWebPlugin -> C:\Program Files (x86)\WebControl\npGS_Plugins.dll [2015-05-18] () [File not signed]
FF Plugin-x32: Web Components -> C:\Program Files (x86)\Web Components\npWebVideoPlugin.dll [2018-12-26] (HANGZHOU HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> )
FF Plugin-x32: WinLessPlugin -> C:\Program Files (x86)\Camera Stream Controller\npWinLessRtspCtrl.dll [2013-01-30] (VIVOTEK INC. -> )

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default [2020-10-08]
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://velkoobchod.conrad.cz; hxxps://www.conrad.cz; hxxps://www.facebook.com; hxxps://www.miniinthebox.com
CHR HomePage: Default -> msn.com
CHR StartupUrls: Default -> "hxxp://www.google.com","hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP","hxxp://www.bing.com/?pc=U223","hxxp://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-28]
CHR Extension: (SEO Profesional Toolbar) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default\Extensions\adecfhccdknoobplgempjhbojlbpahhn [2017-11-28]
CHR Extension: (Dokumenty) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-28]
CHR Extension: (Disk Google) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-12-16]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2020-08-19]
CHR Extension: (YouTube) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-28]
CHR Extension: (Adobe Acrobat) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-09-17]
CHR Extension: (SEO SERP Workbench) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehbgolklgacemnfnmkkpgekngaaggjjl [2017-11-28]
CHR Extension: (MSN Homepage & Bing Search Engine) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2019-07-31]
CHR Extension: (Tabulky) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-17]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-10-08]
CHR Extension: (Gestures for Google Chrome™) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpkfjicglakibpenojifdiepckckakgk [2017-11-28]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2019-09-16]
CHR Extension: (Adaware Secure) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj [2019-06-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2020-09-30]
CHR Extension: (Gmail) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-10]
CHR Profile: C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-10-08]
CHR Notifications: Profile 1 -> hxxps://kfc.cz; hxxps://news-jupiter.com; hxxps://notification-centar.com; hxxps://notification-list.com; hxxps://www.bonami.cz; hxxps://www.f-mobil.cz; hxxps://www.facebook.com; hxxps://www.knihcentrum.cz; hxxps://www.kosik.cz; hxxps://www.lui.cz; hxxps://www.penize.cz
CHR HomePage: Profile 1 -> hxxp://www.google.com/
CHR StartupUrls: Profile 1 -> "hxxp://www.google.com/","hxxp://www.google.com"
CHR DefaultSearchURL: Profile 1 -> hxxps://defaultsearch.co/?q={searchTerms}
CHR DefaultSearchKeyword: Profile 1 -> Adaware Secure
CHR Extension: (Prezentace) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-28]
CHR Extension: (Dokumenty) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-28]
CHR Extension: (Disk Google) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-18]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2020-08-20]
CHR Extension: (YouTube) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-28]
CHR Extension: (Adobe Acrobat) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-09-18]
CHR Extension: (Tabulky) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-17]
CHR Extension: (Avast Online Security) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-06-09]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2019-09-16]
CHR Extension: (Adaware Secure) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj [2019-04-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2020-09-25]
CHR Extension: (Gmail) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-25]
CHR Extension: (Chrome Media Router) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-09]
CHR Profile: C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\System Profile [2020-03-03]
CHR HKU\S-1-5-21-1744585618-2728888235-3045379412-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-1744585618-2728888235-3045379412-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd]
CHR HKU\S-1-5-21-1744585618-2728888235-3045379412-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKU\S-1-5-21-1744585618-2728888235-3045379412-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-09-06] (Adobe Inc. -> Adobe Inc.)
S2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7776160 2020-08-07] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [193688 2020-07-02] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [353696 2020-08-07] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [193688 2020-07-02] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\85.0.5815.103\elevation_service.exe [1343624 2020-09-09] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [58048 2020-08-07] (Avast Software s.r.o. -> AVAST Software)
R2 BBGate; D:\srv_apps\bbgate\BBGate.exe [532480 2011-12-06] (VOLKSWAGEN AG) [File not signed]
R2 BBGate-HTTPD; D:\srv_apps\bbgate\Apache.exe [20480 2011-12-06] () [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8838528 2020-09-04] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-08-14] (Disc Soft Ltd -> Disc Soft Ltd)
R2 FirebirdGuardianDefaultInstance; C:\AWRoot\bin\lib\firebird\bin\fbguard.exe [65536 2008-07-03] (The Firebird Project) [File not signed]
R3 FirebirdServerDefaultInstance; C:\AWRoot\bin\lib\firebird\bin\fbserver.exe [1527893 2008-07-03] (The Firebird Project) [File not signed]
S2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176128 2014-06-25] (HP) [File not signed]
R2 LcSvrAdm; C:\ElsaWin\bin\LcSvrAdm.exe [240640 2011-12-06] (Volkswagen AG) [File not signed]
R3 LcSvrAuf; C:\ElsaWin\bin\LcSvrAuf.exe [1321472 2011-12-06] (Volkswagen AG) [File not signed]
R2 LcSvrDba; C:\ElsaWin\bin\LcSvrDba.exe [392704 2011-12-06] (Volkswagen AG) [File not signed]
R2 LcSvrHis; C:\ElsaWin\bin\LcSvrHis.exe [335360 2011-12-06] (Volkswagen AG) [File not signed]
R2 LcSvrPAS; C:\ElsaWin\bin\LcSvrPas.exe [477696 2011-12-06] (Volkswagen AG) [File not signed]
R2 LcSvrSaz; C:\ElsaWin\bin\LcSvrSaz.exe [373248 2011-12-06] (Volkswagen AG) [File not signed]
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-11-15] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2013-11-15] (Hewlett-Packard) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13252624 2020-04-23] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 VCIservice; C:\Program Files (x86)\Autel\PassThru\Maxi PC Suit\VCIservice\AdapterBtService.exe [11264 2019-06-04] (Autel) [File not signed]
R2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [36504 2015-06-22] (VIA Technologies Inc. -> VIA Technologies, Inc.)
S2 VMAuthdService; C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [79872 2012-04-30] (VMware, Inc.) [File not signed]
S2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [11839488 2012-04-30] () [File not signed]
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [29272 2020-06-26] (LAVASOFT SOFTWARE CANADA INC -> )
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [363888 2018-05-16] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\NisSrv.exe [2484256 2020-06-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MsMpEng.exe [103168 2020-06-17] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 asmthub3; C:\WINDOWS\System32\drivers\asmthub3.sys [130536 2011-11-03] (MCCI Internal Testing Software -> ASMedia Technology Inc)
S3 asmtxhci; C:\WINDOWS\System32\drivers\asmtxhci.sys [395752 2011-11-03] (MCCI Internal Testing Software -> ASMedia Technology Inc)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37152 2020-08-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205888 2020-08-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [235592 2020-08-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [195656 2020-08-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [60488 2020-08-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16824 2020-07-21] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42776 2020-08-07] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175200 2020-08-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [515544 2020-08-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [109280 2020-08-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84856 2020-08-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851608 2020-08-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [466752 2020-08-07] (Avast Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [217336 2020-08-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [323784 2020-08-07] (Avast Software s.r.o. -> AVAST Software)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-11-29] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-11-29] (Disc Soft Ltd -> Disc Soft Ltd)
S3 FlashUSB; C:\WINDOWS\System32\drivers\FlashUSB.sys [19968 2014-04-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Mobile Communications)
S3 ptun0901; C:\WINDOWS\System32\drivers\ptun0901.sys [27136 2014-08-08] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S2 Sentinel64; C:\WINDOWS\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc. -> SafeNet, Inc.)
S3 shspusb; C:\WINDOWS\System32\drivers\HSPUSB.sys [24064 2014-04-11] (Microsoft Windows Hardware Compatibility Publisher -> MobileTop)
S3 sscdserd; C:\WINDOWS\System32\drivers\sscdserd.sys [158024 2014-04-11] (MCCI Corporation -> MCCI Corporation)
S3 ssceserd; C:\WINDOWS\System32\drivers\ssceserd.sys [158024 2014-04-11] (MCCI Corporation -> MCCI Corporation)
S3 ssdudfu; C:\WINDOWS\System32\drivers\ssdudfu.sys [101960 2014-04-11] (MCCI Corporation -> MCCI)
S3 ssm_bus; C:\WINDOWS\System32\drivers\ssm_bus.sys [136192 2014-04-11] (MCCI Corporation -> MCCI Corporation)
S3 ssm_mdm; C:\WINDOWS\System32\drivers\ssm_mdm.sys [172032 2014-04-11] (MCCI Corporation -> MCCI Corporation)
S3 ssuddmgr; C:\WINDOWS\System32\drivers\ssuddmgr.sys [206080 2014-10-13] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudobex; C:\WINDOWS\System32\drivers\ssudobex.sys [206080 2014-10-13] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudrmnet; C:\WINDOWS\System32\drivers\ssudrmnet.sys [70400 2014-10-13] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
S3 ssudserd; C:\WINDOWS\System32\drivers\ssudserd.sys [206080 2014-10-13] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ss_bserd; C:\WINDOWS\System32\drivers\ss_bserd.sys [128000 2014-04-11] (MCCI Corporation -> MCCI Corporation)
S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-10-13] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
S3 TMUSB; C:\WINDOWS\System32\drivers\TMUSB64.SYS [63096 2012-03-01] (SEIKO EPSON Corporation Test Signing -> Seiko Epson Corporation)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [135768 2016-04-18] (Oracle Corporation -> Oracle Corporation)
R2 VMnetBridge; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [45680 2012-04-30] (VMware, Inc. -> VMware, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-06-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [401120 2020-06-17] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64224 2020-06-17] (Microsoft Windows -> Microsoft Corporation)
S3 WINUSB; C:\Windows\SysWOW64\drivers\WinUSB.SYS [42944 2019-06-04] (深圳市道通科技股份有限公司 -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-10-08 17:06 - 2020-10-08 17:08 - 000037371 _____ C:\Users\Mysak\Desktop\FRST.txt
2020-10-08 17:04 - 2020-10-08 17:04 - 002299392 _____ (Farbar) C:\Users\Mysak\Desktop\FRST64 (1).exe
2020-10-08 17:02 - 2020-10-08 17:02 - 002299392 _____ (Farbar) C:\Users\Mysak\Downloads\FRST64.exe
2020-10-08 08:43 - 2020-10-08 08:43 - 000062901 _____ C:\Users\Mysak\Downloads\web_label12079567_20201008_084318_50.pdf
2020-10-08 08:43 - 2020-10-08 08:43 - 000051098 _____ C:\Users\Mysak\Downloads\web_manifest4179338_20201008_084324_48.pdf
2020-10-07 08:03 - 2020-10-07 08:03 - 000103511 _____ C:\Users\Mysak\Downloads\web_manifest4175588_20201007_080306_15.pdf
2020-10-07 08:02 - 2020-10-07 08:02 - 000075242 _____ C:\Users\Mysak\Downloads\web_label12063562_20201007_080244_56.pdf
2020-10-06 11:13 - 2020-10-06 11:13 - 000100626 _____ C:\Users\Mysak\Downloads\web_manifest4172825_20201006_111347_48.pdf
2020-10-06 11:13 - 2020-10-06 11:13 - 000061837 _____ C:\Users\Mysak\Downloads\web_label12053531_20201006_111341_75.pdf
2020-10-05 10:50 - 2020-10-05 10:51 - 380678042 _____ C:\Users\Mysak\Downloads\Shameless S05E09 CzTit.avi
2020-10-05 10:50 - 2020-10-05 10:51 - 378579288 _____ C:\Users\Mysak\Downloads\Shameless S05E10 CzTit.avi
2020-10-05 10:49 - 2020-10-05 10:50 - 396514064 _____ C:\Users\Mysak\Downloads\Shameless S05E08 CzTit.avi
2020-10-01 16:44 - 2020-10-01 16:44 - 000218918 _____ C:\Users\Mysak\Downloads\6202027634.pdf
2020-10-01 12:50 - 2020-10-01 12:51 - 444610560 _____ C:\Users\Mysak\Downloads\Shameless S05E07 CZ titulky.avi
2020-10-01 12:10 - 2020-10-01 12:10 - 408381718 _____ C:\Users\Mysak\Downloads\Shameless S05E06 CzTit.avi
2020-09-30 14:53 - 2020-09-30 14:53 - 000060566 _____ C:\Users\Mysak\Downloads\web_label11998956_20200930_145337_65.pdf
2020-09-30 14:53 - 2020-09-30 14:53 - 000050603 _____ C:\Users\Mysak\Downloads\web_manifest4159319_20200930_145343_75.pdf
2020-09-24 17:10 - 2020-09-24 17:11 - 371030616 _____ C:\Users\Mysak\Downloads\Shameless S05E05 CzTit.avi
2020-09-24 15:51 - 2020-09-24 15:52 - 446713856 _____ C:\Users\Mysak\Downloads\Shameless US S05E03 - cz tit..avi
2020-09-24 15:51 - 2020-09-24 15:52 - 445640704 _____ C:\Users\Mysak\Downloads\Shameless S05E04 CZ titulky.avi
2020-09-21 17:45 - 2020-09-21 17:45 - 000135686 _____ C:\Users\Mysak\Downloads\3091852635.pdf
2020-09-21 16:15 - 2020-09-21 16:17 - 621507238 _____ C:\Users\Mysak\Downloads\Shameless S05E01 CzTit.avi
2020-09-21 16:15 - 2020-09-21 16:17 - 417883878 _____ C:\Users\Mysak\Downloads\Shameless S05E02 CzTit.avi
2020-09-21 13:39 - 2020-09-21 13:39 - 000226015 _____ C:\Users\Mysak\Downloads\6202023995 (2).pdf
2020-09-21 13:38 - 2020-09-21 13:38 - 000216974 _____ C:\Users\Mysak\Downloads\6902000071.pdf
2020-09-18 09:29 - 2020-09-18 09:29 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2020-09-18 09:29 - 2020-09-18 09:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2020-09-15 11:06 - 2020-09-15 11:06 - 000061370 _____ C:\Users\Mysak\Downloads\web_label11844018_20200915_110613_27.pdf
2020-09-15 11:06 - 2020-09-15 11:06 - 000050522 _____ C:\Users\Mysak\Downloads\web_manifest4121371_20200915_110621_32.pdf
2020-09-14 22:22 - 2020-09-14 22:23 - 491778048 _____ C:\Users\Mysak\Downloads\Shameless S04E12 CZ titulky.avi
2020-09-14 22:07 - 2020-09-14 22:08 - 416284672 _____ C:\Users\Mysak\Downloads\Shameless S04E11 CZ titulky.avi
2020-09-14 16:49 - 2020-09-14 16:50 - 000051759 _____ C:\Users\Mysak\Downloads\web_manifest4119870_20200914_164959_00.pdf
2020-09-14 16:32 - 2020-09-14 16:32 - 000072774 _____ C:\Users\Mysak\Downloads\web_label11836494_20200914_163241_29.pdf
2020-09-14 15:14 - 2020-09-14 15:14 - 000061727 _____ C:\Users\Mysak\Downloads\web_label11835545_20200914_151432_82.pdf
2020-09-14 15:14 - 2020-09-14 15:14 - 000050327 _____ C:\Users\Mysak\Downloads\web_manifest4119501_20200914_151438_22.pdf
2020-09-14 14:37 - 2020-09-14 14:38 - 458221568 _____ C:\Users\Mysak\Downloads\Shameless S04E09 CZ titulky.avi
2020-09-14 14:37 - 2020-09-14 14:38 - 433055744 _____ C:\Users\Mysak\Downloads\Shameless S04E10 CZ titulky.avi
2020-09-09 15:39 - 2020-09-09 15:39 - 000229120 _____ C:\Users\Mysak\Downloads\PF2009000700.pdf
2020-09-08 00:11 - 2020-09-08 00:12 - 475009024 _____ C:\Users\Mysak\Downloads\Shameless S04E08 CZ titulky.avi

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-10-08 17:07 - 2016-09-05 09:41 - 000000000 ____D C:\FRST
2020-10-08 17:05 - 2018-01-11 16:04 - 000000000 ____D C:\Users\Mysak\Documents\Evo Collaborator Outlook
2020-10-08 17:02 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-10-08 16:15 - 2020-06-08 12:20 - 000003522 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2020-10-08 14:18 - 2020-06-08 12:19 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-10-08 11:16 - 2019-01-24 10:15 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-10-08 10:14 - 2018-09-15 09:33 - 000000000 ___HD C:\Program Files\WindowsApps
2020-10-08 10:14 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-10-08 08:13 - 2018-09-15 09:31 - 000000000 ____D C:\WINDOWS\INF
2020-10-08 08:11 - 2020-06-03 07:23 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-10-08 08:11 - 2020-06-03 07:23 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-10-08 07:57 - 2019-01-24 10:47 - 000004194 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{0600D307-B4F2-4075-9B0E-169A60C5EDC8}
2020-10-08 07:51 - 2020-06-03 07:23 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-10-08 07:51 - 2020-06-03 07:23 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-10-08 07:46 - 2019-08-29 17:47 - 000000000 ____D C:\Users\Mysak\AppData\Roaming\Seznam.cz
2020-10-08 07:40 - 2015-11-30 22:34 - 000000000 __SHD C:\Users\Mysak\IntelGraphicsProfiles
2020-10-07 10:46 - 2020-05-13 19:35 - 000004142 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1582525676
2020-10-06 17:16 - 2018-01-03 08:55 - 000000000 ____D C:\Users\Mysak\AppData\Local\Packages
2020-10-06 01:16 - 2020-04-02 19:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2020-10-06 01:16 - 2019-01-24 10:47 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-10-06 01:16 - 2019-01-24 10:47 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-10-06 01:16 - 2019-01-24 10:47 - 000003278 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1511972599
2020-10-06 01:16 - 2019-01-24 10:47 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-10-06 01:16 - 2019-01-24 10:47 - 000003108 _____ C:\WINDOWS\system32\Tasks\KMSAutoNet
2020-10-06 01:16 - 2019-01-24 10:47 - 000003094 _____ C:\WINDOWS\system32\Tasks\Chromium ritim
2020-10-06 01:16 - 2019-01-24 10:47 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1744585618-2728888235-3045379412-1000
2020-10-06 01:16 - 2019-01-24 10:47 - 000002860 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1744585618-2728888235-3045379412-1003
2020-10-06 01:16 - 2019-01-24 10:47 - 000002512 _____ C:\WINDOWS\system32\Tasks\HPLJCustParticipation
2020-10-05 12:17 - 2018-05-25 20:18 - 000001113 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2020-10-05 12:17 - 2017-11-29 18:22 - 000000000 ____D C:\Program Files\Opera
2020-10-02 08:53 - 2013-12-10 15:31 - 000000611 _____ C:\Users\Mysak\Desktop\Time Attendance Management.lnk
2020-09-30 13:31 - 2020-07-15 08:01 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2020-09-30 07:41 - 2018-01-17 19:21 - 000000000 ____D C:\Users\Mysak\AppData\Local\CrashDumps
2020-09-29 07:56 - 2020-06-05 09:33 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2020-09-29 07:56 - 2020-06-05 09:33 - 000002103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2020-09-26 09:17 - 2020-04-02 19:40 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-09-25 08:10 - 2019-04-23 12:36 - 000000000 ____D C:\ProgramData\VMware
2020-09-25 08:10 - 2017-11-28 18:22 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-09-25 08:09 - 2019-01-24 10:47 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-09-24 11:27 - 2019-09-16 09:29 - 000002073 _____ C:\Users\Public\Desktop\Google Slides.lnk
2020-09-24 11:27 - 2019-09-16 09:29 - 000002071 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2020-09-24 11:27 - 2019-09-16 09:29 - 000002061 _____ C:\Users\Public\Desktop\Google Docs.lnk
2020-09-24 11:27 - 2019-09-16 09:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2020-09-23 19:44 - 2017-11-28 17:58 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-09-21 17:42 - 2020-04-02 19:47 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2020-09-21 17:42 - 2020-04-02 19:47 - 000002463 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2020-09-18 09:29 - 2020-08-26 07:47 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2020-09-18 09:29 - 2020-08-26 07:47 - 000002492 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2020-09-18 09:29 - 2020-08-26 07:47 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2020-09-18 09:29 - 2020-08-26 07:47 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2020-09-18 09:29 - 2020-08-26 07:47 - 000002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2020-09-18 09:29 - 2020-08-26 07:46 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2020-09-18 09:29 - 2020-08-26 07:46 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2020-09-18 09:28 - 2017-11-29 09:34 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-09-10 17:24 - 2020-07-15 08:01 - 000439088 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2020-09-10 17:23 - 2020-02-19 15:29 - 000905024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2020-09-09 11:47 - 2017-11-29 12:27 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-09-09 11:22 - 2017-11-29 12:26 - 129170736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories ========

2019-03-18 17:12 - 2019-03-18 17:12 - 000000000 _____ () C:\Program Files (x86)\appl.log
2020-06-09 11:21 - 2020-06-09 11:21 - 000000000 _____ () C:\Users\Mysak\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2020-09-29.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 10-09-2020
# Duration: 00:00:57
# OS: Windows 10 Home
# Scanned: 31837
# Detected: 40

***** [ Services ] *****

PUP.Optional.Legacy WCAssistantService

***** [ Folders ] *****

PUP.Optional.Legacy C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Burn4Free
PUP.Optional.Seznam.cz C:\Program Files (x86)\Seznam.cz
PUP.Optional.Seznam.cz C:\Users\Mysak\AppData\Roaming\Seznam.cz
PUP.Optional.WebCompanion C:\Program Files (x86)\Lavasoft\Web Companion
PUP.Optional.WebCompanion C:\ProgramData\Application Data\Lavasoft\Web Companion
PUP.Optional.WebCompanion C:\ProgramData\Lavasoft\Web Companion
PUP.Optional.WebCompanion C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
PUP.Optional.WebCompanion C:\Users\Mysak\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_SIQ0LWF3TZGXP2KHFKLLYBK3IDTBEHNG
PUP.Optional.WebCompanion C:\Users\Mysak\AppData\Roaming\Lavasoft\Web Companion

***** [ Files ] *****

PUP.Optional.Legacy C:\Users\Mysak\Desktop\Burn4Free.lnk

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Adware.Heuristic HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{c784f3a5-7303-48d1-87d4-ecc6173b1992}|DisplayIcon
PUP.Adware.Heuristic HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{c784f3a5-7303-48d1-87d4-ecc6173b1992}|DisplayName
PUP.Adware.Heuristic HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{c784f3a5-7303-48d1-87d4-ecc6173b1992}|UninstallString
PUP.Optional.Legacy HKCU\Software\Burn4Free
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9}
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Your Software Deals_is1
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.autoupdate
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.szndesktop
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
PUP.Optional.Seznam.cz HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm
PUP.Optional.Seznam.cz HKCU\Software\Seznam.cz
PUP.Optional.Seznam.cz HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce
PUP.Optional.Seznam.cz HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|seznam-listicka-distribuce
PUP.Optional.WebCompanion HKCU\Software\Lavasoft\Web Companion
PUP.Optional.WebCompanion HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.WebCompanion HKLM\Software\Wow6432Node\Lavasoft\Web Companion
PUP.Optional.WebCompanion HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.WebCompanion HKU\.DEFAULT\Software\Mozilla\NativeMessagingHosts\com.webcompanion.native
PUP.Optional.WebCompanion HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

***** [ Chromium (and derivatives) ] *****

PUP.Optional.DefaultSearch.ShrtCln Adaware Secure Search - nladljmabboanhihfkjacnnkgjhnokhj
PUP.Optional.DefaultSearch.ShrtCln Adaware Secure Search - nladljmabboanhihfkjacnnkgjhnokhj
PUP.Optional.Legacy MSN Homepage & Bing Search Engine - fcfenmboojpjinhpgggodefccipikbpd
PUP.Optional.Seznam.cz Seznam doplněk - Email - bgjpfhpjcgdppjbgnpnjllokbmcdllig
PUP.Optional.Seznam.cz Seznam doplněk - Email - bgjpfhpjcgdppjbgnpnjllokbmcdllig

***** [ Chromium URLs ] *****

PUP.Optional.Legacy izito.cz

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.

AdwCleaner[S00].txt - [2554 octets] - [25/09/2018 20:03:41]
AdwCleaner[C00].txt - [2408 octets] - [25/09/2018 20:08:05]
AdwCleaner[S01].txt - [1452 octets] - [25/09/2018 20:58:34]
AdwCleaner[C01].txt - [1580 octets] - [25/09/2018 20:58:50]
AdwCleaner[S02].txt - [1511 octets] - [25/09/2018 21:54:58]
AdwCleaner[C02].txt - [1677 octets] - [25/09/2018 21:57:46]
AdwCleaner[S03].txt - [1712 octets] - [02/10/2018 21:03:44]
AdwCleaner[C03].txt - [1860 octets] - [02/10/2018 21:04:10]
AdwCleaner[S04].txt - [1834 octets] - [15/10/2018 08:49:01]
AdwCleaner[S05].txt - [1937 octets] - [19/03/2019 13:47:27]
AdwCleaner[C05].txt - [2065 octets] - [19/03/2019 13:51:44]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S06].txt ##########

Nálezy smažte a dejte nové logy FRST+Addition.

# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2020-09-29.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 10-12-2020
# Duration: 00:00:38
# OS: Windows 10 Home
# Scanned: 31837
# Detected: 42

***** [ Services ] *****

PUP.Optional.Legacy WCAssistantService

***** [ Folders ] *****

PUP.Optional.Legacy C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Burn4Free
PUP.Optional.Seznam.cz C:\Program Files (x86)\Seznam.cz
PUP.Optional.Seznam.cz C:\Users\Mysak\AppData\Roaming\Seznam.cz
PUP.Optional.WebCompanion C:\Program Files (x86)\Lavasoft\Web Companion
PUP.Optional.WebCompanion C:\ProgramData\Application Data\Lavasoft\Web Companion
PUP.Optional.WebCompanion C:\ProgramData\Lavasoft\Web Companion
PUP.Optional.WebCompanion C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
PUP.Optional.WebCompanion C:\Users\Mysak\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_SIQ0LWF3TZGXP2KHFKLLYBK3IDTBEHNG
PUP.Optional.WebCompanion C:\Users\Mysak\AppData\Roaming\Lavasoft\Web Companion

***** [ Files ] *****

PUP.Optional.Legacy C:\Users\Mysak\Desktop\Burn4Free.lnk

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Adware.Heuristic HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{c784f3a5-7303-48d1-87d4-ecc6173b1992}|DisplayIcon
PUP.Adware.Heuristic HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{c784f3a5-7303-48d1-87d4-ecc6173b1992}|DisplayName
PUP.Adware.Heuristic HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{c784f3a5-7303-48d1-87d4-ecc6173b1992}|UninstallString
PUP.Optional.Legacy HKCU\Software\Burn4Free
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9}
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Your Software Deals_is1
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.autoupdate
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.szndesktop
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
PUP.Optional.Seznam.cz HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm
PUP.Optional.Seznam.cz HKCU\Software\Seznam.cz
PUP.Optional.Seznam.cz HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce
PUP.Optional.Seznam.cz HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|seznam-listicka-distribuce
PUP.Optional.WebCompanion HKCU\Software\Lavasoft\Web Companion
PUP.Optional.WebCompanion HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.WebCompanion HKLM\Software\Wow6432Node\Lavasoft\Web Companion
PUP.Optional.WebCompanion HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.WebCompanion HKU\.DEFAULT\Software\Mozilla\NativeMessagingHosts\com.webcompanion.native
PUP.Optional.WebCompanion HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

***** [ Chromium (and derivatives) ] *****

PUP.Optional.DefaultSearch.ShrtCln Adaware Secure Search - nladljmabboanhihfkjacnnkgjhnokhj
PUP.Optional.DefaultSearch.ShrtCln Adaware Secure Search - nladljmabboanhihfkjacnnkgjhnokhj
PUP.Optional.Legacy MSN Homepage & Bing Search Engine - fcfenmboojpjinhpgggodefccipikbpd
PUP.Optional.Seznam.cz Seznam doplněk - Email - bgjpfhpjcgdppjbgnpnjllokbmcdllig
PUP.Optional.Seznam.cz Seznam doplněk - Email - bgjpfhpjcgdppjbgnpnjllokbmcdllig
PUP.Optional.Seznam.cz Seznam doplněk - Esko - olfeabkoenfaoljndfecamgilllcpiak
PUP.Optional.Seznam.cz Seznam doplněk - Esko - olfeabkoenfaoljndfecamgilllcpiak

***** [ Chromium URLs ] *****

PUP.Optional.Legacy izito.cz

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.

AdwCleaner[S00].txt - [2554 octets] - [25/09/2018 20:03:41]
AdwCleaner[C00].txt - [2408 octets] - [25/09/2018 20:08:05]
AdwCleaner[S01].txt - [1452 octets] - [25/09/2018 20:58:34]
AdwCleaner[C01].txt - [1580 octets] - [25/09/2018 20:58:50]
AdwCleaner[S02].txt - [1511 octets] - [25/09/2018 21:54:58]
AdwCleaner[C02].txt - [1677 octets] - [25/09/2018 21:57:46]
AdwCleaner[S03].txt - [1712 octets] - [02/10/2018 21:03:44]
AdwCleaner[C03].txt - [1860 octets] - [02/10/2018 21:04:10]
AdwCleaner[S04].txt - [1834 octets] - [15/10/2018 08:49:01]
AdwCleaner[S05].txt - [1937 octets] - [19/03/2019 13:47:27]
AdwCleaner[C05].txt - [2065 octets] - [19/03/2019 13:51:44]
AdwCleaner[S06].txt - [5987 octets] - [09/10/2020 14:37:00]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S07].txt ##########

Nálezy jste nesmazal. Smažte a pak dejte nové logy FRST+Addition.

# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2020-09-29.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-12-2020
# Duration: 00:00:04
# OS: Windows 10 Home
# Cleaned: 8
# Failed: 1

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Lavasoft\Web Companion
Deleted C:\ProgramData\Lavasoft\Web Companion

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

Deleted MSN Homepage & Bing Search Engine - fcfenmboojpjinhpgggodefccipikbpd
Deleted Seznam doplněk - Email - bgjpfhpjcgdppjbgnpnjllokbmcdllig
Deleted Seznam doplněk - Email - bgjpfhpjcgdppjbgnpnjllokbmcdllig
Deleted Seznam doplněk - Esko - olfeabkoenfaoljndfecamgilllcpiak
Deleted nladljmabboanhihfkjacnnkgjhnokhj
Deleted nladljmabboanhihfkjacnnkgjhnokhj

***** [ Chromium URLs ] *****

Not Deleted izito.cz

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2554 octets] - [25/09/2018 20:03:41]
AdwCleaner[C00].txt - [2408 octets] - [25/09/2018 20:08:05]
AdwCleaner[S01].txt - [1452 octets] - [25/09/2018 20:58:34]
AdwCleaner[C01].txt - [1580 octets] - [25/09/2018 20:58:50]
AdwCleaner[S02].txt - [1511 octets] - [25/09/2018 21:54:58]
AdwCleaner[C02].txt - [1677 octets] - [25/09/2018 21:57:46]
AdwCleaner[S03].txt - [1712 octets] - [02/10/2018 21:03:44]
AdwCleaner[C03].txt - [1860 octets] - [02/10/2018 21:04:10]
AdwCleaner[S04].txt - [1834 octets] - [15/10/2018 08:49:01]
AdwCleaner[S05].txt - [1937 octets] - [19/03/2019 13:47:27]
AdwCleaner[C05].txt - [2065 octets] - [19/03/2019 13:51:44]
AdwCleaner[S06].txt - [5987 octets] - [09/10/2020 14:37:00]
AdwCleaner[S07].txt - [6228 octets] - [12/10/2020 09:09:08]
AdwCleaner[C07].txt - [5644 octets] - [12/10/2020 09:10:30]
AdwCleaner[S08].txt - [2862 octets] - [12/10/2020 12:00:17]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C08].txt ##########

Kde jsou nové logy FRST+Addition?

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-10-2020
Ran by Mysak (administrator) on TETREV (12-10-2020 16:59:16)
Running from C:\Users\Mysak\Desktop
Loaded Profiles: Mysak
Platform: Windows 10 Home Version 1809 17763.1039 (X64) Language: Čeština (Česko)
Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" -- "%1"
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\APP\sim\sim.exe
() [File not signed] D:\srv_apps\bbgate\Apache.exe <2>
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Autel) [File not signed] C:\Program Files (x86)\Autel\PassThru\Maxi PC Suit\VCIservice\AdapterBtService.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.7.915.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.7.915.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <2>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <31>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(HP) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(ing. Ladislav Peš [www.pneumatiky.info]) [File not signed] [File is in use] \\SERVER_PNEU\PneuServis_SQL\PneuServis.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Mysak\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(The Firebird Project) [File not signed] C:\AWRoot\bin\lib\firebird\bin\fbguard.exe
(The Firebird Project) [File not signed] C:\AWRoot\bin\lib\firebird\bin\fbserver.exe
(TomTom International BV -> TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
(TomTom International BV -> TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(VIA Technologies Inc. -> VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(VMware, Inc.) [File not signed] C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
(Volkswagen AG) [File not signed] C:\ElsaWin\bin\LcSvrAdm.exe
(Volkswagen AG) [File not signed] C:\ElsaWin\bin\LcSvrAuf.exe
(Volkswagen AG) [File not signed] C:\ElsaWin\bin\LcSvrDba.exe
(Volkswagen AG) [File not signed] C:\ElsaWin\bin\LcSvrHis.exe
(Volkswagen AG) [File not signed] C:\ElsaWin\bin\LcSvrPas.exe
(Volkswagen AG) [File not signed] C:\ElsaWin\bin\LcSvrSaz.exe
(VOLKSWAGEN AG) [File not signed] D:\srv_apps\bbgate\BBGate.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [109160 2020-08-07] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [SIM] => C:\APP\SIM\SIMBat.lnk [666 2019-01-22] () [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5641776 2020-09-11] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files\Opera\assistant\browser_assistant.exe [3085336 2020-10-06] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-1744585618-2728888235-3045379412-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4836032 2017-08-14] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-1744585618-2728888235-3045379412-1000\...\Run: [Chromium] => "c:\users\mysak\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory=Default --restore-last-session
HKU\S-1-5-21-1744585618-2728888235-3045379412-1000\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [254840 2018-09-11] (TomTom International BV -> TomTom)
HKU\S-1-5-21-1744585618-2728888235-3045379412-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [48737752 2020-09-09] (Google LLC -> )
HKU\S-1-5-21-1744585618-2728888235-3045379412-1000\...\MountPoints2: {7d4da2ac-2c75-11e6-b9d7-3085a93c5813} - "I:\setup.exe"
HKU\S-1-5-21-1744585618-2728888235-3045379412-1000\...\MountPoints2: {85811611-f5cf-11e7-a474-3085a93c5813} - "G:\setup.exe"
HKLM\...\Windows x64\Print Processors\hpcpp165: C:\Windows\System32\spool\prtprocs\x64\hpcpp165.dll [602912 2014-02-19] (Hewlett-Packard Company -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [65488 2020-05-30] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\WINDOWS\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\86.0.4240.75\Installer\chrmstp.exe [2020-10-08] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\85.0.5815.103\Installer\chrmstp.exe [2020-09-21] (Avast Software s.r.o. -> AVAST Software)
Startup: C:\Users\Mysak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\x.vbs [2019-02-25] () [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {078B957A-F115-461D-84E1-36059E188EED} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [193688 2020-07-02] (Avast Software s.r.o. -> AVAST Software)
Task: {0971ECC2-F740-4980-87AA-DC4FFB6D2666} - System32\Tasks\KMSAutoNet => C:\ProgramData\KMSAutoS\KMSAuto Net.exe
Task: {10F7B803-0978-40B1-AFE1-1984B4DCAF5B} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2097736 2020-09-09] (Avast Software s.r.o. -> AVAST Software)
Task: {19A29BDD-DD36-4B20-951D-645F7D5B533F} - System32\Tasks\Opera scheduled Autoupdate 1511972599 => c:\program files\opera\launcher.exe [1712152 2020-10-06] (Opera Software AS -> Opera Software)
Task: {1FDA9B6C-43E2-4387-A4F1-51E328AC8F5A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.)
Task: {20470DFA-70B4-4EF3-970A-0B09716CD14B} - System32\Tasks\Opera scheduled assistant Autoupdate 1582525676 => C:\Program Files\Opera\launcher.exe [1712152 2020-10-06] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files\Opera\assistant" $(Arg0)
Task: {24F175EB-49CD-4E63-BB51-07B68A85A9A7} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [91728 2015-08-20] (Hewlett-Packard -> HP Development Company, L.P.)
Task: {24FA6AC7-17CB-45B6-B363-4DBC75FE2E78} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22855048 2020-09-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {2AD68898-E928-426B-8253-5A9E2718331E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4011448 2020-10-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {38AA71BF-53BD-470E-BD1F-6610C112601F} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [193688 2020-07-02] (Avast Software s.r.o. -> AVAST Software)
Task: {3EE3297C-290E-40E9-8488-087C2CC29054} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [117584 2020-10-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {658A9565-EDE4-4CF0-902E-54EB90F35A98} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-11-28] (Google Inc -> Google Inc.)
Task: {6A048711-7E84-4598-AE8B-8DA7325AACDB} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-09-18] (Avast Software s.r.o. -> Avast Software)
Task: {6F103B6F-62AC-4156-8542-26922C29372D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [117584 2020-10-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {6FDF709A-D600-4DB5-B6C3-8982F49C2645} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2097736 2020-09-09] (Avast Software s.r.o. -> AVAST Software)
Task: {8EAD6D5E-AFC9-4B80-932F-0A668C7F9FA2} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {ABE00BFA-AA70-4DC1-AF95-D0244750FE4A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-11-28] (Google Inc -> Google Inc.)
Task: {BA4F82BF-DD7F-4527-AD6A-487519335F40} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22855048 2020-09-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {C24CA3E2-E352-4B1E-95B6-A9D66B8AA3FE} - System32\Tasks\Chromium ritim => "wscript.exe" "C:\ProgramData\{95075064-1F45-DAA2-9983-44E003C1CF2E}\sida.txt" "68747470733a2f2f6b6174756e61712e636f6d" "//B" "//E:jscript" "--IsErIk" <==== ATTENTION
Task: {D1065D3A-5D64-4E4C-B7A6-7889BD436F15} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [3810408 2020-08-07] (Avast Software s.r.o. -> AVAST Software)
Task: {EBA7EFEE-1ECB-4397-A9CA-9C132AD062A5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4011448 2020-10-06] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.10.1 192.168.10.1
Tcpip\..\Interfaces\{9d7cc867-3e1c-496d-b31b-1844dc052683}: [NameServer] 10.100.1.254
Tcpip\..\Interfaces\{9d7cc867-3e1c-496d-b31b-1844dc052683}: [DhcpNameServer] 192.168.10.1 192.168.10.1

Edge:
======
Edge Profile: C:\Users\Mysak\AppData\Local\Microsoft\Edge\User Data\Default [2020-10-05]

FireFox:
========
FF ProfilePath: C:\Users\Mysak\AppData\Roaming\TomTom\HOME\Profiles\i2xv9kis.default [2018-10-24]
FF ProfilePath: C:\Users\Mysak\AppData\Roaming\Actia\diagnostic2.3.4.3\Profiles\ce92wicm.default [2019-01-23]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2020-05-29]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2020-04-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2020-04-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.7.915.0\npAvastBrowserUpdate3.dll [2020-07-02] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.7.915.0\npAvastBrowserUpdate3.dll [2020-07-02] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2020-09-11] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: ChromeWebPlugin -> C:\Program Files (x86)\WebControl\npGS_ChromePlugins.dll [2015-05-18] () [File not signed]
FF Plugin-x32: FireFoxWebPlugin -> C:\Program Files (x86)\WebControl\npGS_Plugins.dll [2015-05-18] () [File not signed]
FF Plugin-x32: Web Components -> C:\Program Files (x86)\Web Components\npWebVideoPlugin.dll [2018-12-26] (HANGZHOU HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> )
FF Plugin-x32: WinLessPlugin -> C:\Program Files (x86)\Camera Stream Controller\npWinLessRtspCtrl.dll [2013-01-30] (VIVOTEK INC. -> )

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default [2020-10-12]
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://velkoobchod.conrad.cz; hxxps://www.conrad.cz; hxxps://www.facebook.com; hxxps://www.miniinthebox.com
CHR HomePage: Default -> msn.com
CHR StartupUrls: Default -> "hxxp://www.google.com","hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP","hxxp://www.bing.com/?pc=U223","hxxp://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-28]
CHR Extension: (SEO Profesional Toolbar) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default\Extensions\adecfhccdknoobplgempjhbojlbpahhn [2017-11-28]
CHR Extension: (Dokumenty) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-28]
CHR Extension: (Disk Google) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-12-16]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2020-10-12]
CHR Extension: (YouTube) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-28]
CHR Extension: (Adobe Acrobat) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-09-17]
CHR Extension: (SEO SERP Workbench) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehbgolklgacemnfnmkkpgekngaaggjjl [2017-11-28]
CHR Extension: (MSN Homepage & Bing Search Engine) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2020-10-12]
CHR Extension: (Tabulky) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-17]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-10-08]
CHR Extension: (Gestures for Google Chrome™) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpkfjicglakibpenojifdiepckckakgk [2017-11-28]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2020-10-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-10-12]
CHR Profile: C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-10-12]
CHR Notifications: Profile 1 -> hxxps://kfc.cz; hxxps://news-jupiter.com; hxxps://notification-centar.com; hxxps://notification-list.com; hxxps://www.bonami.cz; hxxps://www.f-mobil.cz; hxxps://www.facebook.com; hxxps://www.knihcentrum.cz; hxxps://www.kosik.cz; hxxps://www.lui.cz; hxxps://www.penize.cz
CHR HomePage: Profile 1 -> hxxp://www.google.com/
CHR StartupUrls: Profile 1 -> "hxxp://www.google.com/","hxxp://www.google.com"
CHR Extension: (Prezentace) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-28]
CHR Extension: (Dokumenty) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-28]
CHR Extension: (Disk Google) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-18]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2020-10-12]
CHR Extension: (YouTube) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-28]
CHR Extension: (Adobe Acrobat) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-09-18]
CHR Extension: (Tabulky) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-17]
CHR Extension: (Avast Online Security) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-06-09]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2020-10-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2020-10-12]
CHR Extension: (Gmail) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-25]
CHR Extension: (Chrome Media Router) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-10-12]
CHR Profile: C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\System Profile [2020-03-03]
CHR HKU\S-1-5-21-1744585618-2728888235-3045379412-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-1744585618-2728888235-3045379412-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd]
CHR HKU\S-1-5-21-1744585618-2728888235-3045379412-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKU\S-1-5-21-1744585618-2728888235-3045379412-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-09-06] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7776160 2020-08-07] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [193688 2020-07-02] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [353696 2020-08-07] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [193688 2020-07-02] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\85.0.5815.103\elevation_service.exe [1343624 2020-09-09] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [58048 2020-08-07] (Avast Software s.r.o. -> AVAST Software)
R2 BBGate; D:\srv_apps\bbgate\BBGate.exe [532480 2011-12-06] (VOLKSWAGEN AG) [File not signed]
R2 BBGate-HTTPD; D:\srv_apps\bbgate\Apache.exe [20480 2011-12-06] () [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8943496 2020-09-24] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-08-14] (Disc Soft Ltd -> Disc Soft Ltd)
R2 FirebirdGuardianDefaultInstance; C:\AWRoot\bin\lib\firebird\bin\fbguard.exe [65536 2008-07-03] (The Firebird Project) [File not signed]
R3 FirebirdServerDefaultInstance; C:\AWRoot\bin\lib\firebird\bin\fbserver.exe [1527893 2008-07-03] (The Firebird Project) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176128 2014-06-25] (HP) [File not signed]
R2 LcSvrAdm; C:\ElsaWin\bin\LcSvrAdm.exe [240640 2011-12-06] (Volkswagen AG) [File not signed]
R3 LcSvrAuf; C:\ElsaWin\bin\LcSvrAuf.exe [1321472 2011-12-06] (Volkswagen AG) [File not signed]
R2 LcSvrDba; C:\ElsaWin\bin\LcSvrDba.exe [392704 2011-12-06] (Volkswagen AG) [File not signed]
R2 LcSvrHis; C:\ElsaWin\bin\LcSvrHis.exe [335360 2011-12-06] (Volkswagen AG) [File not signed]
R2 LcSvrPAS; C:\ElsaWin\bin\LcSvrPas.exe [477696 2011-12-06] (Volkswagen AG) [File not signed]
R2 LcSvrSaz; C:\ElsaWin\bin\LcSvrSaz.exe [373248 2011-12-06] (Volkswagen AG) [File not signed]
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-11-15] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2013-11-15] (Hewlett-Packard) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13252624 2020-04-23] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 VCIservice; C:\Program Files (x86)\Autel\PassThru\Maxi PC Suit\VCIservice\AdapterBtService.exe [11264 2019-06-04] (Autel) [File not signed]
R2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [36504 2015-06-22] (VIA Technologies Inc. -> VIA Technologies, Inc.)
R2 VMAuthdService; C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [79872 2012-04-30] (VMware, Inc.) [File not signed]
S2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [11839488 2012-04-30] () [File not signed]
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [363888 2018-05-16] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\NisSrv.exe [2484256 2020-06-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MsMpEng.exe [103168 2020-06-17] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 asmthub3; C:\WINDOWS\System32\drivers\asmthub3.sys [130536 2011-11-03] (MCCI Internal Testing Software -> ASMedia Technology Inc)
S3 asmtxhci; C:\WINDOWS\System32\drivers\asmtxhci.sys [395752 2011-11-03] (MCCI Internal Testing Software -> ASMedia Technology Inc)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37152 2020-08-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205888 2020-08-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [235592 2020-08-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [195656 2020-08-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [60488 2020-08-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16824 2020-07-21] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42776 2020-08-07] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175200 2020-08-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [515544 2020-08-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [109280 2020-08-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84856 2020-08-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851608 2020-08-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [466752 2020-08-07] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [217336 2020-08-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [323784 2020-08-07] (Avast Software s.r.o. -> AVAST Software)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-11-29] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-11-29] (Disc Soft Ltd -> Disc Soft Ltd)
S3 FlashUSB; C:\WINDOWS\System32\drivers\FlashUSB.sys [19968 2014-04-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Mobile Communications)
S3 ptun0901; C:\WINDOWS\System32\drivers\ptun0901.sys [27136 2014-08-08] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S2 Sentinel64; C:\WINDOWS\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc. -> SafeNet, Inc.)
S3 shspusb; C:\WINDOWS\System32\drivers\HSPUSB.sys [24064 2014-04-11] (Microsoft Windows Hardware Compatibility Publisher -> MobileTop)
S3 sscdserd; C:\WINDOWS\System32\drivers\sscdserd.sys [158024 2014-04-11] (MCCI Corporation -> MCCI Corporation)
S3 ssceserd; C:\WINDOWS\System32\drivers\ssceserd.sys [158024 2014-04-11] (MCCI Corporation -> MCCI Corporation)
S3 ssdudfu; C:\WINDOWS\System32\drivers\ssdudfu.sys [101960 2014-04-11] (MCCI Corporation -> MCCI)
S3 ssm_bus; C:\WINDOWS\System32\drivers\ssm_bus.sys [136192 2014-04-11] (MCCI Corporation -> MCCI Corporation)
S3 ssm_mdm; C:\WINDOWS\System32\drivers\ssm_mdm.sys [172032 2014-04-11] (MCCI Corporation -> MCCI Corporation)
S3 ssuddmgr; C:\WINDOWS\System32\drivers\ssuddmgr.sys [206080 2014-10-13] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudobex; C:\WINDOWS\System32\drivers\ssudobex.sys [206080 2014-10-13] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudrmnet; C:\WINDOWS\System32\drivers\ssudrmnet.sys [70400 2014-10-13] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
S3 ssudserd; C:\WINDOWS\System32\drivers\ssudserd.sys [206080 2014-10-13] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ss_bserd; C:\WINDOWS\System32\drivers\ss_bserd.sys [128000 2014-04-11] (MCCI Corporation -> MCCI Corporation)
S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-10-13] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
S3 TMUSB; C:\WINDOWS\System32\drivers\TMUSB64.SYS [63096 2012-03-01] (SEIKO EPSON Corporation Test Signing -> Seiko Epson Corporation)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [135768 2016-04-18] (Oracle Corporation -> Oracle Corporation)
R2 VMnetBridge; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [45680 2012-04-30] (VMware, Inc. -> VMware, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-06-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [401120 2020-06-17] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64224 2020-06-17] (Microsoft Windows -> Microsoft Corporation)
S3 WINUSB; C:\Windows\SysWOW64\drivers\WinUSB.SYS [42944 2019-06-04] (深圳市道通科技股份有限公司 -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-10-12 16:59 - 2020-10-12 16:59 - 000000000 ____D C:\Users\Mysak\Desktop\FRST-OlderVersion
2020-10-09 20:51 - 2020-10-09 20:54 - 468711424 _____ C:\Users\Mysak\Downloads\Shameless S05E11 CZ titulky.avi
2020-10-09 20:51 - 2020-10-09 20:54 - 398529958 _____ C:\Users\Mysak\Downloads\Shameless S05E12 CzTit.avi
2020-10-09 14:34 - 2020-10-09 14:34 - 008447152 _____ (Malwarebytes) C:\Users\Mysak\Desktop\adwcleaner_8.0.8.exe
2020-10-09 07:53 - 2020-10-09 07:53 - 000137262 _____ C:\Users\Mysak\Downloads\OP_ZAHLAVI_2031CZ0100022580 (1).pdf
2020-10-09 07:53 - 2020-10-09 07:53 - 000137255 _____ C:\Users\Mysak\Downloads\OP_ZAHLAVI_2031CZ0100022035 (1).pdf
2020-10-09 07:53 - 2020-10-09 07:53 - 000135730 _____ C:\Users\Mysak\Downloads\OP_ZAHLAVI_2031CZ0100022696.pdf
2020-10-09 07:53 - 2020-10-09 07:53 - 000135348 _____ C:\Users\Mysak\Downloads\OP_ZAHLAVI_2031CZ0100022186 (1).pdf
2020-10-09 07:53 - 2020-10-09 07:53 - 000135103 _____ C:\Users\Mysak\Downloads\OP_ZAHLAVI_2031CZ0100022850.pdf
2020-10-09 07:53 - 2020-10-09 07:53 - 000134691 _____ C:\Users\Mysak\Downloads\OP_ZAHLAVI_2031CZ0100022892.pdf
2020-10-09 07:53 - 2020-10-09 07:53 - 000134241 _____ C:\Users\Mysak\Downloads\OP_ZAHLAVI_2031CZ0100021919.pdf
2020-10-09 07:52 - 2020-10-09 07:52 - 000137262 _____ C:\Users\Mysak\Downloads\OP_ZAHLAVI_2031CZ0100022580.pdf
2020-10-09 07:52 - 2020-10-09 07:52 - 000137255 _____ C:\Users\Mysak\Downloads\OP_ZAHLAVI_2031CZ0100022035.pdf
2020-10-09 07:52 - 2020-10-09 07:52 - 000135356 _____ C:\Users\Mysak\Downloads\OP_ZAHLAVI_2031CZ0100021744.pdf
2020-10-09 07:52 - 2020-10-09 07:52 - 000135348 _____ C:\Users\Mysak\Downloads\OP_ZAHLAVI_2031CZ0100022186.pdf
2020-10-09 07:52 - 2020-10-09 07:52 - 000134219 _____ C:\Users\Mysak\Downloads\OP_ZAHLAVI_2031CZ0100021918 (2).pdf
2020-10-09 07:51 - 2020-10-09 07:51 - 000134219 _____ C:\Users\Mysak\Downloads\OP_ZAHLAVI_2031CZ0100021918.pdf
2020-10-09 07:51 - 2020-10-09 07:51 - 000134219 _____ C:\Users\Mysak\Downloads\OP_ZAHLAVI_2031CZ0100021918 (1).pdf
2020-10-08 17:09 - 2020-10-08 17:26 - 000071064 _____ C:\Users\Mysak\Desktop\Addition.txt
2020-10-08 17:06 - 2020-10-12 17:01 - 000035541 _____ C:\Users\Mysak\Desktop\FRST.txt
2020-10-08 17:04 - 2020-10-12 16:59 - 002299392 _____ (Farbar) C:\Users\Mysak\Desktop\FRST64 (1).exe
2020-10-08 17:02 - 2020-10-08 17:02 - 002299392 _____ (Farbar) C:\Users\Mysak\Downloads\FRST64.exe
2020-10-08 08:43 - 2020-10-08 08:43 - 000062901 _____ C:\Users\Mysak\Downloads\web_label12079567_20201008_084318_50.pdf
2020-10-08 08:43 - 2020-10-08 08:43 - 000051098 _____ C:\Users\Mysak\Downloads\web_manifest4179338_20201008_084324_48.pdf
2020-10-07 08:03 - 2020-10-07 08:03 - 000103511 _____ C:\Users\Mysak\Downloads\web_manifest4175588_20201007_080306_15.pdf
2020-10-07 08:02 - 2020-10-07 08:02 - 000075242 _____ C:\Users\Mysak\Downloads\web_label12063562_20201007_080244_56.pdf
2020-10-06 11:13 - 2020-10-06 11:13 - 000100626 _____ C:\Users\Mysak\Downloads\web_manifest4172825_20201006_111347_48.pdf
2020-10-06 11:13 - 2020-10-06 11:13 - 000061837 _____ C:\Users\Mysak\Downloads\web_label12053531_20201006_111341_75.pdf
2020-10-05 10:50 - 2020-10-05 10:51 - 380678042 _____ C:\Users\Mysak\Downloads\Shameless S05E09 CzTit.avi
2020-10-05 10:50 - 2020-10-05 10:51 - 378579288 _____ C:\Users\Mysak\Downloads\Shameless S05E10 CzTit.avi
2020-10-05 10:49 - 2020-10-05 10:50 - 396514064 _____ C:\Users\Mysak\Downloads\Shameless S05E08 CzTit.avi
2020-10-01 16:44 - 2020-10-01 16:44 - 000218918 _____ C:\Users\Mysak\Downloads\6202027634.pdf
2020-10-01 12:50 - 2020-10-01 12:51 - 444610560 _____ C:\Users\Mysak\Downloads\Shameless S05E07 CZ titulky.avi
2020-10-01 12:10 - 2020-10-01 12:10 - 408381718 _____ C:\Users\Mysak\Downloads\Shameless S05E06 CzTit.avi
2020-09-30 14:53 - 2020-09-30 14:53 - 000060566 _____ C:\Users\Mysak\Downloads\web_label11998956_20200930_145337_65.pdf
2020-09-30 14:53 - 2020-09-30 14:53 - 000050603 _____ C:\Users\Mysak\Downloads\web_manifest4159319_20200930_145343_75.pdf
2020-09-24 17:10 - 2020-09-24 17:11 - 371030616 _____ C:\Users\Mysak\Downloads\Shameless S05E05 CzTit.avi
2020-09-24 15:51 - 2020-09-24 15:52 - 446713856 _____ C:\Users\Mysak\Downloads\Shameless US S05E03 - cz tit..avi
2020-09-24 15:51 - 2020-09-24 15:52 - 445640704 _____ C:\Users\Mysak\Downloads\Shameless S05E04 CZ titulky.avi
2020-09-21 17:45 - 2020-09-21 17:45 - 000135686 _____ C:\Users\Mysak\Downloads\3091852635.pdf
2020-09-21 16:15 - 2020-09-21 16:17 - 621507238 _____ C:\Users\Mysak\Downloads\Shameless S05E01 CzTit.avi
2020-09-21 16:15 - 2020-09-21 16:17 - 417883878 _____ C:\Users\Mysak\Downloads\Shameless S05E02 CzTit.avi
2020-09-21 13:39 - 2020-09-21 13:39 - 000226015 _____ C:\Users\Mysak\Downloads\6202023995 (2).pdf
2020-09-21 13:38 - 2020-09-21 13:38 - 000216974 _____ C:\Users\Mysak\Downloads\6902000071.pdf
2020-09-18 09:29 - 2020-10-08 17:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2020-09-18 09:29 - 2020-09-18 09:29 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2020-09-15 11:06 - 2020-09-15 11:06 - 000061370 _____ C:\Users\Mysak\Downloads\web_label11844018_20200915_110613_27.pdf
2020-09-15 11:06 - 2020-09-15 11:06 - 000050522 _____ C:\Users\Mysak\Downloads\web_manifest4121371_20200915_110621_32.pdf
2020-09-14 22:22 - 2020-09-14 22:23 - 491778048 _____ C:\Users\Mysak\Downloads\Shameless S04E12 CZ titulky.avi
2020-09-14 22:07 - 2020-09-14 22:08 - 416284672 _____ C:\Users\Mysak\Downloads\Shameless S04E11 CZ titulky.avi
2020-09-14 16:49 - 2020-09-14 16:50 - 000051759 _____ C:\Users\Mysak\Downloads\web_manifest4119870_20200914_164959_00.pdf
2020-09-14 16:32 - 2020-09-14 16:32 - 000072774 _____ C:\Users\Mysak\Downloads\web_label11836494_20200914_163241_29.pdf
2020-09-14 15:14 - 2020-09-14 15:14 - 000061727 _____ C:\Users\Mysak\Downloads\web_label11835545_20200914_151432_82.pdf
2020-09-14 15:14 - 2020-09-14 15:14 - 000050327 _____ C:\Users\Mysak\Downloads\web_manifest4119501_20200914_151438_22.pdf
2020-09-14 14:37 - 2020-09-14 14:38 - 458221568 _____ C:\Users\Mysak\Downloads\Shameless S04E09 CZ titulky.avi
2020-09-14 14:37 - 2020-09-14 14:38 - 433055744 _____ C:\Users\Mysak\Downloads\Shameless S04E10 CZ titulky.avi

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-10-12 17:00 - 2016-09-05 09:41 - 000000000 ____D C:\FRST
2020-10-12 16:56 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-10-12 16:50 - 2018-01-11 16:04 - 000000000 ____D C:\Users\Mysak\Documents\Evo Collaborator Outlook
2020-10-12 14:03 - 2017-11-28 18:17 - 000000000 ____D C:\ProgramData\AVAST Software
2020-10-12 12:15 - 2020-06-08 12:19 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-10-12 12:15 - 2020-06-03 07:23 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-10-12 12:15 - 2020-06-03 07:23 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-10-12 12:03 - 2015-11-30 22:34 - 000000000 __SHD C:\Users\Mysak\IntelGraphicsProfiles
2020-10-12 12:02 - 2019-04-23 12:36 - 000000000 ____D C:\ProgramData\VMware
2020-10-12 12:02 - 2017-11-28 18:22 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-10-12 12:01 - 2019-01-24 10:47 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-10-12 12:00 - 2019-03-20 17:31 - 000000000 ____D C:\ProgramData\Lavasoft
2020-10-12 12:00 - 2019-03-20 17:31 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2020-10-12 12:00 - 2018-09-15 08:09 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-10-12 09:13 - 2017-11-29 18:22 - 000000000 ____D C:\Program Files\Opera
2020-10-12 09:10 - 2019-03-20 17:32 - 000000000 ____D C:\Users\Mysak\AppData\Roaming\Lavasoft
2020-10-12 09:10 - 2019-03-20 17:32 - 000000000 ____D C:\Users\Mysak\AppData\Local\Lavasoft
2020-10-12 09:10 - 2018-02-05 16:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2020-10-12 08:38 - 2019-01-24 10:15 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-10-12 08:18 - 2020-06-03 07:23 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-10-12 08:18 - 2020-06-03 07:23 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-10-12 08:12 - 2018-09-15 09:33 - 000000000 ___HD C:\Program Files\WindowsApps
2020-10-12 08:12 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-10-12 08:07 - 2019-01-24 10:47 - 000004194 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{0600D307-B4F2-4075-9B0E-169A60C5EDC8}
2020-10-12 08:01 - 2020-04-02 19:40 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-10-12 07:48 - 2019-01-24 10:47 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1744585618-2728888235-3045379412-1000
2020-10-12 07:48 - 2019-01-24 10:22 - 000002365 _____ C:\Users\Mysak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-10-12 07:48 - 2015-07-30 14:16 - 000000000 ___RD C:\Users\Mysak\OneDrive
2020-10-09 22:50 - 2020-06-08 12:20 - 000002612 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2020-10-09 22:50 - 2020-05-13 19:35 - 000003490 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1582525676
2020-10-09 22:50 - 2020-04-02 19:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2020-10-09 22:50 - 2019-01-24 10:47 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-10-09 22:50 - 2019-01-24 10:47 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-10-09 22:50 - 2019-01-24 10:47 - 000003278 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1511972599
2020-10-09 22:50 - 2019-01-24 10:47 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-10-09 22:50 - 2019-01-24 10:47 - 000003108 _____ C:\WINDOWS\system32\Tasks\KMSAutoNet
2020-10-09 22:50 - 2019-01-24 10:47 - 000003094 _____ C:\WINDOWS\system32\Tasks\Chromium ritim
2020-10-09 22:50 - 2019-01-24 10:47 - 000002860 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1744585618-2728888235-3045379412-1003
2020-10-09 22:50 - 2019-01-24 10:47 - 000002512 _____ C:\WINDOWS\system32\Tasks\HPLJCustParticipation
2020-10-09 12:18 - 2018-05-25 20:18 - 000001113 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2020-10-09 00:06 - 2017-11-28 17:58 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-10-08 17:52 - 2017-11-29 09:34 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-10-08 08:13 - 2018-09-15 09:31 - 000000000 ____D C:\WINDOWS\INF
2020-10-06 17:16 - 2018-01-03 08:55 - 000000000 ____D C:\Users\Mysak\AppData\Local\Packages
2020-10-02 08:53 - 2013-12-10 15:31 - 000000611 _____ C:\Users\Mysak\Desktop\Time Attendance Management.lnk
2020-09-30 13:31 - 2020-07-15 08:01 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2020-09-30 07:41 - 2018-01-17 19:21 - 000000000 ____D C:\Users\Mysak\AppData\Local\CrashDumps
2020-09-29 07:56 - 2020-06-05 09:33 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2020-09-29 07:56 - 2020-06-05 09:33 - 000002103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2020-09-24 11:27 - 2019-09-16 09:29 - 000002073 _____ C:\Users\Public\Desktop\Google Slides.lnk
2020-09-24 11:27 - 2019-09-16 09:29 - 000002071 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2020-09-24 11:27 - 2019-09-16 09:29 - 000002061 _____ C:\Users\Public\Desktop\Google Docs.lnk
2020-09-24 11:27 - 2019-09-16 09:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2020-09-21 17:42 - 2020-04-02 19:47 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2020-09-21 17:42 - 2020-04-02 19:47 - 000002463 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2020-09-18 09:29 - 2020-08-26 07:47 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2020-09-18 09:29 - 2020-08-26 07:47 - 000002492 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2020-09-18 09:29 - 2020-08-26 07:47 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2020-09-18 09:29 - 2020-08-26 07:47 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2020-09-18 09:29 - 2020-08-26 07:47 - 000002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2020-09-18 09:29 - 2020-08-26 07:46 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2020-09-18 09:29 - 2020-08-26 07:46 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk

==================== Files in the root of some directories ========

2019-03-18 17:12 - 2019-03-18 17:12 - 000000000 _____ () C:\Program Files (x86)\appl.log
2020-06-09 11:21 - 2020-06-09 11:21 - 000000000 _____ () C:\Users\Mysak\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-10-2020
Ran by Mysak (12-10-2020 17:02:27)
Running from C:\Users\Mysak\Desktop
Windows 10 Home Version 1809 17763.1039 (X64) (2019-01-24 08:49:04)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1744585618-2728888235-3045379412-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1744585618-2728888235-3045379412-503 - Limited - Disabled)
Guest (S-1-5-21-1744585618-2728888235-3045379412-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1744585618-2728888235-3045379412-1002 - Limited - Enabled)
Mysak (S-1-5-21-1744585618-2728888235-3045379412-1000 - Administrator - Enabled) => C:\Users\Mysak
user (S-1-5-21-1744585618-2728888235-3045379412-1003 - Limited - Enabled) => C:\Users\user
WDAGUtilityAccount (S-1-5-21-1744585618-2728888235-3045379412-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{F8F948EA-5AEA-4158-8821-A2F788ECE936}) (Version: 16.2.1 - Hewlett-Packard) Hidden
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 20.012.20048 - Adobe Systems Incorporated)
Adobe Photoshop CS5.1 (HKLM-x32\...\{9158FF30-78D7-40EF-B83E-451AC5334640}) (Version: 12.1 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.23) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version: 3.0 - )
Advanced IP Scanner 2.5 (HKLM-x32\...\{4012E407-3BB2-443D-95D0-FC6662AA2E50}) (Version: 2.5.3850 - Famatech)
Altus Vario 14.0 (HKLM-x32\...\Altus Vario 14.0) (Version: - Altus software s.r.o.)
AnyMP4 DVD Copy 3.1.28 (HKLM-x32\...\{069020F5-973C-4b00-AA76-7246EB45B5A1}_is1) (Version: 3.1.28 - AnyMP4 Studio)
AnyMP4 DVD Ripper 7.2.26 (HKLM-x32\...\{991684FE-29A2-4b20-8CD5-FFD2275FD2CD}_is1) (Version: 7.2.26 - AnyMP4 Studio)
ApowerPDF V5.3.0.0508 (HKLM-x32\...\{8691C793-7B2C-46C5-9AB2-AB80D129A5EC}_is1) (Version: 5.3.0.0508 - Apowersoft LIMITED)
Artisteer 3 (HKLM-x32\...\Artisteer 3) (Version: 3.0 - Extensoft)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.6.2420 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 85.0.5815.103 - Autoři prohlížeče Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.7.915.0 - AVAST Software) Hidden
Backup and Sync from Google (HKLM\...\{B109BD68-709A-485B-97E6-651FEB234AC9}) (Version: 3.51.3307.8076 - Google, Inc.)
Balíček ovladače systému Windows - ACTIA Automotive ACTIA USB Devices Driver Installation Media (06/16/2010 1.00.00) (HKLM\...\06330AEC489EF74CA815EB51EB0BFB271730A066) (Version: 06/16/2010 1.00.00 - ACTIA Automotive)
Burn4Free DVD Burning Software 9.3.0.0 (HKLM-x32\...\Burn4Free DVD Burning Software_is1) (Version: - Sakysoft s.r.l.)
Camera Stream Controller (HKLM-x32\...\Camera Stream Controller) (Version: - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.6.0.0283 - Disc Soft Ltd)
Dell OS Recovery Tool (HKLM-x32\...\{1A236038-C023-4397-87EB-10127699BD10}) (Version: 2.3.6094.0 - Dell) Hidden
Dell OS Recovery Tool (HKLM-x32\...\{f50dbbb3-b883-4f60-b5bf-6f221599f767}) (Version: 2.3.6094 - Dell Inc.)
ElsaWin (HKLM-x32\...\ElsaWin) (Version: 4.00 - )
EvoCollaboratorOutlook (HKLM-x32\...\{7ED51214-FBD5-4CDB-9E72-36313487797E}) (Version: 2.0.57 - EVO Software Production)
Facebook (HKLM-x32\...\Facebook) (Version: - )
FileZilla Client 3.30.0 (HKLM-x32\...\FileZilla Client) (Version: 3.30.0 - Tim Kosse)
ForpsiSync (HKLM-x32\...\{C91398D6-93A7-4E41-BE6D-BE779D3CA06A}) (Version: 2.9.4 - INTERNET.CZ)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 86.0.4240.75 - Google LLC)
Google SketchUp 8 (HKLM-x32\...\{D22002ED-EE2A-4CB1-A63D-430E62A2E8D8}) (Version: 3.0.4811 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
HP LaserJet Pro MFP M225-M226 (HKLM-x32\...\{6cd614ab-916c-46ab-a682-b2b796beae53}) (Version: 15.0.16078.469 - Hewlett-Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDXP (HKLM-x32\...\{2A636316-16FB-4667-B6C4-7C44998E06E1}) (Version: 3.0.26.14 - HP) Hidden
HPLJDXPHelper (HKLM-x32\...\{010788AB-706E-4604-A46B-6785EAB64B5E}) (Version: 140.069.007 - HP) Hidden
HPLJPMFPM225-226 (HKLM-x32\...\{20DAF966-8EC4-40D0-903C-897EAE30EC72}) (Version: 0.00.100 - Hewlett-Packard)
HPLJUTCore (HKLM-x32\...\{06C9D648-CFC6-48CC-A11B-C4A21BEDDAF1}) (Version: 018.000.0001 - HP) Hidden
HPLJUTM225_226 (HKLM-x32\...\{366983C9-B7BE-4F66-83F6-ACD93C3AF4F5}) (Version: 012.000.0001 - HP) Hidden
hppLaserJetService (HKLM-x32\...\{0C4C3664-157A-4D69-B474-31EBF2EE1AE3}) (Version: 009.033.00926 - Hewlett-Packard) Hidden
hppM225-M226LaserJetService (HKLM-x32\...\{C12848DB-8F33-463E-B0D9-68ACCC0E5A42}) (Version: 001.034.00685 - Hewlett-Packard) Hidden
hpStatusAlerts (HKLM-x32\...\{32DE03E8-D0B3-4D13-A885-D3EDFC959EEC}) (Version: 180.040.00267 - HP Development Company, L.P.) Hidden
hpStatusAlertsM225-M226 (HKLM-x32\...\{0CCFF6E8-B4D1-416F-8198-B223BA8B1991}) (Version: 120.046.00127 - Hewlett-Packard) Hidden
I.R.I.S. OCR (HKLM-x32\...\{F20A04CF-5BE6-404A-9295-D59046238245}) (Version: 12.3.6.6 - HP)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
K-Lite Mega Codec Pack 13.7.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.7.5 - KLCP)
LJDXPHelperUI (HKLM-x32\...\{DEB23FB1-04FF-44AC-98B5-EEB243D65A28}) (Version: 140.069.007 - HP) Hidden
Maxi PC Suite (HKLM-x32\...\{4BB75795-621C-424A-8886-9F054F01A187}) (Version: 1.28 - Autel) Hidden
Maxi PC Suite (HKLM-x32\...\InstallShield_{4BB75795-621C-424A-8886-9F054F01A187}) (Version: 1.28 - Autel)
Microsoft Access Runtime 2010 (HKLM-x32\...\Office14.AccessRT) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 86.0.622.38 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.41 - )
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.13231.20262 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1744585618-2728888235-3045379412-1000\...\OneDriveSetup.exe) (Version: 20.169.0823.0006 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{56968E15-E9B0-432D-BBE1-D303BD157C5A}) (Version: 2.68.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27024 (HKLM-x32\...\{2ff11a2a-f7ac-4a6c-8cd4-c7bb974f3642}) (Version: 14.16.27024.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13231.20126 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13231.20126 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13231.20200 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.13231.20126 - Microsoft Corporation) Hidden
Opera Stable 71.0.3770.228 (HKLM-x32\...\Opera 71.0.3770.228) (Version: 71.0.3770.228 - Opera Software)
Oracle VM VirtualBox 5.2.6 (HKLM\...\{EA9602E3-0184-45B9-9E15-028776CD7A6E}) (Version: 5.2.6 - Oracle Corporation)
Paragon Partition Manager™ 14 Free (HKLM\...\{47E5588F-C3A0-11DE-9857-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PDF Editor 5 (HKLM-x32\...\PDF Editor 5) (Version: - )
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.9.0 - Prolific Technology INC)
RoomSketcher (HKLM-x32\...\RoomSketcher 1.0) (Version: 1.0 - RoomSketcher)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001C-0000-0000-0000000FF1CE}_Office14.AccessRT_{54846D1D-E5D5-4A28-AA6D-7208259007EA}) (Version: - Microsoft)
STORMWARE POHODA CZ Jazz (HKLM-x32\...\{3F33A6B2-8DEB-436D-BBC2-B6AAEBFFC6FC}) (Version: 12100.85 - STORMWARE)
SyncFileSetup (x86) (HKLM-x32\...\{04848A0A-02B1-4703-B15D-6E7DCF95FB84}) (Version: 1.4.6698.8727 - Western Digital Technologies, Inc) Hidden
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.5.3 - TeamViewer)
TomTom HOME (HKLM-x32\...\{3E80F220-4AD6-4875-93BF-AA8088B17C7B}) (Version: 2.11.4 - Název společnosti:)
TpmsIDToPC (HKLM-x32\...\{F9CE15C8-3323-4716-A66B-184A3630E91A}) (Version: 2.4 - Cub) Hidden
TpmsIDToPC (HKLM-x32\...\InstallShield_{F9CE15C8-3323-4716-A66B-184A3630E91A}) (Version: 2.4 - Cub)
TpmsToolObdUpdater (HKLM-x32\...\{A273DD7F-C957-47A2-9260-C41F567EDC87}) (Version: 1.6 - Cub) Hidden
TpmsToolObdUpdater (HKLM-x32\...\InstallShield_{A273DD7F-C957-47A2-9260-C41F567EDC87}) (Version: 1.6 - Cub)
VmciSockets (HKLM\...\{2BE3C45C-B0E3-4061-A3C5-C6ED9639C813}) (Version: 9.1.54.1 - VMware, Inc.) Hidden
VMware Workstation (HKLM-x32\...\{0D94F75A-0EA6-4951-B3AF-B145FA9E05C6}) (Version: 8.0.3.29699 - VMware, Inc.) Hidden
VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 8.0.3.29699 - VMware, Inc)
VNC Viewer 6.19.325 (HKLM\...\{8412A26E-0F1A-47B2-9C61-4738C5864645}) (Version: 6.19.325.40889 - RealVNC Ltd)
WD Drive Utilities (HKLM-x32\...\{11e9c710-8018-47f2-b362-0e8dacbd364f}) (Version: 2.0.0.44 - Western Digital Technologies, Inc.)
WD Drive Utilities (HKLM-x32\...\{3D135AD9-46B6-465A-8001-1B68BE11B17D}) (Version: 2.0.0.44 - Western Digital Technologies, Inc.) Hidden
WD Sync (HKLM-x32\...\{4936b28e-3221-4d96-91ff-64548c4ae025}) (Version: 1.4.6698.8727 - Western Digital Technologies, Inc.)
Web Components (HKLM-x32\...\{03B13AF8-9625-478A-AF0E-205337B9415A}_is1) (Version: 3.0.7.1 - )
WebControl (HKLM-x32\...\WEBCONTROL1.0.0.23) (Version: 1.0.0.23 - Grandstream)
WebVT (HKLM-x32\...\{6EF571C5-E20D-48AE-BBEC-AC3728477E0F}) (Version: 8.15 - ATEQ)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{F92064F6-BDE8-46FC-A19F-4E12D311BE3A}) (Version: 1.0.30 - Microsoft Corporation)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-05] (Autodesk Inc.)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.0.2204.0_x64__rz1tebttyb220 [2019-11-16] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-05-18] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_120.1.741.0_x64__v10z8vjag6ke6 [2020-10-09] (HP Inc.)
Keeper - Password Manager & Secure File Storage -> C:\Program Files\WindowsApps\KeeperSecurityInc.Keeper_14.0.33.0_x64__kejf07qmg0jnm [2019-07-30] (Keeper Security Inc)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-15] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2020-08-20] (Microsoft Studios) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1744585618-2728888235-3045379412-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Mysak\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Mysak\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Mysak\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-09-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-09-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-09-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-08-07] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Mysak\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Mysak\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Mysak\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-07-31] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-08-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-09-09] (Google LLC -> Google)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Mysak\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers1: [WDSyncContextMenuHandler] -> {5A51BDCB-F8C2-4698-B79C-A77DF0AA466B} => C:\Program Files (x86)\Western Digital\WD App Manager\Plugins\WD Sync\App\WDSyncContextMenuHandler.dll [2018-05-04] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Mysak\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers2-x32: [ShellPlusContextMenu] -> {1C311AAA-D8B1-4A0A-BEE5-2387FEC583DA} => C:\Program Files (x86)\Burn4Free DVD Burning Software\B4FM.dll [2015-11-23] (Sakysoft s.r.l.) [File not signed]
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-08-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Mysak\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers3-x32: [ShellPlusContextMenu] -> {1C311AAA-D8B1-4A0A-BEE5-2387FEC583DA} => C:\Program Files (x86)\Burn4Free DVD Burning Software\B4FM.dll [2015-11-23] (Sakysoft s.r.l.) [File not signed]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-09-09] (Google LLC -> Google)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Mysak\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-07-31] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-08-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WDSyncContextMenuHandler] -> {5A51BDCB-F8C2-4698-B79C-A77DF0AA466B} => C:\Program Files (x86)\Western Digital\WD App Manager\Plugins\WD Sync\App\WDSyncContextMenuHandler.dll [2018-05-04] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.X264] => C:\WINDOWS\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\system32\lagarith.dll [148992 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\system32\xvidvfw.dll [309248 2015-12-18] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [282112 2015-12-18] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.VMnc] => C:\Windows\SysWOW64\vmnc.dll [252016 2012-04-30] (VMware, Inc. -> VMware, Inc.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Mysak\Favorites\NCH Software Download Site.lnk -> hxxp://www.nchsoftware.com/index.htm
Shortcut: C:\Users\Mysak\Desktop\Mysak\Myšák\Okolní síť\My Web Sites on MSN\target.lnk -> hxxp://www.msnusers.co
ShortcutWithArgument: C:\Users\Mysak\Desktop\Josef - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Software Deals.lnk -> C:\ProgramData\Ashampoo\YourDeals.exe () -> hxxp://linktarget.ashampoo.com/linktarget/?target=marketplace&edition=eid=13472&utm_medium=desktop&x-pos=Metro

==================== Loaded Modules (Whitelisted) =============

2019-01-22 18:38 - 2019-01-22 18:38 - 000044544 _____ () [File not signed] C:\APP\sim\configuration\org.eclipse.osgi\bundles\27\1\.cp\jWinHttp-1.0.0.dll
2019-01-22 18:38 - 2009-05-19 20:09 - 000081920 ____N () [File not signed] C:\APP\SIM\plugins\org.eclipse.equinox.launcher.win32.win32.x86_1.0.200.v20090519\eclipse_1206.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 000010240 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\cs_cz\acrotray.cze
2020-05-30 01:34 - 2020-05-30 01:34 - 000162304 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Locale\cs_cz\PDFMaker\PDFMOfficeAddin.CZE
2012-04-30 19:29 - 2012-04-30 19:29 - 001222656 _____ () [File not signed] C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll
2020-03-09 16:36 - 2018-12-26 22:57 - 000610816 _____ () [File not signed] C:\Program Files (x86)\Web Components\AudioIntercom.dll
2020-03-09 16:36 - 2018-12-26 22:57 - 000138240 _____ () [File not signed] C:\Program Files (x86)\Web Components\AudioRender.dll
2020-03-09 16:36 - 2018-12-26 22:58 - 001273856 _____ () [File not signed] C:\Program Files (x86)\Web Components\NetStream.dll
2020-03-09 16:36 - 2018-12-26 22:57 - 000389632 _____ () [File not signed] C:\Program Files (x86)\Web Components\OpenAL32.dll
2020-03-09 16:36 - 2018-12-26 22:57 - 003764736 _____ () [File not signed] C:\Program Files (x86)\Web Components\PlayCtrl.dll
2020-03-09 16:36 - 2018-12-26 22:57 - 000641536 _____ () [File not signed] C:\Program Files (x86)\Web Components\StreamTransClient.dll
2020-03-09 16:36 - 2018-12-26 22:57 - 001014272 _____ () [File not signed] C:\Program Files (x86)\Web Components\SuperRender.dll
2019-01-24 11:11 - 2019-01-24 11:11 - 000948736 _____ () [File not signed] C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.0.2204.0_x64__rz1tebttyb220\e_sqlite3.dll
2020-10-12 12:05 - 2020-10-12 12:05 - 000114176 _____ () [File not signed] C:\Users\Mysak\AppData\Local\Temp\_MEI91562\_ctypes.pyd
2020-10-12 12:05 - 2020-10-12 12:05 - 000172544 _____ () [File not signed] C:\Users\Mysak\AppData\Local\Temp\_MEI91562\_elementtree.pyd
2020-10-12 12:05 - 2020-10-12 12:05 - 002250240 _____ () [File not signed] C:\Users\Mysak\AppData\Local\Temp\_MEI91562\_hashlib.pyd
2020-10-12 12:05 - 2020-10-12 12:05 - 000032256 _____ () [File not signed] C:\Users\Mysak\AppData\Local\Temp\_MEI91562\_multiprocessing.pyd
2020-10-12 12:05 - 2020-10-12 12:05 - 000046080 _____ () [File not signed] C:\Users\Mysak\AppData\Local\Temp\_MEI91562\_psutil_windows.pyd
2020-10-12 12:05 - 2020-10-12 12:05 - 000047616 _____ () [File not signed] C:\Users\Mysak\AppData\Local\Temp\_MEI91562\_socket.pyd
2020-10-12 12:05 - 2020-10-12 12:05 - 002819584 _____ () [File not signed] C:\Users\Mysak\AppData\Local\Temp\_MEI91562\_ssl.pyd
2020-10-12 12:05 - 2020-10-12 12:05 - 000026112 _____ () [File not signed] C:\Users\Mysak\AppData\Local\Temp\_MEI91562\_yappi.pyd
2020-10-12 12:05 - 2020-10-12 12:05 - 000080896 _____ () [File not signed] C:\Users\Mysak\AppData\Local\Temp\_MEI91562\bz2.pyd
2020-10-12 12:05 - 2020-10-12 12:05 - 000016384 _____ () [File not signed] C:\Users\Mysak\AppData\Local\Temp\_MEI91562\common.time34.pyd
2020-10-12 12:05 - 2020-10-12 12:05 - 000007680 _____ () [File not signed] C:\Users\Mysak\AppData\Local\Temp\_MEI91562\hashobjs_ext.pyd
2020-10-12 12:05 - 2020-10-12 12:05 - 000301568 _____ () [File not signed] C:\Users\Mysak\AppData\Local\Temp\_MEI91562\PIL._imaging.pyd
2020-10-12 12:05 - 2020-10-12 12:05 - 000168448 _____ () [File not signed] C:\Users\Mysak\AppData\Local\Temp\_MEI91562\pyexpat.pyd
2020-10-12 12:05 - 2020-10-12 12:05 - 001084416 _____ () [File not signed] C:\Users\Mysak\AppData\Local\Temp\_MEI91562\pysqlite2._sqlite.pyd
2020-10-12 12:05 - 2020-10-12 12:05 - 000548864 _____ () [File not signed] C:\Users\Mysak\AppData\Local\Temp\_MEI91562\pythoncom27.dll
2020-10-12 12:05 - 2020-10-12 12:05 - 000137728 _____ () [File not signed] C:\Users\Mysak\AppData\Local\Temp\_MEI91562\pywintypes27.dll
2020-10-12 12:05 - 2020-10-12 12:05 - 000010752 _____ () [File not signed] C:\Users\Mysak\AppData\Local\Temp\_MEI91562\select.pyd
2020-10-12 12:05 - 2020-10-12 12:05 - 000020992 _____ () [File not signed] C:\Users\Mysak\AppData\Local\Temp\_MEI91562\thumbnails_ext.pyd
2020-10-12 12:05 - 2020-10-12 12:05 - 000689664 _____ () [File not signed] C:\Users\Mysak\AppData\Local\Temp\_MEI91562\unicodedata.pyd
2020-10-12 12:05 - 2020-10-12 12:05 - 000119808 _____ () [File not signed] C:\Users\Mysak\AppData\Local\Temp\_MEI91562\usb_ext.pyd
2020-10-12 12:05 - 2020-10-12 12:05 - 000128512 _____ () [File not signed] C:\Users\Mysak\AppData\Local\Temp\_MEI91562\win32api.pyd
2020-10-12 12:05 - 2020-10-12 12:05 - 000438784 _____ () [File not signed] C:\Users\Mysak\AppData\Local\Temp\_MEI91562\win32com.shell.shell.pyd
2020-10-12 12:05 - 2020-10-12 12:05 - 000011776 _____ () [File not signed] C:\Users\Mysak\AppData\Local\Temp\_MEI91562\win32crypt.pyd
2020-10-12 12:05 - 2020-10-12 12:05 - 000023040 _____ () [File not signed] C:\Users\Mysak\AppData\Local\Temp\_MEI91562\win32event.pyd
2020-10-12 12:05 - 2020-10-12 12:05 - 000149504 _____ () [File not signed] C:\Users\Mysak\AppData\Local\Temp\_MEI91562\win32file.pyd
2020-10-12 12:05 - 2020-10-12 12:05 - 000223232 _____ () [File not signed] C:\Users\Mysak\AppData\Local\Temp\_MEI91562\win32gui.pyd
2020-10-12 12:05 - 2020-10-12 12:05 - 000048128 _____ () [File not signed] C:\Users\Mysak\AppData\Local\Temp\_MEI91562\win32inet.pyd
2020-10-12 12:05 - 2020-10-12 12:05 - 000029696 _____ () [File not signed] C:\Users\Mysak\AppData\Local\Temp\_MEI91562\win32pdh.pyd
2020-10-12 12:05 - 2020-10-12 12:05 - 000027648 _____ () [File not signed] C:\Users\Mysak\AppData\Local\Temp\_MEI91562\win32pipe.pyd
2020-10-12 12:05 - 2020-10-12 12:05 - 000044032 _____ () [File not signed] C:\Users\Mysak\AppData\Local\Temp\_MEI91562\win32process.pyd
2020-10-12 12:05 - 2020-10-12 12:05 - 000020480 _____ () [File not signed] C:\Users\Mysak\AppData\Local\Temp\_MEI91562\win32profile.pyd
2020-10-12 12:05 - 2020-10-12 12:05 - 000136192 _____ () [File not signed] C:\Users\Mysak\AppData\Local\Temp\_MEI91562\win32security.pyd
2020-10-12 12:05 - 2020-10-12 12:05 - 000026624 _____ () [File not signed] C:\Users\Mysak\AppData\Local\Temp\_MEI91562\win32ts.pyd
2020-10-12 12:05 - 2020-10-12 12:05 - 000034816 _____ () [File not signed] C:\Users\Mysak\AppData\Local\Temp\_MEI91562\windows.conditional.pyd
2020-10-12 12:05 - 2020-10-12 12:05 - 000038400 _____ () [File not signed] C:\Users\Mysak\AppData\Local\Temp\_MEI91562\windows.connectivity.pyd
2020-10-12 12:05 - 2020-10-12 12:05 - 000071680 _____ () [File not signed] C:\Users\Mysak\AppData\Local\Temp\_MEI91562\windows.device_monitor.pyd
2020-10-12 12:05 - 2020-10-12 12:05 - 000109056 _____ () [File not signed] C:\Users\Mysak\AppData\Local\Temp\_MEI91562\windows.volumes.pyd
2020-10-12 12:05 - 2020-10-12 12:05 - 000020480 _____ () [File not signed] C:\Users\Mysak\AppData\Local\Temp\_MEI91562\windows.winwrap.pyd
2020-10-12 12:05 - 2020-10-12 12:05 - 001325056 _____ () [File not signed] C:\Users\Mysak\AppData\Local\Temp\_MEI91562\wx._controls_.pyd
2020-10-12 12:05 - 2020-10-12 12:05 - 001489408 _____ () [File not signed] C:\Users\Mysak\AppData\Local\Temp\_MEI91562\wx._core_.pyd
2020-10-12 12:05 - 2020-10-12 12:05 - 001007104 _____ () [File not signed] C:\Users\Mysak\AppData\Local\Temp\_MEI91562\wx._gdi_.pyd
2020-10-12 12:05 - 2020-10-12 12:05 - 000103424 _____ () [File not signed] C:\Users\Mysak\AppData\Local\Temp\_MEI91562\wx._html2.pyd
2020-10-12 12:05 - 2020-10-12 12:05 - 000916992 _____ () [File not signed] C:\Users\Mysak\AppData\Local\Temp\_MEI91562\wx._misc_.pyd
2020-10-12 12:05 - 2020-10-12 12:05 - 001039872 _____ () [File not signed] C:\Users\Mysak\AppData\Local\Temp\_MEI91562\wx._windows_.pyd
2017-08-15 20:52 - 2011-12-06 16:55 - 000299008 _____ () [File not signed] D:\srv_apps\bbgate\ApacheCore.dll
2019-11-16 09:12 - 2019-11-16 09:12 - 032709632 _____ (Dolby) [File not signed] C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.0.2204.0_x64__rz1tebttyb220\DolbyUWP.dll
2019-01-22 18:39 - 2019-01-22 18:39 - 000077824 _____ (Eclipse Foundation) [File not signed] C:\APP\sim\configuration\org.eclipse.osgi\bundles\82\1\.cp\swt-gdip-win32-3557.dll
2019-01-22 18:39 - 2019-01-22 18:39 - 000348160 _____ (Eclipse Foundation) [File not signed] C:\APP\sim\configuration\org.eclipse.osgi\bundles\82\1\.cp\swt-win32-3557.dll
2009-09-16 19:44 - 2009-09-16 19:44 - 000153088 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hptcpmib.dll
2009-09-16 19:45 - 2009-09-16 19:45 - 000331264 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\HpTcpMon.dll
2009-09-16 12:44 - 2009-09-16 12:44 - 000132096 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hpzjrd01.dll
2014-06-25 00:31 - 2014-06-25 00:31 - 000041472 _____ (Hewlett-Packard Company) [File not signed] [File is in use] C:\Program Files (x86)\HP\HPLaserJetService\HPHTTPProxy.dll
2014-06-25 00:31 - 2014-06-25 00:31 - 000073728 _____ (Hewlett-Packard Company) [File not signed] [File is in use] C:\Program Files (x86)\HP\HPLaserJetService\HPTools.dll
2014-06-25 00:31 - 2014-06-25 00:31 - 001222656 _____ (Hewlett-Packard Company) [File not signed] [File is in use] C:\Program Files (x86)\HP\HPLaserJetService\LEDMXMLObjects.dll
2013-11-15 00:47 - 2013-11-15 00:47 - 000050688 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2013-11-15 00:47 - 2013-11-15 00:47 - 000066048 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2014-06-25 00:31 - 2014-06-25 00:31 - 000034816 _____ (HP) [File not signed] [File is in use] C:\Program Files (x86)\HP\HPLaserJetService\HPServiceCommunicator.dll
2009-09-16 19:45 - 2009-09-16 19:45 - 000317440 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\HPTcpMUI.dll
2020-04-20 07:59 - 2020-04-20 07:59 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\AppVIsvSubsystems32.dll
2020-04-20 07:59 - 2020-04-20 07:59 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll
2020-10-12 12:05 - 2020-10-12 12:05 - 003043328 _____ (Python Software Foundation) [File not signed] C:\Users\Mysak\AppData\Local\Temp\_MEI91562\python27.dll
2019-01-22 18:38 - 2009-10-11 06:17 - 002572288 ____N (Sun Microsystems, Inc.) [File not signed] C:\APP\SIM\jre\bin\client\jvm.dll
2019-01-22 18:38 - 2009-10-11 06:17 - 000015872 ____N (Sun Microsystems, Inc.) [File not signed] C:\APP\SIM\jre\bin\hpi.dll
2019-01-22 18:38 - 2009-10-11 06:17 - 000126976 ____N (Sun Microsystems, Inc.) [File not signed] C:\APP\SIM\jre\bin\java.dll
2019-01-22 18:38 - 2009-10-11 06:17 - 000077824 ____N (Sun Microsystems, Inc.) [File not signed] C:\APP\sim\jre\bin\net.dll
2019-01-22 18:38 - 2009-10-11 06:17 - 000020480 ____N (Sun Microsystems, Inc.) [File not signed] C:\APP\sim\jre\bin\nio.dll
2019-01-22 18:38 - 2009-10-11 06:17 - 000016384 ____N (Sun Microsystems, Inc.) [File not signed] C:\APP\sim\jre\bin\sunmscapi.dll
2019-01-22 18:38 - 2009-10-11 06:17 - 000031744 ____N (Sun Microsystems, Inc.) [File not signed] C:\APP\SIM\jre\bin\verify.dll
2019-01-22 18:38 - 2009-10-11 06:17 - 000047104 ____N (Sun Microsystems, Inc.) [File not signed] C:\APP\SIM\jre\bin\zip.dll
2019-01-22 18:39 - 2008-07-03 11:56 - 000356437 _____ (The Firebird Project) [File not signed] C:\AWRoot\bin\lib\firebird\bin\fbclient.dll
2011-12-06 17:03 - 2011-12-06 17:03 - 000364032 _____ (Volkswagen AG) [File not signed] C:\ElsaWin\bin\vfc10u.dll
2020-10-12 12:05 - 2020-10-12 12:05 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\Mysak\AppData\Local\Temp\_MEI91562\wxbase30u_net_vc90_x64.dll
2020-10-12 12:06 - 2020-10-12 12:06 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\Mysak\AppData\Local\Temp\_MEI91562\wxbase30u_vc90_x64.dll
2020-10-12 12:06 - 2020-10-12 12:06 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\Mysak\AppData\Local\Temp\_MEI91562\wxmsw30u_adv_vc90_x64.dll
2020-10-12 12:06 - 2020-10-12 12:06 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\Mysak\AppData\Local\Temp\_MEI91562\wxmsw30u_core_vc90_x64.dll
2020-10-12 12:06 - 2020-10-12 12:06 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\Mysak\AppData\Local\Temp\_MEI91562\wxmsw30u_html_vc90_x64.dll
2020-10-12 12:06 - 2020-10-12 12:06 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\Mysak\AppData\Local\Temp\_MEI91562\wxmsw30u_webview_vc90_x64.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Mysak\Documents\2016-02-04 15.22.29.jpg:com.dropbox.attributes [1018]
AlternateDataStreams: C:\Users\Mysak\Documents\2016-02-04 15.22.43.jpg:com.dropbox.attributes [1012]
AlternateDataStreams: C:\Users\Mysak\Documents\2016-02-04 15.22.56.jpg:com.dropbox.attributes [1020]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

SearchScopes: HKU\S-1-5-21-1744585618-2728888235-3045379412-1000 -> {15702F17-4503-47A9-8B1C-2BC574203C17} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_37180
SearchScopes: HKU\S-1-5-21-1744585618-2728888235-3045379412-1000 -> {1F563C99-19AC-4EA3-B466-1E2ABC64E4F6} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_37180
SearchScopes: HKU\S-1-5-21-1744585618-2728888235-3045379412-1000 -> {20187E45-4DFA-4D58-93A4-EC1C3AB6B2A1} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-1744585618-2728888235-3045379412-1000 -> {2BEE5A8B-0880-418A-AF5B-97C2C422858A} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-1744585618-2728888235-3045379412-1000 -> {51C1D9FA-FD20-4D49-8EA3-DD56A347BA55} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_37180
SearchScopes: HKU\S-1-5-21-1744585618-2728888235-3045379412-1000 -> {71FDC8F9-2ADB-40D1-8093-0A305ECBA46E} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-1744585618-2728888235-3045379412-1000 -> {746C1140-00DD-43E3-8779-4E8F608B3F91} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-1744585618-2728888235-3045379412-1000 -> {D5903741-35C7-46AB-82AF-1DAAF9340C97} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_37180
SearchScopes: HKU\S-1-5-21-1744585618-2728888235-3045379412-1000 -> {FAFBD6AB-F21E-4305-96AB-2D028D9857C3} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_37180
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2020-04-02] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2020-04-02] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
DPF: HKLM-x32 {64865E5A-E8D7-44C1-89E1-99A84F6E56D0} hxxp://192.168.10.103/VVTK_Plugin_Installer.exe
DPF: HKLM-x32 {73888E2B-FF04-416C-8847-984D7FC4507F} hxxp://192.168.10.105/RtspVaPgDecNew2.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-10-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-10-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-10-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-10-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: vw-wi - {0F3C833F-FB28-40EA-8CB9-6A55B996C3F6} - C:\ElsaWin\bin\wiprot.dll [2011-12-06] (TODO: <Company name>) [File not signed]

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1744585618-2728888235-3045379412-1000\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2020-06-05 10:07 - 2020-06-05 10:08 - 000001031 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 activate.adobe.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\AWRoot\bin\common;C:\AWRoot\bin\lib
HKU\S-1-5-21-1744585618-2728888235-3045379412-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 10.100.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is disabled.

Network Binding:
=============
VMware Network Adapter VMnet1: VMware Bridge Protocol -> vmware_bridge (disabled)
Ethernet: VMware Bridge Protocol -> vmware_bridge (enabled)
Ethernet 2: VMware Bridge Protocol -> vmware_bridge (disabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{77141EB2-00F6-492B-B223-AFD331F6113E}C:\app\ddc\bin\dccfsmrunner.exe] => (Block) C:\app\ddc\bin\dccfsmrunner.exe () [File not signed]
FirewallRules: [TCP Query User{F40050A5-1784-49D5-B9D5-54D077A84EE3}C:\app\ddc\bin\dccfsmrunner.exe] => (Block) C:\app\ddc\bin\dccfsmrunner.exe () [File not signed]
FirewallRules: [UDP Query User{43C0F435-CDE2-429B-8FB1-C1D4A85BFF07}C:\awroot\bin\mmi\diagnostic.exe] => (Block) C:\awroot\bin\mmi\diagnostic.exe (Mozilla Foundation) [File not signed]
FirewallRules: [TCP Query User{896C18F1-E912-4597-93D0-D09EF1DDB2AD}C:\awroot\bin\mmi\diagnostic.exe] => (Block) C:\awroot\bin\mmi\diagnostic.exe (Mozilla Foundation) [File not signed]
FirewallRules: [UDP Query User{E5793077-0274-445E-9083-B1EAA75A7065}C:\awroot\bin\fi\awfinterpreter_vc80.exe] => (Allow) C:\awroot\bin\fi\awfinterpreter_vc80.exe (ACTIA) [File not signed]
FirewallRules: [TCP Query User{F4A7A509-8F80-481E-A87F-B37BAB7D9E89}C:\awroot\bin\fi\awfinterpreter_vc80.exe] => (Allow) C:\awroot\bin\fi\awfinterpreter_vc80.exe (ACTIA) [File not signed]
FirewallRules: [UDP Query User{5EF9610F-38D3-4BA8-8516-02C2E275E781}C:\awroot\bin\common\mcc\mccomm.exe] => (Allow) C:\awroot\bin\common\mcc\mccomm.exe () [File not signed]
FirewallRules: [TCP Query User{DE59282B-4682-4662-B763-F7E4EE64758F}C:\awroot\bin\common\mcc\mccomm.exe] => (Allow) C:\awroot\bin\common\mcc\mccomm.exe () [File not signed]
FirewallRules: [UDP Query User{3192F23A-71A4-49AA-BB1C-B6A5D160D265}C:\awroot\bin\common\rcmd\awrcmd.exe] => (Allow) C:\awroot\bin\common\rcmd\awrcmd.exe (ACTIA) [File not signed]
FirewallRules: [TCP Query User{E9B44DD1-0B95-4521-B3C1-ADE5DB6A11B6}C:\awroot\bin\common\rcmd\awrcmd.exe] => (Allow) C:\awroot\bin\common\rcmd\awrcmd.exe (ACTIA) [File not signed]
FirewallRules: [UDP Query User{24A4B548-2186-4092-8C92-984930DB3AD7}C:\awroot\bin\common\rsvr\awrsrv.exe] => (Allow) C:\awroot\bin\common\rsvr\awrsrv.exe (ACTIA) [File not signed]
FirewallRules: [TCP Query User{50C36D60-32CB-49CB-B9C1-AE97F0BAD7FF}C:\awroot\bin\common\rsvr\awrsrv.exe] => (Allow) C:\awroot\bin\common\rsvr\awrsrv.exe (ACTIA) [File not signed]
FirewallRules: [UDP Query User{5BEECF8D-79FE-4F48-AB18-A6D3B415F1E3}C:\awroot\bin\common\rasrv\awacsserver.exe] => (Allow) C:\awroot\bin\common\rasrv\awacsserver.exe () [File not signed]
FirewallRules: [TCP Query User{1B60AA08-93B5-47F3-B57F-D553375BF9FC}C:\awroot\bin\common\rasrv\awacsserver.exe] => (Allow) C:\awroot\bin\common\rasrv\awacsserver.exe () [File not signed]
FirewallRules: [UDP Query User{DEFEABC0-3DB8-46B1-824E-A68699980FB0}C:\app\ddc\opt\apache\bin\httpd_ddc.exe] => (Allow) C:\app\ddc\opt\apache\bin\httpd_ddc.exe (Apache Software Foundation) [File not signed]
FirewallRules: [TCP Query User{D03CD631-7F29-499D-9602-316A44F016D6}C:\app\ddc\opt\apache\bin\httpd_ddc.exe] => (Allow) C:\app\ddc\opt\apache\bin\httpd_ddc.exe (Apache Software Foundation) [File not signed]
FirewallRules: [UDP Query User{70008AB6-7FA8-49C5-BA9E-2545E97F4841}C:\app\ediag\importedj9\jre\bin\j9w.exe] => (Allow) C:\app\ediag\importedj9\jre\bin\j9w.exe (International Business Machines Corporation) [File not signed]
FirewallRules: [TCP Query User{6ADAD090-0D8A-44F9-888C-54BBDE4D6B8F}C:\app\ediag\importedj9\jre\bin\j9w.exe] => (Allow) C:\app\ediag\importedj9\jre\bin\j9w.exe (International Business Machines Corporation) [File not signed]
FirewallRules: [{0F876E75-967A-465E-88DD-75454C66E792}] => (Allow) LPort=1688
FirewallRules: [{C68A32F0-0037-4650-A4F2-198A2CC548E9}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M225-M226\bin\EWSProxy.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{F5CEFC8E-969C-468A-966B-500380E20A9D}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M225-M226\bin\FaxApplications.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{34C74576-FBCD-4498-BC32-9F49FA06A06A}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M225-M226\bin\DigitalWizards.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{6A78A77A-48A6-4CCF-89A1-C826B3E46416}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M225-M226\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{8E2E50D9-90E2-4B2F-BCCD-1FE0B52BFBF1}] => (Allow) C:\Program Files\HP\HP LaserJet Pro MFP M225-M226\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{C6B4058F-F65B-4007-B88E-04AC5C1DADAC}] => (Allow) C:\Program Files\HP\HP LaserJet Pro MFP M225-M226\bin\FaxPrinterUtility.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{F2C285B9-D6B5-418B-B98F-F58867766794}] => (Allow) C:\Program Files\HP\HP LaserJet Pro MFP M225-M226\bin\SendAFax.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [UDP Query User{213ACC8A-5D90-4777-A85B-ED5B99396A04}C:\ateq\webvt\webvt.exe] => (Block) C:\ateq\webvt\webvt.exe (ATEQ -> ATEQ)
FirewallRules: [TCP Query User{1AAEC648-8503-42AB-8D51-956EC3117048}C:\ateq\webvt\webvt.exe] => (Block) C:\ateq\webvt\webvt.exe (ATEQ -> ATEQ)
FirewallRules: [{4985C888-A6F9-4C54-88BD-0189DEA76DF1}] => (Allow) C:\Program Files (x86)\I+ME Actia GmbH\VAS6154 Driver\VAS6154App.exe => No File
FirewallRules: [{CAACECFB-1614-469A-8411-62D01B5EB199}] => (Allow) C:\ElsaWin\bin\ElsaWin.exe (Volkswagen AG) [File not signed]
FirewallRules: [{187125C1-3E88-4285-81DF-A6DB3A6382A3}] => (Allow) C:\ElsaWin\bin\ElsaWin.exe (Volkswagen AG) [File not signed]
FirewallRules: [TCP Query User{6AD17CA2-3B81-46A9-ABCA-F5558144263F}C:\program files (x86)\smartwizard discovery\smartwizard discovery.exe] => (Allow) C:\program files (x86)\smartwizard discovery\smartwizard discovery.exe => No File
FirewallRules: [UDP Query User{A2267451-BA05-4AE7-9072-3508F59408E4}C:\program files (x86)\smartwizard discovery\smartwizard discovery.exe] => (Allow) C:\program files (x86)\smartwizard discovery\smartwizard discovery.exe => No File
FirewallRules: [{BF8D835E-066A-4488-B7FB-E771269D8691}] => (Allow) C:\Users\Mysak\AppData\Local\Temp\system 32.exe => No File
FirewallRules: [{06F0E9E7-8AE2-4F56-875E-340E0645595A}] => (Allow) C:\Users\Mysak\AppData\Local\Temp\system 32.exe => No File
FirewallRules: [{4B021935-C0C3-4D4D-911A-9550BDE05D02}] => (Allow) C:\Users\Mysak\AppData\Roaming\BitTorrent\BitTorrent.exe => No File
FirewallRules: [{3BF4E763-DDA7-41F9-9B39-B98D8C73299B}] => (Allow) C:\Users\Mysak\AppData\Roaming\BitTorrent\BitTorrent.exe => No File
FirewallRules: [{515BBD11-D4E8-4BE6-90AD-713BBCF3BDAB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BC73445D-5E23-4864-9EAD-473B1357D0D5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BB46877D-10C5-4825-8BA3-460F119DA1DF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5C920837-5886-4975-9FC4-E85AAE33D4F4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F68F9A9A-8730-496A-8496-013201366525}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.) [File not signed]
FirewallRules: [{515A2F2F-58E9-4F1D-84C9-70DDD429A0DD}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.) [File not signed]
FirewallRules: [{4395B76C-E313-4D54-ABB1-0C24D0047934}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe () [File not signed]
FirewallRules: [{8452ED3C-B7AD-4638-9F03-0E5166A32536}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe () [File not signed]
FirewallRules: [{786DCA4A-BF91-4643-BF27-D82DA13F4AAC}] => (Allow) C:\Program Files (x86)\Autel\PassThru\Maxi PC Suit\PCLink.exe (深圳市道通科技股份有限公司 -> Autel)
FirewallRules: [{2ACA57DD-B608-4F39-9EF5-5C22C0F13922}] => (Allow) C:\Program Files (x86)\Autel\PassThru\Maxi PC Suit\PCLink.exe (深圳市道通科技股份有限公司 -> Autel)
FirewallRules: [{16F5CC8F-330A-4694-A3BF-751CA4A317E6}] => (Allow) LPort=5150
FirewallRules: [{17A7C221-547F-4475-B4D0-78536D36C056}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{7C66C479-FE58-4DD2-A1D1-56D2643AEF04}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{53BD8851-09DC-4FF0-8B37-D58D50985519}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A95D0D63-7FB2-4D66-8D67-E91663CD8315}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{3F26A35C-7855-4F7E-B37E-19B0EBB75524}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0E33EE9C-4D38-4430-A199-E0A61D16AE8F}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{94DC0A53-0DE6-430C-A07F-6C7BE743F918}] => (Allow) c:\program files\opera\71.0.3770.198\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{A2DE693B-61BD-4EF7-A4DF-3942845CB297}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{58DC31EA-3ECE-4D1F-A717-8F2D82D935C5}] => (Allow) c:\program files\opera\71.0.3770.228\opera.exe (Opera Software AS -> Opera Software)

==================== Restore Points =========================

21-09-2020 14:54:52 Naplánovaný kontrolní bod
29-09-2020 14:40:13 Windows Update
08-10-2020 08:11:44 Windows Update

==================== Faulty Device Manager Devices ============

Name: VMware Virtual Ethernet Adapter for VMnet1
Description: VMware Virtual Ethernet Adapter for VMnet1
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: VMware Virtual Ethernet Adapter for VMnet8
Description: VMware Virtual Ethernet Adapter for VMnet8
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: ========================

Application errors:
==================
Error: (10/12/2020 12:05:26 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Users\Mysak\AppData\Local\chromium\Application\chrome.exe se nezdařilo.
Závislé sestavení 58.0.3014.0,language="*",type="win32",version="58.0.3014.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (10/12/2020 12:02:39 PM) (Source: BBGate) (EventID: 151) (User: NT AUTHORITY)
Description: COM error at HTTP post for WorkshopOrder

Error: (10/12/2020 12:02:39 PM) (Source: BBGate) (EventID: 151) (User: NT AUTHORITY)
Description: COM error at HTTP post for WorkshopOrder

Error: (10/12/2020 09:41:19 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program PneuServis.exe verze 0.0.0.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 3748

Čas spuštění: 01d6a069fc5ab135

Čas ukončení: 4294967295

Cesta k aplikaci: \\SERVER_PNEU\PneuServis_SQL\PneuServis.exe

ID hlášení: 79067c4d-f7dc-4064-b881-4cc52740ff03

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Top level window is idle

Error: (10/12/2020 09:27:25 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program YourPhone.exe verze 1.20092.108.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 2034

Čas spuštění: 01d6a067b9a6ebb8

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20092.108.0_x64__8wekyb3d8bbwe\YourPhone.exe

ID hlášení: 119a49d8-9596-4279-a35b-9157a38fe4b8

Úplný název balíčku s chybou: Microsoft.YourPhone_1.20092.108.0_x64__8wekyb3d8bbwe

ID aplikace relativní podle balíčku s chybou: App

Typ zablokování: Quiesce

Error: (10/12/2020 09:18:35 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Users\Mysak\AppData\Local\chromium\Application\chrome.exe se nezdařilo.
Závislé sestavení 58.0.3014.0,language="*",type="win32",version="58.0.3014.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (10/12/2020 09:16:28 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).

Error: (10/12/2020 09:14:52 AM) (Source: BBGate) (EventID: 151) (User: NT AUTHORITY)
Description: COM error at HTTP post for WorkshopOrder

System errors:
=============
Error: (10/12/2020 04:31:11 PM) (Source: DCOM) (EventID: 10016) (User: TETREV)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli TETREV\Mysak (SID: S-1-5-21-1744585618-2728888235-3045379412-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/12/2020 03:31:11 PM) (Source: DCOM) (EventID: 10016) (User: TETREV)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli TETREV\Mysak (SID: S-1-5-21-1744585618-2728888235-3045379412-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/12/2020 02:31:11 PM) (Source: DCOM) (EventID: 10016) (User: TETREV)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli TETREV\Mysak (SID: S-1-5-21-1744585618-2728888235-3045379412-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/12/2020 01:31:11 PM) (Source: DCOM) (EventID: 10016) (User: TETREV)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli TETREV\Mysak (SID: S-1-5-21-1744585618-2728888235-3045379412-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/12/2020 12:31:11 PM) (Source: DCOM) (EventID: 10016) (User: TETREV)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli TETREV\Mysak (SID: S-1-5-21-1744585618-2728888235-3045379412-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/12/2020 12:17:46 PM) (Source: DCOM) (EventID: 10016) (User: TETREV)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli TETREV\Mysak (SID: S-1-5-21-1744585618-2728888235-3045379412-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/12/2020 12:11:48 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {B91D5831-B1BD-4608-8198-D72E155020F7} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/12/2020 12:11:41 PM) (Source: DCOM) (EventID: 10016) (User: TETREV)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli TETREV\Mysak (SID: S-1-5-21-1744585618-2728888235-3045379412-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Windows Defender:
===================================
Date: 2020-04-02 19:17:26.842
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: rootcert:_F81F111D0E5AB58D396F7BF525577FD30FDC95AA
Původ zjišťování: Neznámý
Typ zjišťování: Konkrétní
Zdroj zjišťování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze podpisu: AV: 1.313.597.0, AS: 1.313.597.0, NIS: 1.313.597.0
Verze modulu: AM: 1.1.16900.4, NIS: 1.1.16900.4

Date: 2020-04-02 18:58:28.062
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {12E702E4-5760-4E2E-A75B-BFBC9A1A3C66}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-04-02 18:42:53.848
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {F211CD12-2B27-4C18-A036-61BF84683A30}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-04-02 18:11:38.285
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {3800DC81-18BC-4E30-99CB-60B726F93316}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-04-02 16:08:55.334
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {76AD9826-B5E4-47D6-BCE0-8855A2836B6F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-02-28 08:45:41.989
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.309.826.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16700.3
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2020-02-28 08:45:41.989
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.309.826.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16700.3
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2020-02-28 08:45:41.989
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.309.826.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16700.3
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2020-02-28 08:45:41.965
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.309.826.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16700.3
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2020-02-28 08:45:41.965
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.309.826.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16700.3
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

CodeIntegrity:
===================================

Date: 2020-10-12 17:04:35.518
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Avast Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-10-12 17:04:35.330
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Avast Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-10-12 16:59:35.510
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Avast Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-10-12 16:59:35.340
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Avast Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-10-12 16:58:33.786
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Avast Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-10-12 16:58:31.796
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Avast Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-10-12 16:58:31.473
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Avast Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-10-12 16:58:29.215
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Avast Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 0702 10/09/2012
Motherboard: ASUSTeK COMPUTER INC. P8H61-MX USB3
Processor: Intel(R) Core(TM) i3-3210 CPU @ 3.20GHz
Percentage of memory in use: 58%
Total physical RAM: 7884.85 MB
Available physical RAM: 3259.62 MB
Total Virtual: 10316.85 MB
Available Virtual: 4309.09 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:464.83 GB) (Free:94.36 GB) NTFS
Drive d: (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: () (Fixed) (Total:465.22 GB) (Free:113.56 GB) NTFS

\\?\Volume{4057615a-8dea-11e2-9ef5-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{8b5927a5-0000-0000-0000-a05474000000}\ () (Fixed) (Total:0.44 GB) (Free:0.12 GB) NTFS
\\?\Volume{db2b60a6-0000-0000-0000-603b74000000}\ () (Fixed) (Total:0.83 GB) (Free:0.44 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 8B5927A5)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: DB2B60A6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=464.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=853 MB) - (Type=27)

==================== End of Addition.txt =======================

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Mysak\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Mysak\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Mysak\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Mysak\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Mysak\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Mysak\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Mysak\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Mysak\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Mysak\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
C:\Users\Mysak\AppData\Local\Temp
AlternateDataStreams: C:\Users\Mysak\Documents\2016-02-04 15.22.29.jpg:com.dropbox.attributes [1018]
AlternateDataStreams: C:\Users\Mysak\Documents\2016-02-04 15.22.43.jpg:com.dropbox.attributes [1012]
AlternateDataStreams: C:\Users\Mysak\Documents\2016-02-04 15.22.56.jpg:com.dropbox.attributes [1020]
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
FirewallRules: [{4985C888-A6F9-4C54-88BD-0189DEA76DF1}] => (Allow) C:\Program Files (x86)\I+ME Actia GmbH\VAS6154 Driver\VAS6154App.exe => No File
FirewallRules: [{BF8D835E-066A-4488-B7FB-E771269D8691}] => (Allow) C:\Users\Mysak\AppData\Local\Temp\system 32.exe => No File
FirewallRules: [{06F0E9E7-8AE2-4F56-875E-340E0645595A}] => (Allow) C:\Users\Mysak\AppData\Local\Temp\system 32.exe => No File
FirewallRules: [{4B021935-C0C3-4D4D-911A-9550BDE05D02}] => (Allow) C:\Users\Mysak\AppData\Roaming\BitTorrent\BitTorrent.exe => No File
FirewallRules: [{3BF4E763-DDA7-41F9-9B39-B98D8C73299B}] => (Allow) C:\Users\Mysak\AppData\Roaming\BitTorrent\BitTorrent.exe => No File
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1744585618-2728888235-3045379412-1000\...\MountPoints2: {7d4da2ac-2c75-11e6-b9d7-3085a93c5813} - "I:\setup.exe"
HKU\S-1-5-21-1744585618-2728888235-3045379412-1000\...\MountPoints2: {85811611-f5cf-11e7-a474-3085a93c5813} - "G:\setup.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {0971ECC2-F740-4980-87AA-DC4FFB6D2666} - System32\Tasks\KMSAutoNet => C:\ProgramData\KMSAutoS\KMSAuto Net.exe
C:\ProgramData\KMSAutoS
Task: {658A9565-EDE4-4CF0-902E-54EB90F35A98} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-11-28] (Google Inc -> Google Inc.)
Task: {ABE00BFA-AA70-4DC1-AF95-D0244750FE4A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-11-28] (Google Inc -> Google Inc.)
C:\WINDOWS\system32\Tasks\KMSAutoNet

EmptyTemp:
Hosts:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

VIRY.CZ

zasekané PC

zasekané PC

Re: zasekané PC

Re: zasekané PC

Re: zasekané PC

Re: zasekané PC

Re: zasekané PC

Re: zasekané PC

Re: zasekané PC

Re: zasekané PC

Re: zasekané PC

Re: zasekané PC