VIRY.CZ

Dobrý den,
dnes mi volal můj, ode dneška už, bývalý poskytovatel internetového připojení, že jdou ode mě DDOS útoky a spamy. Je pravda, že jsem měl veřejnou IP, abych měl přístup do NASu. Nicméně mám od nového poskytovatele nově neveřejnou IP. Prosím ale o kontrolu logu.

Logfile of random's system information tool 1.10 (written by random/random)
Run by misak at 2020-12-14 15:09:13
Microsoft Windows 10 Home
System drive C: has 593 GB (62%) free of 951 GB
Total RAM: 3966 MB (31% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:09:26, on 14.12.2020
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.18362.0001)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe
C:\Users\misak\AppData\Roaming\uTorrent\utorrent.exe
C:\Program Files (x86)\Gaming Keyboard\Monitor.EXE
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Windows\FixCamera.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Gaming Keyboard\OSD.exe
C:\Program Files (x86)\Dropbox\Client\111.4.472\QtWebEngineProcess.exe
C:\Program Files (x86)\Dropbox\Client\111.4.472\QtWebEngineProcess.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Users\misak\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe
C:\Program Files\trend micro\misak.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: PDFsam Enhanced 5 Helper - {00B64D8C-929B-4A37-AAAC-8A545F1E381E} - C:\Program Files (x86)\PDFsam Enhanced 5\creator\plugins\IEAddin\creator-ie-helper.dll
O2 - BHO: True Key Helper - {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.60\BHO\ie_to_edge_bho.dll
O2 - BHO: PDFsam Enhanced Helper - {6401BC8F-9AD0-430B-BF2C-2A34B0E98466} - C:\Program Files (x86)\PDFsam Enhanced\creator-ie-helper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll
O2 - BHO: PDFsam Enhanced 6 Helper - {861A3991-1B45-4F34-96B4-CE30DD4AB339} - C:\Program Files (x86)\PDFsam Enhanced 6\creator\plugins\IEAddin\creator-ie-helper.dll
O2 - BHO: PDFsam Enhanced 4 Helper - {952B1B0C-7ABC-49DD-8CC8-A7E73675E4F0} - C:\Program Files (x86)\PDFsam Enhanced 4\creator-ie-helper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll
O3 - Toolbar: PDFsam Enhanced Toolbar - {AD42CFE2-C0AD-487E-8224-C2AEF09F4CEB} - C:\Program Files (x86)\PDFsam Enhanced\creator-ie-plugin.dll
O3 - Toolbar: PDFsam Enhanced 4 Toolbar - {C33F5D76-0A77-4A99-8274-54AD52AF7D1B} - C:\Program Files (x86)\PDFsam Enhanced 4\creator-ie-plugin.dll
O3 - Toolbar: PDFsam Enhanced 5 Toolbar - {C690FC06-8B1B-4629-9830-89128CDE82CC} - C:\Program Files (x86)\PDFsam Enhanced 5\creator\plugins\IEAddin\creator-ie-plugin.dll
O3 - Toolbar: True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll
O3 - Toolbar: PDFsam Enhanced 6 Toolbar - {6F5E9294-F682-4F06-8DA6-CA13DF1D8B17} - C:\Program Files (x86)\PDFsam Enhanced 6\creator\plugins\IEAddin\creator-ie-plugin.dll
O4 - HKLM\..\Run: [VICTORY Gaming Keyboard] "C:\Program Files (x86)\Gaming Keyboard\Monitor.exe"
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
O4 - HKLM\..\Run: [tsnp325] C:\WINDOWS\tsnp325.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [TC UP] "C:\Program Files (x86)\TC UP\TCUP64.exe" /wnd=max
O4 - HKLM\..\Run: [MagicPlusHelper] "C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\misak\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [uTorrent] "C:\Users\misak\AppData\Roaming\uTorrent\utorrent.exe"
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [VirtualDiskAutomount] rundll32 "C:\Program Files (x86)\TC UP\PLUGINS\wfx\VirtualDisk\VirtualDisk.wfx",MountAfterReboot
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Volume2] C:\Users\misak\Desktop\Volume2\Volume2.exe
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: TVR Scheduler.lnk = C:\Program Files (x86)\honestech\honestech TVR 2.5\scheduleTV.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Adobe Genuine Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_1ec100 - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DbxSvc - Unknown owner - C:\WINDOWS\system32\DbxSvc.exe (file missing)
O23 - Service: Bentley Dgn Index Service (DgnIndexingService) - Bentley Systems Inc. - C:\Program Files (x86)\Common Files\Bentley Shared\Dgn Index Service\DgnIndexServer.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: DroidExplorer Service (DroidExplorerService) - Ryan Conrad - C:\Program Files\Droid Explorer\DroidExplorer.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: PDF Architect 5 Manager - © pdfforge GmbH. - C:\Program Files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe
O23 - Service: PDFsam Enhanced - Andrea Vacondio - C:\Program Files\PDFsam Enhanced\ws.exe
O23 - Service: PDFsam Enhanced 4 - Andrea Vacondio - C:\Program Files\PDFsam Enhanced 4\ws.exe
O23 - Service: PDFsam Enhanced 4 Creator - Andrea Vacondio - C:\Program Files\PDFsam Enhanced 4\creator-ws.exe
O23 - Service: PDFsam Enhanced 5 - Andrea Vacondio - C:\Program Files\PDFsam Enhanced 5\ws.exe
O23 - Service: PDFsam Enhanced 5 Creator - Andrea Vacondio - C:\Program Files\PDFsam Enhanced 5\creator\common\creator-ws.exe
O23 - Service: PDFsam Enhanced 6 - Andrea Vacondio - C:\Program Files\PDFsam Enhanced 6\ws.exe
O23 - Service: PDFsam Enhanced 6 Creator - Andrea Vacondio - C:\Program Files\PDFsam Enhanced 6\creator\common\creator-ws.exe
O23 - Service: PDFsam Enhanced 6 Update Service - Andrea Vacondio - C:\Program Files\PDFsam Enhanced 6\updater-ws.exe
O23 - Service: PDFsam Enhanced CrashHandler - Andrea Vacondio - C:\Program Files\PDFsam Enhanced\crash-handler-ws.exe
O23 - Service: PDFsam Enhanced Creator - Andrea Vacondio - C:\Program Files\PDFsam Enhanced\creator-ws.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: TeamViewer - TeamViewer Germany GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: McAfee True Key (TrueKey) - McAfee, LLC. - C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe
O23 - Service: McAfee True Key Scheduler (TrueKeyScheduler) - McAfee, LLC. - C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe
O23 - Service: McAfee True Key Helper Service (TrueKeyServiceHelper) - McAfee, LLC. - C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14588 bytes

======Listing Processes======








winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-86d2b3c6-698f-4225-9246-d7947869ea0c -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-6fdc2c45-3ab5-4576-807a-49fa55e67e8c -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-6ad97750-f593-4934-9365-44eac3415b33 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-a7e98acf-6c0a-4e55-891e-e49878094a32 -LifetimeId:498bca20-e6de-4862-98b6-84ac5d1ae264 -DeviceGroupId:WudfDefaultDevicePool -HostArg:0
"fontdrvhost.exe"
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s LSM
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s lfsvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s nsi
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Themes
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s EventSystem
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s SENS

C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s FontCache
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s Dnscache
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s NlaSvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s DispBrokerDesktopSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s netprofm
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s NcdAutoSetup
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s fdPHost
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s FDResPub
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
"C:\Program Files\PDFsam Enhanced 4\creator-ws.exe"
"C:\Program Files\PDFsam Enhanced 5\creator\common\creator-ws.exe"
"C:\Program Files\PDFsam Enhanced\creator-ws.exe"
"C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe"
"C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe"
"C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
"C:\Program Files\PDFsam Enhanced 6\updater-ws.exe"
"C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe"
"C:\Program Files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe"
C:\WINDOWS\system32\DbxSvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s CryptSvc
C:\WINDOWS\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s WdiServiceHost
dashost.exe {d10d457f-f207-42dd-b7310363875620eb}

"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV
"C:\Program Files\PDFsam Enhanced 6\ws.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted -p -s PolicyAgent
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s upnphost
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Browser

C:\WINDOWS\system32\svchost.exe -k LocalService -p -s CDPSvc

"C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe" /c
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc
"C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe"

C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UsoSvc

C:\WINDOWS\System32\svchost.exe -k netsvcs -p

C:\WINDOWS\System32\svchost.exe -k LocalService -p -s LicenseManager
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wuauserv
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-567fdfb2-114c-4385-ab0b-963bcaf11e50 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-d8f46e04-e093-4a2b-b112-a2cc41869280 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-9b314315-e656-4bed-833f-472a39c08286 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-36eae8ce-978b-417b-8067-66a52daa7027 -LifetimeId:9892c9f5-e04d-4108-acca-d0836775dc78 -DeviceGroupId:WpdFsGroup -HostArg:0
sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
"ctfmon.exe"
"C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe"
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\TeamViewer\TeamViewer.exe"
"C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe" -m
C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
"C:\Program Files (x86)\TeamViewer\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer15_Logfile.log
"C:\Program Files (x86)\TeamViewer\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer15_Logfile.log
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20111.125.0_x64__8wekyb3d8bbwe\YourPhone.exe" -ServerName:App.AppX9yct9q388jvt4h7y0gn06smzkxcsnt8m.mca
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\System32\SecurityHealthSystray.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Users\misak\AppData\Roaming\uTorrent\utorrent.exe"
"C:\Program Files (x86)\Gaming Keyboard\Monitor.EXE"
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
"C:\Windows\FixCamera.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" -type:crashpad-handler --no-upload-gzip --no-rate-limit --capture-python --no-identify-client-via-url --database=C:\Users\misak\AppData\Local\Dropbox\Crashpad --metrics-dir=0 --url=https://d.dropbox.com/report_crashpad_minidump --https-pin=0x23,0xf2,0xed,0xff,0x3e,0xde,0x90,0x25,0x9a,0x9e,0x30,0xf4,0xa,0xf8,0xf9,0x12,0xa5,0xe5,0xb3,0x69,0x4e,0x69,0x38,0x44,0x3,0x41,0xf6,0x6,0xe,0x1,0x4f,0xfa --https-pin=0xaf,0xf9,0x88,0x90,0x6d,0xde,0x12,0x95,0x5d,0x9b,0xeb,0xbf,0x92,0x8f,0xdc,0xc3,0x1c,0xce,0x32,0x8d,0x5b,0x93,0x84,0xf2,0x1c,0x89,0x41,0xca,0x26,0xe2,0x3,0x91 --https-pin=0x5a,0x88,0x96,0x47,0x22,0xe,0x54,0xd6,0xbd,0x8a,0x16,0x81,0x72,0x24,0x52,0xb,0xb5,0xc7,0x8e,0x58,0x98,0x4b,0xd5,0x70,0x50,0x63,0x88,0xb9,0xde,0xf,0x7,0x5f --https-pin=0xfe,0xa2,0xb7,0xd6,0x45,0xfb,0xa7,0x3d,0x75,0x3c,0x1e,0xc9,0xa7,0x87,0xc,0x40,0xe1,0xf7,0xb0,0xc5,0x61,0xe9,0x27,0xb9,0x85,0xbf,0x71,0x18,0x66,0xe3,0x6f,0x22 --https-pin=0x76,0xee,0x85,0x90,0x37,0x4c,0x71,0x54,0x37,0xbb,0xca,0x6b,0xba,0x60,0x28,0xea,0xdd,0xe2,0xdc,0x6d,0xbb,0xb8,0xc3,0xf6,0x10,0xe8,0x51,0xf1,0x1d,0x1a,0xb7,0xf5 --https-pin=0x6d,0xbf,0xae,0x0,0xd3,0x7b,0x9c,0xd7,0x3f,0x8f,0xb4,0x7d,0xe6,0x59,0x17,0xaf,0x0,0xe0,0xdd,0xdf,0x42,0xdb,0xce,0xac,0x20,0xc1,0x7c,0x2,0x75,0xee,0x20,0x95 --https-pin=0x1e,0xa3,0xc5,0xe4,0x3e,0xd6,0x6c,0x2d,0xa2,0x98,0x3a,0x42,0xa4,0xa7,0x9b,0x1e,0x90,0x67,0x86,0xce,0x9f,0x1b,0x58,0x62,0x14,0x19,0xa0,0x4,0x63,0xa8,0x7d,0x38 --https-pin=0x87,0xaf,0x34,0xd6,0x6f,0xb3,0xf2,0xfd,0xf3,0x6e,0x9,0x11,0x1e,0x9a,0xba,0x2f,0x6f,0x44,0xb2,0x7,0xf3,0x86,0x3f,0x3d,0xb,0x54,0xb2,0x50,0x23,0x90,0x9a,0xa5 --https-pin=0xbc,0xfb,0x44,0xaa,0xb9,0xad,0x2,0x10,0x15,0x70,0x6b,0x41,0x21,0xea,0x76,0x1c,0x81,0xc9,0xe8,0x89,0x67,0x59,0xf,0x6f,0x94,0xae,0x74,0x4d,0xc8,0x8b,0x78,0xfb --https-pin=0xab,0x98,0x49,0x52,0x76,0xad,0xf1,0xec,0xaf,0xf2,0x8f,0x35,0xc5,0x30,0x48,0x78,0x1e,0x5c,0x17,0x18,0xda,0xb9,0xc8,0xe6,0x7a,0x50,0x4f,0x4f,0x6a,0x51,0x32,0x8f --https-pin=0x49,0x5,0x46,0x66,0x23,0xab,0x41,0x78,0xbe,0x92,0xac,0x5c,0xbd,0x65,0x84,0xf7,0xa1,0xe1,0x7f,0x27,0x65,0x2d,0x5a,0x85,0xaf,0x89,0x50,0x4e,0xa2,0x39,0xaa,0xaa --https-pin=0x56,0x32,0xd9,0x7b,0xfa,0x77,0x5b,0xf3,0xc9,0x9d,0xde,0xa5,0x2f,0xc2,0x55,0x34,0x10,0x86,0x40,0x16,0x72,0x9c,0x52,0xdd,0x65,0x24,0xc8,0xa9,0xc3,0xb4,0x48,0x9f --https-pin=0x2a,0x8f,0x2d,0x8a,0xf0,0xeb,0x12,0x38,0x98,0xf7,0x4c,0x86,0x6a,0xc3,0xfa,0x66,0x90,0x54,0xe2,0x3c,0x17,0xbc,0x7a,0x95,0xbd,0x2,0x34,0x19,0x2d,0xc6,0x35,0xd0 --https-pin=0x32,0xb6,0x4b,0x66,0x72,0x7a,0x20,0x63,0xe4,0x6,0x6f,0x3b,0x95,0x8c,0xb0,0xaa,0xee,0x57,0x6a,0x5e,0xce,0xfd,0x95,0x33,0x99,0xbb,0x88,0x74,0x73,0x1d,0x95,0x87 --https-pin=0xf5,0x3c,0x22,0x5,0x98,0x17,0xdd,0x96,0xf4,0x0,0x65,0x16,0x39,0xd2,0xf8,0x57,0xe2,0x10,0x70,0xa5,0x9a,0xbe,0xd9,0x7,0x94,0x0,0xd9,0xf6,0x95,0x50,0x69,0x0 --https-pin=0x67,0xdc,0x4f,0x32,0xfa,0x10,0xe7,0xd0,0x1a,0x79,0xa0,0x73,0xaa,0xc,0x9e,0x2,0x12,0xec,0x2f,0xfc,0x3d,0x77,0x9e,0xa,0xa7,0xf9,0xc0,0xf0,0xe1,0xc2,0xc8,0x93 --https-pin=0x19,0x6,0xc6,0x12,0x4d,0xbb,0x43,0x85,0x78,0xd0,0xe,0x6,0x6d,0x50,0x54,0xc6,0xc3,0x7f,0xf,0xa6,0x2,0x8c,0x5,0x54,0x5e,0x9,0x94,0xed,0xda,0xec,0x86,0x29 --https-pin=0x1d,0x75,0xd0,0x83,0x1b,0x9e,0x8,0x85,0x39,0x4d,0x32,0xc7,0xa1,0xbf,0xdb,0x3d,0xbc,0x1c,0x28,0xe2,0xb0,0xe8,0x39,0x1f,0xb1,0x35,0x98,0x1d,0xbc,0x5b,0xa9,0x36 --annotation=host_int_account1_boot=5650078009 --annotation=machine_id=18fb51ef-b2a1-4458-9c3a-8852aadd65fc --annotation=platform=win "--annotation=platform_version=10 1909" --initial-client-data=0x284,0x288,0x28c,0x260,0x290,0x70ec75e8,0x70ec7610,0x70ec75f8
"C:\Program Files (x86)\TC UP\TCUP64.exe" /wnd=max
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" -type:exit-monitor -method:collectupload -session-token:c9f29c2c-49fc-4b20-9771-ab9c68bd98fd -target-handle:692 -target-shutdown-event:656 -target-restart-event:608 "-target-command-line:\"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe\" /systemstartup" -python-version:3.7.9 -handler-pipe:\\.\pipe\crashpad_8760_ZDYTNBBWSQEZEWHP
"C:\Program Files (x86)\Gaming Keyboard\OSD.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Dropbox\Client\111.4.472\QtWebEngineProcess.exe" --type=renderer --disable-gpu-memory-buffer-video-frames --enable-threaded-compositing --use-gl=egl --enable-features=AllowContentInitiatedDataUrlNavigations --disable-features=BackgroundFetch,MojoVideoCapture,SurfaceSynchronization,UsePdfCompositorServiceForPrint,UserActivationV2,VizDisplayCompositor --disable-databases --service-pipe-token=1370283768260951185 --lang=cs --webengine-schemes=dbx-local:hs;qrc:sLV --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=1370283768260951185 --renderer-client-id=3 --mojo-platform-channel-handle=6652 /prefetch:1
"C:\Program Files (x86)\Dropbox\Client\111.4.472\QtWebEngineProcess.exe" --type=renderer --disable-gpu-memory-buffer-video-frames --enable-threaded-compositing --use-gl=egl --enable-features=AllowContentInitiatedDataUrlNavigations --disable-features=BackgroundFetch,MojoVideoCapture,SurfaceSynchronization,UsePdfCompositorServiceForPrint,UserActivationV2,VizDisplayCompositor --disable-databases --service-pipe-token=11131715519282933220 --lang=cs --webengine-schemes=dbx-local:hs;qrc:sLV --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=11131715519282933220 --renderer-client-id=4 --mojo-platform-channel-handle=8060 /prefetch:1
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -critical
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.20090.1002.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc

C:\WINDOWS\system32\svchost.exe -k LocalService -p -s WebClient
"C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe" -ServerName:WindowsDefaultLockScreen.AppX7y4nbzq37zn4ks9k7amqjywdat7d3j2z.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s BthAvctpSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts

C:\WINDOWS\System32\WaaSMedicAgent.exe 429e8746cd54dbe72d47a9b15a251eca IZa8/34vMUiMlqhgeV6PPQ.0.1.0.0.0
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13228.41011.0_x64__8wekyb3d8bbwe\HxTsr.exe" -ServerName:Hx.IPC.Server
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\misak\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\misak\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\misak\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=87.0.4280.88 --initial-client-data=0x90,0xf4,0xf8,0xd0,0xfc,0x7fff159f0eb0,0x7fff159f0ec0,0x7fff159f0ed0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1680,16268145006986215462,7087198704178445625,131072 --gpu-preferences=MAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --mojo-platform-channel-handle=1692 /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1680,16268145006986215462,7087198704178445625,131072 --lang=cs --service-sandbox-type=network --mojo-platform-channel-handle=2068 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1680,16268145006986215462,7087198704178445625,131072 --lang=cs --service-sandbox-type=utility --mojo-platform-channel-handle=2356 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1680,16268145006986215462,7087198704178445625,131072 --lang=cs --extension-process --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3788 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1680,16268145006986215462,7087198704178445625,131072 --lang=cs --extension-process --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4068 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1680,16268145006986215462,7087198704178445625,131072 --lang=cs --extension-process --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4140 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1680,16268145006986215462,7087198704178445625,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3192 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1680,16268145006986215462,7087198704178445625,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4604 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1680,16268145006986215462,7087198704178445625,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5816 /prefetch:1
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\WINDOWS\system32\wermgr.exe -upload
"C:\Program Files\CCleaner\CCUpdate.exe"
C:\Windows\system32\msfeedssync.exe sync
C:\Windows\System32\usocoreworker.exe -Embedding
C:\WINDOWS\system32\compattelrunner.exe
C:\WINDOWS\system32\devicecensus.exe
C:\Users\misak\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe" -mode=scheduled
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe" /from_scheduler:1
"C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe"
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s BITS
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1680,16268145006986215462,7087198704178445625,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6244 /prefetch:1
C:\WINDOWS\system32\AUDIODG.EXE 0x240
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 780 784 792 8192 788
C:\WINDOWS\system32\CompatTelRunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun -cv:UWjWLcc3z0aLN69h.1
"C:\Users\misak\Downloads\RSITx64 (1).exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\WINDOWS\tasks\DropboxUpdateTaskMachineCore1d5d6cba22c2779.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\WINDOWS\tasks\DropboxUpdateTaskMachineUA1d5d6cba2571108.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\misak\AppData\Roaming\Mozilla\Firefox\Profiles\4dczc3fl.default

"pdfsam_enhanced_conv@pdfsam.com"=C:\Program Files\PDFsam Enhanced\resources\pdfsamenhancedfirefoxextension\
"pdfsam_enhanced6_conv@pdfsam.com"=C:\Program Files\PDFsam Enhanced 6\creator\plugins\FirefoxAddin\pdfsam_enhanced6_conv@pdfsam.com.xpi


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 25.0.0.127 Plugin
"Path"=C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_25_0_0_127.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.151.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.151.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\PDFsam Enhanced]
"Description"=
"Path"=C:\Program Files (x86)\PDFsam Enhanced\np-previewer.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\PDFsam Enhanced 4]
"Description"=
"Path"=C:\Program Files (x86)\PDFsam Enhanced 4\np-previewer.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 25.0.0.127 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.151.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.151.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\PDFsam Enhanced 5]
"Description"=
"Path"=C:\Program Files\PDFsam Enhanced 5\np-previewer.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00B64D8C-929B-4A37-AAAC-8A545F1E381E}]
PDFsam Enhanced 5 Helper - C:\Program Files\PDFsam Enhanced 5\creator\plugins\IEAddin\creator-ie-helper.dll [2018-06-27 76616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23 1452072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.60\BHO\ie_to_edge_bho_64.dll [2020-12-12 532880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-10-26 571968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{861A3991-1B45-4F34-96B4-CE30DD4AB339}]
PDFsam Enhanced 6 Helper - C:\Program Files\PDFsam Enhanced 6\creator\plugins\IEAddin\creator-ie-helper.dll [2019-10-23 81104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-26 235584]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00B64D8C-929B-4A37-AAAC-8A545F1E381E}]
PDFsam Enhanced 5 Helper - C:\Program Files (x86)\PDFsam Enhanced 5\creator\plugins\IEAddin\creator-ie-helper.dll [2018-06-27 64840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23 1073880]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.60\BHO\ie_to_edge_bho.dll [2020-12-12 414096]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6401BC8F-9AD0-430B-BF2C-2A34B0E98466}]
PDFsam Enhanced Helper - C:\Program Files (x86)\PDFsam Enhanced\creator-ie-helper.dll [2016-07-06 39488]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-10-26 473664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{861A3991-1B45-4F34-96B4-CE30DD4AB339}]
PDFsam Enhanced 6 Helper - C:\Program Files (x86)\PDFsam Enhanced 6\creator\plugins\IEAddin\creator-ie-helper.dll [2019-10-23 68304]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{952B1B0C-7ABC-49DD-8CC8-A7E73675E4F0}]
PDFsam Enhanced 4 Helper - C:\Program Files (x86)\PDFsam Enhanced 4\creator-ie-helper.dll [2017-08-02 64248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-26 187968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{C690FC06-8B1B-4629-9830-89128CDE82CC} - PDFsam Enhanced 5 Toolbar - C:\Program Files\PDFsam Enhanced 5\creator\plugins\IEAddin\creator-ie-plugin.dll [2018-06-27 660808]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23 1452072]
{6F5E9294-F682-4F06-8DA6-CA13DF1D8B17} - PDFsam Enhanced 6 Toolbar - C:\Program Files\PDFsam Enhanced 6\creator\plugins\IEAddin\creator-ie-plugin.dll [2019-10-23 483536]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{AD42CFE2-C0AD-487E-8224-C2AEF09F4CEB} - PDFsam Enhanced Toolbar - C:\Program Files (x86)\PDFsam Enhanced\creator-ie-plugin.dll [2016-07-06 548416]
{C33F5D76-0A77-4A99-8274-54AD52AF7D1B} - PDFsam Enhanced 4 Toolbar - C:\Program Files (x86)\PDFsam Enhanced 4\creator-ie-plugin.dll [2017-08-02 536312]
{C690FC06-8B1B-4629-9830-89128CDE82CC} - PDFsam Enhanced 5 Toolbar - C:\Program Files (x86)\PDFsam Enhanced 5\creator\plugins\IEAddin\creator-ie-plugin.dll [2018-06-27 536904]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23 1073880]
{6F5E9294-F682-4F06-8DA6-CA13DF1D8B17} - PDFsam Enhanced 6 Toolbar - C:\Program Files (x86)\PDFsam Enhanced 6\creator\plugins\IEAddin\creator-ie-plugin.dll [2019-10-23 402640]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2020-07-01 84992]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2015-06-13 8484056]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2018-04-10 509936]
"AdobeGCInvoker-1.0"=C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2020-09-23 3402832]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\misak\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2020-10-29 1938296]
"uTorrent"=C:\Users\misak\AppData\Roaming\uTorrent\utorrent.exe [2015-02-22 416168]
"GoogleDriveSync"=C:\Program Files\Google\Drive\googledrivesync.exe [2020-11-03 50010064]
"VirtualDiskAutomount"=rundll32 C:\Program Files (x86)\TC UP\PLUGINS\wfx\VirtualDisk\VirtualDisk.wfx,MountAfterReboot []
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2016-01-15 4177784]
"Volume2"=C:\Users\misak\Desktop\Volume2\Volume2.exe [2016-02-10 1577984]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2020-12-08 32414392]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"VICTORY Gaming Keyboard"=C:\Program Files (x86)\Gaming Keyboard\Monitor.exe [2013-04-09 270336]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2020-12-01 7992832]
"BrMfcWnd"=C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [2012-09-25 1163264]
"ControlCenter3"=C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [2008-12-24 114688]
"FixCamera"=C:\WINDOWS\FixCamera.exe [2007-02-12 20480]
"tsnp325"=C:\WINDOWS\tsnp325.exe [2007-04-21 270336]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-09-05 587288]
"TC UP"=C:\Program Files (x86)\TC UP\TCUP64.exe [2016-06-29 1833472]
"MagicPlusHelper"=C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe [2016-07-08 2499208]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
TVR Scheduler.lnk - C:\Program Files (x86)\honestech\honestech TVR 2.5\scheduleTV.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
"C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
"C:\Program Files\McAfee\TrueKey\McAfeeTrueKeyPasswordFilter"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinQuic]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - "C:\Program Files (x86)\PSPad editor\PSPad.exe" "%1"

======List of files/folders created in the last 1 month======

2020-12-13 11:48:45 ----D---- C:\ProgramData\AVG
2020-12-09 19:23:26 ----A---- C:\WINDOWS\SYSWOW64\fveapibase.dll
2020-12-09 19:23:26 ----A---- C:\WINDOWS\SYSWOW64\fveapi.dll
2020-12-09 19:23:26 ----A---- C:\WINDOWS\system32\fveapibase.dll
2020-12-09 19:23:26 ----A---- C:\WINDOWS\system32\fveapi.dll
2020-12-09 19:23:25 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2020-12-09 19:23:24 ----A---- C:\WINDOWS\system32\cdp.dll
2020-12-09 19:23:24 ----A---- C:\WINDOWS\system32\AppReadiness.dll
2020-12-09 19:23:14 ----A---- C:\WINDOWS\SYSWOW64\wpdshext.dll
2020-12-09 19:23:14 ----A---- C:\WINDOWS\SYSWOW64\DolbyDecMFT.dll
2020-12-09 19:23:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Streaming.dll
2020-12-09 19:23:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2020-12-09 19:23:13 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
2020-12-09 19:23:13 ----A---- C:\WINDOWS\SYSWOW64\dlnashext.dll
2020-12-09 19:23:12 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Audio.dll
2020-12-09 19:23:12 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2020-12-09 19:23:12 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2020-12-09 19:23:12 ----A---- C:\WINDOWS\system32\SettingsHandlers_AnalogShell.dll
2020-12-09 19:23:12 ----A---- C:\WINDOWS\system32\DolbyDecMFT.dll
2020-12-09 19:23:11 ----A---- C:\WINDOWS\system32\HolographicRuntimes.dll
2020-12-09 19:23:11 ----A---- C:\WINDOWS\system32\HologramCompositor.dll
2020-12-09 19:23:11 ----A---- C:\WINDOWS\system32\DHolographicDisplay.dll
2020-12-09 19:23:10 ----A---- C:\WINDOWS\system32\Hydrogen.dll
2020-12-09 19:23:09 ----A---- C:\WINDOWS\system32\wpdshext.dll
2020-12-09 19:23:09 ----A---- C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-12-09 19:23:09 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2020-12-09 19:23:09 ----A---- C:\WINDOWS\system32\DMRServer.dll
2020-12-09 19:23:09 ----A---- C:\WINDOWS\system32\dlnashext.dll
2020-12-09 19:23:08 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2020-12-09 19:23:08 ----A---- C:\WINDOWS\system32\mfsvr.dll
2020-12-09 19:23:08 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-12-09 19:23:08 ----A---- C:\WINDOWS\system32\mfcore.dll
2020-12-09 19:23:07 ----A---- C:\WINDOWS\system32\Windows.Media.Audio.dll
2020-12-09 19:23:07 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2020-12-09 19:23:06 ----A---- C:\WINDOWS\SYSWOW64\Windows.Mirage.Internal.dll
2020-12-09 19:23:05 ----A---- C:\WINDOWS\SYSWOW64\Windows.Mirage.dll
2020-12-09 19:23:05 ----A---- C:\WINDOWS\SYSWOW64\iemigplugin.dll
2020-12-09 19:23:05 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2020-12-09 19:23:05 ----A---- C:\WINDOWS\SYSWOW64\Chakrathunk.dll
2020-12-09 19:23:05 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2020-12-09 19:23:04 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2020-12-09 19:23:03 ----A---- C:\WINDOWS\SYSWOW64\wsecedit.dll
2020-12-09 19:23:03 ----A---- C:\WINDOWS\SYSWOW64\wecutil.exe
2020-12-09 19:23:03 ----A---- C:\WINDOWS\SYSWOW64\wecapi.dll
2020-12-09 19:23:03 ----A---- C:\WINDOWS\SYSWOW64\packager.dll
2020-12-09 19:23:03 ----A---- C:\WINDOWS\SYSWOW64\net1.exe
2020-12-09 19:23:03 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2020-12-09 19:23:03 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2020-12-09 19:22:59 ----A---- C:\WINDOWS\system32\Spectrum.exe
2020-12-09 19:22:59 ----A---- C:\WINDOWS\system32\RDXTaskFactory.dll
2020-12-09 19:22:59 ----A---- C:\WINDOWS\system32\ListSvc.dll
2020-12-09 19:22:59 ----A---- C:\WINDOWS\system32\dsregcmd.exe
2020-12-09 19:22:58 ----A---- C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2020-12-09 19:22:58 ----A---- C:\WINDOWS\system32\Windows.Mirage.dll
2020-12-09 19:22:58 ----A---- C:\WINDOWS\system32\FsNVSDeviceSource.dll
2020-12-09 19:22:58 ----A---- C:\WINDOWS\system32\drivers\rdpdr.sys
2020-12-09 19:22:58 ----A---- C:\WINDOWS\system32\CMFNVSDeviceBridge.dll
2020-12-09 19:22:57 ----A---- C:\WINDOWS\system32\rdpnano.dll
2020-12-09 19:22:57 ----A---- C:\WINDOWS\system32\iemigplugin.dll
2020-12-09 19:22:57 ----A---- C:\WINDOWS\system32\ieframe.dll
2020-12-09 19:22:57 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2020-12-09 19:22:56 ----A---- C:\WINDOWS\system32\Chakrathunk.dll
2020-12-09 19:22:56 ----A---- C:\WINDOWS\system32\Chakra.dll
2020-12-09 19:22:54 ----A---- C:\WINDOWS\system32\wsecedit.dll
2020-12-09 19:22:54 ----A---- C:\WINDOWS\system32\wecutil.exe
2020-12-09 19:22:54 ----A---- C:\WINDOWS\system32\wecsvc.dll
2020-12-09 19:22:54 ----A---- C:\WINDOWS\system32\wecapi.dll
2020-12-09 19:22:54 ----A---- C:\WINDOWS\system32\StorSvc.dll
2020-12-09 19:22:54 ----A---- C:\WINDOWS\system32\packager.dll
2020-12-09 19:22:54 ----A---- C:\WINDOWS\system32\mshtml.dll
2020-12-09 19:22:54 ----A---- C:\WINDOWS\system32\jscript.dll
2020-12-09 19:22:53 ----A---- C:\WINDOWS\system32\net1.exe
2020-12-09 19:22:53 ----A---- C:\WINDOWS\system32\MDMAppInstaller.exe
2020-12-09 19:22:53 ----A---- C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2020-12-09 19:22:53 ----A---- C:\WINDOWS\system32\edpcsp.dll
2020-12-09 19:22:51 ----A---- C:\WINDOWS\system32\tcbloader.dll
2020-12-09 19:22:51 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2020-12-09 19:22:51 ----A---- C:\WINDOWS\system32\skci.dll
2020-12-09 19:22:51 ----A---- C:\WINDOWS\system32\sdshext.dll
2020-12-09 19:22:51 ----A---- C:\WINDOWS\system32\sdrsvc.dll
2020-12-09 19:22:51 ----A---- C:\WINDOWS\system32\sdengin2.dll
2020-12-09 19:22:51 ----A---- C:\WINDOWS\system32\sdclt.exe
2020-12-09 19:22:50 ----A---- C:\WINDOWS\system32\vertdll.dll
2020-12-09 19:22:50 ----A---- C:\WINDOWS\system32\hvix64.exe
2020-12-09 19:22:50 ----A---- C:\WINDOWS\system32\hvax64.exe
2020-12-09 19:22:49 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.FileExplorer.dll
2020-12-09 19:22:49 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2020-12-09 19:22:49 ----A---- C:\WINDOWS\SYSWOW64\twext.dll
2020-12-09 19:22:49 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2020-12-09 19:22:49 ----A---- C:\WINDOWS\SYSWOW64\rasman.dll
2020-12-09 19:22:49 ----A---- C:\WINDOWS\SYSWOW64\ntshrui.dll
2020-12-09 19:22:49 ----A---- C:\WINDOWS\SYSWOW64\comdlg32.dll
2020-12-09 19:22:48 ----A---- C:\WINDOWS\SYSWOW64\rasapi32.dll
2020-12-09 19:22:48 ----A---- C:\WINDOWS\SYSWOW64\netshell.dll
2020-12-09 19:22:48 ----A---- C:\WINDOWS\SYSWOW64\netid.dll
2020-12-09 19:22:48 ----A---- C:\WINDOWS\SYSWOW64\netcfgx.dll
2020-12-09 19:22:47 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2020-12-09 19:22:47 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2020-12-09 19:22:46 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2020-12-09 19:22:46 ----A---- C:\WINDOWS\SYSWOW64\unenrollhook.dll
2020-12-09 19:22:46 ----A---- C:\WINDOWS\SYSWOW64\omadmapi.dll
2020-12-09 19:22:46 ----A---- C:\WINDOWS\SYSWOW64\mdmlocalmanagement.dll
2020-12-09 19:22:46 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2020-12-09 19:22:46 ----A---- C:\WINDOWS\SYSWOW64\enterpriseresourcemanager.dll
2020-12-09 19:22:46 ----A---- C:\WINDOWS\SYSWOW64\enrollmentapi.dll
2020-12-09 19:22:46 ----A---- C:\WINDOWS\SYSWOW64\dmenrollengine.dll
2020-12-09 19:22:46 ----A---- C:\WINDOWS\SYSWOW64\DMAlertListener.ProxyStub.dll
2020-12-09 19:22:45 ----A---- C:\WINDOWS\SYSWOW64\policymanager.dll
2020-12-09 19:22:45 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2020-12-09 19:22:45 ----A---- C:\WINDOWS\SYSWOW64\gmsaclient.dll
2020-12-09 19:22:45 ----A---- C:\WINDOWS\SYSWOW64\dmcmnutils.dll
2020-12-09 19:22:45 ----A---- C:\WINDOWS\SYSWOW64\dmcfgutils.dll
2020-12-09 19:22:38 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2020-12-09 19:22:38 ----A---- C:\WINDOWS\SYSWOW64\weretw.dll
2020-12-09 19:22:38 ----A---- C:\WINDOWS\SYSWOW64\werdiagcontroller.dll
2020-12-09 19:22:38 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2020-12-09 19:22:38 ----A---- C:\WINDOWS\SYSWOW64\ncryptprov.dll
2020-12-09 19:22:38 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2020-12-09 19:22:38 ----A---- C:\WINDOWS\SYSWOW64\logoncli.dll
2020-12-09 19:22:38 ----A---- C:\WINDOWS\SYSWOW64\dtdump.exe
2020-12-09 19:22:37 ----A---- C:\WINDOWS\SYSWOW64\wldp.dll
2020-12-09 19:22:37 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll
2020-12-09 19:22:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2020-12-09 19:22:37 ----A---- C:\WINDOWS\SYSWOW64\wincorlib.dll
2020-12-09 19:22:37 ----A---- C:\WINDOWS\SYSWOW64\dcomp.dll
2020-12-09 19:22:37 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2020-12-09 19:22:36 ----A---- C:\WINDOWS\SYSWOW64\winipcsecproc.dll
2020-12-09 19:22:36 ----A---- C:\WINDOWS\SYSWOW64\winipcfile.dll
2020-12-09 19:22:36 ----A---- C:\WINDOWS\SYSWOW64\SHCore.dll
2020-12-09 19:22:36 ----A---- C:\WINDOWS\SYSWOW64\shacct.dll
2020-12-09 19:22:36 ----A---- C:\WINDOWS\SYSWOW64\cldapi.dll
2020-12-09 19:22:36 ----A---- C:\WINDOWS\SYSWOW64\CertPolEng.dll
2020-12-09 19:22:36 ----A---- C:\WINDOWS\SYSWOW64\btpanui.dll
2020-12-09 19:22:36 ----A---- C:\WINDOWS\SYSWOW64\AppResolver.dll
2020-12-09 19:22:35 ----A---- C:\WINDOWS\SYSWOW64\winmsipc.dll
2020-12-09 19:22:35 ----A---- C:\WINDOWS\SYSWOW64\win32u.dll
2020-12-09 19:22:35 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2020-12-09 19:22:35 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2020-12-09 19:22:35 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2020-12-09 19:22:35 ----A---- C:\WINDOWS\SYSWOW64\mdmregistration.dll
2020-12-09 19:22:34 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2020-12-09 19:22:34 ----A---- C:\WINDOWS\SYSWOW64\ngccredprov.dll
2020-12-09 19:22:34 ----A---- C:\WINDOWS\SYSWOW64\InstallServiceTasks.dll
2020-12-09 19:22:34 ----A---- C:\WINDOWS\SYSWOW64\InstallService.dll
2020-12-09 19:22:34 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2020-12-09 19:22:34 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2020-12-09 19:22:33 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2020-12-09 19:22:33 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2020-12-09 19:22:33 ----A---- C:\WINDOWS\SYSWOW64\mssprxy.dll
2020-12-09 19:22:33 ----A---- C:\WINDOWS\SYSWOW64\InputHost.dll
2020-12-09 19:22:32 ----A---- C:\WINDOWS\SYSWOW64\UserDeviceRegistration.dll
2020-12-09 19:22:32 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2020-12-09 19:22:32 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2020-12-09 19:22:32 ----A---- C:\WINDOWS\SYSWOW64\SearchFilterHost.exe
2020-12-09 19:22:32 ----A---- C:\WINDOWS\SYSWOW64\Search.ProtocolHandler.MAPI2.dll
2020-12-09 19:22:32 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2020-12-09 19:22:32 ----A---- C:\WINDOWS\SYSWOW64\mssph.dll
2020-12-09 19:22:32 ----A---- C:\WINDOWS\SYSWOW64\mssitlb.dll
2020-12-09 19:22:32 ----A---- C:\WINDOWS\SYSWOW64\msscntrs.dll
2020-12-09 19:22:32 ----A---- C:\WINDOWS\SYSWOW64\dsregtask.dll
2020-12-09 19:22:32 ----A---- C:\WINDOWS\SYSWOW64\ActivationManager.dll
2020-12-09 19:22:31 ----A---- C:\WINDOWS\SYSWOW64\UserDeviceRegistration.Ngc.dll
2020-12-09 19:22:31 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2020-12-09 19:22:31 ----A---- C:\WINDOWS\SYSWOW64\dsreg.dll
2020-12-09 19:22:31 ----A---- C:\WINDOWS\SYSWOW64\directmanipulation.dll
2020-12-09 19:22:31 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2020-12-09 19:22:30 ----A---- C:\WINDOWS\SYSWOW64\Wpc.dll
2020-12-09 19:22:30 ----A---- C:\WINDOWS\SYSWOW64\winshfhc.dll
2020-12-09 19:22:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Input.Inking.dll
2020-12-09 19:22:30 ----A---- C:\WINDOWS\SYSWOW64\TaskSchdPS.dll
2020-12-09 19:22:30 ----A---- C:\WINDOWS\SYSWOW64\taskschd.dll
2020-12-09 19:22:30 ----A---- C:\WINDOWS\SYSWOW64\taskcomp.dll
2020-12-09 19:22:30 ----A---- C:\WINDOWS\SYSWOW64\schtasks.exe
2020-12-09 19:22:30 ----A---- C:\WINDOWS\SYSWOW64\netplwiz.dll
2020-12-09 19:22:30 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2020-12-09 19:22:29 ----A---- C:\WINDOWS\SYSWOW64\SpatialAudioLicenseSrv.exe
2020-12-09 19:22:29 ----A---- C:\WINDOWS\SYSWOW64\sechost.dll
2020-12-09 19:22:29 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2020-12-09 19:22:29 ----A---- C:\WINDOWS\SYSWOW64\FlightSettings.dll
2020-12-09 19:22:29 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2020-12-09 19:22:29 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2020-12-09 19:22:29 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2020-12-09 19:22:28 ----A---- C:\WINDOWS\SYSWOW64\remoteaudioendpoint.dll
2020-12-09 19:22:28 ----A---- C:\WINDOWS\SYSWOW64\OneCoreCommonProxyStub.dll
2020-12-09 19:22:28 ----A---- C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2020-12-09 19:22:28 ----A---- C:\WINDOWS\system32\twext.dll
2020-12-09 19:22:28 ----A---- C:\WINDOWS\system32\comdlg32.dll
2020-12-09 19:22:27 ----A---- C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2020-12-09 19:22:27 ----A---- C:\WINDOWS\system32\vbscript.dll
2020-12-09 19:22:27 ----A---- C:\WINDOWS\system32\RASMM.dll
2020-12-09 19:22:27 ----A---- C:\WINDOWS\system32\rasmans.dll
2020-12-09 19:22:27 ----A---- C:\WINDOWS\system32\rasman.dll
2020-12-09 19:22:27 ----A---- C:\WINDOWS\system32\rascustom.dll
2020-12-09 19:22:27 ----A---- C:\WINDOWS\system32\rasapi32.dll
2020-12-09 19:22:26 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-12-09 19:22:26 ----A---- C:\WINDOWS\system32\netshell.dll
2020-12-09 19:22:26 ----A---- C:\WINDOWS\system32\netcfgx.dll
2020-12-09 19:22:25 ----A---- C:\WINDOWS\system32\netid.dll
2020-12-09 19:22:20 ----A---- C:\WINDOWS\system32\SDDS.dll
2020-12-09 19:22:20 ----A---- C:\WINDOWS\system32\JpnServiceDS.dll
2020-12-09 19:22:20 ----A---- C:\WINDOWS\system32\FilterDS.dll
2020-12-09 19:22:20 ----A---- C:\WINDOWS\system32\DDDS.dll
2020-12-09 19:22:20 ----A---- C:\WINDOWS\system32\BingFilterDS.dll
2020-12-09 19:22:20 ----A---- C:\WINDOWS\system32\BingASDS.dll
2020-12-09 19:22:19 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-12-09 19:22:19 ----A---- C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2020-12-09 19:22:19 ----A---- C:\WINDOWS\system32\profsvcext.dll
2020-12-09 19:22:18 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-12-09 19:22:18 ----A---- C:\WINDOWS\system32\MdmDiagnostics.dll
2020-12-09 19:22:18 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2020-12-09 19:22:18 ----A---- C:\WINDOWS\system32\gdi32full.dll
2020-12-09 19:22:18 ----A---- C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-12-09 19:22:17 ----A---- C:\WINDOWS\system32\unenrollhook.dll
2020-12-09 19:22:17 ----A---- C:\WINDOWS\system32\omadmclient.exe
2020-12-09 19:22:17 ----A---- C:\WINDOWS\system32\omadmapi.dll
2020-12-09 19:22:17 ----A---- C:\WINDOWS\system32\mdmpostprocessevaluator.dll
2020-12-09 19:22:17 ----A---- C:\WINDOWS\system32\mdmmigrator.dll
2020-12-09 19:22:17 ----A---- C:\WINDOWS\system32\mdmlocalmanagement.dll
2020-12-09 19:22:17 ----A---- C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-12-09 19:22:17 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2020-12-09 19:22:17 ----A---- C:\WINDOWS\system32\dmenterprisediagnostics.dll
2020-12-09 19:22:17 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2020-12-09 19:22:16 ----A---- C:\WINDOWS\system32\policymanager.dll
2020-12-09 19:22:16 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2020-12-09 19:22:16 ----A---- C:\WINDOWS\system32\DMPushRouterCore.dll
2020-12-09 19:22:16 ----A---- C:\WINDOWS\system32\dmcsps.dll
2020-12-09 19:22:16 ----A---- C:\WINDOWS\system32\dmcmnutils.dll
2020-12-09 19:22:16 ----A---- C:\WINDOWS\system32\dmcfgutils.dll
2020-12-09 19:22:16 ----A---- C:\WINDOWS\system32\dmcertinst.exe
2020-12-09 19:22:16 ----A---- C:\WINDOWS\system32\coredpus.dll
2020-12-09 19:22:16 ----A---- C:\WINDOWS\system32\configmanager2.dll
2020-12-09 19:22:15 ----A---- C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-09 19:22:15 ----A---- C:\WINDOWS\system32\SecurityHealthService.exe
2020-12-09 19:22:15 ----A---- C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-12-09 19:22:15 ----A---- C:\WINDOWS\system32\SecurityHealthHost.exe
2020-12-09 19:22:15 ----A---- C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-12-09 19:22:15 ----A---- C:\WINDOWS\system32\LogonController.dll
2020-12-09 19:22:15 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2020-12-09 19:22:14 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2020-12-09 19:22:14 ----A---- C:\WINDOWS\SYSWOW64\bcryptprimitives.dll
2020-12-09 19:22:14 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-12-09 19:22:14 ----A---- C:\WINDOWS\system32\netlogon.dll
2020-12-09 19:22:14 ----A---- C:\WINDOWS\system32\gmsaclient.dll
2020-12-09 19:22:14 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2020-12-09 19:22:13 ----A---- C:\WINDOWS\system32\sechost.dll
2020-12-09 19:22:13 ----A---- C:\WINDOWS\system32\KernelBase.dll
2020-12-09 19:22:13 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2020-12-09 19:22:13 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2020-12-09 19:22:13 ----A---- C:\WINDOWS\system32\bcryptprimitives.dll
2020-12-09 19:22:12 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2020-12-09 19:22:12 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2020-12-09 19:22:12 ----A---- C:\WINDOWS\system32\drivers\msrpc.sys
2020-12-09 19:22:11 ----A---- C:\WINDOWS\system32\wermgr.exe
2020-12-09 19:22:11 ----A---- C:\WINDOWS\system32\weretw.dll
2020-12-09 19:22:11 ----A---- C:\WINDOWS\system32\werdiagcontroller.dll
2020-12-09 19:22:11 ----A---- C:\WINDOWS\system32\wer.dll
2020-12-09 19:22:11 ----A---- C:\WINDOWS\system32\runexehelper.exe
2020-12-09 19:22:11 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2020-12-09 19:22:10 ----A---- C:\WINDOWS\system32\utcutil.dll
2020-12-09 19:22:10 ----A---- C:\WINDOWS\system32\offlinelsa.dll
2020-12-09 19:22:10 ----A---- C:\WINDOWS\system32\lsasrv.dll
2020-12-09 19:22:10 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2020-12-09 19:22:10 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2020-12-09 19:22:10 ----A---- C:\WINDOWS\system32\diagtrack.dll
2020-12-09 19:22:09 ----A---- C:\WINDOWS\system32\WinTypes.dll
2020-12-09 19:22:09 ----A---- C:\WINDOWS\system32\wincorlib.dll
2020-12-09 19:22:09 ----A---- C:\WINDOWS\system32\rpcss.dll
2020-12-09 19:22:09 ----A---- C:\WINDOWS\system32\ncryptprov.dll
2020-12-09 19:22:09 ----A---- C:\WINDOWS\system32\msv1_0.dll
2020-12-09 19:22:09 ----A---- C:\WINDOWS\system32\logoncli.dll
2020-12-09 19:22:08 ----A---- C:\WINDOWS\system32\WPTaskScheduler.dll
2020-12-09 19:22:08 ----A---- C:\WINDOWS\system32\wldp.dll
2020-12-09 19:22:08 ----A---- C:\WINDOWS\system32\TaskSchdPS.dll
2020-12-09 19:22:08 ----A---- C:\WINDOWS\system32\taskschd.dll
2020-12-09 19:22:08 ----A---- C:\WINDOWS\system32\taskcomp.dll
2020-12-09 19:22:08 ----A---- C:\WINDOWS\system32\schedsvc.dll
2020-12-09 19:22:08 ----A---- C:\WINDOWS\system32\combase.dll
2020-12-09 19:22:08 ----A---- C:\WINDOWS\system32\ci.dll
2020-12-09 19:22:08 ----A---- C:\WINDOWS\system32\bcrypt.dll
2020-12-09 19:22:07 ----A---- C:\WINDOWS\system32\taskhostw.exe
2020-12-09 19:22:07 ----A---- C:\WINDOWS\system32\sppobjs.dll
2020-12-09 19:22:07 ----A---- C:\WINDOWS\system32\schtasks.exe
2020-12-09 19:22:06 ----A---- C:\WINDOWS\system32\shell32.dll
2020-12-09 19:22:06 ----A---- C:\WINDOWS\system32\ntshrui.dll
2020-12-09 19:22:05 ----A---- C:\WINDOWS\system32\winresume.exe
2020-12-09 19:22:05 ----A---- C:\WINDOWS\system32\uDWM.dll
2020-12-09 19:22:05 ----A---- C:\WINDOWS\system32\drivers\wof.sys
2020-12-09 19:22:05 ----A---- C:\WINDOWS\system32\drivers\cldflt.sys
2020-12-09 19:22:05 ----A---- C:\WINDOWS\system32\dcomp.dll
2020-12-09 19:22:05 ----A---- C:\WINDOWS\system32\CertPolEng.dll
2020-12-09 19:22:04 ----A---- C:\WINDOWS\system32\winload.exe
2020-12-09 19:22:04 ----A---- C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
2020-12-09 19:22:04 ----A---- C:\WINDOWS\system32\shacct.dll
2020-12-09 19:22:04 ----A---- C:\WINDOWS\system32\cldapi.dll
2020-12-09 19:22:04 ----A---- C:\WINDOWS\system32\btpanui.dll
2020-12-09 19:21:55 ----A---- C:\WINDOWS\system32\Windows.SharedPC.CredentialProvider.dll
2020-12-09 19:21:55 ----A---- C:\WINDOWS\system32\UsoClient.exe
2020-12-09 19:21:55 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2020-12-09 19:21:55 ----A---- C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-12-09 19:21:55 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-12-09 19:21:55 ----A---- C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2020-12-09 19:21:55 ----A---- C:\WINDOWS\system32\AppResolver.dll
2020-12-09 19:21:54 ----A---- C:\WINDOWS\system32\winipcsecproc.dll
2020-12-09 19:21:54 ----A---- C:\WINDOWS\system32\winipcfile.dll
2020-12-09 19:21:54 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2020-12-09 19:21:54 ----A---- C:\WINDOWS\system32\usosvc.dll
2020-12-09 19:21:54 ----A---- C:\WINDOWS\system32\usocoreworker.exe
2020-12-09 19:21:54 ----A---- C:\WINDOWS\system32\SHCore.dll
2020-12-09 19:21:54 ----A---- C:\WINDOWS\system32\RasMediaManager.dll
2020-12-09 19:21:53 ----A---- C:\WINDOWS\system32\winmsipc.dll
2020-12-09 19:21:53 ----A---- C:\WINDOWS\system32\win32u.dll
2020-12-09 19:21:53 ----A---- C:\WINDOWS\system32\win32kfull.sys
2020-12-09 19:21:53 ----A---- C:\WINDOWS\system32\win32k.sys
2020-12-09 19:21:53 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2020-12-09 19:21:53 ----A---- C:\WINDOWS\system32\drivers\bindflt.sys
2020-12-09 19:21:53 ----A---- C:\WINDOWS\system32\bindflt.dll
2020-12-09 19:21:52 ----A---- C:\WINDOWS\system32\wintrust.dll
2020-12-09 19:21:52 ----A---- C:\WINDOWS\system32\user32.dll
2020-12-09 19:21:52 ----A---- C:\WINDOWS\system32\fwmdmcsp.dll
2020-12-09 19:21:51 ----A---- C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-12-09 19:21:51 ----A---- C:\WINDOWS\system32\WaaSMedicPS.dll
2020-12-09 19:21:51 ----A---- C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-12-09 19:21:51 ----A---- C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-12-09 19:21:51 ----A---- C:\WINDOWS\system32\InstallServiceTasks.dll
2020-12-09 19:21:51 ----A---- C:\WINDOWS\system32\InstallService.dll
2020-12-09 19:21:51 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-12-09 19:21:50 ----A---- C:\WINDOWS\system32\tquery.dll
2020-12-09 19:21:50 ----A---- C:\WINDOWS\system32\mssrch.dll
2020-12-09 19:21:50 ----A---- C:\WINDOWS\system32\mssprxy.dll
2020-12-09 19:21:50 ----A---- C:\WINDOWS\system32\InputHost.dll
2020-12-09 19:21:49 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2020-12-09 19:21:49 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2020-12-09 19:21:49 ----A---- C:\WINDOWS\system32\SearchFilterHost.exe
2020-12-09 19:21:49 ----A---- C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-12-09 19:21:49 ----A---- C:\WINDOWS\system32\mssvp.dll
2020-12-09 19:21:49 ----A---- C:\WINDOWS\system32\mssph.dll
2020-12-09 19:21:49 ----A---- C:\WINDOWS\system32\mssitlb.dll
2020-12-09 19:21:49 ----A---- C:\WINDOWS\system32\msscntrs.dll
2020-12-09 19:21:48 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2020-12-09 19:21:48 ----A---- C:\WINDOWS\system32\dosvc.dll
2020-12-09 19:21:48 ----A---- C:\WINDOWS\system32\domgmt.dll
2020-12-09 19:21:47 ----A---- C:\WINDOWS\system32\win32kbase.sys
2020-12-09 19:21:47 ----A---- C:\WINDOWS\system32\ngccredprov.dll
2020-12-09 19:21:47 ----A---- C:\WINDOWS\system32\gdi32.dll
2020-12-09 19:21:47 ----A---- C:\WINDOWS\system32\drivers\watchdog.sys
2020-12-09 19:21:47 ----A---- C:\WINDOWS\system32\drivers\ClipSp.sys
2020-12-09 19:21:47 ----A---- C:\WINDOWS\system32\ActivationManager.dll
2020-12-09 19:21:46 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2020-12-09 19:21:46 ----A---- C:\WINDOWS\system32\directmanipulation.dll
2020-12-09 19:21:46 ----A---- C:\WINDOWS\system32\CustomInstallExec.exe
2020-12-09 19:21:46 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-12-09 19:21:46 ----A---- C:\WINDOWS\system32\aadtb.dll
2020-12-09 19:21:45 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-12-09 19:21:45 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-12-09 19:21:45 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-12-09 19:21:45 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-12-09 19:21:45 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2020-12-09 19:21:44 ----A---- C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2020-12-09 19:21:44 ----A---- C:\WINDOWS\system32\netplwiz.dll
2020-12-09 19:21:43 ----A---- C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-12-09 19:21:43 ----A---- C:\WINDOWS\system32\winshfhc.dll
2020-12-09 19:21:43 ----A---- C:\WINDOWS\system32\WiFiConfigSP.dll
2020-12-09 19:21:43 ----A---- C:\WINDOWS\system32\StartTileData.dll
2020-12-09 19:21:43 ----A---- C:\WINDOWS\system32\pkeyhelper.dll
2020-12-09 19:21:43 ----A---- C:\WINDOWS\system32\dsregtask.dll
2020-12-09 19:21:43 ----A---- C:\WINDOWS\system32\dafWfdProvider.dll
2020-12-09 19:21:42 ----A---- C:\WINDOWS\system32\wmicmiplugin.dll
2020-12-09 19:21:42 ----A---- C:\WINDOWS\system32\UtcDecoderHost.exe
2020-12-09 19:21:42 ----A---- C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2020-12-09 19:21:42 ----A---- C:\WINDOWS\system32\UserDeviceRegistration.dll
2020-12-09 19:21:42 ----A---- C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2020-12-09 19:21:42 ----A---- C:\WINDOWS\system32\netman.dll
2020-12-09 19:21:42 ----A---- C:\WINDOWS\system32\localspl.dll
2020-12-09 19:21:42 ----A---- C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-12-09 19:21:42 ----A---- C:\WINDOWS\system32\dsreg.dll
2020-12-09 19:21:41 ----A---- C:\WINDOWS\system32\WpcTok.exe
2020-12-09 19:21:41 ----A---- C:\WINDOWS\system32\WpcMon.exe
2020-12-09 19:21:41 ----A---- C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-12-09 19:21:41 ----A---- C:\WINDOWS\system32\Wpc.dll
2020-12-09 19:21:41 ----A---- C:\WINDOWS\system32\spoolsv.exe
2020-12-09 19:21:41 ----A---- C:\WINDOWS\splwow64.exe
2020-12-09 19:21:40 ----A---- C:\WINDOWS\system32\WpcRefreshTask.dll
2020-12-09 19:21:40 ----A---- C:\WINDOWS\system32\RjvMDMConfig.dll
2020-12-09 19:21:40 ----A---- C:\WINDOWS\system32\MDMAgent.exe
2020-12-09 19:21:40 ----A---- C:\WINDOWS\system32\FlightSettings.dll
2020-12-09 19:21:40 ----A---- C:\WINDOWS\system32\audioresourceregistrar.dll
2020-12-09 19:21:40 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2020-12-09 19:21:40 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-12-09 19:21:40 ----A---- C:\WINDOWS\system32\audiodg.exe
2020-12-09 19:21:39 ----A---- C:\WINDOWS\system32\Windows.Management.Service.dll
2020-12-09 19:21:39 ----A---- C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-12-09 19:21:39 ----A---- C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-12-09 19:21:39 ----A---- C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-12-09 19:21:39 ----A---- C:\WINDOWS\system32\autopilot.dll
2020-12-09 19:21:39 ----A---- C:\WINDOWS\system32\audiosrv.dll
2020-12-09 19:21:39 ----A---- C:\WINDOWS\system32\AudioSes.dll
2020-12-09 19:21:39 ----A---- C:\WINDOWS\system32\AudioEng.dll
2020-12-09 19:21:38 ----A---- C:\WINDOWS\system32\OneCoreCommonProxyStub.dll
2020-12-09 19:21:38 ----A---- C:\WINDOWS\system32\ManageCI.dll
2020-12-06 15:50:34 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2020-12-06 15:36:25 ----D---- C:\WINDOWS\Minidump
2020-12-01 23:10:50 ----A---- C:\WINDOWS\system32\drivers\dbx-stable.sys
2020-12-01 23:10:50 ----A---- C:\WINDOWS\system32\drivers\dbx-dev.sys
2020-12-01 23:10:50 ----A---- C:\WINDOWS\system32\drivers\dbx-canary.sys
2020-12-01 23:10:50 ----A---- C:\WINDOWS\system32\DbxSvc.exe

======List of files/folders modified in the last 1 month======

2020-12-14 15:09:21 ----D---- C:\WINDOWS\Temp
2020-12-14 15:09:19 ----D---- C:\Program Files\trend micro
2020-12-14 15:09:07 ----D---- C:\WINDOWS\Prefetch
2020-12-14 15:07:37 ----D---- C:\WINDOWS\system32\sru
2020-12-14 15:04:34 ----D---- C:\WINDOWS\system32\SleepStudy
2020-12-14 15:04:34 ----D---- C:\Users\misak\AppData\Roaming\uTorrent
2020-12-13 19:59:30 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2020-12-13 17:31:59 ----AD---- C:\Program Files\CCleaner
2020-12-13 17:31:10 ----D---- C:\WINDOWS\System32
2020-12-13 17:31:10 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2020-12-13 17:30:55 ----D---- C:\Windows
2020-12-13 17:30:53 ----D---- C:\WINDOWS\INF
2020-12-13 14:43:01 ----D---- C:\WINDOWS\AppReadiness
2020-12-13 13:58:33 ----SHD---- C:\System Volume Information
2020-12-13 13:38:21 ----AD---- C:\Program Files (x86)\TeamViewer
2020-12-13 13:37:58 ----D---- C:\Program Files
2020-12-13 13:37:53 ----SHD---- C:\Config.Msi
2020-12-13 13:37:53 ----D---- C:\WINDOWS\system32\drivers
2020-12-13 13:37:53 ----D---- C:\Program Files\Common Files
2020-12-13 12:39:38 ----D---- C:\WINDOWS\system32\Tasks
2020-12-13 12:22:54 ----SHDC---- C:\WINDOWS\Installer
2020-12-13 12:22:54 ----RD---- C:\Program Files (x86)
2020-12-13 12:09:07 ----D---- C:\Program Files (x86)\Common Files
2020-12-13 12:08:25 ----D---- C:\WINDOWS\system32\catroot2
2020-12-13 12:04:32 ----D---- C:\Users\misak\AppData\Roaming\TeamViewer
2020-12-13 11:57:38 ----DC---- C:\WINDOWS\Panther
2020-12-13 11:57:37 ----D---- C:\WINDOWS\debug
2020-12-13 11:50:49 ----HD---- C:\WINDOWS\ELAMBKUP
2020-12-13 11:50:45 ----SHD---- C:\Recovery
2020-12-13 11:49:40 ----D---- C:\TEMP
2020-12-13 11:48:45 ----HD---- C:\ProgramData
2020-12-13 06:58:31 ----D---- C:\WINDOWS\Logs
2020-12-13 04:25:07 ----RD---- C:\WINDOWS\Microsoft.NET
2020-12-12 08:54:34 ----D---- C:\WINDOWS\system32\config
2020-12-12 05:13:16 ----HD---- C:\Program Files\WindowsApps
2020-12-11 00:26:02 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-11 00:23:30 ----D---- C:\WINDOWS\WinSxS
2020-12-11 00:21:45 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2020-12-11 00:19:32 ----D---- C:\WINDOWS\SYSWOW64\migration
2020-12-11 00:19:32 ----D---- C:\WINDOWS\SYSWOW64\en-US
2020-12-11 00:19:32 ----D---- C:\WINDOWS\SYSWOW64\Dism
2020-12-11 00:19:32 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2020-12-11 00:19:32 ----D---- C:\WINDOWS\SysWOW64
2020-12-11 00:19:22 ----D---- C:\WINDOWS\SystemResources
2020-12-11 00:19:22 ----D---- C:\WINDOWS\system32\zh-TW
2020-12-11 00:19:22 ----D---- C:\WINDOWS\system32\oobe
2020-12-11 00:19:21 ----D---- C:\WINDOWS\system32\migration
2020-12-11 00:19:21 ----D---- C:\WINDOWS\system32\en-US
2020-12-11 00:19:20 ----D---- C:\WINDOWS\system32\drivers\en-US
2020-12-11 00:19:20 ----D---- C:\WINDOWS\system32\Dism
2020-12-11 00:19:19 ----D---- C:\WINDOWS\system32\cs-CZ
2020-12-11 00:19:19 ----D---- C:\WINDOWS\system32\Boot
2020-12-11 00:19:02 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2020-12-11 00:19:02 ----D---- C:\WINDOWS\ShellExperiences
2020-12-11 00:19:02 ----D---- C:\WINDOWS\bcastdvr
2020-12-11 00:19:02 ----D---- C:\WINDOWS\apppatch
2020-12-11 00:19:01 ----D---- C:\Program Files\Windows Defender
2020-12-11 00:19:01 ----D---- C:\Program Files (x86)\Windows Defender
2020-12-11 00:18:52 ----D---- C:\WINDOWS\system32\DriverStore
2020-12-09 19:30:05 ----D---- C:\WINDOWS\CbsTemp
2020-12-09 18:00:47 ----D---- C:\WINDOWS\system32\LogFiles
2020-12-06 16:04:50 ----D---- C:\Program Files (x86)\Dropbox
2020-12-06 15:52:09 ----D---- C:\WINDOWS\system32\drivers\wd
2020-11-20 18:24:55 ----D---- C:\WINDOWS\system32\Logs
2020-11-20 18:24:54 ----D---- C:\Program Files\Microsoft Update Health Tools
2020-11-15 10:14:09 ----AD---- C:\VKM5

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2019-03-19 56632]
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\WINDOWS\system32\drivers\SgrmAgent.sys [2019-03-19 89096]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2020-08-13 40960]
R1 AsIO;AsIO; C:\WINDOWS\SysWow64\drivers\AsIO.sys [2014-01-28 15232]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2019-03-19 70456]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2019-03-19 59392]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2019-03-19 8704]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2020-12-09 457216]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2019-03-19 53760]
R3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2020-12-09 117064]
R3 dtlitescsibus;@oem23.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2016-02-29 30264]
R3 dtliteusbbus;@oem78.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2016-02-29 47672]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2017-10-20 7963632]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-06-19 4496600]
R3 MEIx64;@oem7.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2017-10-17 206496]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2019-03-19 662528]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2019-03-19 42808]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2019-03-19 319528]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2019-03-19 885048]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2019-03-19 148520]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2019-03-19 124448]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2019-03-19 128528]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2019-03-19 75280]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2019-03-19 94736]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2019-03-19 58896]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2019-03-19 68624]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2019-03-19 41784]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2020-07-01 151352]
S2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys [2005-06-14 296448]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2019-03-19 20992]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys [2020-07-01 337920]
S3 amdgpio2;@amdgpio2.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio2.sys [2019-03-19 18432]
S3 amdi2c;@amdi2c.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\WINDOWS\System32\drivers\amdi2c.sys [2019-03-19 37888]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2020-10-14 18432]
S3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys [2020-07-01 231936]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2020-07-01 114688]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2019-03-19 97280]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2020-07-01 36864]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2020-07-01 1428992]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2020-07-01 99328]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2019-03-19 43008]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2019-03-19 64312]
S3 FreshIO;FreshIO; \??\C:\Program Files (x86)\FreshDevices\FreshDiagnose\FreshIO.sys [2004-10-26 2410]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_b9c53b80e63af230\genericusbfn.sys [2020-07-01 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2019-03-19 53560]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2020-10-14 64512]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2020-11-11 84280]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2019-03-19 28672]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2019-03-19 1866768]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2019-03-19 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2019-03-19 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2019-03-19 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2019-03-19 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2019-03-19 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2019-03-19 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2019-03-19 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2019-03-19 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [2019-03-19 180736]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [2019-03-19 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2019-03-19 566800]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2019-03-19 46592]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel Power Limit Driver; C:\WINDOWS\System32\drivers\intelpmax.sys [2019-03-19 28672]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2019-03-19 54584]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2019-03-19 535864]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2019-03-19 62264]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2020-07-01 359424]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2019-03-19 64512]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2019-03-19 1150480]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2019-03-19 153616]
S3 NDKPing;NDKPing Driver; C:\WINDOWS\system32\drivers\NDKPing.sys [2019-03-19 63488]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2019-03-19 187904]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2019-03-19 158520]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfdx64.sys [2012-06-11 26112]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2020-11-11 97088]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2019-03-19 127800]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2019-03-19 17408]
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [2019-03-19 25600]
S3 ptun0901;TAP Adapter V9 for Private Tunnel; C:\WINDOWS\System32\drivers\ptun0901.sys [2016-06-15 27136]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2020-07-01 986936]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2019-03-19 211456]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2019-03-19 113152]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2019-03-19 33592]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2019-03-19 32568]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2020-11-03 170056]
R2 AGMService;Adobe Genuine Monitor Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2020-09-23 3739728]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2020-09-23 3511376]
R2 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [2014-01-28 936728]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 CDPUserSvc_1ec100;Uživatelská služba platformy připojených zařízení_1ec100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 DbxSvc;DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [2020-12-01 44552]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2017-10-20 365040]
R2 OneSyncSvc_1ec100;Hostitel synchronizace_1ec100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 PDF Architect 5 Manager;PDF Architect 5 Manager; C:\Program Files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe [2017-05-16 985848]
R2 PDFsam Enhanced 4 Creator;PDFsam Enhanced 4 Creator; C:\Program Files\PDFsam Enhanced 4\creator-ws.exe [2017-08-02 757496]
R2 PDFsam Enhanced 5 Creator;PDFsam Enhanced 5 Creator; C:\Program Files\PDFsam Enhanced 5\creator\common\creator-ws.exe [2018-06-27 758600]
R2 PDFsam Enhanced 6 Update Service;PDFsam Enhanced 6 Update Service; C:\Program Files\PDFsam Enhanced 6\updater-ws.exe [2019-10-23 1716944]
R2 PDFsam Enhanced Creator;PDFsam Enhanced Creator; C:\Program Files\PDFsam Enhanced\creator-ws.exe [2016-07-06 734272]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 cbdhsvc_1ec100;Uživatelská služba schránky_1ec100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2020-07-01 43704]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 PDFsam Enhanced 6;PDFsam Enhanced 6; C:\Program Files\PDFsam Enhanced 6\ws.exe [2019-10-23 2464464]
R3 PimIndexMaintenanceSvc_1ec100;Data kontaktů_1ec100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2020-12-09 942104]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-09-09 143144]
S2 DroidExplorerService;DroidExplorer Service; C:\Program Files\Droid Explorer\DroidExplorer.Service.exe [2015-09-18 257024]
S2 edgeupdate;Služba Microsoft Edge Update (edgeupdate); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-06 224160]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-30 144200]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AarSvc_1ec100;Agent Activation Runtime_1ec100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-17 271960]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BcastDVRUserService_1ec100;Uživatelská služba pro GameDVR a vysílání her_1ec100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BluetoothUserService_1ec100;Služba pro podporu uživatelů Bluetooth_1ec100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 CaptureService_1ec100;CaptureService_1ec100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 ConsentUxUserSvc_1ec100;ConsentUX_1ec100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2017-10-20 494056]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2020-10-14 381656]
S3 CredentialEnrollmentManagerUserSvc_1ec100;CredentialEnrollmentManagerUserSvc_1ec100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2020-10-14 381656]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-09-09 143144]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DeviceAssociationBrokerSvc_1ec100;DeviceAssociationBroker_1ec100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicePickerUserSvc_1ec100;DevicePicker_1ec100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicesFlowUserSvc_1ec100;Tok zařízení_1ec100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DgnIndexingService;Bentley Dgn Index Service; C:\Program Files (x86)\Common Files\Bentley Shared\Dgn Index Service\DgnIndexServer.exe [2012-04-13 137728]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2020-09-08 97792]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2016-01-15 1369464]
S3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 edgeupdatem;Služba Microsoft Edge Update (edgeupdatem); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-06 224160]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\elevation_service.exe [2020-12-02 1426928]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-30 144200]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 MessagingService_1ec100;Služba zasílání zpráv_1ec100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 MicrosoftEdgeElevationService;Microsoft Edge Elevation Service; C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.60\elevation_service.exe [2020-12-12 1573776]
S3 MixedRealityOpenXRSvc;@%SystemRoot%\system32\MixedRealityRuntime.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2020-12-06 220368]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 PDFsam Enhanced 4;PDFsam Enhanced 4; C:\Program Files\PDFsam Enhanced 4\ws.exe [2017-08-02 2005744]
S3 PDFsam Enhanced 5;PDFsam Enhanced 5; C:\Program Files\PDFsam Enhanced 5\ws.exe [2018-06-27 2004808]
S3 PDFsam Enhanced 6 Creator;PDFsam Enhanced 6 Creator; C:\Program Files\PDFsam Enhanced 6\creator\common\creator-ws.exe [2019-10-23 577232]
S3 PDFsam Enhanced CrashHandler;PDFsam Enhanced CrashHandler; C:\Program Files\PDFsam Enhanced\crash-handler-ws.exe [2016-07-06 921664]
S3 PDFsam Enhanced;PDFsam Enhanced; C:\Program Files\PDFsam Enhanced\ws.exe [2016-07-06 2322496]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2019-03-19 103424]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PrintWorkflowUserSvc_1ec100;PrintWorkflow_1ec100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2019-03-19 1264128]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]

-----------------EOF-----------------

Zdravím!
Dejte logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 . RSIT není s desítkami plně kompatibilní.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2020
Ran by misak (administrator) on MICHAL-PC (ASUS All Series) (15-12-2020 21:48:50)
Running from C:\Users\misak\Desktop
Loaded Profiles: misak
Platform: Windows 10 Home Version 1909 18363.1256 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Gaming Keyboard\Monitor.EXE
() [File not signed] C:\Program Files (x86)\Gaming Keyboard\OSD.exe
() [File not signed] C:\Windows\FixCamera.exe
(2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.) C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(ANDREA VACONDIO -> Andrea Vacondio) C:\Program Files\PDFsam Enhanced 4\creator-ws.exe
(ANDREA VACONDIO -> Andrea Vacondio) C:\Program Files\PDFsam Enhanced\creator-ws.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\111.4.472\QtWebEngineProcess.exe <2>
(Ghisler Software GmbH -> Ghisler Software GmbH) C:\Program Files (x86)\TC UP\TOTALCMD64.EXE
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <25>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(LENOVO -> Lenovo) [File not signed] C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(pdfforge GmbH -> © pdfforge GmbH.) C:\Program Files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio) C:\Program Files\PDFsam Enhanced 5\creator\common\creator-ws.exe
(SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio) C:\Program Files\PDFsam Enhanced 6\updater-ws.exe
(SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio) C:\Program Files\PDFsam Enhanced 6\ws.exe
(TC UP Team) [File not signed] C:\Program Files (x86)\TC UP\TCUP64.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8484056 2015-06-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [VICTORY Gaming Keyboard] => C:\Program Files (x86)\Gaming Keyboard\Monitor.exe [270336 2013-04-09] () [File not signed]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7992832 2020-12-01] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2012-09-25] () [File not signed]
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [FixCamera] => C:\WINDOWS\FixCamera.exe [20480 2007-02-12] () [File not signed]
HKLM-x32\...\Run: [tsnp325] => C:\WINDOWS\tsnp325.exe [270336 2007-04-21] () [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [TC UP] => C:\Program Files (x86)\TC UP\TCUP64.exe [1833472 2016-06-29] (TC UP Team) [File not signed]
HKLM-x32\...\Run: [MagicPlusHelper] => C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe [2499208 2016-07-08] (LENOVO -> Lenovo) [File not signed]
HKU\S-1-5-21-3050821526-3358219123-440924525-1001\...\Run: [uTorrent] => C:\Users\misak\AppData\Roaming\uTorrent\utorrent.exe [416168 2015-02-22] (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
HKU\S-1-5-21-3050821526-3358219123-440924525-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [50010064 2020-11-03] (Google LLC -> )
HKU\S-1-5-21-3050821526-3358219123-440924525-1001\...\Run: [VirtualDiskAutomount] => C:\Program Files (x86)\TC UP\PLUGINS\wfx\VirtualDisk\VirtualDisk.wfx [139264 2011-01-30] (CaptainFlint Software) [File not signed]
HKU\S-1-5-21-3050821526-3358219123-440924525-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4177784 2016-01-15] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-3050821526-3358219123-440924525-1001\...\Run: [Volume2] => C:\Users\misak\Desktop\Volume2\Volume2.exe [1577984 2016-02-10] (Irza Alexander) [File not signed]
HKU\S-1-5-21-3050821526-3358219123-440924525-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32414392 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\...\Print\Monitors\Bullzip PDF Print Monitor: C:\Program Files\Common Files\Bullzip\PDF Printer\Ports\BULLZIP\bzpdf.dll [219136 2015-08-27] (Bullzip) [File not signed]
HKLM\...\Print\Monitors\FPR8:: C:\WINDOWS\system32\fpmon8.dll [578264 2013-11-18] (FinePrint Software, LLC -> FinePrint Software, LLC)
HKLM\...\Print\Monitors\HP D811 Status Monitor: C:\WINDOWS\system32\hpinkstsD811LM.dll [393352 2017-04-05] (Hewlett Packard -> HP Inc.)
HKLM\...\Print\Monitors\PDFsam Enhanced 6 Monitor: C:\WINDOWS\system32\spool\DRIVERS\x64\pdfsam enhanced_pdfpmon_v.4.12.26.3.dll [932984 2020-02-09] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com))
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-06] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{B7724AE5-1135-4889-8A5F-CA98BE6CA1ED}] -> C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.CredentialProvider.dll [2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" "C:\Program Files\McAfee\TrueKey\McAfeeTrueKeyPasswordFilter"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TVR Scheduler.lnk [2017-11-04]
ShortcutTarget: TVR Scheduler.lnk -> C:\Program Files (x86)\honestech\honestech TVR 2.5\scheduleTV.exe () [File not signed]
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0CA1011A-3B17-4219-9D1C-D2895494F396} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {0F5FBB12-E7B2-44FA-A3BC-0CF1F18705BE} - System32\Tasks\vypnutí PC (příkaz) => C:\Windows\System32\shutdown.exe [26624 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {12B4EA3E-9D74-40D3-8FF8-90702843D072} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [126152 2020-04-22] (Mozilla Corporation -> Mozilla Foundation)
Task: {14C15532-66F6-48CD-AA80-D686E7783D67} - System32\Tasks\GoogleUpdateTaskMachineUA1d57d5c3a8e3610 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-30] (Google Inc -> Google Inc.)
Task: {41745E0F-0E62-4B3C-9DFE-F01767C24989} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4639280 2018-12-02] (McAfee, Inc. -> McAfee, Inc.)
Task: {4326ACD8-6562-495F-88F0-A03F8EED26A2} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {43958E43-6DF7-45D4-AA10-59C40EC304E8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4E168211-979D-4DC7-BE66-2E450975A429} - System32\Tasks\2BrightSparks\SyncBackFree\MICHAL-PC-misak\SyncBackFree => C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe [27620920 2018-02-01] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.)
Task: {5293340E-B8B2-4C52-AB60-51488559687B} - System32\Tasks\Opera scheduled Autoupdate 1451482647 => C:\Program Files (x86)\Opera\launcher.exe [1030744 2017-02-27] (Opera Software AS -> Opera Software)
Task: {556C8C28-4622-4F01-8F67-C5E1AE82E9E7} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-09] (Dropbox, Inc -> Dropbox, Inc.)
Task: {634A4774-F84E-4D45-B236-C172FE446447} - System32\Tasks\DropboxUpdateTaskMachineCore1d5d6cba22c2779 => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-09] (Dropbox, Inc -> Dropbox, Inc.)
Task: {65630535-93DA-4300-B89E-698C7123D2DA} - System32\Tasks\DropboxUpdateTaskMachineUA1d5d6cba2571108 => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-09] (Dropbox, Inc -> Dropbox, Inc.)
Task: {6FF748CA-638F-467E-96C5-11506ECBDA5A} - System32\Tasks\lenovo mobile auto run => C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe [2499208 2016-07-08] (LENOVO -> Lenovo) [File not signed]
Task: {710FA897-6B9E-489A-B887-82153A7763FD} - System32\Tasks\{D377ADF2-AAB3-4384-9D5F-0D27E181F873} => "c:\program files (x86)\google\chrome\application\chrome.exe" http://www.skype.com/go/downloading?sou ... tError=404
Task: {91A97EF3-EB6F-413E-BA0E-15193B19C4B9} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [271960 2017-03-17] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {96139FF0-81EB-4187-9CAF-91545BF055FF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {96DF6E9C-D34D-4011-9422-4E6E3041F3DE} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-09] (Dropbox, Inc -> Dropbox, Inc.)
Task: {9E1D5459-DDFD-46D2-AEA5-37BCA2768F2A} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {A9984137-99FA-4674-BBD0-1640975F199B} - System32\Tasks\GoogleUpdateTaskMachineCore1d57d5c3a78c14c => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-30] (Google Inc -> Google Inc.)
Task: {AFAED719-3667-40B5-88B1-22A3126D0A12} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_25_0_0_127_pepper.exe [1277016 2017-03-17] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {BC4E4EE8-DBCE-4143-8583-5569E4DC52D8} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-09-18] (Avast Software s.r.o. -> Avast Software)
Task: {BE0758B3-4763-4DB1-B607-C907C428CB46} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BF3ECD0D-3DA0-4EA6-A1C1-53C7AE103C5A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {C85DFAD5-7BD6-4063-9227-43E174F6A5A3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-30] (Google Inc -> Google Inc.)
Task: {C88835A3-FBEA-4441-911D-89E329E15932} - System32\Tasks\2BrightSparks\SyncBackFree\MICHAL-PC-misak\SyncBackFree metrix => C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe [27620920 2018-02-01] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.)
Task: {D7C05AA1-BBAA-4D11-9571-93BAACE7A45D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F93D4FC7-34D5-4BED-8525-175D91A0E226} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-30] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore1d5d6cba22c2779.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA1d5d6cba2571108.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4460aeae-148b-4aaf-886a-f14fc94b3afb}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{7d9f608b-68cd-421a-a496-7eee047af1f2}: [DhcpNameServer] 192.168.0.1

Edge:
======
Edge Profile: C:\Users\misak\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-13]

FireFox:
========
FF DefaultProfile: 4dczc3fl.default
FF ProfilePath: C:\Users\misak\AppData\Roaming\Mozilla\Firefox\Profiles\4dczc3fl.default [2020-12-15]
FF DownloadDir: S:\_seriály\Skrytá vášeň
FF Extension: (Seznam pro Firefox - Email) - C:\Users\misak\AppData\Roaming\Mozilla\Firefox\Profiles\4dczc3fl.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2017-11-29]
FF HKLM\...\Firefox\Extensions: [pdfsam_enhanced_conv@pdfsam.com] - C:\Program Files\PDFsam Enhanced\resources\pdfsamenhancedfirefoxextension
FF Extension: (PDFsam Enhanced Creator) - C:\Program Files\PDFsam Enhanced\resources\pdfsamenhancedfirefoxextension [2016-11-23] [Legacy] [not signed]
FF HKLM\...\Firefox\Extensions: [pdfsam_enhanced6_conv@pdfsam.com] - C:\Program Files\PDFsam Enhanced 6\creator\plugins\FirefoxAddin\pdfsam_enhanced6_conv@pdfsam.com.xpi
FF Extension: (PDFsam Enhanced 6 Creator) - C:\Program Files\PDFsam Enhanced 6\creator\plugins\FirefoxAddin\pdfsam_enhanced6_conv@pdfsam.com.xpi [2019-10-17]
FF HKLM-x32\...\Firefox\Extensions: [pdfsam_enhanced6_conv@pdfsam.com] - C:\Program Files\PDFsam Enhanced 6\creator\plugins\FirefoxAddin\pdfsam_enhanced6_conv@pdfsam.com.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-16] (Adobe Systems Incorporated -> )
FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin: PDFsam Enhanced 5 -> C:\Program Files\PDFsam Enhanced 5\np-previewer.dll [2018-06-27] (SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-16] (Adobe Systems Incorporated -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: PDFsam Enhanced -> C:\Program Files (x86)\PDFsam Enhanced\np-previewer.dll [2016-07-06] (ANDREA VACONDIO -> Andrea Vacondio)
FF Plugin-x32: PDFsam Enhanced 4 -> C:\Program Files (x86)\PDFsam Enhanced 4\np-previewer.dll [2017-08-02] (ANDREA VACONDIO -> Andrea Vacondio)

Chrome:
=======
CHR Profile: C:\Users\misak\AppData\Local\Google\Chrome\User Data\Default [2020-12-15]
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Extension: (Prezentace) - C:\Users\misak\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-09-15]
CHR Extension: (h264ify) - C:\Users\misak\AppData\Local\Google\Chrome\User Data\Default\Extensions\aleakchihdccplidncghkekgioiakgal [2019-09-15]
CHR Extension: (Dokumenty) - C:\Users\misak\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-09-15]
CHR Extension: (Disk Google) - C:\Users\misak\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-29]
CHR Extension: (Seznam doplněk - Email) - C:\Users\misak\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2020-04-08]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\misak\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2019-10-12]
CHR Extension: (YouTube) - C:\Users\misak\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-09-15]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\misak\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-12-15]
CHR Extension: (Tampermonkey) - C:\Users\misak\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2020-11-23]
CHR Extension: (Dark Reader) - C:\Users\misak\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2020-12-06]
CHR Extension: (Tabulky) - C:\Users\misak\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-09-15]
CHR Extension: (ZyXEL NAS Link Capture) - C:\Users\misak\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjchadhilcichebeadpoppalaidalfcg [2019-09-15]
CHR Extension: (Vzdálená plocha Chrome) - C:\Users\misak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-09-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\misak\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-23]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\misak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-12-14]
CHR Extension: (Reklamy blokátor pro YouTube ™) - C:\Users\misak\AppData\Local\Google\Chrome\User Data\Default\Extensions\hflefjhkfeiaignkclmphmokmmbhbhik [2019-09-15]
CHR Extension: (Google Keep – poznámky a seznamy) - C:\Users\misak\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2020-12-13]
CHR Extension: (CrxMouse Chrome™ Gestures) - C:\Users\misak\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlgkpaicikihijadgifklkbpdajbkhjo [2020-03-14]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\misak\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2020-10-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\misak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-06]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\misak\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2020-04-08]
CHR Extension: (Gmail) - C:\Users\misak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-29]
CHR Extension: (Chrome Media Router) - C:\Users\misak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-25]
CHR Profile: C:\Users\misak\AppData\Local\Google\Chrome\User Data\System Profile [2020-12-13]
CHR HKU\S-1-5-21-3050821526-3358219123-440924525-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

Opera:
=======
OPR DownloadDir: E:\_seriály\Skrytá vášeň

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [271960 2017-03-17] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-28] (ASUSTeK Computer Inc. -> )
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-09] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-09] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44552 2020-12-01] (Dropbox, Inc -> Dropbox, Inc.)
S3 DgnIndexingService; C:\Program Files (x86)\Common Files\Bentley Shared\Dgn Index Service\DgnIndexServer.exe [137728 2012-04-13] (Bentley Systems Inc.) [File not signed]
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1369464 2016-01-15] (Disc Soft Ltd -> Disc Soft Ltd)
S2 DroidExplorerService; C:\Program Files\Droid Explorer\DroidExplorer.Service.exe [257024 2015-09-18] (Ryan Conrad) [File not signed]
R2 PDF Architect 5 Manager; C:\Program Files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe [985848 2017-05-16] (pdfforge GmbH -> © pdfforge GmbH.)
S3 PDFsam Enhanced; C:\Program Files\PDFsam Enhanced\ws.exe [2322496 2016-07-06] (ANDREA VACONDIO -> Andrea Vacondio)
S3 PDFsam Enhanced 4; C:\Program Files\PDFsam Enhanced 4\ws.exe [2005744 2017-08-02] (ANDREA VACONDIO -> Andrea Vacondio)
R2 PDFsam Enhanced 4 Creator; C:\Program Files\PDFsam Enhanced 4\creator-ws.exe [757496 2017-08-02] (ANDREA VACONDIO -> Andrea Vacondio)
S3 PDFsam Enhanced 5; C:\Program Files\PDFsam Enhanced 5\ws.exe [2004808 2018-06-27] (SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio)
R2 PDFsam Enhanced 5 Creator; C:\Program Files\PDFsam Enhanced 5\creator\common\creator-ws.exe [758600 2018-06-27] (SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio)
R3 PDFsam Enhanced 6; C:\Program Files\PDFsam Enhanced 6\ws.exe [2464464 2019-10-23] (SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio)
S3 PDFsam Enhanced 6 Creator; C:\Program Files\PDFsam Enhanced 6\creator\common\creator-ws.exe [577232 2019-10-23] (SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio)
R2 PDFsam Enhanced 6 Update Service; C:\Program Files\PDFsam Enhanced 6\updater-ws.exe [1716944 2019-10-23] (SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio)
S3 PDFsam Enhanced CrashHandler; C:\Program Files\PDFsam Enhanced\crash-handler-ws.exe [921664 2016-07-06] (ANDREA VACONDIO -> Andrea Vacondio)
R2 PDFsam Enhanced Creator; C:\Program Files\PDFsam Enhanced\creator-ws.exe [734272 2016-07-06] (ANDREA VACONDIO -> Andrea Vacondio)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12720144 2020-11-18] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 TrueKey; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe [421432 2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
R2 TrueKeyScheduler; C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe [421432 2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
R2 TrueKeyServiceHelper; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe [194168 2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-28] (ASUSTeK Computer Inc. -> )
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-02-29] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-02-29] (Disc Soft Ltd -> Disc Soft Ltd)
S3 FreshIO; C:\Program Files (x86)\FreshDevices\FreshDiagnose\FreshIO.sys [2410 2004-10-26] () [File not signed]
S2 Hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [296448 2005-06-14] (Aladdin Knowledge Systems Ltd.) [File not signed]
S3 pccsmcfd; C:\WINDOWS\system32\DRIVERS\pccsmcfdx64.sys [26112 2012-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 ptun0901; C:\WINDOWS\System32\drivers\ptun0901.sys [27136 2016-06-15] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2017-10-10] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [222872 2018-06-29] (Oracle Corporation -> Oracle Corporation)
R1 VD_FileDisk; C:\Windows\System32\Drivers\VD_FileDisk.sys [30312 2011-01-26] (Ghisler Software GmbH -> CaptainFlint Software)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-12-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-12-06] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-06] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-12-15 21:48 - 2020-12-15 21:50 - 000031265 _____ C:\Users\misak\Desktop\FRST.txt
2020-12-15 21:47 - 2020-12-15 21:47 - 002286592 _____ (Farbar) C:\Users\misak\Desktop\FRST64.exe
2020-12-14 15:08 - 2020-12-14 15:08 - 001222144 _____ C:\Users\misak\Downloads\RSITx64 (1).exe
2020-12-13 11:48 - 2020-12-13 13:37 - 000000000 ____D C:\ProgramData\AVG
2020-12-13 11:47 - 2020-12-13 11:47 - 030536752 _____ (Piriform Software Ltd) C:\Users\misak\Downloads\ccsetup575.exe
2020-12-09 19:22 - 2020-12-09 19:22 - 002045952 _____ C:\WINDOWS\system32\rdpnano.dll
2020-12-09 19:22 - 2020-12-09 19:22 - 001756600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-09 19:22 - 2020-12-09 19:22 - 001366144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-09 19:22 - 2020-12-09 19:22 - 000171008 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2020-12-09 19:22 - 2020-12-09 19:22 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-09 19:22 - 2020-12-09 19:22 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-09 19:22 - 2020-12-09 19:22 - 000059392 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-09 19:22 - 2020-12-09 19:22 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-09 19:22 - 2020-12-09 19:22 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth14.bin
2020-12-09 19:22 - 2020-12-09 19:22 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth13.bin
2020-12-09 19:22 - 2020-12-09 19:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-12-09 19:22 - 2020-12-09 19:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-12-09 19:22 - 2020-12-09 19:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-12-09 19:22 - 2020-12-09 19:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-12-09 19:22 - 2020-12-09 19:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-12-09 19:22 - 2020-12-09 19:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-12-09 19:22 - 2020-12-09 19:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-12-09 19:22 - 2020-12-09 19:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-12-09 19:22 - 2020-12-09 19:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2020-12-09 19:22 - 2020-12-09 19:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2020-12-09 19:22 - 2020-12-09 19:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2020-12-09 19:22 - 2020-12-09 19:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2020-12-09 19:22 - 2020-12-09 19:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-12-09 19:22 - 2020-12-09 19:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-12-09 19:22 - 2020-12-09 19:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-12-09 19:22 - 2020-12-09 19:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-12-06 16:03 - 2020-12-06 16:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-12-06 15:50 - 2020-12-07 17:30 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2020-12-06 15:36 - 2020-12-13 11:57 - 000000000 ____D C:\WINDOWS\Minidump
2020-12-01 23:10 - 2020-12-01 23:10 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2020-12-01 23:10 - 2020-12-01 23:10 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2020-12-01 23:10 - 2020-12-01 23:10 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2020-12-01 23:10 - 2020-12-01 23:10 - 000044552 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-12-15 21:49 - 2017-12-18 14:45 - 000000000 ____D C:\FRST
2020-12-15 21:46 - 2020-07-01 00:11 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-15 21:46 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-15 18:17 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-15 18:17 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-12-15 16:14 - 2020-07-01 00:49 - 000004198 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{FF8153D5-DC6A-450B-9DF4-76BF49748363}
2020-12-15 15:07 - 2015-12-30 12:43 - 000000000 ____D C:\Program Files\CCleaner
2020-12-14 15:21 - 2019-10-04 03:59 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-12-14 15:21 - 2019-10-04 03:59 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-12-14 15:13 - 2017-09-06 18:30 - 000000000 ____D C:\Users\misak\AppData\Local\CrashDumps
2020-12-14 15:13 - 2016-01-09 16:44 - 000000000 ____D C:\Users\misak\AppData\Roaming\uTorrent
2020-12-14 15:09 - 2016-11-18 10:59 - 000000000 ____D C:\Program Files\trend micro
2020-12-13 17:31 - 2017-05-12 12:02 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2020-12-13 17:31 - 2015-12-30 12:38 - 000000000 __SHD C:\Users\misak\IntelGraphicsProfiles
2020-12-13 17:30 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-12-13 13:38 - 2020-07-01 00:49 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-12-13 13:38 - 2015-12-30 12:58 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-12-13 13:37 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-12-13 12:24 - 2018-07-18 10:41 - 000000000 ____D C:\Users\misak\AppData\Local\AVAST Software
2020-12-13 12:07 - 2017-09-29 08:09 - 000000000 ____D C:\Users\misak\Documents\ccleaner zaloha registru
2020-12-13 12:04 - 2015-12-30 13:02 - 000000000 ____D C:\Users\misak\AppData\Roaming\TeamViewer
2020-12-13 11:57 - 2020-06-13 17:58 - 000000000 ___DC C:\WINDOWS\Panther
2020-12-13 11:50 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-12-13 11:49 - 2017-08-31 08:00 - 000000000 ____D C:\TEMP
2020-12-13 11:48 - 2020-07-01 00:49 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-12-13 11:48 - 2017-09-03 08:49 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-12-13 11:48 - 2017-09-03 08:49 - 000000863 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-12-13 11:39 - 2017-10-19 08:01 - 000000000 ___RD C:\Users\misak\3D Objects
2020-12-13 11:39 - 2015-12-01 02:54 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-12-12 01:41 - 2020-06-06 17:16 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-12 01:41 - 2020-06-06 17:16 - 000002257 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-12-12 01:41 - 2020-06-06 17:16 - 000002257 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-12-11 00:26 - 2020-07-01 00:31 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-11 00:26 - 2019-03-19 12:55 - 000716944 _____ C:\WINDOWS\system32\perfh005.dat
2020-12-11 00:26 - 2019-03-19 12:55 - 000145024 _____ C:\WINDOWS\system32\perfc005.dat
2020-12-11 00:23 - 2020-07-01 00:18 - 000000000 ____D C:\Users\krcma
2020-12-11 00:22 - 2020-07-01 00:10 - 000500112 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-11 00:21 - 2016-01-03 13:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-12-11 00:19 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-12-11 00:19 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-11 00:19 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-11 00:19 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-12-11 00:19 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-11 00:19 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-12-11 00:19 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-11 00:19 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-11 00:19 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-10 18:13 - 2020-06-09 18:07 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-12-09 19:30 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-07 17:47 - 2019-09-15 10:01 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-12-07 17:47 - 2019-09-15 10:01 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-12-07 17:47 - 2019-09-15 10:01 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-12-07 17:31 - 2017-02-16 20:33 - 000000000 ____D C:\Users\misak\AppData\LocalLow\Mozilla
2020-12-07 17:30 - 2016-01-03 13:29 - 000001278 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2020-12-06 16:05 - 2020-07-01 00:49 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-12-06 16:05 - 2020-07-01 00:49 - 000003502 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA1d57d5c3a8e3610
2020-12-06 16:05 - 2020-07-01 00:49 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-12-06 16:05 - 2020-07-01 00:49 - 000003378 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore1d57d5c3a78c14c
2020-12-06 16:04 - 2016-09-09 09:56 - 000000000 ____D C:\Program Files (x86)\Dropbox
2020-12-06 15:52 - 2018-02-28 08:25 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-11-25 17:22 - 2020-07-01 00:49 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-11-20 18:24 - 2020-09-30 00:50 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2020-11-15 10:14 - 2015-12-30 14:11 - 000000000 ____D C:\VKM5
2020-11-15 10:04 - 2017-08-31 08:56 - 000000000 ____D C:\Users\misak\Documents\GtechCz

==================== Files in the root of some directories ========

2017-06-27 12:45 - 2017-06-27 12:45 - 000000087 _____ () C:\Users\misak\AppData\Roaming\1de0de73-de3e-46c6-81b0-f6455f081644
2016-09-30 11:27 - 2016-09-30 11:27 - 000000050 _____ () C:\Users\misak\AppData\Roaming\Camdata.ini
2016-09-30 11:27 - 2016-09-30 11:27 - 000000408 _____ () C:\Users\misak\AppData\Roaming\CamLayout.ini
2016-09-30 11:27 - 2016-09-30 11:27 - 000000408 _____ () C:\Users\misak\AppData\Roaming\CamShapes.ini
2016-09-30 11:27 - 2016-09-30 11:27 - 000004521 _____ () C:\Users\misak\AppData\Roaming\CamStudio.cfg
2017-03-10 15:06 - 2020-02-23 11:40 - 000099384 _____ () C:\Users\misak\AppData\Roaming\inst.exe
2017-03-10 15:06 - 2020-02-23 11:40 - 000007859 _____ () C:\Users\misak\AppData\Roaming\pcouffin.cat
2017-03-10 15:06 - 2020-02-23 11:40 - 000001167 _____ () C:\Users\misak\AppData\Roaming\pcouffin.inf
2017-03-10 15:06 - 2020-02-23 11:40 - 000000055 _____ () C:\Users\misak\AppData\Roaming\pcouffin.log
2017-03-10 15:06 - 2020-02-23 11:40 - 000082816 _____ (VSO Software) C:\Users\misak\AppData\Roaming\pcouffin.sys
2017-03-10 14:12 - 2017-03-10 15:00 - 000008192 _____ () C:\Users\misak\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-09-27 17:17 - 2020-11-20 18:04 - 000001845 _____ () C:\Users\misak\AppData\Local\oobelibMkey.log
2019-03-03 19:37 - 2019-03-03 19:37 - 000000927 _____ () C:\Users\misak\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2020
Ran by misak (15-12-2020 21:54:56)
Running from C:\Users\misak\Desktop
Windows 10 Home Version 1909 18363.1256 (X64) (2020-06-30 23:50:40)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3050821526-3358219123-440924525-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3050821526-3358219123-440924525-503 - Limited - Disabled)
Guest (S-1-5-21-3050821526-3358219123-440924525-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3050821526-3358219123-440924525-1007 - Limited - Enabled)
krcma (S-1-5-21-3050821526-3358219123-440924525-1005 - Limited - Enabled) => C:\Users\krcma
ludmi (S-1-5-21-3050821526-3358219123-440924525-1004 - Limited - Disabled)
misak (S-1-5-21-3050821526-3358219123-440924525-1001 - Administrator - Enabled) => C:\Users\misak
WDAGUtilityAccount (S-1-5-21-3050821526-3358219123-440924525-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DMark06 (HKLM-x32\...\{7F3AD00A-1819-4B15-BB7D-08B3586336D7}) (Version: 1.1.0 - Futuremark)
ABRA FlexiBee (HKLM-x32\...\WinStrom 10) (Version: - FlexiBee Systems s.r.o.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Adobe Flash Player 25 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0_1) (Version: 18.0.1 - Adobe Systems Incorporated)
Any DVD Converter Professional 6.2.2 (HKLM-x32\...\Any DVD Converter Professional_is1) (Version: - Any-DVD-Converter.com)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Audiograbber 1.83 SE (HKLM-x32\...\Audiograbber) (Version: 1.83 SE - Audiograbber)
Backup and Sync from Google (HKLM\...\{3A8CD593-8CF9-45B4-9932-FC41CBC14E15}) (Version: 3.53.3404.7585 - Google, Inc.)
Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
BdeD7 (HKLM-x32\...\{B02A434C-4B77-4C86-B30D-EC75BED719AD}) (Version: 1.00.0000 - ZKGEO)
Bentley DGN IFilter (HKLM\...\{2E873893-A883-4C06-8308-7B491D58F3D6}) (Version: 1.0.1.11 - Bentley Systems, Incorporated)
Bentley DGN Index Service (HKLM-x32\...\{A753B088-3FCE-4F1C-BF92-8E6931DE261E}) (Version: 08.11.09030 - Bentley Systems, Incorporated)
Bentley DGN Preview Handler (HKLM-x32\...\{264B522D-1B7F-4AAF-A32B-55A6BF5679F2}) (Version: 8.11.8004 - Bentley Systems, Incorporated)
Bentley DGN Thumbnail Provider (HKLM\...\{74A8C1AF-75E5-4653-95AF-222725B7D877}) (Version: 8.11.7.410 - Bentley Systems, Incorporated)
Bentley V8i (SELECTseries 3) - Autodesk® RealDWG™ 2012 (HKLM-x32\...\{23D46254-9D4C-446C-900A-F53AF1D12A90}) (Version: 8.11.9.357 - Bentley Systems, Incorporated)
Bentley V8i (SELECTseries 3) - Autodesk® RealDWG™ 2013 (HKLM-x32\...\{9E55146A-4686-476F-8999-F0760A99EC39}) (Version: 08.11.09.357 - Bentley Systems, Incorporated)
Brother BRAdmin Light 1.29.0000 (HKLM-x32\...\{DB75941E-30C4-4D97-B000-D17C764B998C}) (Version: 1.29.0000 - Brother)
Brother MFL-Pro Suite MFC-6490CW (HKLM-x32\...\{20E970DF-A7B2-4345-9DEB-72213A29645E}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
Bullzip PDF Printer 10.19.0.2457 (HKLM\...\Bullzip PDF Printer_is1) (Version: 10.19.0.2457 - Bullzip)
Call of Duty 4 - Modern Warfare verze 1.7 (HKLM-x32\...\{826D7727-6105-4C5D-A049-E4BADBC8BAAB}_is1) (Version: 1.7 - tomi2k9)
CamStudio 2.7 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7 - CamStudio Open Source)
CCleaner (HKLM\...\CCleaner) (Version: 5.75 - Piriform)
CONNECTION client (HKLM\...\{D03E0EB3-5E30-3271-A152-7B736DD0E711}) (Version: 10.00.04.021 - Bentley Systems, Incorporated) Hidden
CONNECTION client (HKLM-x32\...\{44c537c4-45cf-4df2-b42e-252dc7a25112}) (Version: 10.0.4.21 - Bentley Systems, Incorporated)
CONNECTION client Czech-Language Pack (HKLM\...\{5629A17A-9348-37E9-960D-0A31B95CB975}) (Version: 10.00.04.024 - Bentley Systems, Incorporated) Hidden
CONNECTION client Czech-Language pack (HKLM-x32\...\{f35def82-7450-440f-81f7-aad6c66d7424}) (Version: 10.0.4.24 - Bentley Systems, Incorporated)
Convert WAV To MP3 1.0 (HKLM-x32\...\Convert WAV To MP3_is1) (Version: - A Software Plus)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0115 - Disc Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0002 - Microsoft Corporation)
Droid Explorer 0.9.0.4 (x64) (HKLM\...\{0716A981-E2D4-44B1-B940-EDA12E38699F}) (Version: 0.9.0.4 - Ryan Conrad)
Dropbox (HKLM-x32\...\Dropbox) (Version: 111.4.472 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.377.1 - Dropbox, Inc.) Hidden
DVDFab 10.0.3.9 (16/05/2017) (HKLM-x32\...\DVDFab 10) (Version: 10.0.3.9 - Fengtao Software Inc.)
Etcher 1.3.1 (only current user) (HKU\S-1-5-21-3050821526-3358219123-440924525-1001\...\573339af-d9e1-5dd3-804c-e0162fac1f41) (Version: 1.3.1 - Resin Inc.)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
FinePrint (HKLM\...\FinePrint) (Version: 8.01 - FinePrint Software, LLC)
Free Business Card Maker (HKLM-x32\...\{F269168D-3E36-44A5-A3FE-5F0682752BED}) (Version: 1.0.0 - Media Freeware)
FreshDiagnose (HKLM-x32\...\FreshDevices - FreshDiagnose_is1) (Version: - )
Fushicai VIDEO DVR (HKLM-x32\...\{989BAFE8-E777-43D7-9749-9810E0E9FF48}) (Version: 2013.5.6 - Fushicai)
Gaming Keyboard Driver (HKLM-x32\...\{B3CDED64-7DC2-429D-A325-BBC3CF793AA6}) (Version: 1.0 - Senbiz)
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
hama PC-Webcam AC-140 (HKLM-x32\...\{F9466082-90E9-4BE4-92F0-CF0AF195B0CF}) (Version: 0.1.0.000 - Sonix)
HDR Preview (HKLM\...\{9F7815C9-A323-4215-905C-73137D21BCC0}) (Version: 1.0.0.2 - Bentley Systems, Incorporated)
honestechTVR2.5 (HKLM-x32\...\{ABADD11D-1B48-4F23-BEBA-6B22CE8F5E58}) (Version: 2.5 - honestech)
honestechTVR2.5 (HKLM-x32\...\{B1DE0E2A-C1B1-4A61-A622-1F52CB37B183}) (Version: 2.5 - honestech) Hidden
i-model ODBC Driver for Windows 7 (HKLM-x32\...\{775616F7-2D4C-4D73-8773-A66C0BCECB38}) (Version: 01.00.00020 - Bentley Systems, Incorporated)
i-model ODBC Driver for Windows 7 (x64) (HKLM\...\{454AD0FD-21D2-4E73-99E9-A40CAC75A636}) (Version: 01.00.00020 - Bentley Systems, Incorporated)
Intel(R) Chipset Device Software (HKLM-x32\...\{d4874f67-8c81-475b-91e0-8de9b2892499}) (Version: 10.1.1.12 - Intel(R) Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
Java 8 Update 151 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Jihosoft ISO Maker version 3.0 (HKLM-x32\...\{FA289A40-0F71-428E-B3A2-546EDC04DB93}_is1) (Version: 3.0 - Jihosoft Studio)
Lame ACM MP3 Codec (HKLM-x32\...\LameACM) (Version: - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Lenovo Phone Manager (HKLM-x32\...\{63190DFB-529A-4F6E-B6E6-A207712256F4}) (Version: 1.4.1.14211 - Lenovo)
LibreOffice 6.0 Help Pack (Czech) (HKLM\...\{2399A9CD-148D-4BE2-9C56-F712AFF3B8AD}) (Version: 6.0.2.1 - The Document Foundation)
LibreOffice 6.0.5.2 (HKLM\...\{9645CDEF-085C-45F7-A3CD-B4B7046EF78C}) (Version: 6.0.5.2 - The Document Foundation)
Livestream Procaster (HKLM-x32\...\{68E4C751-272B-44E1-94C7-4E1FDC40F7DA}) (Version: 20.3.25 - Procaster)
Manager (HKLM-x32\...\{8DED36D9-54D6-4127-A112-5A1BA1CDD66B}) (Version: 5.0.26.33533 - 2017 pdfforge GmbH. All rights reserved) Hidden
McAfee True Key (HKLM\...\TrueKey) (Version: 5.3.138.1 - McAfee, LLC)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.60 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft OneDrive (HKU\S-1-5-21-3050821526-3358219123-440924525-1001\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MicroStation V8i (SELECTseries 3) 08.11.09.357 (HKLM-x32\...\{37E6B330-81D1-4318-9B0B-95169F60D8E7}) (Version: 08.11.09.357 - Bentley Systems, Incorporated)
MKVToolNix 15.0.0 (32-bit) (HKLM-x32\...\MKVToolNix) (Version: 15.0.0 - Moritz Bunkus)
Mozilla Firefox 75.0 (x64 cs) (HKLM\...\Mozilla Firefox 75.0 (x64 cs)) (Version: 75.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 78.5.0.7639 - Mozilla)
Mozilla Thunderbird 78.5.1 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 78.5.1 (x86 cs)) (Version: 78.5.1 - Mozilla)
MSVC80_x64_v2 (HKLM\...\{4D668D4F-FAA2-4726-834C-31F4614F312E}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (HKLM-x32\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.8 - F.J. Wechselberger)
NAS Starter Utility (HKLM-x32\...\NAS Starter Utility) (Version: - ZyXEL)
Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
NVIDIA PhysX (HKLM-x32\...\{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}) (Version: 9.10.0514 - NVIDIA Corporation)
Opera Stable 43.0.2442.1144 (HKLM-x32\...\Opera 43.0.2442.1144) (Version: 43.0.2442.1144 - Opera Software)
Oracle VM VirtualBox 5.2.14 (HKLM\...\{BEE6540B-718F-4E91-8166-BB101FCCD070}) (Version: 5.2.14 - Oracle Corporation)
Paragon Partition Manager™ 15 Professional -nSane- (HKLM\...\{A35001F0-F1E4-11DD-A38B-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PC Connectivity Solution (HKLM-x32\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
PDFsam Basic (HKLM\...\{545E19E6-FB13-493C-B515-B49DA3BD2B46}) (Version: 4.1.1.0 - Sober Lemur S.a.s. di Vacondio Andrea)
PDFsam Enhanced (HKLM-x32\...\PDFsam Enhanced) (Version: 3.0.31.29080 - Copyright 2015 Andrea Vacondio)
PDFsam Enhanced 4 (HKLM-x32\...\PDFsam Enhanced 4) (Version: 4.0.3.32301 - Copyright 2017 Andrea Vacondio)
PDFsam Enhanced 4 Asian Fonts Pack (HKLM\...\{23186912-8615-4924-B677-D032739A0861}) (Version: 4.1.11.34362 - Andrea Vacondio) Hidden
PDFsam Enhanced 4 Convert Module (HKLM\...\{82E16ABB-95AB-43E7-A402-1638B03C8391}) (Version: 4.1.11.34362 - Andrea Vacondio) Hidden
PDFsam Enhanced 4 Create Module (HKLM\...\{DB8BDD2C-FA37-4B7C-B43A-443FB1D268F6}) (Version: 4.1.11.34362 - Andrea Vacondio) Hidden
PDFsam Enhanced 4 Edit Module (HKLM\...\{93082EB3-E24B-44A0-9ACB-F1F700F8977F}) (Version: 4.1.11.34362 - Andrea Vacondio) Hidden
PDFsam Enhanced 4 Forms Module (HKLM\...\{D66F2332-0894-4B48-99E7-3C25C108ECE8}) (Version: 4.1.11.34362 - Andrea Vacondio) Hidden
PDFsam Enhanced 4 Insert Module (HKLM\...\{57DCEFC3-54A2-40C8-B833-3CAE945FFC0C}) (Version: 4.1.11.34362 - Andrea Vacondio) Hidden
PDFsam Enhanced 4 OCR Module (HKLM\...\{41B8D2E1-47FC-4BB4-A4EA-BC2F1471996D}) (Version: 4.1.11.34362 - Andrea Vacondio) Hidden
PDFsam Enhanced 4 Review Module (HKLM\...\{A8BEAD35-464C-459E-B572-06CF3270370D}) (Version: 4.1.11.34362 - Andrea Vacondio) Hidden
PDFsam Enhanced 4 Secure Module (HKLM\...\{C66640E8-BAEB-43FB-BE87-C184E866405F}) (Version: 4.1.11.34362 - Andrea Vacondio) Hidden
PDFsam Enhanced 4 View Module (HKLM\...\{193A600E-D248-4D12-95BE-8FD5B25DD0AD}) (Version: 4.1.11.34362 - Andrea Vacondio) Hidden
PDFsam Enhanced 5 (HKLM-x32\...\PDFsam Enhanced 5) (Version: 5.0.21.675 - SOBER LEMUR SAS DI VACONDIO ANDREA)
PDFsam Enhanced 5 Asian Fonts Pack (HKLM\...\{F6F33FB8-7590-4BE0-B035-9C5585240CB4}) (Version: 5.0.19.38650 - Andrea Vacondio) Hidden
PDFsam Enhanced 5 Convert Module (HKLM\...\{CDEC48A9-3B47-4D96-9F83-6CDC3B44CC45}) (Version: 5.0.19.38650 - Andrea Vacondio) Hidden
PDFsam Enhanced 5 Create Module (HKLM\...\{F94AA218-F7A7-4A9C-B51D-B19FE160E9BC}) (Version: 5.0.19.38650 - Andrea Vacondio) Hidden
PDFsam Enhanced 5 Edit Module (HKLM\...\{F6D4013F-76FA-4D2A-A16E-0311339F5FB1}) (Version: 5.0.19.38650 - Andrea Vacondio) Hidden
PDFsam Enhanced 5 Forms Module (HKLM\...\{87352A7C-B62E-457E-A175-7923944BCE5E}) (Version: 5.0.19.38650 - Andrea Vacondio) Hidden
PDFsam Enhanced 5 Insert Module (HKLM\...\{C0C46B7D-71DA-4068-8369-799065DC8366}) (Version: 5.0.19.38650 - Andrea Vacondio) Hidden
PDFsam Enhanced 5 Review Module (HKLM\...\{DF27981F-0014-4E6C-AD66-11CF6B786624}) (Version: 5.0.19.38650 - Andrea Vacondio) Hidden
PDFsam Enhanced 5 Secure Module (HKLM\...\{FF829A00-07FF-46C9-AC34-0F04299001A3}) (Version: 5.0.19.38650 - Andrea Vacondio) Hidden
PDFsam Enhanced 5 View Module (HKLM\...\{1408D07C-5699-4894-94FE-054302B0B603}) (Version: 5.0.19.38650 - Andrea Vacondio) Hidden
PDFsam Enhanced 6 (HKLM-x32\...\PDFsam Enhanced 6) (Version: 6.1.12.1769 - SOBER LEMUR SAS DI VACONDIO ANDREA)
PDFsam Enhanced 6 Asian Fonts Pack (HKLM\...\{AD872FD7-E383-4730-90DD-DBC6085FA707}) (Version: 6.1.14.5050 - Andrea Vacondio) Hidden
PDFsam Enhanced 6 Convert Module (HKLM\...\{97B3B4E7-98E4-496D-978E-7846D01DA279}) (Version: 6.1.14.5050 - Andrea Vacondio) Hidden
PDFsam Enhanced 6 Create Module (HKLM\...\{AB55FD1D-9E1F-4606-8587-B8548C72DB6A}) (Version: 6.1.14.5050 - Andrea Vacondio) Hidden
PDFsam Enhanced 6 Edit Module (HKLM\...\{3EB8F0AB-575B-4EC3-8011-F35E3CA6BA7E}) (Version: 6.1.14.5050 - Andrea Vacondio) Hidden
PDFsam Enhanced 6 Forms Module (HKLM\...\{FD343EE1-C0AB-432E-8777-2F3B5F0C9E1B}) (Version: 6.1.14.5050 - Andrea Vacondio) Hidden
PDFsam Enhanced 6 Insert Module (HKLM\...\{4CEFA15B-4CEF-42C1-833E-E5305F9B4BEA}) (Version: 6.1.14.5050 - Andrea Vacondio) Hidden
PDFsam Enhanced 6 Review Module (HKLM\...\{F96CE21B-3FD4-49CB-AEED-A65702CE4D03}) (Version: 6.1.14.5050 - Andrea Vacondio) Hidden
PDFsam Enhanced 6 Secure Module (HKLM\...\{78B8FA91-2850-465D-8D8F-7DD46EDA98C6}) (Version: 6.1.14.5050 - Andrea Vacondio) Hidden
PDFsam Enhanced 6 View Module (HKLM\...\{4ABC92E5-382F-4E49-AFD8-7BBA142F226A}) (Version: 6.1.14.5050 - Andrea Vacondio) Hidden
PDFsam Enhanced Asian Fonts Pack (HKLM\...\{817881FA-BD07-4A50-8F77-DA9AA6009093}) (Version: 3.1.14.28668 - Andrea Vacondio) Hidden
PDFsam Enhanced Convert Module (HKLM\...\{C3946663-4609-4158-A3AD-B9BFB16496F1}) (Version: 3.1.14.28668 - Andrea Vacondio) Hidden
PDFsam Enhanced Create Module (HKLM\...\{F790A93F-B881-4316-BDB4-D02783850695}) (Version: 3.1.14.28668 - Andrea Vacondio) Hidden
PDFsam Enhanced Edit Module (HKLM\...\{C584AD88-AFC9-4030-B391-49C0D04F6F1A}) (Version: 3.1.14.28668 - Andrea Vacondio) Hidden
PDFsam Enhanced Forms Module (HKLM\...\{3CAC256B-9C84-44F4-AC26-50B07FEA56B6}) (Version: 3.1.14.28668 - Andrea Vacondio) Hidden
PDFsam Enhanced Insert Module (HKLM\...\{A06D8CE0-76AA-4968-AC8B-221BE5128646}) (Version: 3.1.14.28668 - Andrea Vacondio) Hidden
PDFsam Enhanced OCR Module (HKLM\...\{B83B283F-87BB-4C61-8F50-E45EDD0C7C8C}) (Version: 3.1.14.28668 - Andrea Vacondio) Hidden
PDFsam Enhanced Review Module (HKLM\...\{35AF9861-0E3C-4C81-AFCC-73461EBC00B7}) (Version: 3.1.14.28668 - Andrea Vacondio) Hidden
PDFsam Enhanced Secure Module (HKLM\...\{3B633A35-AE66-4AC3-B4A1-D2ED2594D368}) (Version: 3.1.14.28668 - Andrea Vacondio) Hidden
PDFsam Enhanced View Module (HKLM\...\{972049F9-650B-4430-82ED-6080470D27BA}) (Version: 3.1.14.28668 - Andrea Vacondio) Hidden
Prolink Version 1.15 (HKLM-x32\...\{D7BEBBEE-5AF1-4FBB-B666-2CAD7F7646BB}) (Version: - )
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.1.2730 - Jan Fiala)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
Seznam Software (HKU\S-1-5-21-3050821526-3358219123-440924525-1001\...\SeznamInstall) (Version: - Seznam.cz)
SyncBackFree (HKLM-x32\...\SyncBackFree_is1) (Version: 8.5.26.0 - 2BrightSparks)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.12.4 - TeamViewer)
Total Commander Ultima Prime 7.1 (HKLM-x32\...\TC UP) (Version: 7.1.0.1266 - TC UP Team)
TP-LINK TL-WN721N_TL-WN722N Driver (HKLM-x32\...\{86A7EED0-02D0-4D91-8183-8D2F23F5E6AE}) (Version: 1.3.1 - TP-LINK)
Visualization Content (HKLM-x32\...\{A12C2FC2-6122-4107-A6AE-677339873A24}) (Version: 8.11.9.292 - Bentley Systems, Incorporated)
VKM 0.1 (HKLM-x32\...\VKM_WSGP_is1) (Version: - Ing. Svatopluk Sedláček)
VKM 5.1 (HKLM-x32\...\VKM5_is1) (Version: - Ing. Svatopluk Sedláček)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
VNC Viewer 6.18.907 (HKLM\...\{59A8848C-F4C8-415E-8DA3-2D94716A7268}) (Version: 6.18.907.38355 - RealVNC Ltd)
WhatsApp (HKU\S-1-5-21-3050821526-3358219123-440924525-1001\...\WhatsApp) (Version: 2.2021.4 - WhatsApp)
Windows Desktop Gadgets (HKLM\...\Windows Desktop Gadgets_is1) (Version: 2.0 - hxxp://gadgetsrevived.com)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
XnView 2.34 (HKLM-x32\...\XnView_is1) (Version: 2.34 - Gougelet Pierre-e)
ZPS 19 CZ v.19.2004.2.250 - 03.06.2020 (HKLM-x32\...\ZPS 19 CZ v.19.2004.2.250 - 03.06.2020) (Version: v.19.2004.2.250 - 03.06.2020 - Libbi)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-05] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.0.83.0_x86__kgqvnymyfvs32 [2020-12-07] (king.com)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-01-20] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_121.1.193.0_x64__v10z8vjag6ke6 [2020-11-04] (HP Inc.)
Islands in the Sun -> C:\Program Files\WindowsApps\Microsoft.IslandsintheSun_1.0.0.0_neutral__8wekyb3d8bbwe [2018-01-05] (Microsoft Corporation)
Keeper - Password Manager & Secure File Storage -> C:\Program Files\WindowsApps\KeeperSecurityInc.Keeper_14.0.33.0_x64__kejf07qmg0jnm [2019-07-30] (Keeper Security Inc)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_5.3.0.5_x86__h6adky7gbf63m [2020-12-15] (Gameloft SE)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2020-07-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-04] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-04] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-25] (Microsoft Studios) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
NengGao Mountain -> C:\Program Files\WindowsApps\Microsoft.NengGaoMountain_1.0.0.0_neutral__8wekyb3d8bbwe [2018-01-19] (Microsoft Corporation)
TuneIn Radio -> C:\Program Files\WindowsApps\TuneIn.TuneInRadio_4.0.7.0_x64__6bhtb546zcxnj [2019-09-20] (TuneIn) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3050821526-3358219123-440924525-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\misak\Dropbox [2016-09-09 10:00]
CustomCLSID: HKU\S-1-5-21-3050821526-3358219123-440924525-1001_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll () [File not signed]
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-11-03] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-11-03] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-11-03] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-11-03] (Google LLC -> Google)
ContextMenuHandlers1: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll [2008-05-22] (MagicISO, Inc.) [File not signed]
ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger) [File not signed]
ContextMenuHandlers1: [PDFsamEnhanced5_ManagerExt] -> {6202C8EB-F149-41FE-A360-8FFAA4D3105B} => C:\Program Files\PDFsam Enhanced 5\context-menu.dll [2018-06-27] (SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio)
ContextMenuHandlers1: [PDFsamEnhanced6_ManagerExt] -> {7631D455-88D9-4774-83C6-D6A2B78182BF} => C:\Program Files\PDFsam Enhanced 6\context-menu.dll [2019-10-23] (SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio)
ContextMenuHandlers1: [TCUPShellExt] -> {544F5441-4C43-4D44-5550-5348454C4C00} => C:\Program Files (x86)\TC UP\LIB\TCUPShellExt.dll [2014-01-31] () [File not signed]
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-11-03] (Google LLC -> Google)
ContextMenuHandlers4: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll [2008-05-22] (MagicISO, Inc.) [File not signed]
ContextMenuHandlers4: [TCUPShellExt] -> {544F5441-4C43-4D44-5550-5348454C4C00} => C:\Program Files (x86)\TC UP\LIB\TCUPShellExt.dll [2014-01-31] () [File not signed]
ContextMenuHandlers4: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\SysWOW64\LameACM.acm [756224 2014-08-19] (hxxp://www.mp3dev.org/) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\misak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Google Keep – poznámky a seznamy.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\misak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Vzdálená plocha Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\misak\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2017-05-12 12:02 - 2020-12-13 13:38 - 000026112 _____ () [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2016-07-31 11:38 - 2012-11-05 07:37 - 000061440 _____ () [File not signed] C:\Program Files (x86)\Gaming Keyboard\hiddriver.dll
2016-07-31 11:38 - 2012-11-05 07:09 - 000057344 _____ () [File not signed] C:\Program Files (x86)\Gaming Keyboard\lan.dll
2014-01-31 16:43 - 2014-01-31 16:43 - 002669568 _____ () [File not signed] C:\Program Files (x86)\TC UP\LIB\TCUPShellExt.dll
2015-12-30 16:34 - 2005-04-22 13:36 - 000143360 _____ () [File not signed] C:\WINDOWS\system32\BrSNMP64.dll
2015-12-30 16:34 - 2012-07-05 20:32 - 000084480 _____ (Brother Industries, Ltd.) [File not signed] C:\WINDOWS\system32\BrNetSti.dll
2015-12-30 16:38 - 2015-08-27 12:37 - 000219136 _____ (Bullzip) [File not signed] C:\Program Files\Common Files\Bullzip\PDF Printer\Ports\BULLZIP\bzpdf.dll
2016-07-08 10:01 - 2016-07-08 10:01 - 000109704 _____ (LENOVO -> ) [File not signed] C:\Program Files (x86)\MagicPlus\crashreport.dll
2016-07-08 10:01 - 2016-07-08 10:01 - 000354440 _____ (LENOVO -> ) [File not signed] C:\Program Files (x86)\MagicPlus\UsbHelper.dll
2016-07-08 10:01 - 2016-07-08 10:01 - 000418952 _____ (LENOVO -> Microsoft Corporation) [File not signed] C:\Program Files (x86)\MagicPlus\MSVCP100.dll
2016-07-08 10:01 - 2016-07-08 10:01 - 000771720 _____ (LENOVO -> Microsoft Corporation) [File not signed] C:\Program Files (x86)\MagicPlus\MSVCR100.dll
2018-07-10 10:27 - 2008-05-22 22:25 - 000043520 ____N (MagicISO, Inc.) [File not signed] C:\Program Files (x86)\MagicISO\misosh64.dll
2018-12-10 10:29 - 2018-12-10 10:29 - 000438272 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] C:\Program Files\PDFsam Enhanced 6\libcurl.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: PDFsam Enhanced 5 Helper -> {00B64D8C-929B-4A37-AAAC-8A545F1E381E} -> C:\Program Files\PDFsam Enhanced 5\creator\plugins\IEAddin\creator-ie-helper.dll [2018-06-27] (SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio)
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-10-26] (Oracle America, Inc. -> Oracle Corporation)
BHO: PDFsam Enhanced 6 Helper -> {861A3991-1B45-4F34-96B4-CE30DD4AB339} -> C:\Program Files\PDFsam Enhanced 6\creator\plugins\IEAddin\creator-ie-helper.dll [2019-10-23] (SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-26] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: PDFsam Enhanced 5 Helper -> {00B64D8C-929B-4A37-AAAC-8A545F1E381E} -> C:\Program Files (x86)\PDFsam Enhanced 5\creator\plugins\IEAddin\creator-ie-helper.dll [2018-06-27] (SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
BHO-x32: PDFsam Enhanced Helper -> {6401BC8F-9AD0-430B-BF2C-2A34B0E98466} -> C:\Program Files (x86)\PDFsam Enhanced\creator-ie-helper.dll [2016-07-06] (ANDREA VACONDIO -> Andrea Vacondio)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-10-26] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: PDFsam Enhanced 6 Helper -> {861A3991-1B45-4F34-96B4-CE30DD4AB339} -> C:\Program Files (x86)\PDFsam Enhanced 6\creator\plugins\IEAddin\creator-ie-helper.dll [2019-10-23] (SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio)
BHO-x32: PDFsam Enhanced 4 Helper -> {952B1B0C-7ABC-49DD-8CC8-A7E73675E4F0} -> C:\Program Files (x86)\PDFsam Enhanced 4\creator-ie-helper.dll [2017-08-02] (ANDREA VACONDIO -> Andrea Vacondio)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-26] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - PDFsam Enhanced 5 Toolbar - {C690FC06-8B1B-4629-9830-89128CDE82CC} - C:\Program Files\PDFsam Enhanced 5\creator\plugins\IEAddin\creator-ie-plugin.dll [2018-06-27] (SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
Toolbar: HKLM - PDFsam Enhanced 6 Toolbar - {6F5E9294-F682-4F06-8DA6-CA13DF1D8B17} - C:\Program Files\PDFsam Enhanced 6\creator\plugins\IEAddin\creator-ie-plugin.dll [2019-10-23] (SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio)
Toolbar: HKLM-x32 - PDFsam Enhanced Toolbar - {AD42CFE2-C0AD-487E-8224-C2AEF09F4CEB} - C:\Program Files (x86)\PDFsam Enhanced\creator-ie-plugin.dll [2016-07-06] (ANDREA VACONDIO -> Andrea Vacondio)
Toolbar: HKLM-x32 - PDFsam Enhanced 4 Toolbar - {C33F5D76-0A77-4A99-8274-54AD52AF7D1B} - C:\Program Files (x86)\PDFsam Enhanced 4\creator-ie-plugin.dll [2017-08-02] (ANDREA VACONDIO -> Andrea Vacondio)
Toolbar: HKLM-x32 - PDFsam Enhanced 5 Toolbar - {C690FC06-8B1B-4629-9830-89128CDE82CC} - C:\Program Files (x86)\PDFsam Enhanced 5\creator\plugins\IEAddin\creator-ie-plugin.dll [2018-06-27] (SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
Toolbar: HKLM-x32 - PDFsam Enhanced 6 Toolbar - {6F5E9294-F682-4F06-8DA6-CA13DF1D8B17} - C:\Program Files (x86)\PDFsam Enhanced 6\creator\plugins\IEAddin\creator-ie-plugin.dll [2019-10-23] (SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 08:24 - 2020-06-21 12:08 - 000000265 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 activate.adobe.com
0.0.0.0 account.zoner.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\PC Connectivity Solution\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Bitvise SSH Client;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Common Files\Borland Shared\BDE
HKU\S-1-5-21-3050821526-3358219123-440924525-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\misak\AppData\Local\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

Network Binding:
=============
Ethernet 2: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "TVR Scheduler.lnk"
HKLM\...\StartupApproved\Run32: => "tsnp325"
HKLM\...\StartupApproved\Run32: => "ControlCenter3"
HKLM\...\StartupApproved\Run32: => "BrMfcWnd"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "AdobeGCInvoker-1.0"
HKU\S-1-5-21-3050821526-3358219123-440924525-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3050821526-3358219123-440924525-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-3050821526-3358219123-440924525-1001\...\StartupApproved\Run: => "Volume2"
HKU\S-1-5-21-3050821526-3358219123-440924525-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3050821526-3358219123-440924525-1001\...\StartupApproved\Run: => "NokiaSuite.exe"
HKU\S-1-5-21-3050821526-3358219123-440924525-1001\...\StartupApproved\Run: => "VirtualDiskAutomount"
HKU\S-1-5-21-3050821526-3358219123-440924525-1001\...\StartupApproved\Run: => "AutoStartNPSAgent"
HKU\S-1-5-21-3050821526-3358219123-440924525-1001\...\StartupApproved\Run: => "Uninstall C:\Users\misak\AppData\Local\Microsoft\OneDrive\17.3.6302.0225"
HKU\S-1-5-21-3050821526-3358219123-440924525-1001\...\StartupApproved\Run: => "Uninstall C:\Users\misak\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"
HKU\S-1-5-21-3050821526-3358219123-440924525-1001\...\StartupApproved\Run: => "Uninstall C:\Users\misak\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"
HKU\S-1-5-21-3050821526-3358219123-440924525-1001\...\StartupApproved\Run: => "Uninstall C:\Users\misak\AppData\Local\Microsoft\OneDrive\17.3.6386.0412"
HKU\S-1-5-21-3050821526-3358219123-440924525-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_F9FFE42676A4922756CFCD598199662C"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{7B9F3F57-917C-40F3-87B8-CDB0E8791D2C}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [TCP Query User{5A42FCEE-C041-4FBA-9421-9E030E82B5A5}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [UDP Query User{BB2FCC34-3C99-4CB6-BF27-15EE4D50D496}C:\program files (x86)\tc up\totalcmd64.exe] => (Allow) C:\program files (x86)\tc up\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [TCP Query User{01A72CF9-0949-4CAC-85EC-50365EC38C6F}C:\program files (x86)\tc up\totalcmd64.exe] => (Allow) C:\program files (x86)\tc up\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{7C2DE93D-3BE6-4B6B-B7FB-3B532F252260}C:\program files (x86)\java\jre1.8.0_151\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_151\bin\java.exe
FirewallRules: [TCP Query User{13138E50-527F-4E40-93EB-48A970450D8E}C:\program files (x86)\java\jre1.8.0_151\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_151\bin\java.exe
FirewallRules: [{3859E0E7-DD6B-4ADF-92E1-573645CE6E5E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{160EF249-194C-4FF1-A05D-7C21FAC8808A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{58E7A335-67F1-4041-825A-8CDB2091C8EC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{BAFE63B4-3EA7-48FF-B8D1-6107A84AC99B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A6483BE3-C777-4934-92C9-13D2152ACCB1}] => (Allow) C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{A4E710EE-57AF-4138-9936-219A9C103CB9}] => (Block) C:\program files (x86)\tc up\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{6F8094B8-97FD-4ED5-91D4-30BBE94CEB3C}] => (Block) C:\program files (x86)\tc up\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{35F6A811-728A-4CCB-9E21-BFEA4DCC6A33}C:\program files (x86)\tc up\totalcmd.exe] => (Allow) C:\program files (x86)\tc up\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [TCP Query User{9CDD9A7A-4ED3-430E-90EC-13E95FACBB88}C:\program files (x86)\tc up\totalcmd.exe] => (Allow) C:\program files (x86)\tc up\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{04600255-2E55-4515-8105-24B3E582AEA8}] => (Allow) LPort=54925
FirewallRules: [{50843913-DA38-4420-97E7-A01EB96E6D57}] => (Allow) C:\Program Files (x86)\Brother\BRAdmin Light\BRAdmLight.exe (Brother Industries, Ltd.) [File not signed]
FirewallRules: [{619D76B6-8D66-4112-933A-DEF81A1FB2B8}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{FDC083ED-27C4-4145-9281-9A70BB8E96DE}C:\users\misak\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\misak\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{08B8210D-58D2-456F-B7F5-99DBEB44E7B0}C:\users\misak\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\misak\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{C37DF2F0-9ECD-47F5-806E-4E603882EA15}] => (Block) C:\users\misak\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{C3F1F966-B4A8-4A48-9A9B-5856138C76DE}] => (Block) C:\users\misak\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{BB473314-9186-41D8-A543-5A4CA71A9F51}C:\program files (x86)\zyxel\nas starter utility\nas starter utility.exe] => (Allow) C:\program files (x86)\zyxel\nas starter utility\nas starter utility.exe () [File not signed]
FirewallRules: [UDP Query User{7659C950-388F-4E69-9CB8-27B75DE131B8}C:\program files (x86)\zyxel\nas starter utility\nas starter utility.exe] => (Allow) C:\program files (x86)\zyxel\nas starter utility\nas starter utility.exe () [File not signed]
FirewallRules: [{15A8BA42-61CA-4018-9C47-95F83AA091B7}] => (Block) C:\program files (x86)\zyxel\nas starter utility\nas starter utility.exe () [File not signed]
FirewallRules: [{5ED1094C-5121-46E9-9F65-BFDB988C1EF7}] => (Block) C:\program files (x86)\zyxel\nas starter utility\nas starter utility.exe () [File not signed]
FirewallRules: [{655599C9-9217-4EBF-A8D5-5680419390F2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A552A52E-F876-4092-8CF7-F5F2CC7766A8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F01AF4F5-EB23-4316-B584-84073A7BB1B9}] => (Allow) LPort=443
FirewallRules: [TCP Query User{C76D698D-E7FE-4896-9D68-8C92C5729596}C:\program files (x86)\dvdfab 10\dvdfab.exe] => (Block) C:\program files (x86)\dvdfab 10\dvdfab.exe (Fengtao Software Inc. -> FengTao Software Inc.)
FirewallRules: [UDP Query User{681278DB-B63B-4CBE-999A-6C88BADB4215}C:\program files (x86)\dvdfab 10\dvdfab.exe] => (Block) C:\program files (x86)\dvdfab 10\dvdfab.exe (Fengtao Software Inc. -> FengTao Software Inc.)
FirewallRules: [{B8F82100-2C83-4926-998A-F6DE19F3565E}] => (Allow) C:\Program Files (x86)\Common Files\Bentley Shared\Dgn Index Service\DgnIndexServer.exe (Bentley Systems Inc.) [File not signed]
FirewallRules: [{58B1EBA0-9B75-4155-8697-99FF00940A29}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{D4FA8636-7790-4FE7-87AA-787BF9482DE6}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [TCP Query User{F4104CF3-AF19-4170-AC76-A044EDCD61C7}C:\program files (x86)\magicplus\magicplus.exe] => (Allow) C:\program files (x86)\magicplus\magicplus.exe (LENOVO -> Lenovo) [File not signed]
FirewallRules: [UDP Query User{028D006C-218B-432E-86BA-C178DF1D6D0F}C:\program files (x86)\magicplus\magicplus.exe] => (Allow) C:\program files (x86)\magicplus\magicplus.exe (LENOVO -> Lenovo) [File not signed]
FirewallRules: [{4F1DC5AD-694E-4977-AF66-E09342635DE5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{ED5B065B-48EE-417E-8ABB-E2F9E802E43C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{FD99C2B5-87B2-40EE-872F-CD4FCE4D7D58}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{30F54854-CF6B-4941-8CB6-EFBDF9F31F3D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{12A76EDA-4F89-4981-A628-8EE029B08E5D}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{6DC3616D-3352-464B-8454-DC8C0DAD2C5A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{A949622E-2BF6-4147-8B4D-8230692075AF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.87.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E7A67498-5B6A-4204-A06F-D1D8A2EE2048}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.87.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A1E7D01C-8BC6-4AE3-9491-DAF99BAAE21B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.87.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1FF98C7A-5689-49E8-9FFD-D6B9D15541C0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.87.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

14-12-2020 15:46:09 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (12/15/2020 09:47:40 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\MagicPlus\MagicPlus.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.1256_none_9e7e379be45e40e2.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.1256_none_e62b6e72f8da69e8.manifest.

Error: (12/15/2020 06:22:57 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (15992,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/15/2020 06:18:03 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\MagicPlus\MagicPlus.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.1256_none_9e7e379be45e40e2.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.1256_none_e62b6e72f8da69e8.manifest.

Error: (12/15/2020 06:16:58 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\MagicPlus\MagicPlus.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.1256_none_9e7e379be45e40e2.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.1256_none_e62b6e72f8da69e8.manifest.

Error: (12/15/2020 06:01:54 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14416,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/15/2020 05:46:51 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7532,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/14/2020 07:06:22 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\MagicPlus\MagicPlus.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.1256_none_9e7e379be45e40e2.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.1256_none_e62b6e72f8da69e8.manifest.

Error: (12/14/2020 06:58:42 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\MagicPlus\MagicPlus.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.1256_none_9e7e379be45e40e2.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.1256_none_e62b6e72f8da69e8.manifest.


System errors:
=============
Error: (12/15/2020 09:15:02 PM) (Source: DCOM) (EventID: 10010) (User: MICHAL-PC)
Description: Server Microsoft.SkypeApp_15.67.87.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/15/2020 08:15:02 PM) (Source: DCOM) (EventID: 10010) (User: MICHAL-PC)
Description: Server Microsoft.SkypeApp_15.67.87.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/15/2020 07:52:30 PM) (Source: DCOM) (EventID: 10010) (User: MICHAL-PC)
Description: Server Microsoft.SkypeApp_15.67.87.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/15/2020 07:14:00 PM) (Source: DCOM) (EventID: 10010) (User: MICHAL-PC)
Description: Server Microsoft.SkypeApp_15.67.87.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/15/2020 06:15:02 PM) (Source: DCOM) (EventID: 10010) (User: MICHAL-PC)
Description: Server Microsoft.SkypeApp_15.67.87.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/15/2020 05:15:02 PM) (Source: DCOM) (EventID: 10010) (User: MICHAL-PC)
Description: Server Microsoft.SkypeApp_15.67.87.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/15/2020 04:15:02 PM) (Source: DCOM) (EventID: 10010) (User: MICHAL-PC)
Description: Server Microsoft.SkypeApp_15.67.87.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/15/2020 03:15:02 PM) (Source: DCOM) (EventID: 10010) (User: MICHAL-PC)
Description: Server Microsoft.SkypeApp_15.67.87.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
===================================
Date: 2020-12-15 17:40:02.524
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {D15FFF00-DD9D-49BF-8CD3-D691ECA1C6F0}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-12-13 04:25:03.401
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {B1606FD3-C745-48BF-8826-4DBB9F74D77A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-12-09 19:38:17.438
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {C116B191-20A8-4303-A7FD-C97C72ADB0CE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-11-26 20:31:19.889
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {65D50A72-E919-46EF-9B5D-6F80BC0AC880}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-11-25 18:32:24.983
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {CB9D8E4B-3E89-43DD-9A8D-146194266F6A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-12-06 17:59:43.599
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.327.1582.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2020-12-06 17:59:43.598
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.327.1582.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2020-12-06 17:59:43.597
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.327.1582.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2020-12-06 17:59:43.344
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.327.1582.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Date: 2020-12-06 17:59:43.343
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.327.1582.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

CodeIntegrity:
===================================

Date: 2020-12-13 13:39:48.351
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-13 11:52:09.963
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-13 11:52:09.930
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-13 11:52:09.899
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-13 11:52:08.759
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-13 11:52:08.724
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-11 00:24:25.162
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-06 15:42:01.457
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 2304 06/04/2015
Motherboard: ASUSTeK COMPUTER INC. H81M-P
Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 79%
Total physical RAM: 3966.05 MB
Available physical RAM: 805.34 MB
Total Virtual: 6910.05 MB
Available Virtual: 2784.06 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:928.41 GB) (Free:570.74 GB) NTFS

\\?\Volume{02d03d3d-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:3.1 GB) (Free:2.64 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 02D03D3D)
Partition 1: (Active) - (Size=3.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=928.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle America, Inc. -> Oracle Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {14C15532-66F6-48CD-AA80-D686E7783D67} - System32\Tasks\GoogleUpdateTaskMachineUA1d57d5c3a8e3610 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-30] (Google Inc -> Google Inc.)
Task: {A9984137-99FA-4674-BBD0-1640975F199B} - System32\Tasks\GoogleUpdateTaskMachineCore1d57d5c3a78c14c => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-30] (Google Inc -> Google Inc.)
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA1d57d5c3a8e3610
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore1d57d5c3a78c14c
C:\Users\misak\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File
ContextMenuHandlers4: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File

EmptyTemp:
Hosts:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 14-12-2020
Ran by misak (19-12-2020 14:00:29) Run:2
Running from C:\Users\misak\Desktop
Loaded Profiles: misak
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle America, Inc. -> Oracle Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {14C15532-66F6-48CD-AA80-D686E7783D67} - System32\Tasks\GoogleUpdateTaskMachineUA1d57d5c3a8e3610 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-30] (Google Inc -> Google Inc.)
Task: {A9984137-99FA-4674-BBD0-1640975F199B} - System32\Tasks\GoogleUpdateTaskMachineCore1d57d5c3a78c14c => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-30] (Google Inc -> Google Inc.)
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA1d57d5c3a8e3610
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore1d57d5c3a78c14c
C:\Users\misak\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File
ContextMenuHandlers4: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => not found
"C:\WINDOWS\system32\GroupPolicy\Machine" => not found
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{14C15532-66F6-48CD-AA80-D686E7783D67}" => not found
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d57d5c3a8e3610" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA1d57d5c3a8e3610" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A9984137-99FA-4674-BBD0-1640975F199B}" => not found
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1d57d5c3a78c14c" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore1d57d5c3a78c14c" => not found
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA1d57d5c3a8e3610" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore1d57d5c3a78c14c" => not found
"C:\Users\misak\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini" => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\UnLockerMenu => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\UnLockerMenu => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\UnLockerMenu => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 21289597 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 3794533 B
Edge => 0 B
Chrome => 9733229 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 7104 B
misak => 97529 B
krcma => 97529 B

RecycleBin => 0 B
EmptyTemp: => 43.2 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 14:00:59 ====

Zkuste to ještě jednou, se stejným fixlistem, ale vypnutým antivirem. Ne vše bylo smazáno.

Fix result of Farbar Recovery Scan Tool (x64) Version: 14-12-2020
Ran by misak (19-12-2020 18:58:00) Run:3
Running from C:\Users\misak\Desktop
Loaded Profiles: misak
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle America, Inc. -> Oracle Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {14C15532-66F6-48CD-AA80-D686E7783D67} - System32\Tasks\GoogleUpdateTaskMachineUA1d57d5c3a8e3610 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-30] (Google Inc -> Google Inc.)
Task: {A9984137-99FA-4674-BBD0-1640975F199B} - System32\Tasks\GoogleUpdateTaskMachineCore1d57d5c3a78c14c => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-30] (Google Inc -> Google Inc.)
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA1d57d5c3a8e3610
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore1d57d5c3a78c14c
C:\Users\misak\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File
ContextMenuHandlers4: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => not found
"C:\WINDOWS\system32\GroupPolicy\Machine" => not found
"C:\ProgramData\NTUSER.pol" => not found
HKLM\SOFTWARE\Policies\Mozilla => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{14C15532-66F6-48CD-AA80-D686E7783D67}" => not found
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d57d5c3a8e3610" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA1d57d5c3a8e3610" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A9984137-99FA-4674-BBD0-1640975F199B}" => not found
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1d57d5c3a78c14c" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore1d57d5c3a78c14c" => not found
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA1d57d5c3a8e3610" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore1d57d5c3a78c14c" => not found
"C:\Users\misak\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini" => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\UnLockerMenu => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\UnLockerMenu => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\UnLockerMenu => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 21318917 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 22010 B
Edge => 0 B
Chrome => 10408981 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 2708 B
misak => 35172 B
krcma => 35172 B

RecycleBin => 0 B
EmptyTemp: => 40.1 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:58:47 ====

OK. Smazáno, log je již OK. Změnilo se něco? AV opět zapněte.

Zapnuto. Já jsem ani předtím nepociťoval nějaké výrazné zpomalení PC. Chtěl jsem ho zkontrolovat na základě telefonátu od poskytovatele připojení.

Jistě. Zkusili jsme smazat vše, co v PC být nemusí. Tím by měl být pryč i původce DDoS útoků (pokud tam byl). A když mám už před sebou log, smažu vše, co tam být nemusí.

Jestli je to vše, tak Vám mockrát děkuji. Jenom ještě dotaz jestli můžu. Nejsem na toto odborník.... Ddos útoky by se mohli konat i přes datové centrum? Je to starší typ Zyxel N320S? Jestli ho mám pro jistotu zformátovat a zatím používat jen na domácí síti, než koupím nový třeba od Synology, kde to mají, podle toho co jsem vyčetl, řešené aplikací, takže uživatele nepotřebuje veřejnou IP.

Teoreticky mohou DDoS útoky probíhat přes jakýkoliv aktivní prvek. Pokud můžete (a útok by se opakoval) zformátujte. Data musíte zazálohovat.

Udělám to. Ještě jednou děkuji a přeji pěkný večer.

Hezký den i vám a nemáte zač!