Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-01-2021
Ran by havra (administrator) on DESKTOP-2OHMFH6 (Dell Inc. G3 3779) (30-01-2021 10:34:01)
Running from C:\Users\havra\Downloads
Loaded Profiles: havra
Platform: Windows 10 Home Version 20H2 19042.746 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell INC.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(IDSA Production signing key 2021 -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(IDSA Production signing key 2021 -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(IDSA Production signing key 2021 -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127005.inf_amd64_753576c4406c1193\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127005.inf_amd64_753576c4406c1193\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127005.inf_amd64_753576c4406c1193\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127005.inf_amd64_753576c4406c1193\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_0c50c5dc47ed0efe\RstMwService.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_3.7.142.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2009.4.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12010.1001.2.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.8043.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.8043.0_x64__8wekyb3d8bbwe\GameBarFT.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.8043.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <10>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_b706d4e32506a94f\Display.NvContainer\NVDisplay.Container.exe <2>
(Opera Software AS -> Opera Software) C:\Users\havra\AppData\Local\Programs\Opera\assistant\browser_assistant.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <3>
(Rivet Networks LLC -> DELL) C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe
(Rivet Networks LLC -> Rivet Networks LLC) C:\Program Files\Rivet Networks\SmartByte\RAPS.exe
(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe
(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
(Rivet Networks LLC -> Rivet Networks, LLC.) C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_ea0ec4bdf897f2a9\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_ea0ec4bdf897f2a9\WavesSysSvc64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320056 2019-08-28] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [834336 2019-02-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_ea0ec4bdf897f2a9\WavesSvc64.exe [1222928 2018-04-30] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7992336 2021-01-25] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [705728 2020-11-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [331040 2020-12-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [286064 2021-01-25] (IDSA Production signing key 2021 -> Intel)
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\havra\AppData\Local\Microsoft\Teams\Update.exe [2339472 2020-05-07] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\Run: [] => [X]
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\Run: [Opera Browser Assistant] => C:\Users\havra\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3154456 2020-11-25] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [4708328 2021-01-15] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
HKLM\...\Windows x64\Print Processors\Canon iP7200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBA.DLL [30208 2012-04-16] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [55432 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\Canon BJ Language Monitor iP7200 series: C:\Windows\system32\CNMLMBA.DLL [389120 2012-04-16] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [359936 2012-06-14] (CANON INC.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.104\Installer\chrmstp.exe [2021-01-23] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {03F455CA-DB34-47DF-8CCB-F018A591C074} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23062920 2021-01-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {0EBF024B-C829-4608-BDC2-792D33552D1D} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {113683D9-9297-4156-8DF5-7A619BD6CC6F} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {1A6545DC-08D1-479C-8482-CF1952AE8498} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-09-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {34A0C1F7-F000-40F9-B221-C805C21BD5F2} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {37A7AA81-8360-4984-AB24-3F6EAED4E25D} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [29934096 2020-12-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {3A5B2645-1E38-403E-8D20-68C43A0A0A70} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3E73DEBB-4F68-4605-99C3-7B630690EAD3} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2021-01-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {4024C783-6370-4761-9010-4C34944A3A92} - System32\Tasks\Opera scheduled assistant Autoupdate 1601063340 => C:\Users\havra\AppData\Local\Programs\Opera\launcher.exe [1583256 2021-01-14] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\havra\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {4FB18B6C-D8E5-46A0-B28E-1A7A2E771CE7} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {50A28E7D-8692-4D6E-997F-52C40AFEE192} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5752B731-7117-44DD-BB24-531AEEEDDADE} - System32\Tasks\Adobe Uninstaller => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410968 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
Task: {5778B5B3-A497-4E27-80A5-72953A752247} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5B7AC550-0C2C-4679-81C0-032FE8CDC77B} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {668B310A-0E47-4A61-9B84-AA9CFDC94A25} - System32\Tasks\TweakBit\Driver Updater\Start Driver Updater оn logon => C:\Program Files (x86)\TweakBit\Driver Updater\DriverUpdater.exe <==== ATTENTION
Task: {6710DC49-4BAE-4925-9082-562BDB2089D4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-26] (Google Inc -> Google Inc.)
Task: {69C77036-2A96-414C-B020-B8048957B88D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-26] (Google Inc -> Google Inc.)
Task: {71A3787B-CEE9-4F0B-886E-477269A719B7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {7BD6625E-053E-4918-A7FB-5944B4D2A595} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8844FBFE-18DB-4365-986B-7581B9C424EE} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-09-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {8922BD8B-A4D5-42A5-A5C2-FF7DE114119C} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {8C25766F-F412-41DA-9C10-09E2767A938F} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {8C6ACEE0-8DA2-4844-A6A1-55A0DEFEE003} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {92E732FE-C535-4B9F-BA00-F25CCF916193} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {947D9F7B-D6E3-4C65-AC7F-39094C783294} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {94CA4961-A252-495A-BF2B-98BBC0D1170F} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {952700EB-1DFA-4487-A272-376FB1E9BE51} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1547160 2021-01-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {98548407-1358-4CD1-8005-45070148A685} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23062920 2021-01-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {98A07132-C915-4B46-9A64-BE1C5DB0B71D} - System32\Tasks\TweakBit\Driver Updater\Start Driver Updater automatic scanning => C:\Program Files (x86)\TweakBit\Driver Updater\DriverUpdater.exe <==== ATTENTION
Task: {9C9EC591-BC4B-4251-9DCC-F26938213013} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {9F090741-E54D-4030-9975-1C88BD2EBB99} - System32\Tasks\SmartByte Telemetry => C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe [95072 2020-08-14] (Rivet Networks LLC -> DELL)
Task: {A1A4AEE7-07BD-42A7-A663-E8669D1766C4} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2649200 2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {AC436E73-FF26-43BE-AAD8-9D20CE6E9BEC} - System32\Tasks\Opera scheduled Autoupdate 1601063328 => C:\Users\havra\AppData\Local\Programs\Opera\launcher.exe [1583256 2021-01-14] (Opera Software AS -> Opera Software)
Task: {AC88252D-6922-4218-9678-6168EAFDF9AD} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {B41D3964-0846-4277-9A22-74C7149F2705} - System32\Tasks\TweakBit\Driver Updater\Time for deal => C:\Program Files (x86)\TweakBit\Driver Updater\DriverUpdater.exe <==== ATTENTION
Task: {B55DD385-0860-49ED-940E-4F6746358E1F} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2021-01-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {B5DB60C3-0F97-41E8-BB18-0D5DEE682E67} - System32\Tasks\Avira_Security_Update => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [233184 2020-12-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {BC203149-3E40-473E-91DA-AB3940E0EFC8} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [677344 2021-01-28] (Mozilla Corporation -> Mozilla Foundation)
Task: {BD36FA78-D46F-489A-B1E2-7178994FABDA} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {C07FFD26-4556-48CD-9932-9AAD19FDCC23} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2302168 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {D3F976F5-48A5-40BB-B8F8-B3FFD528EB39} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-10] (Adobe Inc. -> Adobe)
Task: {D9D77C24-BF4B-4F32-A26F-24CDAD9AE415} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [331040 2020-12-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {E6116DEC-0801-4BAF-B044-B612D8FE1704} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {E7A3FD8C-6D80-43A0-B293-872680FF3BAF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-10] (Adobe Inc. -> Adobe)
Task: {F1507717-0C4E-4038-9E6A-D6E3263756A3} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-havraniveta@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 217.30.64.53 217.30.64.54 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{3f6949a5-7cd0-488b-97c6-e7ca22185103}: [DhcpNameServer] 212.80.66.7 10.0.0.2 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{71a4fd38-48ec-4a85-acae-fcdc5bd5ff02}: [DhcpNameServer] 217.30.64.53 217.30.64.54 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{a599493c-d9be-4c72-a21f-e249e5e7d470}: [DhcpNameServer] 8.8.8.8 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\havra\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-30]
FireFox:
========
FF DefaultProfile: 0gut8d9h.default
FF ProfilePath: C:\Users\havra\AppData\Roaming\Mozilla\Firefox\Profiles\0gut8d9h.default [2021-01-30]
FF Session Restore: Mozilla\Firefox\Profiles\0gut8d9h.default -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\0gut8d9h.default -> hxxps://postovnezdarma.cz; hxxps://paleosnadno.cz; hxxps://teams.microsoft.com; hxxps://www.slevomat.cz
FF Extension: (To Google Translate) - C:\Users\havra\AppData\Roaming\Mozilla\Firefox\Profiles\0gut8d9h.default\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2020-11-11]
FF Extension: (VratnePenize.cz Připomínáček) - C:\Users\havra\AppData\Roaming\Mozilla\Firefox\Profiles\0gut8d9h.default\Extensions\toolbar@vratnepenize.cz.xpi [2020-05-23]
FF Extension: (Music Search) - C:\Users\havra\AppData\Roaming\Mozilla\Firefox\Profiles\0gut8d9h.default\Extensions\{43d20840-2895-4866-9d79-4f6f2ea537f7}.xpi [2019-07-10] [UpdateUrl:hxxps://addons.gettheresult.net/msff/updates.json]
FF Extension: (WA Web Plus for WhatsApp™) - C:\Users\havra\AppData\Roaming\Mozilla\Firefox\Profiles\0gut8d9h.default\Extensions\{e5b78745-5fde-4ebf-b8c7-465120c9dfe4}.xpi [2020-06-18]
FF Extension: (No Name) - C:\Users\havra\AppData\Roaming\Mozilla\Firefox\Profiles\0gut8d9h.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2017-11-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-10] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-10] (Adobe Inc. -> )
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2017-10-17] (CANON INC.) [File not signed]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\S-1-5-21-3433778575-2911662788-3899533387-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\havra\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-19] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
Chrome:
=======
CHR Profile: C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default [2021-01-28]
CHR Extension: (Prezentace) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-11-26]
CHR Extension: (Dokumenty) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-11-26]
CHR Extension: (Disk Google) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-28]
CHR Extension: (YouTube) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-11-26]
CHR Extension: (Avira Password Manager) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2021-01-28]
CHR Extension: (Adobe Acrobat) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-01-28]
CHR Extension: (Tabulky) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-11-26]
CHR Extension: (Avira Browser Safety) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2021-01-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-01-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-10-11]
CHR Extension: (Gmail) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-28]
CHR Extension: (Chrome Media Router) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-28]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-11-01]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
Opera:
=======
OPR Profile: C:\Users\havra\AppData\Roaming\Opera Software\Opera Stable [2021-01-30]
OPR Extension: (Avira Safe Shopping) - C:\Users\havra\AppData\Roaming\Opera Software\Opera Stable\Extensions\dalelnnofafalcmkmnhdbigbjjkloabo [2020-09-25]
OPR Extension: (Avira Password Manager) - C:\Users\havra\AppData\Roaming\Opera Software\Opera Stable\Extensions\ngohaaocccbohaffogpbgfpmpgbcgccg [2020-09-25]
OPR Extension: (Free Avira Phantom VPN – Unblock Websites) - C:\Users\havra\AppData\Roaming\Opera Software\Opera Stable\Extensions\pcgkmkjdikhiodinhloioejnpjgmfigd [2020-09-25]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-10] (Adobe Inc. -> Adobe)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1205960 2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [537472 2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [483432 2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [483432 2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [573960 2021-01-14] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [636592 2020-11-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2988544 2020-06-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [384360 2020-12-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [244888 2020-12-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [161072 2020-12-16] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8960384 2021-01-19] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-09-06] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-09-06] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44064 2021-01-25] (Dropbox, Inc -> Dropbox, Inc.)
S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [315008 2020-08-18] (Dell Inc -> Dell Inc.)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [19128 2020-12-25] (Dell Inc -> Dell INC.)
S3 Dell.CommandPowerManager.Service; C:\WINDOWS\system32\dllhost.exe /Processid:{FB532BEF-8DC0-4B53-BCCC-887E4E733C3C} [21312 2020-11-06] (Microsoft Windows -> Microsoft Corporation)
S3 Dell.CommandPowerManager.Service; C:\WINDOWS\system32\dllhost.exe /Processid:{FB532BEF-8DC0-4B53-BCCC-887E4E733C3C} [21312 2020-11-06] (Microsoft Windows -> Microsoft Corporation)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38592 2020-10-29] (Dell Inc -> )
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [958216 2021-01-30] (McAfee, LLC -> McAfee, LLC)
R2 RAPSService; C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe [64848 2020-08-14] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [64856 2020-08-14] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 SmartByte Analytics Service; C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe [1630576 2020-08-14] (Rivet Networks LLC -> Rivet Networks)
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2385256 2020-08-14] (Rivet Networks LLC -> Rivet Networks)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvdmi.inf_amd64_b706d4e32506a94f\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvdmi.inf_amd64_b706d4e32506a94f\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [78936 2019-06-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22336 2019-02-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [207424 2020-11-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [199752 2020-05-06] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [89736 2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [45472 2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R3 DBUtilDrv2; C:\WINDOWS\System32\drivers\DBUtilDrv2.sys [24952 2021-01-10] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [36400 2018-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation)
R3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2020-03-18] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
R3 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [164424 2020-08-14] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [25608 2020-10-08] (AVG Technologies CZ, s.r.o. -> SlimWare Utilities, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 NVHDA; \SystemRoot\system32\drivers\nvhda64v.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
Error Reading file: "C:\Users\havra\Downloads\messengerfordesktop-setup_4012180854.VIR"
Error Reading file: "C:\Users\havra\Downloads\messengerfordesktop-setup_1927565094.VIR"
Error Reading file: "C:\Users\havra\Downloads\messengerfordesktop-setup_0754641704.VIR"
2021-01-30 10:34 - 2021-01-30 10:35 - 000039257 _____ C:\Users\havra\Downloads\FRST.txt
2021-01-30 10:33 - 2021-01-30 10:34 - 000000000 ____D C:\FRST
2021-01-30 10:33 - 2021-01-30 10:33 - 002297856 _____ (Farbar) C:\Users\havra\Downloads\FRST64.exe
2021-01-30 10:32 - 2021-01-30 10:32 - 001989632 _____ (Farbar) C:\Users\havra\Downloads\FRST.exe
2021-01-28 22:56 - 2021-01-28 22:56 - 000001540 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2021-01-28 22:07 - 2021-01-28 22:07 - 001798297 _____ C:\Users\havra\Desktop\fd.pdf
2021-01-28 22:04 - 2021-01-28 22:04 - 000327832 _____ C:\Users\havra\Desktop\david_franc.tif
2021-01-28 21:09 - 2021-01-28 21:09 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-01-28 21:08 - 2021-01-28 21:08 - 000000000 ____D C:\WINDOWS\Panther
2021-01-28 21:04 - 2021-01-28 21:04 - 000001108 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eM Client.lnk
2021-01-28 20:57 - 2021-01-28 22:46 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-01-27 19:40 - 2021-01-27 19:40 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2021-01-27 19:38 - 2021-01-23 09:15 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-01-27 19:38 - 2021-01-23 09:15 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-01-27 19:38 - 2021-01-23 09:14 - 001855192 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-01-27 19:38 - 2021-01-23 09:14 - 001855192 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-01-27 19:38 - 2021-01-23 09:14 - 001453728 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-01-27 19:38 - 2021-01-23 09:14 - 001193120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-01-27 19:38 - 2021-01-23 09:14 - 001094880 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-01-27 19:38 - 2021-01-23 09:14 - 001094880 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-01-27 19:38 - 2021-01-23 09:14 - 000948952 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-01-27 19:38 - 2021-01-23 09:14 - 000948952 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-01-27 19:38 - 2021-01-23 09:12 - 001512096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-01-27 19:38 - 2021-01-23 09:12 - 001164960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-01-27 19:38 - 2021-01-23 09:12 - 000689312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-01-27 19:38 - 2021-01-23 09:12 - 000680096 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-01-27 19:38 - 2021-01-23 09:12 - 000672928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-01-27 19:38 - 2021-01-23 09:12 - 000613536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-01-27 19:38 - 2021-01-23 09:12 - 000558240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-01-27 19:38 - 2021-01-23 09:12 - 000547488 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-01-27 19:38 - 2021-01-23 09:11 - 008262304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-01-27 19:38 - 2021-01-23 09:11 - 007392928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-01-27 19:38 - 2021-01-23 09:11 - 004611744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-01-27 19:38 - 2021-01-23 09:11 - 002731168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-01-27 19:38 - 2021-01-23 09:11 - 002103456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-01-27 19:38 - 2021-01-23 09:11 - 001589408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-01-27 19:38 - 2021-01-23 09:11 - 000813216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-01-27 19:38 - 2021-01-23 09:11 - 000657056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-01-27 19:38 - 2021-01-23 09:11 - 000446624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-01-27 19:38 - 2021-01-23 09:10 - 007116680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-01-27 19:38 - 2021-01-23 09:10 - 006070848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-01-27 19:38 - 2021-01-23 09:10 - 000850080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-01-27 19:38 - 2021-01-22 23:59 - 000084264 _____ C:\WINDOWS\system32\nvinfo.pb
2021-01-27 19:34 - 2021-01-27 19:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2021-01-25 21:28 - 2021-01-25 21:28 - 118444029 _____ C:\Users\havra\Downloads\DaVinci_Resolve_16_Reference_Manual.pdf
2021-01-25 21:26 - 2021-01-25 21:44 - 2441458126 _____ C:\Users\havra\Downloads\DaVinci_Resolve_17.0b7_Windows(1).zip
2021-01-25 21:02 - 2021-01-25 21:02 - 001116061 _____ C:\Users\havra\Desktop\david_franc.pdf
2021-01-25 17:12 - 2021-01-25 17:12 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2021-01-25 17:12 - 2021-01-25 17:12 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2021-01-25 17:12 - 2021-01-25 17:12 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2021-01-25 17:12 - 2021-01-25 17:12 - 000044064 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2021-01-24 13:06 - 2021-01-24 13:06 - 003048577 _____ C:\Users\havra\Downloads\vecteezy_abstract-watercolor-stroke-design-background_254909.zip
2021-01-24 12:56 - 2021-01-24 12:57 - 060442988 _____ C:\Users\havra\Downloads\Archivar.zip
2021-01-24 12:46 - 2021-01-24 12:46 - 012549894 _____ C:\Users\havra\Downloads\vecteezy_watercolor-flower-frame-background-with-text-space-vector-illustration_563617.zip
2021-01-24 12:46 - 2021-01-24 12:46 - 010779160 _____ C:\Users\havra\Downloads\vecteezy_watercolor-flower-background-illustration-with-text-space-isolated-on-a-white-background-vector-illustration_564125.zip
2021-01-24 12:43 - 2021-01-24 12:43 - 037897324 _____ C:\Users\havra\Downloads\vecteezy_watercolor-pink-floral-card-floral-frame-watercolor-background-with-flowers_146553.zip
2021-01-24 12:42 - 2021-01-24 12:42 - 053215250 _____ C:\Users\havra\Downloads\09.zip
2021-01-24 12:41 - 2021-01-24 12:41 - 019220157 _____ C:\Users\havra\Downloads\vecteezy_save-the-date-watercolor-card-watercolor-floral-card-save-the-date-illustration-with-blue-watercolor-flowers-wedding-painted-card_146556.zip
2021-01-24 12:41 - 2021-01-24 12:41 - 015816158 _____ C:\Users\havra\Downloads\vecteezy_vintage-watercolor-floral-card-watercolor-flowers-on-vintage-background-flowers-watercolor-illustration_146555.zip
2021-01-24 12:18 - 2021-01-24 12:18 - 034939012 _____ C:\Users\havra\Downloads\mega_pack_flowers_by_ikoci_dcdaxux.zip
2021-01-23 17:49 - 2021-01-23 17:49 - 000000000 ____D C:\Users\havra\AppData\Local\M-Photo_Ltd
2021-01-23 17:35 - 2021-01-23 17:35 - 031558304 _____ (CDSM ) C:\Users\havra\Downloads\designer_cdsm_skn-32_210x148_2021_win_cz.exe
2021-01-23 17:32 - 2021-01-23 17:32 - 000000000 ____D C:\ProgramData\M-Photo
2021-01-23 17:31 - 2021-01-23 20:26 - 000000000 ____D C:\CDSM
2021-01-23 17:31 - 2021-01-23 17:31 - 015284974 _____ C:\WINDOWS\SysWOW64\CDSM_CDSM Designer_uninstaller.exe
2021-01-23 17:31 - 2021-01-23 17:31 - 000002317 _____ C:\Users\Public\Desktop\CDSM Designer.lnk
2021-01-23 17:31 - 2021-01-23 17:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDSM
2021-01-23 17:31 - 2021-01-23 17:31 - 000000000 ____D C:\Program Files (x86)\CDSM
2021-01-23 17:19 - 2021-01-23 17:25 - 932341237 _____ C:\Users\havra\Downloads\CDSM_Designer_setup_7.1.7.1.exe
2021-01-20 22:58 - 2021-01-20 22:58 - 000000000 ____D C:\Users\havra\AppData\Local\EopAuthApp
2021-01-20 22:57 - 2021-01-20 22:57 - 000002158 _____ C:\Users\Public\Desktop\eObčanka - Správce karty.lnk
2021-01-20 22:57 - 2021-01-20 22:57 - 000002153 _____ C:\Users\Public\Desktop\eObčanka - identifikace.lnk
2021-01-20 22:57 - 2021-01-20 22:57 - 000000000 ____D C:\Program Files\eObcanka
2021-01-20 22:52 - 2021-01-20 22:52 - 017093800 _____ C:\Users\havra\Downloads\eObcanka_x64.exe
2021-01-19 18:40 - 2021-01-19 18:40 - 000000000 ____D C:\ProgramData\Intel Package Cache {1CEAC85D-2590-4760-800F-8DE5E91F3700}
2021-01-19 18:39 - 2021-01-19 18:39 - 000004206 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1601063328
2021-01-19 18:39 - 2021-01-19 18:39 - 000001395 _____ C:\Users\havra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2021-01-16 23:03 - 2021-01-16 23:33 - 2967829919 _____ C:\Users\havra\Downloads\sarlatan fullhd 2020.mp4
2021-01-15 22:45 - 2021-01-15 22:45 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-15 22:45 - 2021-01-15 22:45 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-15 22:45 - 2021-01-15 22:45 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-15 22:45 - 2021-01-15 22:45 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-15 22:45 - 2021-01-15 22:45 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-15 22:45 - 2021-01-15 22:45 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-15 22:45 - 2021-01-15 22:45 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-15 22:45 - 2021-01-15 22:45 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-15 22:45 - 2021-01-15 22:45 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-15 22:45 - 2021-01-15 22:45 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-15 22:45 - 2021-01-15 22:45 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-15 22:45 - 2021-01-15 22:45 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-15 22:45 - 2021-01-15 22:45 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-15 22:45 - 2021-01-15 22:45 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-15 22:45 - 2021-01-15 22:45 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-15 22:45 - 2021-01-15 22:45 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-15 22:45 - 2021-01-15 22:45 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-15 22:45 - 2021-01-15 22:45 - 000010894 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-01-15 22:44 - 2021-01-15 22:44 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-15 22:44 - 2021-01-15 22:44 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-15 22:44 - 2021-01-15 22:44 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-01-15 22:44 - 2021-01-15 22:44 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-15 22:44 - 2021-01-15 22:44 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-01-15 22:44 - 2021-01-15 22:44 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-15 22:44 - 2021-01-15 22:44 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-15 22:44 - 2021-01-15 22:44 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-15 22:44 - 2021-01-15 22:44 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-15 22:44 - 2021-01-15 22:44 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-15 22:44 - 2021-01-15 22:44 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-15 22:44 - 2021-01-15 22:44 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-15 22:44 - 2021-01-15 22:44 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-15 22:44 - 2021-01-15 22:44 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-01-15 22:43 - 2021-01-15 22:43 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-15 22:43 - 2021-01-15 22:43 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-01-15 22:43 - 2021-01-15 22:43 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-15 22:43 - 2021-01-15 22:43 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-01-15 22:43 - 2021-01-15 22:43 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-15 22:43 - 2021-01-15 22:43 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-15 22:43 - 2021-01-15 22:43 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-15 22:43 - 2021-01-15 22:43 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-10 18:40 - 2021-01-10 18:40 - 000003072 _____ C:\Users\havra\AppData\Roaming\MCLAB Prefsv3
2021-01-10 14:51 - 2021-01-10 14:51 - 000024952 _____ C:\WINDOWS\system32\Drivers\DBUtilDrv2.sys
2021-01-10 11:43 - 2021-01-10 11:43 - 000001904 _____ C:\Users\Public\Desktop\MCLAB.lnk
2021-01-10 11:43 - 2021-01-10 11:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCLAB
2021-01-10 11:41 - 2021-01-10 12:05 - 000000000 ____D C:\Program Files (x86)\MCLAB
2021-01-10 11:28 - 2021-01-10 11:38 - 1212398897 _____ C:\Users\havra\Downloads\MCLAB(1).exe
2020-12-31 20:32 - 2020-12-31 20:32 - 000237517 _____ C:\Users\havra\Desktop\vstupenky-6134947.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-01-30 10:21 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-30 10:12 - 2019-02-07 20:19 - 000000000 ____D C:\ProgramData\Mozilla
2021-01-30 10:11 - 2018-09-06 12:56 - 000000000 ____D C:\Users\havra\AppData\LocalLow\Mozilla
2021-01-30 10:08 - 2019-10-25 21:19 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-01-30 10:05 - 2020-10-10 12:28 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-30 10:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Registration
2021-01-28 23:02 - 2018-06-26 07:10 - 000000000 ____D C:\ProgramData\NVIDIA
2021-01-28 23:00 - 2019-02-09 13:09 - 000000000 ____D C:\Users\Public\Speedup Sessions
2021-01-28 23:00 - 2018-09-06 12:45 - 000000000 __SHD C:\Users\havra\IntelGraphicsProfiles
2021-01-28 22:56 - 2018-06-26 07:09 - 000000000 ____D C:\Program Files (x86)\Intel
2021-01-28 22:56 - 2018-06-26 07:08 - 000000000 ____D C:\ProgramData\Package Cache
2021-01-28 22:54 - 2020-10-10 12:31 - 001693410 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-28 22:54 - 2019-12-07 15:41 - 000719302 _____ C:\WINDOWS\system32\perfh005.dat
2021-01-28 22:54 - 2019-12-07 15:41 - 000145428 _____ C:\WINDOWS\system32\perfc005.dat
2021-01-28 22:54 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-01-28 22:54 - 2018-09-19 21:56 - 000000000 ____D C:\Users\havra\AppData\Roaming\eM Client
2021-01-28 22:46 - 2020-10-10 12:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-28 22:46 - 2020-10-10 12:28 - 000008192 ___SH C:\DumpStack.log.tmp
2021-01-28 22:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-01-28 22:46 - 2018-09-06 12:56 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-01-28 22:45 - 2018-09-06 12:42 - 000000000 ____D C:\ProgramData\Goodix
2021-01-28 21:09 - 2018-09-06 12:56 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-01-28 21:08 - 2020-10-10 12:30 - 000000000 ____D C:\Users\havra
2021-01-28 21:04 - 2018-09-19 21:56 - 000000000 ____D C:\Program Files (x86)\eM Client
2021-01-28 20:55 - 2020-06-05 19:24 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-28 20:55 - 2020-06-05 19:24 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-01-28 20:55 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-28 20:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-28 20:55 - 2018-09-07 10:37 - 000000000 ____D C:\Users\havra\AppData\Local\NVIDIA
2021-01-27 22:59 - 2018-09-06 13:22 - 000000000 ____D C:\Users\havra\AppData\Roaming\WhatsApp
2021-01-27 19:35 - 2018-09-06 12:51 - 000000000 ____D C:\Program Files (x86)\Dropbox
2021-01-25 22:55 - 2018-09-06 12:45 - 000000000 ____D C:\Users\havra\AppData\Local\Packages
2021-01-25 22:08 - 2018-11-27 23:53 - 000000000 ____D C:\Program Files\Microsoft Office
2021-01-25 16:44 - 2018-10-11 14:14 - 000000000 ____D C:\Users\havra\AppData\Local\D3DSCache
2021-01-24 12:29 - 2019-01-12 23:08 - 000000000 ____D C:\Users\havra\Downloads\santoro
2021-01-23 17:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-01-23 17:51 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-01-23 17:51 - 2018-09-06 12:51 - 000000938 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2021-01-23 17:51 - 2018-09-06 12:51 - 000000934 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2021-01-23 16:15 - 2018-10-16 20:35 - 000001480 _____ C:\Users\havra\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2021-01-23 16:08 - 2020-10-10 12:35 - 000003998 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2021-01-23 16:08 - 2020-10-10 12:35 - 000003766 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2021-01-23 16:08 - 2018-11-26 14:55 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-20 23:05 - 2018-09-06 13:12 - 000000000 ____D C:\Users\havra\AppData\Local\CrashDumps
2021-01-20 22:06 - 2019-06-20 20:31 - 000000000 ____D C:\Users\havra\AppData\Local\WhatsApp
2021-01-20 22:05 - 2018-09-06 13:21 - 000000000 ____D C:\Users\havra\AppData\Local\SquirrelTemp
2021-01-20 18:33 - 2020-10-10 12:35 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-01-20 18:33 - 2020-10-10 12:35 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-01-19 23:10 - 2019-07-03 22:40 - 000000000 ____D C:\Users\havra\Desktop\POSLAT FOTO
2021-01-19 22:52 - 2018-09-19 21:56 - 000000000 ____D C:\Users\havra\AppData\Local\eM Client
2021-01-19 18:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-01-16 22:57 - 2018-09-06 13:03 - 000000000 ____D C:\Users\havra\AppData\Local\PlaceholderTileLogoFolder
2021-01-15 23:48 - 2020-10-10 12:28 - 000630624 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-15 23:47 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-15 23:47 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-15 22:47 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-01-15 22:43 - 2020-10-10 12:31 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-01-15 22:37 - 2018-09-06 12:39 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-01-15 22:35 - 2018-09-06 12:39 - 135062968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-01-13 21:54 - 2020-09-16 22:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-01-10 17:27 - 2018-12-08 14:52 - 000000000 ____D C:\Users\havra\Documents\MCLAB Projects
2021-01-10 11:21 - 2018-09-08 16:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2021-01-09 16:46 - 2018-09-08 16:39 - 000001284 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2021-01-09 16:16 - 2020-11-29 11:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2021-01-09 16:16 - 2018-09-06 13:07 - 000000000 ____D C:\Users\Public\PrivacyPal Sessions
2021-01-02 10:32 - 2018-06-26 07:08 - 000000000 ____D C:\Program Files\Intel
2021-01-02 10:31 - 2020-10-10 12:35 - 000003718 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update
2020-12-31 20:06 - 2020-10-10 12:35 - 000003790 _____ C:\WINDOWS\system32\Tasks\AviraSystemSpeedupUpdate
==================== Files in the root of some directories ========
2018-11-01 09:30 - 2018-11-01 09:30 - 000000033 _____ () C:\Users\havra\AppData\Roaming\AdobeWLCMCache.dat
2021-01-10 18:40 - 2021-01-10 18:40 - 000003072 _____ () C:\Users\havra\AppData\Roaming\MCLAB Prefsv3
2018-10-16 20:35 - 2021-01-23 16:15 - 000001480 _____ () C:\Users\havra\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2018-09-29 23:18 - 2018-09-29 23:18 - 000000000 _____ () C:\Users\havra\AppData\Local\oobelibMkey.log
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-01-2021
Ran by havra (30-01-2021 10:40:08)
Running from C:\Users\havra\Downloads
Windows 10 Home Version 20H2 19042.746 (X64) (2020-10-10 11:35:51)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3433778575-2911662788-3899533387-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3433778575-2911662788-3899533387-503 - Limited - Disabled)
Guest (S-1-5-21-3433778575-2911662788-3899533387-501 - Limited - Disabled)
havra (S-1-5-21-3433778575-2911662788-3899533387-1001 - Administrator - Enabled) => C:\Users\havra
WDAGUtilityAccount (S-1-5-21-3433778575-2911662788-3899533387-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {88AE6B46-DC3C-455A-A21B-085F285A3546}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.23 - Adobe Systems)
Adobe After Effects CC 2018 (HKLM\...\{8ADE49BB-209D-4F01-9B3B-A51F0D8CE9E1}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe After Effects CC 2018 (HKLM-x32\...\AEFT_15_0_0) (Version: 15.0.0 - Adobe Systems Incorporated)
Adobe Ai (HKLM\...\{A6D98A72-324F-4F31-BC36-5118A8EAECDD}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.7.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
Adobe Illustrator CC 2018 (HKLM-x32\...\ILST_22_0_1) (Version: 22.0.1 - Adobe Systems Incorporated)
Adobe Indes (HKLM\...\{CA2E76F3-BB69-486A-88D2-A3D387B69484}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe InDesign CC 2018 (HKLM-x32\...\IDSN_13_0_1) (Version: 13.0.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_1_6) (Version: 19.1.6 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2018 (HKLM\...\{7DC3F900-68E5-40F1-869D-9D20A69D8A1D}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CC 2018 (HKLM-x32\...\PPRO_12_0_0) (Version: 12.0.0 - Adobe Systems Incorporated)
Aktualizace NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{77a9e051-78e4-40ba-8659-8162beadb3fa}) (Version: 20.70.0 - Intel Corporation)
Audiolibrix Manager 2.1.0 (HKLM\...\d2402422-088d-502c-a1d4-8e2ce36e8ce5) (Version: 2.1.0 - Audiolibrix)
Avira (HKLM-x32\...\{161e6084-b0f5-43e8-86d8-09eda5c0893d}) (Version: 1.2.153.30452 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{426D1710-5DFD-45E9-B11D-464792C5AD35}) (Version: 1.2.153.30452 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{fe9700ea-db9c-48bd-9561-b7d053321d04}) (Version: 1.2.152.1479 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2101.2069 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.37.1.24458 - Avira Operations GmbH & Co. KG) Hidden
Avira Privacy Pal (HKLM-x32\...\{F2BC8305-DFBE-4C02-A906-9BBD8EE299A3}_is1) (Version: 2.4.0.1962 - Avira Operations GmbH & Co. KG)
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.0.42.14101 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version: - Avira Operations GmbH & Co. KG;)
Avira Software Updater (HKLM-x32\...\{9F45C615-6D95-47B5-BB0C-D78F6D15DE21}) (Version: 2.0.6.42639 - Avira Operations GmbH & Co. KG) Hidden
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.9.0.11050 - Avira Operations GmbH & Co. KG) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Canon Easy-PhotoPrint Editor (HKLM-x32\...\Canon Easy-PhotoPrint Editor) (Version: 1.4.0 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon iP7200 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP7200_series) (Version: - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
CDSM Designer (HKLM-x32\...\CDSM_CDSM Designer) (Version: - )
Dell Digital Delivery (HKLM-x32\...\{A9758B6E-19FC-4DB4-A031-AFE6C2327A35}) (Version: 3.5.1004.0 - Dell Products, LP)
Dell Mobile Connect Drivers (HKLM\...\{AAB336F0-6FC6-4BFE-AD7E-315FCDF20156}) (Version: 1.1.3750 - Screenovate Technologies Ltd.)
Dell Power Manager Service (HKLM\...\{18469ED8-8C36-4CF7-BD43-0FC9B1931AF8}) (Version: 3.7.0 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{69BD2675-5E9B-440E-ADEE-3AEA812D6900}) (Version: 5.3.1.13866 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{85538c44-3493-4bf6-8d8b-aa13aee53222}) (Version: 5.3.1.13866 - Dell Inc.)
Dell Update - SupportAssist Update Plugin (HKLM\...\{3C4F6923-3BE1-4E6C-8DEE-9EEF1E433795}) (Version: 5.2.1.12926 - Dell Inc.) Hidden
Dell Update - SupportAssist Update Plugin (HKLM-x32\...\{8d32f870-d6fd-4420-b5cb-c29ac65f628d}) (Version: 5.2.1.12926 - Dell Inc.)
Dell Update (HKLM-x32\...\{944FB5B0-9588-45FD-ABE8-73FC879801ED}) (Version: 4.0.0 - Dell Inc.)
Documentation Manager (HKLM\...\{EC7D2299-EAEC-498A-947B-ADC4495AA6D6}) (Version: 22.20.0.6 - Intel Corporation) Hidden
Driver Easy verze 1.5 (HKLM-x32\...\Driver Easy_is1) (Version: 1.5 - )
Dropbox (HKLM-x32\...\Dropbox) (Version: 114.4.426 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.415.1 - Dropbox, Inc.) Hidden
DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 2.0.6875.402 - PC-Doctor, Inc.) Hidden
eM Client (HKLM-x32\...\{D1A4EE66-AD4A-4EBB-91B2-19B5BCEB82B1}) (Version: 8.1.1054.0 - eM Client Inc.)
eObčanka (HKLM\...\{B60846B5-C015-4BCA-AED5-61A696B16159}) (Version: 3.1.3.21015 - MONET+, a.s. pro Ministerstvo vnitra České republiky)
FormatFactory 4.3.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.3.0.0 - Free Time)
Goodix Fingerprint Driver (HKLM\...\{60FAB781-18F2-4D2B-A8E7-B3AADD327955}_is1) (Version: 1.0.33.800 - Goodix, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.104 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Intel Driver && Support Assistant (HKLM-x32\...\{F0E9774D-C5A1-4C83-89F9-191E1334D476}) (Version: 21.1.5.2 - Intel) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{D40D4164-EEDB-4F0F-85C6-2058A9E34CC7}) (Version: 2.4.04370 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.4.10501.6067 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2014.14.0.1540 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.4973 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.7.0.1006 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1727.1 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.60.155.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{047f2156-ee7f-4a24-b3c2-c0c5c2c81557}) (Version: 1.60.155.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000020-0220-1029-84C8-B8D95FA3C8C3}) (Version: 22.20.0.3 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{beabe998-b0dd-460a-82c3-f48ff70bca66}) (Version: 21.1.5.2 - Intel)
Intel® Chipset Device Software (HKLM-x32\...\{55d73ea7-6354-42db-8831-02d048ae57f8}) (Version: 10.1.17541.8066 - Intel(R) Corporation) Hidden
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{7EBADAB6-B7AC-4560-85A7-FF345559F193}) (Version: 17.2.6.1027 - Intel Corporation)
Intel® Software Installer (HKLM-x32\...\{4a50fa17-2911-43ed-a2a1-d3a34411e2bb}) (Version: 21.110.2.1 - Intel Corporation) Hidden
Intel® Software Installer (HKLM-x32\...\{76cc8e2a-8308-43d3-a3c3-423d2a1ca435}) (Version: 22.20.0.6 - Intel Corporation) Hidden
jwDuplFiles 2.0 (HKLM-x32\...\jwDuplFiles_is1) (Version: - jw)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.2.15 - PandoraTV)
LibreOffice 6.4.2.2 (HKLM\...\{366B3DEE-791D-4044-AC14-4FE2265754BA}) (Version: 6.4.2.2 - The Document Foundation)
MCLAB (HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\MCLAB) (Version: MCLAB 2019.3.0 - Computer MCL Brno, spol. s.r.o.)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.13530.20440 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.53 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.71 - )
Microsoft OneDrive (HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\Teams) (Version: 1.3.00.12058 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{97238E8A-4919-4A1E-965A-C6C36938F4CE}) (Version: 2.68.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{2749c485-3a8b-4533-92ff-7cf6e8221cff}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Mozilla Firefox 85.0 (x64 cs) (HKLM\...\Mozilla Firefox 85.0 (x64 cs)) (Version: 85.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0.1 - Mozilla)
Mozilla Thunderbird 60.9.1 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 60.9.1 (x86 cs)) (Version: 60.9.1 - Mozilla)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.1 - Nikon)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 461.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.40 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.20.0221 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.20.0221 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13530.20440 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13530.20440 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13530.20440 - Microsoft Corporation) Hidden
Opera Stable 73.0.3856.344 (HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\Opera 73.0.3856.344) (Version: 73.0.3856.344 - Opera Software)
PicosmosTools 2.0.0.0 (HKLM-x32\...\PicosmosTools) (Version: 2.0.0.0 - Free Time)
Product Key Recovery (HKLM-x32\...\Product Key Recovery) (Version: - SmartKey, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.18362.31252 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8443 - Realtek Semiconductor Corp.)
Seznam Software (HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\SeznamInstall) (Version: 2.1.32 - Seznam.cz)
SmartByte Drivers and Services (HKLM\...\{9668B1BB-D0FE-4C0C-800C-B1555E069A62}) (Version: 3.1.940 - Název společnosti:)
Thunderbolt™ Software (HKLM-x32\...\{30F0067F-DD79-431B-BA5F-6CB4897785A5}) (Version: 17.4.79.510 - Intel Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Viber (HKLM-x32\...\{42C4FDB0-2783-46D1-8160-9C6A353E05CC}) (Version: 9.6.0.12 - Viber Media Inc.) Hidden
Viber (HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\{984742de-418e-4f95-ac61-487a3cee7822}) (Version: 9.6.0.12 - Viber Media Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-4) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.191 - McAfee, LLC)
WhatsApp (HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\WhatsApp) (Version: 2.2100.7 - WhatsApp)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.60 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)
YouTubePlayer version 1.4 (HKLM-x32\...\{719F8D15-70B1-4AFA-A611-3EE118499D9F}_is1) (Version: 1.4 - YouTubePlayer)
Zoom (HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.)
Packages:
=========
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_2.9.0.1_neutral__6e5tt8cgb93ep [2021-01-16] (Canon Inc.)
Dell Customer Connect -> C:\Program Files\WindowsApps\DellInc.DellCustomerConnect_5.2.45.0_x64__htrsf667h5kn2 [2020-07-28] (Dell Inc)
Dell Mobile Connect -> C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.1.9518.0_x64__0vhbc3ng4wbp0 [2020-07-18] (Screenovate Technologies) [Startup Task]
Dell Power Manager -> C:\Program Files\WindowsApps\DellInc.DellPowerManager_3.7.10.0_x64__htrsf667h5kn2 [2020-10-10] (Dell Inc)
Dell Product Registration -> C:\Program Files\WindowsApps\DellInc.DellProductRegistration_3.4.6.0_x64__htrsf667h5kn2 [2018-06-26] (Dell Inc)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.5.201.0_x64__rz1tebttyb220 [2020-09-26] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-09] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2018-09-30] (Microsoft Corporation)
Hidden City: Hidden Object Adventure -> C:\Program Files\WindowsApps\828B5831.HiddenCityMysteryofShadows_1.37.3702.0_x86__ytsefhwckbdv6 [2020-10-01] (G5 Entertainment AB)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.2.0_neutral__8xx8rvfyw5nnt [2020-06-03] (Instagram)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2018-09-06] (LinkedIn)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_730.2.121.0_x64__8xx8rvfyw5nnt [2020-10-25] (Facebook Inc) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-10] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-10] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-25] (Microsoft Studios) [MS Ad]
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.28.32802.0_x64__8wekyb3d8bbwe [2020-10-25] (Microsoft Corporation) [Startup Task]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-18] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-01-27] (NVIDIA Corp.)
O2 TV -> C:\Program Files\WindowsApps\D8378DF7.O2TVGo_20182.0.25.0_x64__tqn3m7kee4xc8 [2020-08-05] (O2 Czech Republic a.s.)
RAR Opener -> C:\Program Files\WindowsApps\DeviceDoctor.RAROpener_1.3.48.0_x64__mkdtfchztkfbm [2018-09-07] (Tiny Opener)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-26] (Microsoft Corporation)
SmartByte -> C:\Program Files\WindowsApps\RivetNetworks.SmartByte_3.1.940.0_x64__rh07ty8m5nkag [2020-09-06] (Rivet Networks LLC)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0 [2020-10-25] (Spotify AB) [Startup Task]
SupportAssist Driver Update -> C:\Program Files\WindowsApps\DriverToaster_1.5.0.0_x86__rqs2nt378nwsp [2018-09-06] (Dell Inc.)
To-Do Prime -> C:\Program Files\WindowsApps\28251VinodShinde.To-DoPrime_1.50.40.0_x64__m4hs2z1tqny7y [2020-06-03] (Vinod Shinde)
ToDo-List -> C:\Program Files\WindowsApps\35998AlexanderSworski.ToDo-List_1.1.9.0_x64__f1p03rq2y10n8 [2020-06-03] (Alexander Sworski)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2019-08-02] (Microsoft Corporation)
Váš telefon -> C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20092.123.0_x64__8wekyb3d8bbwe [2020-10-25] (Microsoft Corporation)
Waves MaxxAudio Pro for Dell -> C:\Program Files\WindowsApps\WavesAudio.WavesMaxxAudioProforDell_1.1.131.0_x64__fh4rh281wavaa [2018-09-06] (Waves Audio)
WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2041.7.0_x64__cv1g1gvanyjgm [2020-10-25] (WhatsApp Inc.)
Wunderlist: To-Do List & Tasks -> C:\Program Files\WindowsApps\6Wunderkinder.Wunderlist_3.6.43.0_x64__b4cwydgxqx59r [2020-05-01] (6 Wunderkinder GmbH)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-8910E2A5A6E5} -> [Creative Cloud Files] => C:\Users\havra\Creative Cloud Files [2018-09-07 10:35]
CustomCLSID: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\havra\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20031.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (IDSA Production signing key 2021 -> Intel)
CustomCLSID: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_ea0ec4bdf897f2a9\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
CustomCLSID: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\havra\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20031.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\havra\Dropbox [2018-09-06 12:53]
CustomCLSID: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-03-19] () [File not signed] [File is in use]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time) [File not signed]
ContextMenuHandlers1: [PicosmosShell] -> {A3888921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\PicosmosTools\ShellEx64_100.dll [2018-05-12] (Free Time) [File not signed]
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-12-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-03-19] () [File not signed] [File is in use]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time) [File not signed]
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-12-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki127005.inf_amd64_753576c4406c1193\igfxDTCM.dll [2018-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvdmi.inf_amd64_b706d4e32506a94f\nvshext.dll [2021-01-23] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-12-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-04-26 18:12 - 2012-06-14 16:18 - 000359936 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2020-08-14 20:29 - 2020-08-14 20:29 - 000122880 _____ (Rivet Networks) [File not signed] C:\Program Files\Rivet Networks\SmartByte\KillerNetworkServicePS.dll
2021-01-09 18:18 - 2021-01-09 18:18 - 000913920 _____ (ServiceStack) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\ServiceStack.Text\8ca4971d44541d48e21f0e804700d8fc\ServiceStack.Text.ni.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=12454
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001 -> DefaultScope {A9AF42DC-6834-4230-9184-7E01AB6C6C61} URL =
SearchScopes: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001 -> {2584D045-063D-450C-98AD-71BF606488E0} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001 -> {2D8CFB70-2A7C-4B09-A4AE-4AA42963E74F} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001 -> {404DF86F-9171-4780-9A69-E0CB5B03D7F1} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001 -> {4EB8507E-BCB3-4FD8-99F7-4C9D2CA1B2FF} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001 -> {5ECF9F50-8DC8-4235-B99F-BB72F0B9676B} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001 -> {80C5279E-71D9-4FBE-A897-AD6F86BA3415} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001 -> {ABC04BB9-8A5C-42B9-9096-AD53C9BFAFAD} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001 -> {B55C3FE5-1A80-4699-9CFE-27CFE26031B0} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001 -> {D60B70BD-5559-4ABD-8427-10519DFA8989} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2021-01-30] (McAfee, LLC -> McAfee, LLC)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-01-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2021-01-30] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-13] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 14:46 - 2017-09-29 14:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\havra\Pictures\received_1086403274730104.jpeg
DNS Servers: 217.30.64.53 - 217.30.64.54
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => ""
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => ""
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\StartupApproved\StartupFolder: => "Mámemail Pošťák.lnk"
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\StartupApproved\StartupFolder: => "wandoujia_helper.lnk"
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\StartupApproved\Run: => ""
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{B7E4CB5C-4677-45EE-94D5-7E8A2F23293F}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.1.9518.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
FirewallRules: [{C0A89B7C-9105-4F35-8858-708EAA60411E}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.1.9518.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
FirewallRules: [UDP Query User{212C20BC-137F-43EB-885C-B8C4C539DFC5}C:\users\havra\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\havra\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{176C1347-C60F-46F6-AC83-0E6751DB00FC}C:\users\havra\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\havra\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4DB21198-77BC-4E90-850B-64BA1AF98F52}] => (Allow) C:\Users\havra\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{25F76282-CDF2-4CD0-8EBE-A208191F9E13}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Package\PTInstOnline.exe (Free Time Co., Ltd. -> Free Time)
FirewallRules: [{760703AB-EE0A-4B2C-A7CB-C02AA949D984}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{505499DB-FD03-4DF5-A32F-55A993C75BCB}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [{DBEA28E5-A32B-4E93-9B9C-FE70B4889085}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{AA98CD5C-E06F-448C-A898-91A046A63904}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [{99E1E210-63A5-4793-8F07-BDCFF753165F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5ABF222D-413E-469E-B46C-E963E08B2AA5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{8DD45874-DA23-4B61-A18D-86204FE3E5AF}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{8E22717A-5C5F-49F6-B9A7-8CEEA56A943D}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F278C01F-80E8-4F5A-871E-06CFE55BD66F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A06B78A5-F357-4EED-947A-D9657CAEE6D3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{22BDA38D-1D63-4317-AC2A-892EFA16C6A4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16050.11029.20079.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{55D0626F-0F34-44D2-9068-42A8FE80F352}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{8E6CC5F3-4F42-4359-833D-5EC18F0AABD3}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{6430A3B2-BAF8-48DF-9B7B-9F1F442E1768}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{8E221DD1-C533-40DC-9155-18FDA6D7B22C}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{915A6952-80B4-4564-9F19-E866EC2C1194}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{E44C1914-7F2F-4F70-A971-A8298A7310B9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{690E41BF-EAE2-4B47-8DA5-63B3CC8BE3E0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1AB60A55-21D4-46DC-B065-DD9F9E898F4D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{69F8F2B6-04E7-4142-94C1-6E5F6D805FD6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6312DBD9-5D58-41DA-B2D1-C9ABD4EB75A7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2629352C-3E52-42AD-BFDE-189BCE8A0888}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E8A37CB1-253C-4C13-A8E6-EEB265FF8C00}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D425733F-3728-4BDC-9E07-A72E0525AFB0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A81CF913-0263-4EC7-837F-3C16E23B3344}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{76580351-9979-41FC-9182-26E3A48E1AE3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B851B1A2-08BF-4925-AE50-B8A55CB6ACB0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D53D16F1-B1AD-45C1-9F0E-0CDF38798059}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EDF11564-BF1C-40DC-939F-6A91418C2782}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8EE88FD5-920E-4889-944C-887D928F0B5C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{119EB0A3-E3BA-46BC-B30D-F417B4E1B473}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5CA86DC2-5020-44B4-9B10-8D46F6459FF1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E0CF9C58-AD88-47F3-BA26-CF4BFB06892A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{23C6B9E2-5249-4A49-AB6A-85B15B8AE42E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{885639C8-191E-4B4A-8244-AD0D3A4E1D72}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{1959D497-0181-486F-9500-620561FF5491}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{E0FA5C57-3484-4C15-9049-17D792EB34D2}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{CF7B572B-4517-42AB-A7D7-EC2617E9FBF3}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
==================== Restore Points =========================
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/30/2021 10:08:24 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (01/30/2021 10:05:32 AM) (Source: DellCommandPowerManager) (EventID: 0) (User: )
Description: Error from DellPowerManager.exe GUI-ATA02
Message: Invalid alert info: 000300000008000700000000
Error: (01/28/2021 08:57:48 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (01/28/2021 08:54:35 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).
Error: (01/27/2021 07:34:54 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Objekt nebo vlastnost nebyly nalezeny.
Error: (01/27/2021 07:34:53 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Objekt nebo vlastnost nebyly nalezeny.
Error: (01/27/2021 07:32:59 PM) (Source: DellCommandPowerManager) (EventID: 0) (User: )
Description: Error from DellPowerManager.exe GUI-ATA02
Message: Invalid alert info: 000300000008000700000000
Error: (01/27/2021 10:12:36 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
System errors:
=============
Error: (01/28/2021 11:06:31 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (01/28/2021 10:59:25 PM) (Source: volsnap) (EventID: 25) (User: )
Description: Stínové kopie svazku C: byly smazány, protože úložiště stínové kopie nebylo možné včas zvětšit. Zvažte možnost snížení vstupně-výstupního zatížení systému nebo zvolte svazek úložiště stínové kopie, pro který není vytvářena stínová kopie.
Error: (01/28/2021 10:46:31 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (22:08:36, 28.01.2021) bylo neočekávané.
Error: (01/28/2021 10:45:06 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (01/28/2021 09:10:48 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.
Error: (01/28/2021 09:08:23 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (20:54:17, 28.01.2021) bylo neočekávané.
Error: (01/27/2021 09:07:55 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (01/27/2021 08:25:09 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
CodeIntegrity:
===================================
Date: 2020-10-24 15:29:14.0600000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Avira\Antivirus\libcurl.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. 1.14.0 10/29/2020
Motherboard: Dell Inc. 0JGKPC
Processor: Intel(R) Core(TM) i7-8750H CPU @ 2.20GHz
Percentage of memory in use: 46%
Total physical RAM: 16240.71 MB
Available physical RAM: 8611.39 MB
Total Virtual: 22439.45 MB
Available Virtual: 12988.87 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:462.7 GB) (Free:5.57 GB) NTFS
\\?\Volume{b4fca574-aaf3-4053-bd44-f45a28cb866a}\ (WINRETOOLS) (Fixed) (Total:0.79 GB) (Free:0.28 GB) NTFS
\\?\Volume{f0fabba5-6b6f-4d9e-8691-130082bf8c98}\ (Image) (Fixed) (Total:11.54 GB) (Free:0.15 GB) NTFS
\\?\Volume{f8802ac2-6042-4b30-abe7-21b009ba693a}\ (DELLSUPPORT) (Fixed) (Total:1.14 GB) (Free:0.34 GB) NTFS
\\?\Volume{80085436-f96a-42a2-bfaf-7f82caca7bab}\ (ESP) (Fixed) (Total:0.63 GB) (Free:0.56 GB) FAT32
==================== MBR & Partition Table ====================
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
vivienn@centrum.cz
- Návštěvník
- Příspěvky: 25
- Registrován: 03 pro 2013 10:35
-
Rudy
- Site Admin
- Příspěvky: 119412
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
vivienn@centrum.cz
- Návštěvník
- Příspěvky: 25
- Registrován: 03 pro 2013 10:35
Re: Prosím o kontrolu logu
Nemohu najít ten log, který mám poslat. 
-
vivienn@centrum.cz
- Návštěvník
- Příspěvky: 25
- Registrován: 03 pro 2013 10:35
Re: Prosím o kontrolu logu
Možná toto:
Malwarebytes
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 30.01.21
Čas skenování: 11:49
Logovací soubor: cc789434-62e8-11eb-be81-54bf641e7998.json
-Informace o softwaru-
Verze: 4.3.0.98
Verze komponentů: 1.0.1157
Aktualizovat verzi balíku komponent: 1.0.36449
Licence: Zkušební
-Systémová informace-
OS: Windows 10 (Build 19041.746)
CPU: x64
Systém souborů: NTFS
Uživatel: DESKTOP-2OHMFH6\havra
-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 303175
Zjištěné hrozby: 34
Hrozby umístěné do karantény: 34
Uplynulý čas: 1 min, 56 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 12
PUP.Optional.TweakBit, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\TweakBit\Driver Updater\Time for deal, V karanténě, 5379, 330451, , , , , ,
PUP.Optional.TweakBit, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B41D3964-0846-4277-9A22-74C7149F2705}, V karanténě, 5379, 330451, , , , , ,
PUP.Optional.TweakBit, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{B41D3964-0846-4277-9A22-74C7149F2705}, V karanténě, 5379, 330451, , , , , ,
PUP.Optional.TweakBit, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\TweakBit\Driver Updater\Start Driver Updater automatic scanning, V karanténě, 5379, 330451, , , , , ,
PUP.Optional.TweakBit, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{98A07132-C915-4B46-9A64-BE1C5DB0B71D}, V karanténě, 5379, 330451, , , , , ,
PUP.Optional.TweakBit, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{98A07132-C915-4B46-9A64-BE1C5DB0B71D}, V karanténě, 5379, 330451, , , , , ,
PUP.Optional.TweakBit, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\TweakBit\Driver Updater\Start Driver Updater оn logon, V karanténě, 5379, 330451, , , , , ,
PUP.Optional.TweakBit, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{668B310A-0E47-4A61-9B84-AA9CFDC94A25}, V karanténě, 5379, 330451, , , , , ,
PUP.Optional.TweakBit, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{668B310A-0E47-4A61-9B84-AA9CFDC94A25}, V karanténě, 5379, 330451, , , , , ,
PUP.Optional.DriveTheLife, HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\SOFTWARE\OSTOTOSOFT\DRIVERTALENT, V karanténě, 8707, 475860, 1.0.36449, , ame, , ,
PUP.Optional.DriveTheLife, HKLM\SOFTWARE\WOW6432NODE\OSTOTOSOFT\DRIVERTALENT, V karanténě, 8707, 475857, 1.0.36449, , ame, , ,
PUP.Optional.TweakBit, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\TweakBit, V karanténě, 5379, 340081, 1.0.36449, , ame, , ,
Hodnota v registru: 6
PUP.Optional.DriveTheLife, HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\SOFTWARE\OSTOTOSOFT\DRIVERTALENT|APPPATH, V karanténě, 8707, 475860, 1.0.36449, , ame, , ,
PUP.Optional.TweakBit, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{668B310A-0E47-4A61-9B84-AA9CFDC94A25}|PATH, V karanténě, 5379, 340076, 1.0.36449, , ame, , ,
PUP.Optional.TweakBit, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{98A07132-C915-4B46-9A64-BE1C5DB0B71D}|PATH, V karanténě, 5379, 340076, 1.0.36449, , ame, , ,
PUP.Optional.TweakBit, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B41D3964-0846-4277-9A22-74C7149F2705}|PATH, V karanténě, 5379, 340076, 1.0.36449, , ame, , ,
PUP.Optional.DriveTheLife, HKLM\SOFTWARE\WOW6432NODE\OSTOTOSOFT\DRIVERTALENT|APPPATH, V karanténě, 8707, 475857, 1.0.36449, , ame, , ,
PUP.Optional.DriveTheLife, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|DRIVERTALENT.EXE, V karanténě, 8707, 478671, 1.0.36449, , ame, , ,
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 5
PUP.Optional.TweakBit, C:\Windows\System32\Tasks\TweakBit\Driver Updater, V karanténě, 5379, 330451, , , , , ,
PUP.Optional.TweakBit, C:\WINDOWS\SYSTEM32\TASKS\TWEAKBIT, V karanténě, 5379, 330451, 1.0.36449, , ame, , ,
PUP.Optional.DriveTheLife, C:\PROGRAMDATA\DRIVERTALENT, V karanténě, 8707, 475796, 1.0.36449, , ame, , ,
PUP.Optional.DriveTheLife, C:\Users\havra\AppData\Roaming\DriverTalent\Config, V karanténě, 8707, 475805, , , , , ,
PUP.Optional.DriveTheLife, C:\USERS\HAVRA\APPDATA\ROAMING\DRIVERTALENT, V karanténě, 8707, 475805, 1.0.36449, , ame, , ,
Soubor: 11
PUP.Optional.TweakBit, C:\WINDOWS\SYSTEM32\TASKS\TWEAKBIT\DRIVER UPDATER\TIME FOR DEAL, V karanténě, 5379, 330451, 1.0.36449, , ame, , 891F0CB937AADF5E615769FCD904EE0F, 6DC2A53EEB68549119F4A189627335D4D96D0BCC8C3DE62C1E04C1BCD1566173
PUP.Optional.TweakBit, C:\Windows\System32\Tasks\TweakBit\Driver Updater\Start Driver Updater automatic scanning, V karanténě, 5379, 330451, , , , , 5602D910B320B2A0C6CCBB64FC2F7BF8, 883EA1D7838B501053506B160441836F3930B57FD9008E34106587C8ECD71BE0
PUP.Optional.TweakBit, C:\Windows\System32\Tasks\TweakBit\Driver Updater\Start Driver Updater оn logon, V karanténě, 5379, 330451, , , , , 620A12CA19A896893413372CE0CBC001, 05C1230207DA46B2FA05BF4FB4E126B01206EDC0041ABF5A6ACEAF3F4A2295B3
PUP.Optional.DriveTheLife, C:\PROGRAMDATA\DRIVERTALENT\BACKUPLIST.DAT, V karanténě, 8707, 475796, 1.0.36449, , ame, , 237B4F88EE976F7B5D9FC7ED6051D945, 0E532B00D748B487CC9CAD8DE5295962155D33AAF74F28552C67DF14BF80C7D0
PUP.Optional.DriveTheLife, C:\ProgramData\DriverTalent\dtldrvcache101040022.db, V karanténě, 8707, 475796, , , , , A313F61155603AD66023259FED433636, 5E9B4E6014F00A9F89C29445B250FBAD6A0B0BC40AC18ED7554428A7FC809B40
PUP.Optional.DriveTheLife, C:\ProgramData\DriverTalent\dtlplugs.ini, V karanténě, 8707, 475796, , , , , 4DD0283B55371FB9F8600E2533E03830, BB4E36375FAF15798CA45920B520304117CC780F497ECC97AA85F62CDA21696E
PUP.Optional.DriveTheLife, C:\USERS\HAVRA\APPDATA\ROAMING\DRIVERTALENT\CONFIG\USERCONFIG.DAT, V karanténě, 8707, 475805, 1.0.36449, , ame, , 6551F12D6962FEEC13D5059F081E2938, 46EDFD4448C808FA2B294213028D6DC96EC5F15D490A792A1CA83E72539562C4
PUP.Optional.MusicSearch, C:\USERS\HAVRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0GUT8D9H.DEFAULT\EXTENSIONS\{43D20840-2895-4866-9D79-4F6F2EA537F7}.XPI, V karanténě, 5342, 651869, 1.0.36449, , ame, , 8300A1D9E910479C218960B9A62FF371, 05F7AAB0F168325ECE582E586EE7677AC26309038B8DF674CF345599015CB033
PUP.Optional.DriveTheLife, C:\USERS\HAVRA\DOWNLOADS\DRIVERTALENT_SETUP.EXE, V karanténě, 8707, 478126, 1.0.36449, , ame, , E17E378A0AAD1777B5B9D8F713368276, 1FEEB7B5EBF985284C65AC144261822D5A9258D8DE96CAC84EC197DBC8B97CDA
PUP.Optional.TweakBit, C:\USERS\HAVRA\DOWNLOADS\DRIVER-UPDATER-SETUP.EXE, V karanténě, 5379, 803569, 1.0.36449, , ame, , D9D665B3CFC5DAFFBDB491976EB369A1, 9EA42280C6B6AA8BAF21E7D0A068F1C908B9492A2B30FB20B25E0CFF34E51CB7
Malware.AI.4291486859, C:\USERS\HAVRA\DOWNLOADS\OPHCRACK-3.7.0-BIN.ZIP, V karanténě, 1000000, 0, 1.0.36449, F7315DE4F2276582FFCAE48B, dds, 01094981, ED8609993A33B9FE961AEF9C65E05E7F, 7F4540BCC698BCE63740B35947F6A0C4D266669CC4FB5115BFF6425987B63E54
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
WMI: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
Malwarebytes
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 30.01.21
Čas skenování: 11:49
Logovací soubor: cc789434-62e8-11eb-be81-54bf641e7998.json
-Informace o softwaru-
Verze: 4.3.0.98
Verze komponentů: 1.0.1157
Aktualizovat verzi balíku komponent: 1.0.36449
Licence: Zkušební
-Systémová informace-
OS: Windows 10 (Build 19041.746)
CPU: x64
Systém souborů: NTFS
Uživatel: DESKTOP-2OHMFH6\havra
-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 303175
Zjištěné hrozby: 34
Hrozby umístěné do karantény: 34
Uplynulý čas: 1 min, 56 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 12
PUP.Optional.TweakBit, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\TweakBit\Driver Updater\Time for deal, V karanténě, 5379, 330451, , , , , ,
PUP.Optional.TweakBit, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B41D3964-0846-4277-9A22-74C7149F2705}, V karanténě, 5379, 330451, , , , , ,
PUP.Optional.TweakBit, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{B41D3964-0846-4277-9A22-74C7149F2705}, V karanténě, 5379, 330451, , , , , ,
PUP.Optional.TweakBit, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\TweakBit\Driver Updater\Start Driver Updater automatic scanning, V karanténě, 5379, 330451, , , , , ,
PUP.Optional.TweakBit, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{98A07132-C915-4B46-9A64-BE1C5DB0B71D}, V karanténě, 5379, 330451, , , , , ,
PUP.Optional.TweakBit, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{98A07132-C915-4B46-9A64-BE1C5DB0B71D}, V karanténě, 5379, 330451, , , , , ,
PUP.Optional.TweakBit, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\TweakBit\Driver Updater\Start Driver Updater оn logon, V karanténě, 5379, 330451, , , , , ,
PUP.Optional.TweakBit, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{668B310A-0E47-4A61-9B84-AA9CFDC94A25}, V karanténě, 5379, 330451, , , , , ,
PUP.Optional.TweakBit, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{668B310A-0E47-4A61-9B84-AA9CFDC94A25}, V karanténě, 5379, 330451, , , , , ,
PUP.Optional.DriveTheLife, HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\SOFTWARE\OSTOTOSOFT\DRIVERTALENT, V karanténě, 8707, 475860, 1.0.36449, , ame, , ,
PUP.Optional.DriveTheLife, HKLM\SOFTWARE\WOW6432NODE\OSTOTOSOFT\DRIVERTALENT, V karanténě, 8707, 475857, 1.0.36449, , ame, , ,
PUP.Optional.TweakBit, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\TweakBit, V karanténě, 5379, 340081, 1.0.36449, , ame, , ,
Hodnota v registru: 6
PUP.Optional.DriveTheLife, HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\SOFTWARE\OSTOTOSOFT\DRIVERTALENT|APPPATH, V karanténě, 8707, 475860, 1.0.36449, , ame, , ,
PUP.Optional.TweakBit, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{668B310A-0E47-4A61-9B84-AA9CFDC94A25}|PATH, V karanténě, 5379, 340076, 1.0.36449, , ame, , ,
PUP.Optional.TweakBit, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{98A07132-C915-4B46-9A64-BE1C5DB0B71D}|PATH, V karanténě, 5379, 340076, 1.0.36449, , ame, , ,
PUP.Optional.TweakBit, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B41D3964-0846-4277-9A22-74C7149F2705}|PATH, V karanténě, 5379, 340076, 1.0.36449, , ame, , ,
PUP.Optional.DriveTheLife, HKLM\SOFTWARE\WOW6432NODE\OSTOTOSOFT\DRIVERTALENT|APPPATH, V karanténě, 8707, 475857, 1.0.36449, , ame, , ,
PUP.Optional.DriveTheLife, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|DRIVERTALENT.EXE, V karanténě, 8707, 478671, 1.0.36449, , ame, , ,
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 5
PUP.Optional.TweakBit, C:\Windows\System32\Tasks\TweakBit\Driver Updater, V karanténě, 5379, 330451, , , , , ,
PUP.Optional.TweakBit, C:\WINDOWS\SYSTEM32\TASKS\TWEAKBIT, V karanténě, 5379, 330451, 1.0.36449, , ame, , ,
PUP.Optional.DriveTheLife, C:\PROGRAMDATA\DRIVERTALENT, V karanténě, 8707, 475796, 1.0.36449, , ame, , ,
PUP.Optional.DriveTheLife, C:\Users\havra\AppData\Roaming\DriverTalent\Config, V karanténě, 8707, 475805, , , , , ,
PUP.Optional.DriveTheLife, C:\USERS\HAVRA\APPDATA\ROAMING\DRIVERTALENT, V karanténě, 8707, 475805, 1.0.36449, , ame, , ,
Soubor: 11
PUP.Optional.TweakBit, C:\WINDOWS\SYSTEM32\TASKS\TWEAKBIT\DRIVER UPDATER\TIME FOR DEAL, V karanténě, 5379, 330451, 1.0.36449, , ame, , 891F0CB937AADF5E615769FCD904EE0F, 6DC2A53EEB68549119F4A189627335D4D96D0BCC8C3DE62C1E04C1BCD1566173
PUP.Optional.TweakBit, C:\Windows\System32\Tasks\TweakBit\Driver Updater\Start Driver Updater automatic scanning, V karanténě, 5379, 330451, , , , , 5602D910B320B2A0C6CCBB64FC2F7BF8, 883EA1D7838B501053506B160441836F3930B57FD9008E34106587C8ECD71BE0
PUP.Optional.TweakBit, C:\Windows\System32\Tasks\TweakBit\Driver Updater\Start Driver Updater оn logon, V karanténě, 5379, 330451, , , , , 620A12CA19A896893413372CE0CBC001, 05C1230207DA46B2FA05BF4FB4E126B01206EDC0041ABF5A6ACEAF3F4A2295B3
PUP.Optional.DriveTheLife, C:\PROGRAMDATA\DRIVERTALENT\BACKUPLIST.DAT, V karanténě, 8707, 475796, 1.0.36449, , ame, , 237B4F88EE976F7B5D9FC7ED6051D945, 0E532B00D748B487CC9CAD8DE5295962155D33AAF74F28552C67DF14BF80C7D0
PUP.Optional.DriveTheLife, C:\ProgramData\DriverTalent\dtldrvcache101040022.db, V karanténě, 8707, 475796, , , , , A313F61155603AD66023259FED433636, 5E9B4E6014F00A9F89C29445B250FBAD6A0B0BC40AC18ED7554428A7FC809B40
PUP.Optional.DriveTheLife, C:\ProgramData\DriverTalent\dtlplugs.ini, V karanténě, 8707, 475796, , , , , 4DD0283B55371FB9F8600E2533E03830, BB4E36375FAF15798CA45920B520304117CC780F497ECC97AA85F62CDA21696E
PUP.Optional.DriveTheLife, C:\USERS\HAVRA\APPDATA\ROAMING\DRIVERTALENT\CONFIG\USERCONFIG.DAT, V karanténě, 8707, 475805, 1.0.36449, , ame, , 6551F12D6962FEEC13D5059F081E2938, 46EDFD4448C808FA2B294213028D6DC96EC5F15D490A792A1CA83E72539562C4
PUP.Optional.MusicSearch, C:\USERS\HAVRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0GUT8D9H.DEFAULT\EXTENSIONS\{43D20840-2895-4866-9D79-4F6F2EA537F7}.XPI, V karanténě, 5342, 651869, 1.0.36449, , ame, , 8300A1D9E910479C218960B9A62FF371, 05F7AAB0F168325ECE582E586EE7677AC26309038B8DF674CF345599015CB033
PUP.Optional.DriveTheLife, C:\USERS\HAVRA\DOWNLOADS\DRIVERTALENT_SETUP.EXE, V karanténě, 8707, 478126, 1.0.36449, , ame, , E17E378A0AAD1777B5B9D8F713368276, 1FEEB7B5EBF985284C65AC144261822D5A9258D8DE96CAC84EC197DBC8B97CDA
PUP.Optional.TweakBit, C:\USERS\HAVRA\DOWNLOADS\DRIVER-UPDATER-SETUP.EXE, V karanténě, 5379, 803569, 1.0.36449, , ame, , D9D665B3CFC5DAFFBDB491976EB369A1, 9EA42280C6B6AA8BAF21E7D0A068F1C908B9492A2B30FB20B25E0CFF34E51CB7
Malware.AI.4291486859, C:\USERS\HAVRA\DOWNLOADS\OPHCRACK-3.7.0-BIN.ZIP, V karanténě, 1000000, 0, 1.0.36449, F7315DE4F2276582FFCAE48B, dds, 01094981, ED8609993A33B9FE961AEF9C65E05E7F, 7F4540BCC698BCE63740B35947F6A0C4D266669CC4FB5115BFF6425987B63E54
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
WMI: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
-
Rudy
- Site Admin
- Příspěvky: 119412
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
To je ono. Položky smažte (dejte do karantény) a paj dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
vivienn@centrum.cz
- Návštěvník
- Příspěvky: 25
- Registrován: 03 pro 2013 10:35
Re: Prosím o kontrolu logu
Tady jsou. 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-01-2021
Ran by havra (administrator) on DESKTOP-2OHMFH6 (Dell Inc. G3 3779) (30-01-2021 18:23:40)
Running from C:\Users\havra\Downloads
Loaded Profiles: havra
Platform: Windows 10 Home Version 20H2 19042.746 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell INC.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(eM Client, s.r.o. -> eM Client s.r.o.) C:\Program Files (x86)\eM Client\MailClient.exe <3>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(IDSA Production signing key 2021 -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(IDSA Production signing key 2021 -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(IDSA Production signing key 2021 -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127005.inf_amd64_753576c4406c1193\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127005.inf_amd64_753576c4406c1193\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127005.inf_amd64_753576c4406c1193\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127005.inf_amd64_753576c4406c1193\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_0c50c5dc47ed0efe\RstMwService.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(MFD LABS LTD -> MFD LABS LTD) C:\Users\havra\AppData\Local\Programs\messengerfordesktop\Messenger for Desktop.exe <3>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_3.7.142.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2009.4.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12010.1001.2.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <13>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_b706d4e32506a94f\Display.NvContainer\NVDisplay.Container.exe <2>
(Opera Software AS -> Opera Software) C:\Users\havra\AppData\Local\Programs\Opera\assistant\browser_assistant.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <3>
(Rivet Networks LLC -> Rivet Networks LLC) C:\Program Files\Rivet Networks\SmartByte\RAPS.exe
(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe
(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
(Rivet Networks LLC -> Rivet Networks, LLC.) C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_ea0ec4bdf897f2a9\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_ea0ec4bdf897f2a9\WavesSysSvc64.exe
(WhatsApp, Inc -> WhatsApp) C:\Users\havra\AppData\Local\WhatsApp\app-2.2102.8\WhatsApp.exe <6>
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320056 2019-08-28] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [834336 2019-02-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_ea0ec4bdf897f2a9\WavesSvc64.exe [1222928 2018-04-30] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7992336 2021-01-25] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [705728 2020-11-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [331040 2020-12-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [286064 2021-01-25] (IDSA Production signing key 2021 -> Intel)
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\havra\AppData\Local\Microsoft\Teams\Update.exe [2339472 2020-05-07] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\Run: [] => [X]
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\Run: [Opera Browser Assistant] => C:\Users\havra\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3154456 2020-11-25] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [4708328 2021-01-15] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
HKLM\...\Windows x64\Print Processors\Canon iP7200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBA.DLL [30208 2012-04-16] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [55432 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\Canon BJ Language Monitor iP7200 series: C:\Windows\system32\CNMLMBA.DLL [389120 2012-04-16] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [359936 2012-06-14] (CANON INC.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.104\Installer\chrmstp.exe [2021-01-23] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {03F455CA-DB34-47DF-8CCB-F018A591C074} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23062920 2021-01-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {0EBF024B-C829-4608-BDC2-792D33552D1D} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {113683D9-9297-4156-8DF5-7A619BD6CC6F} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {1A6545DC-08D1-479C-8482-CF1952AE8498} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-09-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {34A0C1F7-F000-40F9-B221-C805C21BD5F2} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {37A7AA81-8360-4984-AB24-3F6EAED4E25D} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [29934096 2020-12-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {3A5B2645-1E38-403E-8D20-68C43A0A0A70} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3E73DEBB-4F68-4605-99C3-7B630690EAD3} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2021-01-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {4024C783-6370-4761-9010-4C34944A3A92} - System32\Tasks\Opera scheduled assistant Autoupdate 1601063340 => C:\Users\havra\AppData\Local\Programs\Opera\launcher.exe [1583256 2021-01-14] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\havra\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {4FB18B6C-D8E5-46A0-B28E-1A7A2E771CE7} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {50A28E7D-8692-4D6E-997F-52C40AFEE192} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5752B731-7117-44DD-BB24-531AEEEDDADE} - System32\Tasks\Adobe Uninstaller => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410968 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
Task: {5778B5B3-A497-4E27-80A5-72953A752247} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5B7AC550-0C2C-4679-81C0-032FE8CDC77B} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6710DC49-4BAE-4925-9082-562BDB2089D4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-26] (Google Inc -> Google Inc.)
Task: {69C77036-2A96-414C-B020-B8048957B88D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-26] (Google Inc -> Google Inc.)
Task: {71A3787B-CEE9-4F0B-886E-477269A719B7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {7BD6625E-053E-4918-A7FB-5944B4D2A595} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8844FBFE-18DB-4365-986B-7581B9C424EE} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-09-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {8922BD8B-A4D5-42A5-A5C2-FF7DE114119C} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {8C25766F-F412-41DA-9C10-09E2767A938F} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {8C6ACEE0-8DA2-4844-A6A1-55A0DEFEE003} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {92E732FE-C535-4B9F-BA00-F25CCF916193} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {947D9F7B-D6E3-4C65-AC7F-39094C783294} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {94CA4961-A252-495A-BF2B-98BBC0D1170F} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {952700EB-1DFA-4487-A272-376FB1E9BE51} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1547160 2021-01-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {98548407-1358-4CD1-8005-45070148A685} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23062920 2021-01-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {9C9EC591-BC4B-4251-9DCC-F26938213013} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {9F090741-E54D-4030-9975-1C88BD2EBB99} - System32\Tasks\SmartByte Telemetry => C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe [95072 2020-08-14] (Rivet Networks LLC -> DELL)
Task: {A1A4AEE7-07BD-42A7-A663-E8669D1766C4} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2649200 2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {AC436E73-FF26-43BE-AAD8-9D20CE6E9BEC} - System32\Tasks\Opera scheduled Autoupdate 1601063328 => C:\Users\havra\AppData\Local\Programs\Opera\launcher.exe [1583256 2021-01-14] (Opera Software AS -> Opera Software)
Task: {AC88252D-6922-4218-9678-6168EAFDF9AD} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {B55DD385-0860-49ED-940E-4F6746358E1F} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2021-01-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {B5DB60C3-0F97-41E8-BB18-0D5DEE682E67} - System32\Tasks\Avira_Security_Update => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [233184 2020-12-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {BC203149-3E40-473E-91DA-AB3940E0EFC8} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [677344 2021-01-28] (Mozilla Corporation -> Mozilla Foundation)
Task: {BD36FA78-D46F-489A-B1E2-7178994FABDA} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {C07FFD26-4556-48CD-9932-9AAD19FDCC23} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2302168 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {D3F976F5-48A5-40BB-B8F8-B3FFD528EB39} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-10] (Adobe Inc. -> Adobe)
Task: {D9D77C24-BF4B-4F32-A26F-24CDAD9AE415} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [331040 2020-12-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {E6116DEC-0801-4BAF-B044-B612D8FE1704} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {E7A3FD8C-6D80-43A0-B293-872680FF3BAF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-10] (Adobe Inc. -> Adobe)
Task: {F1507717-0C4E-4038-9E6A-D6E3263756A3} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-havraniveta@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 217.30.64.53 217.30.64.54 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{3f6949a5-7cd0-488b-97c6-e7ca22185103}: [DhcpNameServer] 212.80.66.7 10.0.0.2 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{71a4fd38-48ec-4a85-acae-fcdc5bd5ff02}: [DhcpNameServer] 217.30.64.53 217.30.64.54 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{a599493c-d9be-4c72-a21f-e249e5e7d470}: [DhcpNameServer] 8.8.8.8 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\havra\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-30]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: 0gut8d9h.default
FF ProfilePath: C:\Users\havra\AppData\Roaming\Mozilla\Firefox\Profiles\0gut8d9h.default [2021-01-30]
FF Session Restore: Mozilla\Firefox\Profiles\0gut8d9h.default -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\0gut8d9h.default -> hxxps://postovnezdarma.cz; hxxps://paleosnadno.cz; hxxps://teams.microsoft.com; hxxps://www.slevomat.cz; hxxps://www.maccosmetics.cz
FF Extension: (To Google Translate) - C:\Users\havra\AppData\Roaming\Mozilla\Firefox\Profiles\0gut8d9h.default\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2020-11-11]
FF Extension: (VratnePenize.cz Připomínáček) - C:\Users\havra\AppData\Roaming\Mozilla\Firefox\Profiles\0gut8d9h.default\Extensions\toolbar@vratnepenize.cz.xpi [2020-05-23]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\havra\AppData\Roaming\Mozilla\Firefox\Profiles\0gut8d9h.default\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2021-01-30]
FF Extension: (WA Web Plus for WhatsApp™) - C:\Users\havra\AppData\Roaming\Mozilla\Firefox\Profiles\0gut8d9h.default\Extensions\{e5b78745-5fde-4ebf-b8c7-465120c9dfe4}.xpi [2020-06-18]
FF Extension: (No Name) - C:\Users\havra\AppData\Roaming\Mozilla\Firefox\Profiles\0gut8d9h.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2017-11-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-10] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-10] (Adobe Inc. -> )
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2017-10-17] (CANON INC.) [File not signed]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\S-1-5-21-3433778575-2911662788-3899533387-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\havra\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-19] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
Chrome:
=======
CHR Profile: C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default [2021-01-30]
CHR Extension: (Prezentace) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-11-26]
CHR Extension: (Dokumenty) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-11-26]
CHR Extension: (Disk Google) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-28]
CHR Extension: (YouTube) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-11-26]
CHR Extension: (Avira Password Manager) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2021-01-28]
CHR Extension: (Adobe Acrobat) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-01-28]
CHR Extension: (Tabulky) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-11-26]
CHR Extension: (Avira Browser Safety) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2021-01-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-01-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-10-11]
CHR Extension: (Gmail) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-28]
CHR Extension: (Chrome Media Router) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-28]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-11-01]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Opera:
=======
OPR Profile: C:\Users\havra\AppData\Roaming\Opera Software\Opera Stable [2021-01-30]
OPR Extension: (Avira Safe Shopping) - C:\Users\havra\AppData\Roaming\Opera Software\Opera Stable\Extensions\dalelnnofafalcmkmnhdbigbjjkloabo [2020-09-25]
OPR Extension: (Avira Password Manager) - C:\Users\havra\AppData\Roaming\Opera Software\Opera Stable\Extensions\ngohaaocccbohaffogpbgfpmpgbcgccg [2020-09-25]
OPR Extension: (Free Avira Phantom VPN – Unblock Websites) - C:\Users\havra\AppData\Roaming\Opera Software\Opera Stable\Extensions\pcgkmkjdikhiodinhloioejnpjgmfigd [2020-09-25]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-10] (Adobe Inc. -> Adobe)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1205960 2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [537472 2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [483432 2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [483432 2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [573960 2021-01-14] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [636592 2020-11-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2988544 2020-06-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [384360 2020-12-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [244888 2020-12-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [161072 2020-12-16] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8960384 2021-01-19] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-09-06] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-09-06] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44064 2021-01-25] (Dropbox, Inc -> Dropbox, Inc.)
S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [315008 2020-08-18] (Dell Inc -> Dell Inc.)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [19128 2020-12-25] (Dell Inc -> Dell INC.)
S3 Dell.CommandPowerManager.Service; C:\WINDOWS\system32\dllhost.exe /Processid:{FB532BEF-8DC0-4B53-BCCC-887E4E733C3C} [21312 2020-11-06] (Microsoft Windows -> Microsoft Corporation)
S3 Dell.CommandPowerManager.Service; C:\WINDOWS\system32\dllhost.exe /Processid:{FB532BEF-8DC0-4B53-BCCC-887E4E733C3C} [21312 2020-11-06] (Microsoft Windows -> Microsoft Corporation)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38592 2020-10-29] (Dell Inc -> )
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-01-30] (Malwarebytes Inc -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [958216 2021-01-30] (McAfee, LLC -> McAfee, LLC)
R2 RAPSService; C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe [64848 2020-08-14] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [64856 2020-08-14] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 SmartByte Analytics Service; C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe [1630576 2020-08-14] (Rivet Networks LLC -> Rivet Networks)
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2385256 2020-08-14] (Rivet Networks LLC -> Rivet Networks)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvdmi.inf_amd64_b706d4e32506a94f\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvdmi.inf_amd64_b706d4e32506a94f\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [78936 2019-06-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22336 2019-02-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [207424 2020-11-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [199752 2020-05-06] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [89736 2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [45472 2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R3 DBUtilDrv2; C:\WINDOWS\System32\drivers\DBUtilDrv2.sys [24952 2021-01-10] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [36400 2018-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2021-01-30] (Malwarebytes Corporation -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220600 2021-01-30] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-01-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198248 2021-01-30] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-01-30] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-01-30] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [142440 2021-01-30] (Malwarebytes Inc -> Malwarebytes)
R3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2020-03-18] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
R3 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [164424 2020-08-14] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [25608 2020-10-08] (AVG Technologies CZ, s.r.o. -> SlimWare Utilities, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 NVHDA; \SystemRoot\system32\drivers\nvhda64v.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-01-30 16:57 - 2021-01-30 16:57 - 000709264 _____ (MFD LABS LTD) C:\Users\havra\Downloads\messengerfordesktop-setup(1).exe
2021-01-30 16:53 - 2021-01-30 18:01 - 000000000 ____D C:\Users\havra\AppData\Roaming\Messenger for Desktop
2021-01-30 16:53 - 2021-01-30 16:57 - 000002535 _____ C:\Users\havra\Desktop\Messenger for Desktop.lnk
2021-01-30 16:53 - 2021-01-30 16:53 - 000709264 _____ (MFD LABS LTD) C:\Users\havra\Downloads\messengerfordesktop-setup.exe
2021-01-30 16:53 - 2021-01-30 16:53 - 000002543 _____ C:\Users\havra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Messenger for Desktop.lnk
2021-01-30 16:53 - 2021-01-30 16:53 - 000000000 ____D C:\Users\havra\AppData\Local\messengerfordesktop-updater
2021-01-30 15:36 - 2021-01-30 15:36 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-01-30 15:35 - 2021-01-30 15:35 - 000198248 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-01-30 15:35 - 2021-01-30 15:35 - 000142440 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-01-30 11:57 - 2021-01-30 11:57 - 000007879 _____ C:\Users\havra\Desktop\text.txt
2021-01-30 11:48 - 2021-01-30 11:48 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-01-30 11:48 - 2021-01-30 11:48 - 000220600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-01-30 11:48 - 2021-01-30 11:47 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-01-30 11:27 - 2021-01-30 11:48 - 000002043 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-01-30 11:27 - 2021-01-30 11:48 - 000002031 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-01-30 11:27 - 2021-01-30 11:47 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-01-30 11:27 - 2021-01-30 11:27 - 000000000 ____D C:\Users\havra\AppData\Local\mbam
2021-01-30 11:27 - 2021-01-30 11:27 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-01-30 11:26 - 2021-01-30 11:26 - 000000000 ____D C:\Program Files\Malwarebytes
2021-01-30 11:25 - 2021-01-30 11:25 - 002086424 _____ (Malwarebytes) C:\Users\havra\Downloads\MBSetup.exe
2021-01-30 10:46 - 2021-01-30 10:46 - 002297856 _____ (Farbar) C:\Users\havra\Downloads\FRST64(1).exe
2021-01-30 10:40 - 2021-01-30 10:42 - 000055469 _____ C:\Users\havra\Downloads\Addition.txt
2021-01-30 10:34 - 2021-01-30 18:24 - 000039769 _____ C:\Users\havra\Downloads\FRST.txt
2021-01-30 10:33 - 2021-01-30 18:24 - 000000000 ____D C:\FRST
2021-01-30 10:33 - 2021-01-30 10:33 - 002297856 _____ (Farbar) C:\Users\havra\Downloads\FRST64.exe
2021-01-30 10:32 - 2021-01-30 10:32 - 001989632 _____ (Farbar) C:\Users\havra\Downloads\FRST.exe
2021-01-28 22:56 - 2021-01-28 22:56 - 000001540 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2021-01-28 22:07 - 2021-01-28 22:07 - 001798297 _____ C:\Users\havra\Desktop\fd.pdf
2021-01-28 22:04 - 2021-01-28 22:04 - 000327832 _____ C:\Users\havra\Desktop\david_franc.tif
2021-01-28 21:09 - 2021-01-28 21:09 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-01-28 21:08 - 2021-01-28 21:08 - 000000000 ____D C:\WINDOWS\Panther
2021-01-28 21:04 - 2021-01-28 21:04 - 000001108 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eM Client.lnk
2021-01-28 20:57 - 2021-01-28 22:46 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-01-27 19:40 - 2021-01-27 19:40 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2021-01-27 19:38 - 2021-01-23 09:15 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-01-27 19:38 - 2021-01-23 09:15 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-01-27 19:38 - 2021-01-23 09:14 - 001855192 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-01-27 19:38 - 2021-01-23 09:14 - 001855192 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-01-27 19:38 - 2021-01-23 09:14 - 001453728 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-01-27 19:38 - 2021-01-23 09:14 - 001193120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-01-27 19:38 - 2021-01-23 09:14 - 001094880 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-01-27 19:38 - 2021-01-23 09:14 - 001094880 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-01-27 19:38 - 2021-01-23 09:14 - 000948952 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-01-27 19:38 - 2021-01-23 09:14 - 000948952 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-01-27 19:38 - 2021-01-23 09:12 - 001512096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-01-27 19:38 - 2021-01-23 09:12 - 001164960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-01-27 19:38 - 2021-01-23 09:12 - 000689312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-01-27 19:38 - 2021-01-23 09:12 - 000680096 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-01-27 19:38 - 2021-01-23 09:12 - 000672928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-01-27 19:38 - 2021-01-23 09:12 - 000613536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-01-27 19:38 - 2021-01-23 09:12 - 000558240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-01-27 19:38 - 2021-01-23 09:12 - 000547488 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-01-27 19:38 - 2021-01-23 09:11 - 008262304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-01-27 19:38 - 2021-01-23 09:11 - 007392928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-01-27 19:38 - 2021-01-23 09:11 - 004611744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-01-27 19:38 - 2021-01-23 09:11 - 002731168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-01-27 19:38 - 2021-01-23 09:11 - 002103456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-01-27 19:38 - 2021-01-23 09:11 - 001589408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-01-27 19:38 - 2021-01-23 09:11 - 000813216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-01-27 19:38 - 2021-01-23 09:11 - 000657056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-01-27 19:38 - 2021-01-23 09:11 - 000446624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-01-27 19:38 - 2021-01-23 09:10 - 007116680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-01-27 19:38 - 2021-01-23 09:10 - 006070848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-01-27 19:38 - 2021-01-23 09:10 - 000850080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-01-27 19:38 - 2021-01-22 23:59 - 000084264 _____ C:\WINDOWS\system32\nvinfo.pb
2021-01-27 19:34 - 2021-01-27 19:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2021-01-25 21:28 - 2021-01-25 21:28 - 118444029 _____ C:\Users\havra\Downloads\DaVinci_Resolve_16_Reference_Manual.pdf
2021-01-25 21:26 - 2021-01-25 21:44 - 2441458126 _____ C:\Users\havra\Downloads\DaVinci_Resolve_17.0b7_Windows(1).zip
2021-01-25 21:02 - 2021-01-25 21:02 - 001116061 _____ C:\Users\havra\Desktop\david_franc.pdf
2021-01-25 17:12 - 2021-01-25 17:12 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2021-01-25 17:12 - 2021-01-25 17:12 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2021-01-25 17:12 - 2021-01-25 17:12 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2021-01-25 17:12 - 2021-01-25 17:12 - 000044064 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2021-01-24 13:06 - 2021-01-24 13:06 - 003048577 _____ C:\Users\havra\Downloads\vecteezy_abstract-watercolor-stroke-design-background_254909.zip
2021-01-24 12:56 - 2021-01-24 12:57 - 060442988 _____ C:\Users\havra\Downloads\Archivar.zip
2021-01-24 12:46 - 2021-01-24 12:46 - 012549894 _____ C:\Users\havra\Downloads\vecteezy_watercolor-flower-frame-background-with-text-space-vector-illustration_563617.zip
2021-01-24 12:46 - 2021-01-24 12:46 - 010779160 _____ C:\Users\havra\Downloads\vecteezy_watercolor-flower-background-illustration-with-text-space-isolated-on-a-white-background-vector-illustration_564125.zip
2021-01-24 12:43 - 2021-01-24 12:43 - 037897324 _____ C:\Users\havra\Downloads\vecteezy_watercolor-pink-floral-card-floral-frame-watercolor-background-with-flowers_146553.zip
2021-01-24 12:42 - 2021-01-24 12:42 - 053215250 _____ C:\Users\havra\Downloads\09.zip
2021-01-24 12:41 - 2021-01-24 12:41 - 019220157 _____ C:\Users\havra\Downloads\vecteezy_save-the-date-watercolor-card-watercolor-floral-card-save-the-date-illustration-with-blue-watercolor-flowers-wedding-painted-card_146556.zip
2021-01-24 12:41 - 2021-01-24 12:41 - 015816158 _____ C:\Users\havra\Downloads\vecteezy_vintage-watercolor-floral-card-watercolor-flowers-on-vintage-background-flowers-watercolor-illustration_146555.zip
2021-01-24 12:18 - 2021-01-24 12:18 - 034939012 _____ C:\Users\havra\Downloads\mega_pack_flowers_by_ikoci_dcdaxux.zip
2021-01-23 17:49 - 2021-01-23 17:49 - 000000000 ____D C:\Users\havra\AppData\Local\M-Photo_Ltd
2021-01-23 17:35 - 2021-01-23 17:35 - 031558304 _____ (CDSM ) C:\Users\havra\Downloads\designer_cdsm_skn-32_210x148_2021_win_cz.exe
2021-01-23 17:32 - 2021-01-23 17:32 - 000000000 ____D C:\ProgramData\M-Photo
2021-01-23 17:31 - 2021-01-23 20:26 - 000000000 ____D C:\CDSM
2021-01-23 17:31 - 2021-01-23 17:31 - 015284974 _____ C:\WINDOWS\SysWOW64\CDSM_CDSM Designer_uninstaller.exe
2021-01-23 17:31 - 2021-01-23 17:31 - 000002317 _____ C:\Users\Public\Desktop\CDSM Designer.lnk
2021-01-23 17:31 - 2021-01-23 17:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDSM
2021-01-23 17:31 - 2021-01-23 17:31 - 000000000 ____D C:\Program Files (x86)\CDSM
2021-01-23 17:19 - 2021-01-23 17:25 - 932341237 _____ C:\Users\havra\Downloads\CDSM_Designer_setup_7.1.7.1.exe
2021-01-20 22:58 - 2021-01-20 22:58 - 000000000 ____D C:\Users\havra\AppData\Local\EopAuthApp
2021-01-20 22:57 - 2021-01-20 22:57 - 000002158 _____ C:\Users\Public\Desktop\eObčanka - Správce karty.lnk
2021-01-20 22:57 - 2021-01-20 22:57 - 000002153 _____ C:\Users\Public\Desktop\eObčanka - identifikace.lnk
2021-01-20 22:57 - 2021-01-20 22:57 - 000000000 ____D C:\Program Files\eObcanka
2021-01-20 22:52 - 2021-01-20 22:52 - 017093800 _____ C:\Users\havra\Downloads\eObcanka_x64.exe
2021-01-19 18:40 - 2021-01-19 18:40 - 000000000 ____D C:\ProgramData\Intel Package Cache {1CEAC85D-2590-4760-800F-8DE5E91F3700}
2021-01-19 18:39 - 2021-01-19 18:39 - 000004206 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1601063328
2021-01-19 18:39 - 2021-01-19 18:39 - 000001395 _____ C:\Users\havra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2021-01-16 23:03 - 2021-01-16 23:33 - 2967829919 _____ C:\Users\havra\Downloads\sarlatan fullhd 2020.mp4
2021-01-15 22:45 - 2021-01-15 22:45 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-15 22:45 - 2021-01-15 22:45 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-15 22:45 - 2021-01-15 22:45 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-15 22:45 - 2021-01-15 22:45 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-15 22:45 - 2021-01-15 22:45 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-15 22:45 - 2021-01-15 22:45 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-15 22:45 - 2021-01-15 22:45 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-15 22:45 - 2021-01-15 22:45 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-15 22:45 - 2021-01-15 22:45 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-15 22:45 - 2021-01-15 22:45 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-15 22:45 - 2021-01-15 22:45 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-15 22:45 - 2021-01-15 22:45 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-15 22:45 - 2021-01-15 22:45 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-15 22:45 - 2021-01-15 22:45 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-15 22:45 - 2021-01-15 22:45 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-15 22:45 - 2021-01-15 22:45 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-15 22:45 - 2021-01-15 22:45 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-15 22:45 - 2021-01-15 22:45 - 000010894 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-01-15 22:44 - 2021-01-15 22:44 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-15 22:44 - 2021-01-15 22:44 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-15 22:44 - 2021-01-15 22:44 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-01-15 22:44 - 2021-01-15 22:44 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-15 22:44 - 2021-01-15 22:44 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-01-15 22:44 - 2021-01-15 22:44 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-15 22:44 - 2021-01-15 22:44 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-15 22:44 - 2021-01-15 22:44 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-15 22:44 - 2021-01-15 22:44 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-15 22:44 - 2021-01-15 22:44 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-15 22:44 - 2021-01-15 22:44 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-15 22:44 - 2021-01-15 22:44 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-15 22:44 - 2021-01-15 22:44 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-15 22:44 - 2021-01-15 22:44 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-01-15 22:43 - 2021-01-15 22:43 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-15 22:43 - 2021-01-15 22:43 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-01-15 22:43 - 2021-01-15 22:43 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-15 22:43 - 2021-01-15 22:43 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-01-15 22:43 - 2021-01-15 22:43 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-15 22:43 - 2021-01-15 22:43 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-15 22:43 - 2021-01-15 22:43 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-15 22:43 - 2021-01-15 22:43 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-10 18:40 - 2021-01-10 18:40 - 000003072 _____ C:\Users\havra\AppData\Roaming\MCLAB Prefsv3
2021-01-10 14:51 - 2021-01-10 14:51 - 000024952 _____ C:\WINDOWS\system32\Drivers\DBUtilDrv2.sys
2021-01-10 11:43 - 2021-01-10 11:43 - 000001904 _____ C:\Users\Public\Desktop\MCLAB.lnk
2021-01-10 11:43 - 2021-01-10 11:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCLAB
2021-01-10 11:41 - 2021-01-10 12:05 - 000000000 ____D C:\Program Files (x86)\MCLAB
2021-01-10 11:28 - 2021-01-10 11:38 - 1212398897 _____ C:\Users\havra\Downloads\MCLAB(1).exe
2020-12-31 20:32 - 2020-12-31 20:32 - 000237517 _____ C:\Users\havra\Desktop\vstupenky-6134947.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-01-30 18:23 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-30 18:20 - 2018-06-26 07:10 - 000000000 ____D C:\ProgramData\NVIDIA
2021-01-30 18:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-01-30 18:10 - 2018-09-06 13:22 - 000000000 ____D C:\Users\havra\AppData\Roaming\WhatsApp
2021-01-30 17:45 - 2020-10-10 12:28 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-30 16:56 - 2018-09-06 22:23 - 000001329 _____ C:\Users\havra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Messenger.lnk
2021-01-30 16:56 - 2018-09-06 22:23 - 000000000 ____D C:\Users\havra\AppData\Local\Messenger
2021-01-30 16:04 - 2018-09-19 21:56 - 000000000 ____D C:\Users\havra\AppData\Roaming\eM Client
2021-01-30 15:43 - 2020-10-10 12:31 - 001693410 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-30 15:43 - 2019-12-07 15:41 - 000719302 _____ C:\WINDOWS\system32\perfh005.dat
2021-01-30 15:43 - 2019-12-07 15:41 - 000145428 _____ C:\WINDOWS\system32\perfc005.dat
2021-01-30 15:43 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-01-30 15:37 - 2019-02-07 20:19 - 000000000 ____D C:\ProgramData\Mozilla
2021-01-30 15:36 - 2019-02-09 13:09 - 000000000 ____D C:\Users\Public\Speedup Sessions
2021-01-30 15:36 - 2018-09-06 12:56 - 000000000 ____D C:\Users\havra\AppData\LocalLow\Mozilla
2021-01-30 15:35 - 2020-10-10 12:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-30 15:35 - 2020-10-10 12:30 - 000000000 ____D C:\Users\havra
2021-01-30 15:35 - 2020-10-10 12:28 - 000008192 ___SH C:\DumpStack.log.tmp
2021-01-30 15:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-01-30 15:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-01-30 15:35 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-01-30 15:35 - 2018-09-06 12:45 - 000000000 __SHD C:\Users\havra\IntelGraphicsProfiles
2021-01-30 11:48 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-01-30 11:12 - 2019-06-20 20:31 - 000000000 ____D C:\Users\havra\AppData\Local\WhatsApp
2021-01-30 10:08 - 2019-10-25 21:19 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-01-30 10:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Registration
2021-01-28 22:56 - 2018-06-26 07:09 - 000000000 ____D C:\Program Files (x86)\Intel
2021-01-28 22:56 - 2018-06-26 07:08 - 000000000 ____D C:\ProgramData\Package Cache
2021-01-28 22:46 - 2018-09-06 12:56 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-01-28 22:45 - 2018-09-06 12:42 - 000000000 ____D C:\ProgramData\Goodix
2021-01-28 21:09 - 2018-09-06 12:56 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-01-28 21:04 - 2018-09-19 21:56 - 000000000 ____D C:\Program Files (x86)\eM Client
2021-01-28 20:55 - 2020-06-05 19:24 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-28 20:55 - 2020-06-05 19:24 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-01-28 20:55 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-28 20:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-28 20:55 - 2018-09-07 10:37 - 000000000 ____D C:\Users\havra\AppData\Local\NVIDIA
2021-01-27 19:35 - 2018-09-06 12:51 - 000000000 ____D C:\Program Files (x86)\Dropbox
2021-01-25 22:55 - 2018-09-06 12:45 - 000000000 ____D C:\Users\havra\AppData\Local\Packages
2021-01-25 22:08 - 2018-11-27 23:53 - 000000000 ____D C:\Program Files\Microsoft Office
2021-01-25 16:44 - 2018-10-11 14:14 - 000000000 ____D C:\Users\havra\AppData\Local\D3DSCache
2021-01-24 12:29 - 2019-01-12 23:08 - 000000000 ____D C:\Users\havra\Downloads\santoro
2021-01-23 17:51 - 2018-09-06 12:51 - 000000938 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2021-01-23 17:51 - 2018-09-06 12:51 - 000000934 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2021-01-23 16:15 - 2018-10-16 20:35 - 000001480 _____ C:\Users\havra\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2021-01-23 16:08 - 2020-10-10 12:35 - 000003998 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2021-01-23 16:08 - 2020-10-10 12:35 - 000003766 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2021-01-23 16:08 - 2018-11-26 14:55 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-20 23:05 - 2018-09-06 13:12 - 000000000 ____D C:\Users\havra\AppData\Local\CrashDumps
2021-01-20 22:05 - 2018-09-06 13:21 - 000000000 ____D C:\Users\havra\AppData\Local\SquirrelTemp
2021-01-20 18:33 - 2020-10-10 12:35 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-01-20 18:33 - 2020-10-10 12:35 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-01-19 23:10 - 2019-07-03 22:40 - 000000000 ____D C:\Users\havra\Desktop\POSLAT FOTO
2021-01-19 22:52 - 2018-09-19 21:56 - 000000000 ____D C:\Users\havra\AppData\Local\eM Client
2021-01-16 22:57 - 2018-09-06 13:03 - 000000000 ____D C:\Users\havra\AppData\Local\PlaceholderTileLogoFolder
2021-01-15 23:48 - 2020-10-10 12:28 - 000630624 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-15 23:47 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-15 23:47 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-15 22:47 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-01-15 22:43 - 2020-10-10 12:31 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-01-15 22:37 - 2018-09-06 12:39 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-01-15 22:35 - 2018-09-06 12:39 - 135062968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-01-13 21:54 - 2020-09-16 22:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-01-10 17:27 - 2018-12-08 14:52 - 000000000 ____D C:\Users\havra\Documents\MCLAB Projects
2021-01-10 11:21 - 2018-09-08 16:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2021-01-09 16:46 - 2018-09-08 16:39 - 000001284 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2021-01-09 16:16 - 2020-11-29 11:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2021-01-09 16:16 - 2018-09-06 13:07 - 000000000 ____D C:\Users\Public\PrivacyPal Sessions
2021-01-02 10:32 - 2018-06-26 07:08 - 000000000 ____D C:\Program Files\Intel
2021-01-02 10:31 - 2020-10-10 12:35 - 000003718 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update
2020-12-31 20:06 - 2020-10-10 12:35 - 000003790 _____ C:\WINDOWS\system32\Tasks\AviraSystemSpeedupUpdate
==================== Files in the root of some directories ========
2018-11-01 09:30 - 2018-11-01 09:30 - 000000033 _____ () C:\Users\havra\AppData\Roaming\AdobeWLCMCache.dat
2021-01-10 18:40 - 2021-01-10 18:40 - 000003072 _____ () C:\Users\havra\AppData\Roaming\MCLAB Prefsv3
2018-10-16 20:35 - 2021-01-23 16:15 - 000001480 _____ () C:\Users\havra\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2018-09-29 23:18 - 2018-09-29 23:18 - 000000000 _____ () C:\Users\havra\AppData\Local\oobelibMkey.log
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-01-2021
Ran by havra (30-01-2021 18:25:20)
Running from C:\Users\havra\Downloads
Windows 10 Home Version 20H2 19042.746 (X64) (2020-10-10 11:35:51)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3433778575-2911662788-3899533387-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3433778575-2911662788-3899533387-503 - Limited - Disabled)
Guest (S-1-5-21-3433778575-2911662788-3899533387-501 - Limited - Disabled)
havra (S-1-5-21-3433778575-2911662788-3899533387-1001 - Administrator - Enabled) => C:\Users\havra
WDAGUtilityAccount (S-1-5-21-3433778575-2911662788-3899533387-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {88AE6B46-DC3C-455A-A21B-085F285A3546}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.23 - Adobe Systems)
Adobe After Effects CC 2018 (HKLM\...\{8ADE49BB-209D-4F01-9B3B-A51F0D8CE9E1}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe After Effects CC 2018 (HKLM-x32\...\AEFT_15_0_0) (Version: 15.0.0 - Adobe Systems Incorporated)
Adobe Ai (HKLM\...\{A6D98A72-324F-4F31-BC36-5118A8EAECDD}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.7.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
Adobe Illustrator CC 2018 (HKLM-x32\...\ILST_22_0_1) (Version: 22.0.1 - Adobe Systems Incorporated)
Adobe Indes (HKLM\...\{CA2E76F3-BB69-486A-88D2-A3D387B69484}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe InDesign CC 2018 (HKLM-x32\...\IDSN_13_0_1) (Version: 13.0.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_1_6) (Version: 19.1.6 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2018 (HKLM\...\{7DC3F900-68E5-40F1-869D-9D20A69D8A1D}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CC 2018 (HKLM-x32\...\PPRO_12_0_0) (Version: 12.0.0 - Adobe Systems Incorporated)
Aktualizace NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{77a9e051-78e4-40ba-8659-8162beadb3fa}) (Version: 20.70.0 - Intel Corporation)
Audiolibrix Manager 2.1.0 (HKLM\...\d2402422-088d-502c-a1d4-8e2ce36e8ce5) (Version: 2.1.0 - Audiolibrix)
Avira (HKLM-x32\...\{161e6084-b0f5-43e8-86d8-09eda5c0893d}) (Version: 1.2.153.30452 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{426D1710-5DFD-45E9-B11D-464792C5AD35}) (Version: 1.2.153.30452 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{fe9700ea-db9c-48bd-9561-b7d053321d04}) (Version: 1.2.152.1479 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2101.2070 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.37.1.24458 - Avira Operations GmbH & Co. KG) Hidden
Avira Privacy Pal (HKLM-x32\...\{F2BC8305-DFBE-4C02-A906-9BBD8EE299A3}_is1) (Version: 2.4.0.1962 - Avira Operations GmbH & Co. KG)
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.0.42.14101 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version: - Avira Operations GmbH & Co. KG;)
Avira Software Updater (HKLM-x32\...\{9F45C615-6D95-47B5-BB0C-D78F6D15DE21}) (Version: 2.0.6.42639 - Avira Operations GmbH & Co. KG) Hidden
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.9.0.11050 - Avira Operations GmbH & Co. KG) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Canon Easy-PhotoPrint Editor (HKLM-x32\...\Canon Easy-PhotoPrint Editor) (Version: 1.4.0 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon iP7200 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP7200_series) (Version: - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
CDSM Designer (HKLM-x32\...\CDSM_CDSM Designer) (Version: - )
Dell Digital Delivery (HKLM-x32\...\{A9758B6E-19FC-4DB4-A031-AFE6C2327A35}) (Version: 3.5.1004.0 - Dell Products, LP)
Dell Mobile Connect Drivers (HKLM\...\{AAB336F0-6FC6-4BFE-AD7E-315FCDF20156}) (Version: 1.1.3750 - Screenovate Technologies Ltd.)
Dell Power Manager Service (HKLM\...\{18469ED8-8C36-4CF7-BD43-0FC9B1931AF8}) (Version: 3.7.0 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{69BD2675-5E9B-440E-ADEE-3AEA812D6900}) (Version: 5.3.1.13866 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{85538c44-3493-4bf6-8d8b-aa13aee53222}) (Version: 5.3.1.13866 - Dell Inc.)
Dell Update - SupportAssist Update Plugin (HKLM\...\{3C4F6923-3BE1-4E6C-8DEE-9EEF1E433795}) (Version: 5.2.1.12926 - Dell Inc.) Hidden
Dell Update - SupportAssist Update Plugin (HKLM-x32\...\{8d32f870-d6fd-4420-b5cb-c29ac65f628d}) (Version: 5.2.1.12926 - Dell Inc.)
Dell Update (HKLM-x32\...\{944FB5B0-9588-45FD-ABE8-73FC879801ED}) (Version: 4.0.0 - Dell Inc.)
Documentation Manager (HKLM\...\{EC7D2299-EAEC-498A-947B-ADC4495AA6D6}) (Version: 22.20.0.6 - Intel Corporation) Hidden
Driver Easy verze 1.5 (HKLM-x32\...\Driver Easy_is1) (Version: 1.5 - )
Dropbox (HKLM-x32\...\Dropbox) (Version: 114.4.426 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.415.1 - Dropbox, Inc.) Hidden
DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 2.0.6875.402 - PC-Doctor, Inc.) Hidden
eM Client (HKLM-x32\...\{D1A4EE66-AD4A-4EBB-91B2-19B5BCEB82B1}) (Version: 8.1.1054.0 - eM Client Inc.)
eObčanka (HKLM\...\{B60846B5-C015-4BCA-AED5-61A696B16159}) (Version: 3.1.3.21015 - MONET+, a.s. pro Ministerstvo vnitra České republiky)
FormatFactory 4.3.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.3.0.0 - Free Time)
Goodix Fingerprint Driver (HKLM\...\{60FAB781-18F2-4D2B-A8E7-B3AADD327955}_is1) (Version: 1.0.33.800 - Goodix, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.104 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Intel Driver && Support Assistant (HKLM-x32\...\{F0E9774D-C5A1-4C83-89F9-191E1334D476}) (Version: 21.1.5.2 - Intel) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{D40D4164-EEDB-4F0F-85C6-2058A9E34CC7}) (Version: 2.4.04370 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.4.10501.6067 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2014.14.0.1540 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.4973 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.7.0.1006 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1727.1 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.60.155.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{047f2156-ee7f-4a24-b3c2-c0c5c2c81557}) (Version: 1.60.155.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000020-0220-1029-84C8-B8D95FA3C8C3}) (Version: 22.20.0.3 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{beabe998-b0dd-460a-82c3-f48ff70bca66}) (Version: 21.1.5.2 - Intel)
Intel® Chipset Device Software (HKLM-x32\...\{55d73ea7-6354-42db-8831-02d048ae57f8}) (Version: 10.1.17541.8066 - Intel(R) Corporation) Hidden
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{7EBADAB6-B7AC-4560-85A7-FF345559F193}) (Version: 17.2.6.1027 - Intel Corporation)
Intel® Software Installer (HKLM-x32\...\{4a50fa17-2911-43ed-a2a1-d3a34411e2bb}) (Version: 21.110.2.1 - Intel Corporation) Hidden
Intel® Software Installer (HKLM-x32\...\{76cc8e2a-8308-43d3-a3c3-423d2a1ca435}) (Version: 22.20.0.6 - Intel Corporation) Hidden
jwDuplFiles 2.0 (HKLM-x32\...\jwDuplFiles_is1) (Version: - jw)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.2.15 - PandoraTV)
LibreOffice 6.4.2.2 (HKLM\...\{366B3DEE-791D-4044-AC14-4FE2265754BA}) (Version: 6.4.2.2 - The Document Foundation)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
MCLAB (HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\MCLAB) (Version: MCLAB 2019.3.0 - Computer MCL Brno, spol. s.r.o.)
Messenger for Desktop (HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\{4e2a4302-5df4-5868-a685-36c844414384}) (Version: 3.0.15 - MFD LABS LTD)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.13530.20440 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.53 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.71 - )
Microsoft OneDrive (HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\Teams) (Version: 1.3.00.12058 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{97238E8A-4919-4A1E-965A-C6C36938F4CE}) (Version: 2.68.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{2749c485-3a8b-4533-92ff-7cf6e8221cff}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Mozilla Firefox 85.0 (x64 cs) (HKLM\...\Mozilla Firefox 85.0 (x64 cs)) (Version: 85.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0.1 - Mozilla)
Mozilla Thunderbird 60.9.1 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 60.9.1 (x86 cs)) (Version: 60.9.1 - Mozilla)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.1 - Nikon)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 461.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.40 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.20.0221 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.20.0221 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13530.20440 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13530.20440 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13530.20440 - Microsoft Corporation) Hidden
Opera Stable 73.0.3856.344 (HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\Opera 73.0.3856.344) (Version: 73.0.3856.344 - Opera Software)
PicosmosTools 2.0.0.0 (HKLM-x32\...\PicosmosTools) (Version: 2.0.0.0 - Free Time)
Product Key Recovery (HKLM-x32\...\Product Key Recovery) (Version: - SmartKey, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.18362.31252 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8443 - Realtek Semiconductor Corp.)
Seznam Software (HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\SeznamInstall) (Version: 2.1.32 - Seznam.cz)
SmartByte Drivers and Services (HKLM\...\{9668B1BB-D0FE-4C0C-800C-B1555E069A62}) (Version: 3.1.940 - Název společnosti:)
Thunderbolt™ Software (HKLM-x32\...\{30F0067F-DD79-431B-BA5F-6CB4897785A5}) (Version: 17.4.79.510 - Intel Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Viber (HKLM-x32\...\{42C4FDB0-2783-46D1-8160-9C6A353E05CC}) (Version: 9.6.0.12 - Viber Media Inc.) Hidden
Viber (HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\{984742de-418e-4f95-ac61-487a3cee7822}) (Version: 9.6.0.12 - Viber Media Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-4) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.191 - McAfee, LLC)
WhatsApp (HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\WhatsApp) (Version: 2.2102.8 - WhatsApp)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.60 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)
YouTubePlayer version 1.4 (HKLM-x32\...\{719F8D15-70B1-4AFA-A611-3EE118499D9F}_is1) (Version: 1.4 - YouTubePlayer)
Zoom (HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.)
Packages:
=========
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_2.9.0.1_neutral__6e5tt8cgb93ep [2021-01-16] (Canon Inc.)
Dell Customer Connect -> C:\Program Files\WindowsApps\DellInc.DellCustomerConnect_5.2.45.0_x64__htrsf667h5kn2 [2020-07-28] (Dell Inc)
Dell Mobile Connect -> C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.1.9518.0_x64__0vhbc3ng4wbp0 [2020-07-18] (Screenovate Technologies) [Startup Task]
Dell Power Manager -> C:\Program Files\WindowsApps\DellInc.DellPowerManager_3.7.10.0_x64__htrsf667h5kn2 [2020-10-10] (Dell Inc)
Dell Product Registration -> C:\Program Files\WindowsApps\DellInc.DellProductRegistration_3.4.6.0_x64__htrsf667h5kn2 [2018-06-26] (Dell Inc)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.5.201.0_x64__rz1tebttyb220 [2020-09-26] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-09] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2018-09-30] (Microsoft Corporation)
Hidden City: Hidden Object Adventure -> C:\Program Files\WindowsApps\828B5831.HiddenCityMysteryofShadows_1.37.3702.0_x86__ytsefhwckbdv6 [2020-10-01] (G5 Entertainment AB)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.2.0_neutral__8xx8rvfyw5nnt [2020-06-03] (Instagram)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2018-09-06] (LinkedIn)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_730.2.121.0_x64__8xx8rvfyw5nnt [2020-10-25] (Facebook Inc) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-10] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-10] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-25] (Microsoft Studios) [MS Ad]
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.28.32802.0_x64__8wekyb3d8bbwe [2020-10-25] (Microsoft Corporation) [Startup Task]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-18] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-01-27] (NVIDIA Corp.)
O2 TV -> C:\Program Files\WindowsApps\D8378DF7.O2TVGo_20182.0.25.0_x64__tqn3m7kee4xc8 [2020-08-05] (O2 Czech Republic a.s.)
RAR Opener -> C:\Program Files\WindowsApps\DeviceDoctor.RAROpener_1.3.48.0_x64__mkdtfchztkfbm [2018-09-07] (Tiny Opener)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-26] (Microsoft Corporation)
SmartByte -> C:\Program Files\WindowsApps\RivetNetworks.SmartByte_3.1.940.0_x64__rh07ty8m5nkag [2020-09-06] (Rivet Networks LLC)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0 [2020-10-25] (Spotify AB) [Startup Task]
SupportAssist Driver Update -> C:\Program Files\WindowsApps\DriverToaster_1.5.0.0_x86__rqs2nt378nwsp [2018-09-06] (Dell Inc.)
To-Do Prime -> C:\Program Files\WindowsApps\28251VinodShinde.To-DoPrime_1.50.40.0_x64__m4hs2z1tqny7y [2020-06-03] (Vinod Shinde)
ToDo-List -> C:\Program Files\WindowsApps\35998AlexanderSworski.ToDo-List_1.1.9.0_x64__f1p03rq2y10n8 [2020-06-03] (Alexander Sworski)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2019-08-02] (Microsoft Corporation)
Váš telefon -> C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20092.123.0_x64__8wekyb3d8bbwe [2020-10-25] (Microsoft Corporation)
Waves MaxxAudio Pro for Dell -> C:\Program Files\WindowsApps\WavesAudio.WavesMaxxAudioProforDell_1.1.131.0_x64__fh4rh281wavaa [2018-09-06] (Waves Audio)
WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2041.7.0_x64__cv1g1gvanyjgm [2020-10-25] (WhatsApp Inc.)
Wunderlist: To-Do List & Tasks -> C:\Program Files\WindowsApps\6Wunderkinder.Wunderlist_3.6.43.0_x64__b4cwydgxqx59r [2020-05-01] (6 Wunderkinder GmbH)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-8910E2A5A6E5} -> [Creative Cloud Files] => C:\Users\havra\Creative Cloud Files [2018-09-07 10:35]
CustomCLSID: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\havra\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20031.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (IDSA Production signing key 2021 -> Intel)
CustomCLSID: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_ea0ec4bdf897f2a9\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
CustomCLSID: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\havra\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20031.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\havra\Dropbox [2018-09-06 12:53]
CustomCLSID: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-03-19] () [File not signed] [File is in use]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time) [File not signed]
ContextMenuHandlers1: [PicosmosShell] -> {A3888921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\PicosmosTools\ShellEx64_100.dll [2018-05-12] (Free Time) [File not signed]
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-12-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-01-30] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-03-19] () [File not signed] [File is in use]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time) [File not signed]
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-12-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki127005.inf_amd64_753576c4406c1193\igfxDTCM.dll [2018-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvdmi.inf_amd64_b706d4e32506a94f\nvshext.dll [2021-01-23] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-12-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-01-30] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2021-01-27 05:00 - 2021-01-27 05:00 - 000011264 _____ () [File not signed] [File is in use] C:\Program Files (x86)\eM Client\cs\MailClient.Accounts.resources.dll
2021-01-27 05:00 - 2021-01-27 05:00 - 000009216 _____ () [File not signed] [File is in use] C:\Program Files (x86)\eM Client\cs\MailClient.Common.UI.resources.dll
2021-01-27 05:00 - 2021-01-27 05:00 - 000004608 _____ () [File not signed] [File is in use] C:\Program Files (x86)\eM Client\cs\MailClient.Imap.Base.resources.dll
2021-01-27 05:00 - 2021-01-27 05:00 - 000007680 _____ () [File not signed] [File is in use] C:\Program Files (x86)\eM Client\cs\MailClient.Protocols.resources.dll
2021-01-27 05:00 - 2021-01-27 05:00 - 000794624 _____ () [File not signed] [File is in use] C:\Program Files (x86)\eM Client\cs\MailClient.resources.dll
2021-01-30 16:58 - 2021-01-30 16:58 - 001036288 _____ () [File not signed] \\?\C:\Users\havra\AppData\Local\Temp\358de90b-de58-4692-944d-a5d5c0ef3fe0.tmp.node
2021-01-27 05:00 - 2021-01-27 05:00 - 093837824 _____ () [File not signed] C:\Program Files (x86)\eM Client\libcef\libcef.dll
2012-09-23 19:44 - 2012-09-23 19:44 - 000010240 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\cs_cz\Acrobat Elements\ContextMenuShim64.cze
2020-04-26 18:12 - 2012-06-14 16:18 - 000359936 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2013-06-17 18:33 - 2013-06-17 18:33 - 000090112 _____ (Free Time) [File not signed] C:\Program Files (x86)\FormatFactory\ShellEx64_103.dll
2018-05-12 09:52 - 2018-05-12 09:52 - 000169984 _____ (Free Time) [File not signed] C:\Program Files (x86)\PicosmosTools\ShellEx64_100.dll
2020-08-14 20:29 - 2020-08-14 20:29 - 000122880 _____ (Rivet Networks) [File not signed] C:\Program Files\Rivet Networks\SmartByte\KillerNetworkServicePS.dll
2021-01-09 18:18 - 2021-01-09 18:18 - 000913920 _____ (ServiceStack) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\ServiceStack.Text\8ca4971d44541d48e21f0e804700d8fc\ServiceStack.Text.ni.dll
2021-01-27 05:00 - 2021-01-27 05:00 - 000944840 _____ (SQLite Development Team) [File not signed] C:\Program Files (x86)\eM Client\win-x86\sqlite3.native.dll
2021-01-27 05:00 - 2021-01-27 05:00 - 000729600 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\eM Client\libcef\chrome_elf.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=12454
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001 -> DefaultScope {A9AF42DC-6834-4230-9184-7E01AB6C6C61} URL =
SearchScopes: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001 -> {2584D045-063D-450C-98AD-71BF606488E0} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001 -> {2D8CFB70-2A7C-4B09-A4AE-4AA42963E74F} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001 -> {404DF86F-9171-4780-9A69-E0CB5B03D7F1} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001 -> {4EB8507E-BCB3-4FD8-99F7-4C9D2CA1B2FF} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001 -> {5ECF9F50-8DC8-4235-B99F-BB72F0B9676B} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001 -> {80C5279E-71D9-4FBE-A897-AD6F86BA3415} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001 -> {ABC04BB9-8A5C-42B9-9096-AD53C9BFAFAD} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001 -> {B55C3FE5-1A80-4699-9CFE-27CFE26031B0} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001 -> {D60B70BD-5559-4ABD-8427-10519DFA8989} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2021-01-30] (McAfee, LLC -> McAfee, LLC)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-01-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2021-01-30] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-13] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 14:46 - 2017-09-29 14:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\havra\Pictures\received_1086403274730104.jpeg
DNS Servers: 217.30.64.53 - 217.30.64.54
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => ""
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => ""
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\StartupApproved\StartupFolder: => "Mámemail Pošťák.lnk"
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\StartupApproved\StartupFolder: => "wandoujia_helper.lnk"
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\StartupApproved\Run: => ""
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{B7E4CB5C-4677-45EE-94D5-7E8A2F23293F}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.1.9518.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
FirewallRules: [{C0A89B7C-9105-4F35-8858-708EAA60411E}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.1.9518.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
FirewallRules: [UDP Query User{212C20BC-137F-43EB-885C-B8C4C539DFC5}C:\users\havra\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\havra\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{176C1347-C60F-46F6-AC83-0E6751DB00FC}C:\users\havra\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\havra\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4DB21198-77BC-4E90-850B-64BA1AF98F52}] => (Allow) C:\Users\havra\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{25F76282-CDF2-4CD0-8EBE-A208191F9E13}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Package\PTInstOnline.exe (Free Time Co., Ltd. -> Free Time)
FirewallRules: [{760703AB-EE0A-4B2C-A7CB-C02AA949D984}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{505499DB-FD03-4DF5-A32F-55A993C75BCB}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [{DBEA28E5-A32B-4E93-9B9C-FE70B4889085}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{AA98CD5C-E06F-448C-A898-91A046A63904}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [{99E1E210-63A5-4793-8F07-BDCFF753165F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5ABF222D-413E-469E-B46C-E963E08B2AA5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{8DD45874-DA23-4B61-A18D-86204FE3E5AF}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{8E22717A-5C5F-49F6-B9A7-8CEEA56A943D}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F278C01F-80E8-4F5A-871E-06CFE55BD66F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A06B78A5-F357-4EED-947A-D9657CAEE6D3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{22BDA38D-1D63-4317-AC2A-892EFA16C6A4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16050.11029.20079.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{55D0626F-0F34-44D2-9068-42A8FE80F352}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{8E6CC5F3-4F42-4359-833D-5EC18F0AABD3}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{6430A3B2-BAF8-48DF-9B7B-9F1F442E1768}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{8E221DD1-C533-40DC-9155-18FDA6D7B22C}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{915A6952-80B4-4564-9F19-E866EC2C1194}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{E44C1914-7F2F-4F70-A971-A8298A7310B9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{690E41BF-EAE2-4B47-8DA5-63B3CC8BE3E0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1AB60A55-21D4-46DC-B065-DD9F9E898F4D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{69F8F2B6-04E7-4142-94C1-6E5F6D805FD6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6312DBD9-5D58-41DA-B2D1-C9ABD4EB75A7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2629352C-3E52-42AD-BFDE-189BCE8A0888}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E8A37CB1-253C-4C13-A8E6-EEB265FF8C00}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D425733F-3728-4BDC-9E07-A72E0525AFB0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A81CF913-0263-4EC7-837F-3C16E23B3344}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{76580351-9979-41FC-9182-26E3A48E1AE3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B851B1A2-08BF-4925-AE50-B8A55CB6ACB0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D53D16F1-B1AD-45C1-9F0E-0CDF38798059}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EDF11564-BF1C-40DC-939F-6A91418C2782}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8EE88FD5-920E-4889-944C-887D928F0B5C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{119EB0A3-E3BA-46BC-B30D-F417B4E1B473}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5CA86DC2-5020-44B4-9B10-8D46F6459FF1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E0CF9C58-AD88-47F3-BA26-CF4BFB06892A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{23C6B9E2-5249-4A49-AB6A-85B15B8AE42E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{885639C8-191E-4B4A-8244-AD0D3A4E1D72}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{1690DA0E-31DA-4ADF-8F45-FC8883358545}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{CFD8D370-B812-469E-9769-7D474311FE42}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{F2CF45C4-8536-4CDC-A0B0-69430823DE76}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
==================== Restore Points =========================
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/30/2021 11:46:06 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).
Error: (01/30/2021 10:08:24 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (01/30/2021 10:05:32 AM) (Source: DellCommandPowerManager) (EventID: 0) (User: )
Description: Error from DellPowerManager.exe GUI-ATA02
Message: Invalid alert info: 000300000008000700000000
Error: (01/28/2021 08:57:48 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (01/28/2021 08:54:35 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).
Error: (01/27/2021 07:34:54 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Objekt nebo vlastnost nebyly nalezeny.
Error: (01/27/2021 07:34:53 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Objekt nebo vlastnost nebyly nalezeny.
Error: (01/27/2021 07:32:59 PM) (Source: DellCommandPowerManager) (EventID: 0) (User: )
Description: Error from DellPowerManager.exe GUI-ATA02
Message: Invalid alert info: 000300000008000700000000
System errors:
=============
Error: (01/30/2021 06:20:57 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.
Error: (01/30/2021 05:42:50 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (01/30/2021 01:34:09 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (01/30/2021 12:25:47 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (01/28/2021 11:06:31 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (01/28/2021 10:59:25 PM) (Source: volsnap) (EventID: 25) (User: )
Description: Stínové kopie svazku C: byly smazány, protože úložiště stínové kopie nebylo možné včas zvětšit. Zvažte možnost snížení vstupně-výstupního zatížení systému nebo zvolte svazek úložiště stínové kopie, pro který není vytvářena stínová kopie.
Error: (01/28/2021 10:46:31 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (22:08:36, 28.01.2021) bylo neočekávané.
Error: (01/28/2021 10:45:06 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
CodeIntegrity:
===================================
Date: 2020-10-24 15:29:14.0600000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Avira\Antivirus\libcurl.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. 1.14.0 10/29/2020
Motherboard: Dell Inc. 0JGKPC
Processor: Intel(R) Core(TM) i7-8750H CPU @ 2.20GHz
Percentage of memory in use: 64%
Total physical RAM: 16240.71 MB
Available physical RAM: 5730.84 MB
Total Virtual: 22393.19 MB
Available Virtual: 8613.32 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:462.7 GB) (Free:5.84 GB) NTFS
\\?\Volume{b4fca574-aaf3-4053-bd44-f45a28cb866a}\ (WINRETOOLS) (Fixed) (Total:0.79 GB) (Free:0.28 GB) NTFS
\\?\Volume{f0fabba5-6b6f-4d9e-8691-130082bf8c98}\ (Image) (Fixed) (Total:11.54 GB) (Free:0.15 GB) NTFS
\\?\Volume{f8802ac2-6042-4b30-abe7-21b009ba693a}\ (DELLSUPPORT) (Fixed) (Total:1.14 GB) (Free:0.34 GB) NTFS
\\?\Volume{80085436-f96a-42a2-bfaf-7f82caca7bab}\ (ESP) (Fixed) (Total:0.63 GB) (Free:0.56 GB) FAT32
==================== MBR & Partition Table ====================
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-01-2021
Ran by havra (administrator) on DESKTOP-2OHMFH6 (Dell Inc. G3 3779) (30-01-2021 18:23:40)
Running from C:\Users\havra\Downloads
Loaded Profiles: havra
Platform: Windows 10 Home Version 20H2 19042.746 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell INC.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(eM Client, s.r.o. -> eM Client s.r.o.) C:\Program Files (x86)\eM Client\MailClient.exe <3>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(IDSA Production signing key 2021 -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(IDSA Production signing key 2021 -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(IDSA Production signing key 2021 -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127005.inf_amd64_753576c4406c1193\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127005.inf_amd64_753576c4406c1193\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127005.inf_amd64_753576c4406c1193\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127005.inf_amd64_753576c4406c1193\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_0c50c5dc47ed0efe\RstMwService.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(MFD LABS LTD -> MFD LABS LTD) C:\Users\havra\AppData\Local\Programs\messengerfordesktop\Messenger for Desktop.exe <3>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_3.7.142.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2009.4.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12010.1001.2.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <13>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_b706d4e32506a94f\Display.NvContainer\NVDisplay.Container.exe <2>
(Opera Software AS -> Opera Software) C:\Users\havra\AppData\Local\Programs\Opera\assistant\browser_assistant.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <3>
(Rivet Networks LLC -> Rivet Networks LLC) C:\Program Files\Rivet Networks\SmartByte\RAPS.exe
(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe
(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
(Rivet Networks LLC -> Rivet Networks, LLC.) C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_ea0ec4bdf897f2a9\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_ea0ec4bdf897f2a9\WavesSysSvc64.exe
(WhatsApp, Inc -> WhatsApp) C:\Users\havra\AppData\Local\WhatsApp\app-2.2102.8\WhatsApp.exe <6>
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320056 2019-08-28] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [834336 2019-02-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_ea0ec4bdf897f2a9\WavesSvc64.exe [1222928 2018-04-30] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7992336 2021-01-25] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [705728 2020-11-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [331040 2020-12-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [286064 2021-01-25] (IDSA Production signing key 2021 -> Intel)
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\havra\AppData\Local\Microsoft\Teams\Update.exe [2339472 2020-05-07] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\Run: [] => [X]
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\Run: [Opera Browser Assistant] => C:\Users\havra\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3154456 2020-11-25] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [4708328 2021-01-15] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
HKLM\...\Windows x64\Print Processors\Canon iP7200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBA.DLL [30208 2012-04-16] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [55432 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\Canon BJ Language Monitor iP7200 series: C:\Windows\system32\CNMLMBA.DLL [389120 2012-04-16] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [359936 2012-06-14] (CANON INC.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.104\Installer\chrmstp.exe [2021-01-23] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {03F455CA-DB34-47DF-8CCB-F018A591C074} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23062920 2021-01-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {0EBF024B-C829-4608-BDC2-792D33552D1D} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {113683D9-9297-4156-8DF5-7A619BD6CC6F} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {1A6545DC-08D1-479C-8482-CF1952AE8498} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-09-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {34A0C1F7-F000-40F9-B221-C805C21BD5F2} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {37A7AA81-8360-4984-AB24-3F6EAED4E25D} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [29934096 2020-12-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {3A5B2645-1E38-403E-8D20-68C43A0A0A70} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3E73DEBB-4F68-4605-99C3-7B630690EAD3} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2021-01-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {4024C783-6370-4761-9010-4C34944A3A92} - System32\Tasks\Opera scheduled assistant Autoupdate 1601063340 => C:\Users\havra\AppData\Local\Programs\Opera\launcher.exe [1583256 2021-01-14] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\havra\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {4FB18B6C-D8E5-46A0-B28E-1A7A2E771CE7} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {50A28E7D-8692-4D6E-997F-52C40AFEE192} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5752B731-7117-44DD-BB24-531AEEEDDADE} - System32\Tasks\Adobe Uninstaller => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410968 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
Task: {5778B5B3-A497-4E27-80A5-72953A752247} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5B7AC550-0C2C-4679-81C0-032FE8CDC77B} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6710DC49-4BAE-4925-9082-562BDB2089D4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-26] (Google Inc -> Google Inc.)
Task: {69C77036-2A96-414C-B020-B8048957B88D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-26] (Google Inc -> Google Inc.)
Task: {71A3787B-CEE9-4F0B-886E-477269A719B7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {7BD6625E-053E-4918-A7FB-5944B4D2A595} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8844FBFE-18DB-4365-986B-7581B9C424EE} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-09-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {8922BD8B-A4D5-42A5-A5C2-FF7DE114119C} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {8C25766F-F412-41DA-9C10-09E2767A938F} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {8C6ACEE0-8DA2-4844-A6A1-55A0DEFEE003} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {92E732FE-C535-4B9F-BA00-F25CCF916193} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {947D9F7B-D6E3-4C65-AC7F-39094C783294} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {94CA4961-A252-495A-BF2B-98BBC0D1170F} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {952700EB-1DFA-4487-A272-376FB1E9BE51} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1547160 2021-01-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {98548407-1358-4CD1-8005-45070148A685} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23062920 2021-01-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {9C9EC591-BC4B-4251-9DCC-F26938213013} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {9F090741-E54D-4030-9975-1C88BD2EBB99} - System32\Tasks\SmartByte Telemetry => C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe [95072 2020-08-14] (Rivet Networks LLC -> DELL)
Task: {A1A4AEE7-07BD-42A7-A663-E8669D1766C4} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2649200 2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {AC436E73-FF26-43BE-AAD8-9D20CE6E9BEC} - System32\Tasks\Opera scheduled Autoupdate 1601063328 => C:\Users\havra\AppData\Local\Programs\Opera\launcher.exe [1583256 2021-01-14] (Opera Software AS -> Opera Software)
Task: {AC88252D-6922-4218-9678-6168EAFDF9AD} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {B55DD385-0860-49ED-940E-4F6746358E1F} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2021-01-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {B5DB60C3-0F97-41E8-BB18-0D5DEE682E67} - System32\Tasks\Avira_Security_Update => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [233184 2020-12-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {BC203149-3E40-473E-91DA-AB3940E0EFC8} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [677344 2021-01-28] (Mozilla Corporation -> Mozilla Foundation)
Task: {BD36FA78-D46F-489A-B1E2-7178994FABDA} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {C07FFD26-4556-48CD-9932-9AAD19FDCC23} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2302168 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {D3F976F5-48A5-40BB-B8F8-B3FFD528EB39} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-10] (Adobe Inc. -> Adobe)
Task: {D9D77C24-BF4B-4F32-A26F-24CDAD9AE415} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [331040 2020-12-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {E6116DEC-0801-4BAF-B044-B612D8FE1704} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {E7A3FD8C-6D80-43A0-B293-872680FF3BAF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-10] (Adobe Inc. -> Adobe)
Task: {F1507717-0C4E-4038-9E6A-D6E3263756A3} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-havraniveta@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 217.30.64.53 217.30.64.54 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{3f6949a5-7cd0-488b-97c6-e7ca22185103}: [DhcpNameServer] 212.80.66.7 10.0.0.2 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{71a4fd38-48ec-4a85-acae-fcdc5bd5ff02}: [DhcpNameServer] 217.30.64.53 217.30.64.54 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{a599493c-d9be-4c72-a21f-e249e5e7d470}: [DhcpNameServer] 8.8.8.8 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\havra\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-30]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: 0gut8d9h.default
FF ProfilePath: C:\Users\havra\AppData\Roaming\Mozilla\Firefox\Profiles\0gut8d9h.default [2021-01-30]
FF Session Restore: Mozilla\Firefox\Profiles\0gut8d9h.default -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\0gut8d9h.default -> hxxps://postovnezdarma.cz; hxxps://paleosnadno.cz; hxxps://teams.microsoft.com; hxxps://www.slevomat.cz; hxxps://www.maccosmetics.cz
FF Extension: (To Google Translate) - C:\Users\havra\AppData\Roaming\Mozilla\Firefox\Profiles\0gut8d9h.default\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2020-11-11]
FF Extension: (VratnePenize.cz Připomínáček) - C:\Users\havra\AppData\Roaming\Mozilla\Firefox\Profiles\0gut8d9h.default\Extensions\toolbar@vratnepenize.cz.xpi [2020-05-23]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\havra\AppData\Roaming\Mozilla\Firefox\Profiles\0gut8d9h.default\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2021-01-30]
FF Extension: (WA Web Plus for WhatsApp™) - C:\Users\havra\AppData\Roaming\Mozilla\Firefox\Profiles\0gut8d9h.default\Extensions\{e5b78745-5fde-4ebf-b8c7-465120c9dfe4}.xpi [2020-06-18]
FF Extension: (No Name) - C:\Users\havra\AppData\Roaming\Mozilla\Firefox\Profiles\0gut8d9h.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2017-11-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-10] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-10] (Adobe Inc. -> )
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2017-10-17] (CANON INC.) [File not signed]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\S-1-5-21-3433778575-2911662788-3899533387-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\havra\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-19] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
Chrome:
=======
CHR Profile: C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default [2021-01-30]
CHR Extension: (Prezentace) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-11-26]
CHR Extension: (Dokumenty) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-11-26]
CHR Extension: (Disk Google) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-28]
CHR Extension: (YouTube) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-11-26]
CHR Extension: (Avira Password Manager) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2021-01-28]
CHR Extension: (Adobe Acrobat) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-01-28]
CHR Extension: (Tabulky) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-11-26]
CHR Extension: (Avira Browser Safety) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2021-01-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-01-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-10-11]
CHR Extension: (Gmail) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-28]
CHR Extension: (Chrome Media Router) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-28]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-11-01]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Opera:
=======
OPR Profile: C:\Users\havra\AppData\Roaming\Opera Software\Opera Stable [2021-01-30]
OPR Extension: (Avira Safe Shopping) - C:\Users\havra\AppData\Roaming\Opera Software\Opera Stable\Extensions\dalelnnofafalcmkmnhdbigbjjkloabo [2020-09-25]
OPR Extension: (Avira Password Manager) - C:\Users\havra\AppData\Roaming\Opera Software\Opera Stable\Extensions\ngohaaocccbohaffogpbgfpmpgbcgccg [2020-09-25]
OPR Extension: (Free Avira Phantom VPN – Unblock Websites) - C:\Users\havra\AppData\Roaming\Opera Software\Opera Stable\Extensions\pcgkmkjdikhiodinhloioejnpjgmfigd [2020-09-25]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-10] (Adobe Inc. -> Adobe)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1205960 2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [537472 2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [483432 2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [483432 2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [573960 2021-01-14] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [636592 2020-11-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2988544 2020-06-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [384360 2020-12-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [244888 2020-12-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [161072 2020-12-16] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8960384 2021-01-19] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-09-06] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-09-06] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44064 2021-01-25] (Dropbox, Inc -> Dropbox, Inc.)
S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [315008 2020-08-18] (Dell Inc -> Dell Inc.)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [19128 2020-12-25] (Dell Inc -> Dell INC.)
S3 Dell.CommandPowerManager.Service; C:\WINDOWS\system32\dllhost.exe /Processid:{FB532BEF-8DC0-4B53-BCCC-887E4E733C3C} [21312 2020-11-06] (Microsoft Windows -> Microsoft Corporation)
S3 Dell.CommandPowerManager.Service; C:\WINDOWS\system32\dllhost.exe /Processid:{FB532BEF-8DC0-4B53-BCCC-887E4E733C3C} [21312 2020-11-06] (Microsoft Windows -> Microsoft Corporation)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38592 2020-10-29] (Dell Inc -> )
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-01-30] (Malwarebytes Inc -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [958216 2021-01-30] (McAfee, LLC -> McAfee, LLC)
R2 RAPSService; C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe [64848 2020-08-14] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [64856 2020-08-14] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 SmartByte Analytics Service; C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe [1630576 2020-08-14] (Rivet Networks LLC -> Rivet Networks)
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2385256 2020-08-14] (Rivet Networks LLC -> Rivet Networks)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvdmi.inf_amd64_b706d4e32506a94f\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvdmi.inf_amd64_b706d4e32506a94f\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [78936 2019-06-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22336 2019-02-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [207424 2020-11-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [199752 2020-05-06] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [89736 2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [45472 2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R3 DBUtilDrv2; C:\WINDOWS\System32\drivers\DBUtilDrv2.sys [24952 2021-01-10] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [36400 2018-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2021-01-30] (Malwarebytes Corporation -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220600 2021-01-30] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-01-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198248 2021-01-30] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-01-30] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-01-30] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [142440 2021-01-30] (Malwarebytes Inc -> Malwarebytes)
R3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2020-03-18] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
R3 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [164424 2020-08-14] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [25608 2020-10-08] (AVG Technologies CZ, s.r.o. -> SlimWare Utilities, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 NVHDA; \SystemRoot\system32\drivers\nvhda64v.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-01-30 16:57 - 2021-01-30 16:57 - 000709264 _____ (MFD LABS LTD) C:\Users\havra\Downloads\messengerfordesktop-setup(1).exe
2021-01-30 16:53 - 2021-01-30 18:01 - 000000000 ____D C:\Users\havra\AppData\Roaming\Messenger for Desktop
2021-01-30 16:53 - 2021-01-30 16:57 - 000002535 _____ C:\Users\havra\Desktop\Messenger for Desktop.lnk
2021-01-30 16:53 - 2021-01-30 16:53 - 000709264 _____ (MFD LABS LTD) C:\Users\havra\Downloads\messengerfordesktop-setup.exe
2021-01-30 16:53 - 2021-01-30 16:53 - 000002543 _____ C:\Users\havra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Messenger for Desktop.lnk
2021-01-30 16:53 - 2021-01-30 16:53 - 000000000 ____D C:\Users\havra\AppData\Local\messengerfordesktop-updater
2021-01-30 15:36 - 2021-01-30 15:36 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-01-30 15:35 - 2021-01-30 15:35 - 000198248 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-01-30 15:35 - 2021-01-30 15:35 - 000142440 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-01-30 11:57 - 2021-01-30 11:57 - 000007879 _____ C:\Users\havra\Desktop\text.txt
2021-01-30 11:48 - 2021-01-30 11:48 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-01-30 11:48 - 2021-01-30 11:48 - 000220600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-01-30 11:48 - 2021-01-30 11:47 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-01-30 11:27 - 2021-01-30 11:48 - 000002043 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-01-30 11:27 - 2021-01-30 11:48 - 000002031 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-01-30 11:27 - 2021-01-30 11:47 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-01-30 11:27 - 2021-01-30 11:27 - 000000000 ____D C:\Users\havra\AppData\Local\mbam
2021-01-30 11:27 - 2021-01-30 11:27 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-01-30 11:26 - 2021-01-30 11:26 - 000000000 ____D C:\Program Files\Malwarebytes
2021-01-30 11:25 - 2021-01-30 11:25 - 002086424 _____ (Malwarebytes) C:\Users\havra\Downloads\MBSetup.exe
2021-01-30 10:46 - 2021-01-30 10:46 - 002297856 _____ (Farbar) C:\Users\havra\Downloads\FRST64(1).exe
2021-01-30 10:40 - 2021-01-30 10:42 - 000055469 _____ C:\Users\havra\Downloads\Addition.txt
2021-01-30 10:34 - 2021-01-30 18:24 - 000039769 _____ C:\Users\havra\Downloads\FRST.txt
2021-01-30 10:33 - 2021-01-30 18:24 - 000000000 ____D C:\FRST
2021-01-30 10:33 - 2021-01-30 10:33 - 002297856 _____ (Farbar) C:\Users\havra\Downloads\FRST64.exe
2021-01-30 10:32 - 2021-01-30 10:32 - 001989632 _____ (Farbar) C:\Users\havra\Downloads\FRST.exe
2021-01-28 22:56 - 2021-01-28 22:56 - 000001540 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2021-01-28 22:07 - 2021-01-28 22:07 - 001798297 _____ C:\Users\havra\Desktop\fd.pdf
2021-01-28 22:04 - 2021-01-28 22:04 - 000327832 _____ C:\Users\havra\Desktop\david_franc.tif
2021-01-28 21:09 - 2021-01-28 21:09 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-01-28 21:08 - 2021-01-28 21:08 - 000000000 ____D C:\WINDOWS\Panther
2021-01-28 21:04 - 2021-01-28 21:04 - 000001108 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eM Client.lnk
2021-01-28 20:57 - 2021-01-28 22:46 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-01-27 19:40 - 2021-01-27 19:40 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2021-01-27 19:38 - 2021-01-23 09:15 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-01-27 19:38 - 2021-01-23 09:15 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-01-27 19:38 - 2021-01-23 09:14 - 001855192 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-01-27 19:38 - 2021-01-23 09:14 - 001855192 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-01-27 19:38 - 2021-01-23 09:14 - 001453728 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-01-27 19:38 - 2021-01-23 09:14 - 001193120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-01-27 19:38 - 2021-01-23 09:14 - 001094880 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-01-27 19:38 - 2021-01-23 09:14 - 001094880 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-01-27 19:38 - 2021-01-23 09:14 - 000948952 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-01-27 19:38 - 2021-01-23 09:14 - 000948952 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-01-27 19:38 - 2021-01-23 09:12 - 001512096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-01-27 19:38 - 2021-01-23 09:12 - 001164960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-01-27 19:38 - 2021-01-23 09:12 - 000689312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-01-27 19:38 - 2021-01-23 09:12 - 000680096 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-01-27 19:38 - 2021-01-23 09:12 - 000672928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-01-27 19:38 - 2021-01-23 09:12 - 000613536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-01-27 19:38 - 2021-01-23 09:12 - 000558240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-01-27 19:38 - 2021-01-23 09:12 - 000547488 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-01-27 19:38 - 2021-01-23 09:11 - 008262304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-01-27 19:38 - 2021-01-23 09:11 - 007392928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-01-27 19:38 - 2021-01-23 09:11 - 004611744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-01-27 19:38 - 2021-01-23 09:11 - 002731168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-01-27 19:38 - 2021-01-23 09:11 - 002103456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-01-27 19:38 - 2021-01-23 09:11 - 001589408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-01-27 19:38 - 2021-01-23 09:11 - 000813216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-01-27 19:38 - 2021-01-23 09:11 - 000657056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-01-27 19:38 - 2021-01-23 09:11 - 000446624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-01-27 19:38 - 2021-01-23 09:10 - 007116680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-01-27 19:38 - 2021-01-23 09:10 - 006070848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-01-27 19:38 - 2021-01-23 09:10 - 000850080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-01-27 19:38 - 2021-01-22 23:59 - 000084264 _____ C:\WINDOWS\system32\nvinfo.pb
2021-01-27 19:34 - 2021-01-27 19:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2021-01-25 21:28 - 2021-01-25 21:28 - 118444029 _____ C:\Users\havra\Downloads\DaVinci_Resolve_16_Reference_Manual.pdf
2021-01-25 21:26 - 2021-01-25 21:44 - 2441458126 _____ C:\Users\havra\Downloads\DaVinci_Resolve_17.0b7_Windows(1).zip
2021-01-25 21:02 - 2021-01-25 21:02 - 001116061 _____ C:\Users\havra\Desktop\david_franc.pdf
2021-01-25 17:12 - 2021-01-25 17:12 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2021-01-25 17:12 - 2021-01-25 17:12 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2021-01-25 17:12 - 2021-01-25 17:12 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2021-01-25 17:12 - 2021-01-25 17:12 - 000044064 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2021-01-24 13:06 - 2021-01-24 13:06 - 003048577 _____ C:\Users\havra\Downloads\vecteezy_abstract-watercolor-stroke-design-background_254909.zip
2021-01-24 12:56 - 2021-01-24 12:57 - 060442988 _____ C:\Users\havra\Downloads\Archivar.zip
2021-01-24 12:46 - 2021-01-24 12:46 - 012549894 _____ C:\Users\havra\Downloads\vecteezy_watercolor-flower-frame-background-with-text-space-vector-illustration_563617.zip
2021-01-24 12:46 - 2021-01-24 12:46 - 010779160 _____ C:\Users\havra\Downloads\vecteezy_watercolor-flower-background-illustration-with-text-space-isolated-on-a-white-background-vector-illustration_564125.zip
2021-01-24 12:43 - 2021-01-24 12:43 - 037897324 _____ C:\Users\havra\Downloads\vecteezy_watercolor-pink-floral-card-floral-frame-watercolor-background-with-flowers_146553.zip
2021-01-24 12:42 - 2021-01-24 12:42 - 053215250 _____ C:\Users\havra\Downloads\09.zip
2021-01-24 12:41 - 2021-01-24 12:41 - 019220157 _____ C:\Users\havra\Downloads\vecteezy_save-the-date-watercolor-card-watercolor-floral-card-save-the-date-illustration-with-blue-watercolor-flowers-wedding-painted-card_146556.zip
2021-01-24 12:41 - 2021-01-24 12:41 - 015816158 _____ C:\Users\havra\Downloads\vecteezy_vintage-watercolor-floral-card-watercolor-flowers-on-vintage-background-flowers-watercolor-illustration_146555.zip
2021-01-24 12:18 - 2021-01-24 12:18 - 034939012 _____ C:\Users\havra\Downloads\mega_pack_flowers_by_ikoci_dcdaxux.zip
2021-01-23 17:49 - 2021-01-23 17:49 - 000000000 ____D C:\Users\havra\AppData\Local\M-Photo_Ltd
2021-01-23 17:35 - 2021-01-23 17:35 - 031558304 _____ (CDSM ) C:\Users\havra\Downloads\designer_cdsm_skn-32_210x148_2021_win_cz.exe
2021-01-23 17:32 - 2021-01-23 17:32 - 000000000 ____D C:\ProgramData\M-Photo
2021-01-23 17:31 - 2021-01-23 20:26 - 000000000 ____D C:\CDSM
2021-01-23 17:31 - 2021-01-23 17:31 - 015284974 _____ C:\WINDOWS\SysWOW64\CDSM_CDSM Designer_uninstaller.exe
2021-01-23 17:31 - 2021-01-23 17:31 - 000002317 _____ C:\Users\Public\Desktop\CDSM Designer.lnk
2021-01-23 17:31 - 2021-01-23 17:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDSM
2021-01-23 17:31 - 2021-01-23 17:31 - 000000000 ____D C:\Program Files (x86)\CDSM
2021-01-23 17:19 - 2021-01-23 17:25 - 932341237 _____ C:\Users\havra\Downloads\CDSM_Designer_setup_7.1.7.1.exe
2021-01-20 22:58 - 2021-01-20 22:58 - 000000000 ____D C:\Users\havra\AppData\Local\EopAuthApp
2021-01-20 22:57 - 2021-01-20 22:57 - 000002158 _____ C:\Users\Public\Desktop\eObčanka - Správce karty.lnk
2021-01-20 22:57 - 2021-01-20 22:57 - 000002153 _____ C:\Users\Public\Desktop\eObčanka - identifikace.lnk
2021-01-20 22:57 - 2021-01-20 22:57 - 000000000 ____D C:\Program Files\eObcanka
2021-01-20 22:52 - 2021-01-20 22:52 - 017093800 _____ C:\Users\havra\Downloads\eObcanka_x64.exe
2021-01-19 18:40 - 2021-01-19 18:40 - 000000000 ____D C:\ProgramData\Intel Package Cache {1CEAC85D-2590-4760-800F-8DE5E91F3700}
2021-01-19 18:39 - 2021-01-19 18:39 - 000004206 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1601063328
2021-01-19 18:39 - 2021-01-19 18:39 - 000001395 _____ C:\Users\havra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2021-01-16 23:03 - 2021-01-16 23:33 - 2967829919 _____ C:\Users\havra\Downloads\sarlatan fullhd 2020.mp4
2021-01-15 22:45 - 2021-01-15 22:45 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-15 22:45 - 2021-01-15 22:45 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-15 22:45 - 2021-01-15 22:45 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-15 22:45 - 2021-01-15 22:45 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-15 22:45 - 2021-01-15 22:45 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-15 22:45 - 2021-01-15 22:45 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-15 22:45 - 2021-01-15 22:45 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-15 22:45 - 2021-01-15 22:45 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-15 22:45 - 2021-01-15 22:45 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-15 22:45 - 2021-01-15 22:45 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-15 22:45 - 2021-01-15 22:45 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-15 22:45 - 2021-01-15 22:45 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-15 22:45 - 2021-01-15 22:45 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-15 22:45 - 2021-01-15 22:45 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-15 22:45 - 2021-01-15 22:45 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-15 22:45 - 2021-01-15 22:45 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-15 22:45 - 2021-01-15 22:45 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-15 22:45 - 2021-01-15 22:45 - 000010894 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-01-15 22:44 - 2021-01-15 22:44 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-15 22:44 - 2021-01-15 22:44 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-15 22:44 - 2021-01-15 22:44 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-01-15 22:44 - 2021-01-15 22:44 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-15 22:44 - 2021-01-15 22:44 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-01-15 22:44 - 2021-01-15 22:44 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-15 22:44 - 2021-01-15 22:44 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-15 22:44 - 2021-01-15 22:44 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-15 22:44 - 2021-01-15 22:44 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-15 22:44 - 2021-01-15 22:44 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-15 22:44 - 2021-01-15 22:44 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-15 22:44 - 2021-01-15 22:44 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-15 22:44 - 2021-01-15 22:44 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-15 22:44 - 2021-01-15 22:44 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-01-15 22:43 - 2021-01-15 22:43 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-15 22:43 - 2021-01-15 22:43 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-01-15 22:43 - 2021-01-15 22:43 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-15 22:43 - 2021-01-15 22:43 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-01-15 22:43 - 2021-01-15 22:43 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-15 22:43 - 2021-01-15 22:43 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-15 22:43 - 2021-01-15 22:43 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-15 22:43 - 2021-01-15 22:43 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-10 18:40 - 2021-01-10 18:40 - 000003072 _____ C:\Users\havra\AppData\Roaming\MCLAB Prefsv3
2021-01-10 14:51 - 2021-01-10 14:51 - 000024952 _____ C:\WINDOWS\system32\Drivers\DBUtilDrv2.sys
2021-01-10 11:43 - 2021-01-10 11:43 - 000001904 _____ C:\Users\Public\Desktop\MCLAB.lnk
2021-01-10 11:43 - 2021-01-10 11:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCLAB
2021-01-10 11:41 - 2021-01-10 12:05 - 000000000 ____D C:\Program Files (x86)\MCLAB
2021-01-10 11:28 - 2021-01-10 11:38 - 1212398897 _____ C:\Users\havra\Downloads\MCLAB(1).exe
2020-12-31 20:32 - 2020-12-31 20:32 - 000237517 _____ C:\Users\havra\Desktop\vstupenky-6134947.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-01-30 18:23 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-30 18:20 - 2018-06-26 07:10 - 000000000 ____D C:\ProgramData\NVIDIA
2021-01-30 18:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-01-30 18:10 - 2018-09-06 13:22 - 000000000 ____D C:\Users\havra\AppData\Roaming\WhatsApp
2021-01-30 17:45 - 2020-10-10 12:28 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-30 16:56 - 2018-09-06 22:23 - 000001329 _____ C:\Users\havra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Messenger.lnk
2021-01-30 16:56 - 2018-09-06 22:23 - 000000000 ____D C:\Users\havra\AppData\Local\Messenger
2021-01-30 16:04 - 2018-09-19 21:56 - 000000000 ____D C:\Users\havra\AppData\Roaming\eM Client
2021-01-30 15:43 - 2020-10-10 12:31 - 001693410 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-30 15:43 - 2019-12-07 15:41 - 000719302 _____ C:\WINDOWS\system32\perfh005.dat
2021-01-30 15:43 - 2019-12-07 15:41 - 000145428 _____ C:\WINDOWS\system32\perfc005.dat
2021-01-30 15:43 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-01-30 15:37 - 2019-02-07 20:19 - 000000000 ____D C:\ProgramData\Mozilla
2021-01-30 15:36 - 2019-02-09 13:09 - 000000000 ____D C:\Users\Public\Speedup Sessions
2021-01-30 15:36 - 2018-09-06 12:56 - 000000000 ____D C:\Users\havra\AppData\LocalLow\Mozilla
2021-01-30 15:35 - 2020-10-10 12:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-30 15:35 - 2020-10-10 12:30 - 000000000 ____D C:\Users\havra
2021-01-30 15:35 - 2020-10-10 12:28 - 000008192 ___SH C:\DumpStack.log.tmp
2021-01-30 15:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-01-30 15:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-01-30 15:35 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-01-30 15:35 - 2018-09-06 12:45 - 000000000 __SHD C:\Users\havra\IntelGraphicsProfiles
2021-01-30 11:48 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-01-30 11:12 - 2019-06-20 20:31 - 000000000 ____D C:\Users\havra\AppData\Local\WhatsApp
2021-01-30 10:08 - 2019-10-25 21:19 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-01-30 10:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Registration
2021-01-28 22:56 - 2018-06-26 07:09 - 000000000 ____D C:\Program Files (x86)\Intel
2021-01-28 22:56 - 2018-06-26 07:08 - 000000000 ____D C:\ProgramData\Package Cache
2021-01-28 22:46 - 2018-09-06 12:56 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-01-28 22:45 - 2018-09-06 12:42 - 000000000 ____D C:\ProgramData\Goodix
2021-01-28 21:09 - 2018-09-06 12:56 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-01-28 21:04 - 2018-09-19 21:56 - 000000000 ____D C:\Program Files (x86)\eM Client
2021-01-28 20:55 - 2020-06-05 19:24 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-28 20:55 - 2020-06-05 19:24 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-01-28 20:55 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-28 20:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-28 20:55 - 2018-09-07 10:37 - 000000000 ____D C:\Users\havra\AppData\Local\NVIDIA
2021-01-27 19:35 - 2018-09-06 12:51 - 000000000 ____D C:\Program Files (x86)\Dropbox
2021-01-25 22:55 - 2018-09-06 12:45 - 000000000 ____D C:\Users\havra\AppData\Local\Packages
2021-01-25 22:08 - 2018-11-27 23:53 - 000000000 ____D C:\Program Files\Microsoft Office
2021-01-25 16:44 - 2018-10-11 14:14 - 000000000 ____D C:\Users\havra\AppData\Local\D3DSCache
2021-01-24 12:29 - 2019-01-12 23:08 - 000000000 ____D C:\Users\havra\Downloads\santoro
2021-01-23 17:51 - 2018-09-06 12:51 - 000000938 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2021-01-23 17:51 - 2018-09-06 12:51 - 000000934 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2021-01-23 16:15 - 2018-10-16 20:35 - 000001480 _____ C:\Users\havra\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2021-01-23 16:08 - 2020-10-10 12:35 - 000003998 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2021-01-23 16:08 - 2020-10-10 12:35 - 000003766 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2021-01-23 16:08 - 2018-11-26 14:55 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-20 23:05 - 2018-09-06 13:12 - 000000000 ____D C:\Users\havra\AppData\Local\CrashDumps
2021-01-20 22:05 - 2018-09-06 13:21 - 000000000 ____D C:\Users\havra\AppData\Local\SquirrelTemp
2021-01-20 18:33 - 2020-10-10 12:35 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-01-20 18:33 - 2020-10-10 12:35 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-01-19 23:10 - 2019-07-03 22:40 - 000000000 ____D C:\Users\havra\Desktop\POSLAT FOTO
2021-01-19 22:52 - 2018-09-19 21:56 - 000000000 ____D C:\Users\havra\AppData\Local\eM Client
2021-01-16 22:57 - 2018-09-06 13:03 - 000000000 ____D C:\Users\havra\AppData\Local\PlaceholderTileLogoFolder
2021-01-15 23:48 - 2020-10-10 12:28 - 000630624 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-15 23:47 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-15 23:47 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-15 22:47 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-01-15 22:43 - 2020-10-10 12:31 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-01-15 22:37 - 2018-09-06 12:39 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-01-15 22:35 - 2018-09-06 12:39 - 135062968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-01-13 21:54 - 2020-09-16 22:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-01-10 17:27 - 2018-12-08 14:52 - 000000000 ____D C:\Users\havra\Documents\MCLAB Projects
2021-01-10 11:21 - 2018-09-08 16:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2021-01-09 16:46 - 2018-09-08 16:39 - 000001284 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2021-01-09 16:16 - 2020-11-29 11:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2021-01-09 16:16 - 2018-09-06 13:07 - 000000000 ____D C:\Users\Public\PrivacyPal Sessions
2021-01-02 10:32 - 2018-06-26 07:08 - 000000000 ____D C:\Program Files\Intel
2021-01-02 10:31 - 2020-10-10 12:35 - 000003718 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update
2020-12-31 20:06 - 2020-10-10 12:35 - 000003790 _____ C:\WINDOWS\system32\Tasks\AviraSystemSpeedupUpdate
==================== Files in the root of some directories ========
2018-11-01 09:30 - 2018-11-01 09:30 - 000000033 _____ () C:\Users\havra\AppData\Roaming\AdobeWLCMCache.dat
2021-01-10 18:40 - 2021-01-10 18:40 - 000003072 _____ () C:\Users\havra\AppData\Roaming\MCLAB Prefsv3
2018-10-16 20:35 - 2021-01-23 16:15 - 000001480 _____ () C:\Users\havra\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2018-09-29 23:18 - 2018-09-29 23:18 - 000000000 _____ () C:\Users\havra\AppData\Local\oobelibMkey.log
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-01-2021
Ran by havra (30-01-2021 18:25:20)
Running from C:\Users\havra\Downloads
Windows 10 Home Version 20H2 19042.746 (X64) (2020-10-10 11:35:51)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3433778575-2911662788-3899533387-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3433778575-2911662788-3899533387-503 - Limited - Disabled)
Guest (S-1-5-21-3433778575-2911662788-3899533387-501 - Limited - Disabled)
havra (S-1-5-21-3433778575-2911662788-3899533387-1001 - Administrator - Enabled) => C:\Users\havra
WDAGUtilityAccount (S-1-5-21-3433778575-2911662788-3899533387-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {88AE6B46-DC3C-455A-A21B-085F285A3546}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.23 - Adobe Systems)
Adobe After Effects CC 2018 (HKLM\...\{8ADE49BB-209D-4F01-9B3B-A51F0D8CE9E1}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe After Effects CC 2018 (HKLM-x32\...\AEFT_15_0_0) (Version: 15.0.0 - Adobe Systems Incorporated)
Adobe Ai (HKLM\...\{A6D98A72-324F-4F31-BC36-5118A8EAECDD}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.7.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
Adobe Illustrator CC 2018 (HKLM-x32\...\ILST_22_0_1) (Version: 22.0.1 - Adobe Systems Incorporated)
Adobe Indes (HKLM\...\{CA2E76F3-BB69-486A-88D2-A3D387B69484}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe InDesign CC 2018 (HKLM-x32\...\IDSN_13_0_1) (Version: 13.0.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_1_6) (Version: 19.1.6 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2018 (HKLM\...\{7DC3F900-68E5-40F1-869D-9D20A69D8A1D}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CC 2018 (HKLM-x32\...\PPRO_12_0_0) (Version: 12.0.0 - Adobe Systems Incorporated)
Aktualizace NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{77a9e051-78e4-40ba-8659-8162beadb3fa}) (Version: 20.70.0 - Intel Corporation)
Audiolibrix Manager 2.1.0 (HKLM\...\d2402422-088d-502c-a1d4-8e2ce36e8ce5) (Version: 2.1.0 - Audiolibrix)
Avira (HKLM-x32\...\{161e6084-b0f5-43e8-86d8-09eda5c0893d}) (Version: 1.2.153.30452 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{426D1710-5DFD-45E9-B11D-464792C5AD35}) (Version: 1.2.153.30452 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{fe9700ea-db9c-48bd-9561-b7d053321d04}) (Version: 1.2.152.1479 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2101.2070 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.37.1.24458 - Avira Operations GmbH & Co. KG) Hidden
Avira Privacy Pal (HKLM-x32\...\{F2BC8305-DFBE-4C02-A906-9BBD8EE299A3}_is1) (Version: 2.4.0.1962 - Avira Operations GmbH & Co. KG)
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.0.42.14101 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version: - Avira Operations GmbH & Co. KG;)
Avira Software Updater (HKLM-x32\...\{9F45C615-6D95-47B5-BB0C-D78F6D15DE21}) (Version: 2.0.6.42639 - Avira Operations GmbH & Co. KG) Hidden
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.9.0.11050 - Avira Operations GmbH & Co. KG) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Canon Easy-PhotoPrint Editor (HKLM-x32\...\Canon Easy-PhotoPrint Editor) (Version: 1.4.0 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon iP7200 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP7200_series) (Version: - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
CDSM Designer (HKLM-x32\...\CDSM_CDSM Designer) (Version: - )
Dell Digital Delivery (HKLM-x32\...\{A9758B6E-19FC-4DB4-A031-AFE6C2327A35}) (Version: 3.5.1004.0 - Dell Products, LP)
Dell Mobile Connect Drivers (HKLM\...\{AAB336F0-6FC6-4BFE-AD7E-315FCDF20156}) (Version: 1.1.3750 - Screenovate Technologies Ltd.)
Dell Power Manager Service (HKLM\...\{18469ED8-8C36-4CF7-BD43-0FC9B1931AF8}) (Version: 3.7.0 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{69BD2675-5E9B-440E-ADEE-3AEA812D6900}) (Version: 5.3.1.13866 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{85538c44-3493-4bf6-8d8b-aa13aee53222}) (Version: 5.3.1.13866 - Dell Inc.)
Dell Update - SupportAssist Update Plugin (HKLM\...\{3C4F6923-3BE1-4E6C-8DEE-9EEF1E433795}) (Version: 5.2.1.12926 - Dell Inc.) Hidden
Dell Update - SupportAssist Update Plugin (HKLM-x32\...\{8d32f870-d6fd-4420-b5cb-c29ac65f628d}) (Version: 5.2.1.12926 - Dell Inc.)
Dell Update (HKLM-x32\...\{944FB5B0-9588-45FD-ABE8-73FC879801ED}) (Version: 4.0.0 - Dell Inc.)
Documentation Manager (HKLM\...\{EC7D2299-EAEC-498A-947B-ADC4495AA6D6}) (Version: 22.20.0.6 - Intel Corporation) Hidden
Driver Easy verze 1.5 (HKLM-x32\...\Driver Easy_is1) (Version: 1.5 - )
Dropbox (HKLM-x32\...\Dropbox) (Version: 114.4.426 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.415.1 - Dropbox, Inc.) Hidden
DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 2.0.6875.402 - PC-Doctor, Inc.) Hidden
eM Client (HKLM-x32\...\{D1A4EE66-AD4A-4EBB-91B2-19B5BCEB82B1}) (Version: 8.1.1054.0 - eM Client Inc.)
eObčanka (HKLM\...\{B60846B5-C015-4BCA-AED5-61A696B16159}) (Version: 3.1.3.21015 - MONET+, a.s. pro Ministerstvo vnitra České republiky)
FormatFactory 4.3.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.3.0.0 - Free Time)
Goodix Fingerprint Driver (HKLM\...\{60FAB781-18F2-4D2B-A8E7-B3AADD327955}_is1) (Version: 1.0.33.800 - Goodix, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.104 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Intel Driver && Support Assistant (HKLM-x32\...\{F0E9774D-C5A1-4C83-89F9-191E1334D476}) (Version: 21.1.5.2 - Intel) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{D40D4164-EEDB-4F0F-85C6-2058A9E34CC7}) (Version: 2.4.04370 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.4.10501.6067 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2014.14.0.1540 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.4973 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.7.0.1006 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1727.1 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.60.155.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{047f2156-ee7f-4a24-b3c2-c0c5c2c81557}) (Version: 1.60.155.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000020-0220-1029-84C8-B8D95FA3C8C3}) (Version: 22.20.0.3 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{beabe998-b0dd-460a-82c3-f48ff70bca66}) (Version: 21.1.5.2 - Intel)
Intel® Chipset Device Software (HKLM-x32\...\{55d73ea7-6354-42db-8831-02d048ae57f8}) (Version: 10.1.17541.8066 - Intel(R) Corporation) Hidden
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{7EBADAB6-B7AC-4560-85A7-FF345559F193}) (Version: 17.2.6.1027 - Intel Corporation)
Intel® Software Installer (HKLM-x32\...\{4a50fa17-2911-43ed-a2a1-d3a34411e2bb}) (Version: 21.110.2.1 - Intel Corporation) Hidden
Intel® Software Installer (HKLM-x32\...\{76cc8e2a-8308-43d3-a3c3-423d2a1ca435}) (Version: 22.20.0.6 - Intel Corporation) Hidden
jwDuplFiles 2.0 (HKLM-x32\...\jwDuplFiles_is1) (Version: - jw)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.2.15 - PandoraTV)
LibreOffice 6.4.2.2 (HKLM\...\{366B3DEE-791D-4044-AC14-4FE2265754BA}) (Version: 6.4.2.2 - The Document Foundation)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
MCLAB (HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\MCLAB) (Version: MCLAB 2019.3.0 - Computer MCL Brno, spol. s.r.o.)
Messenger for Desktop (HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\{4e2a4302-5df4-5868-a685-36c844414384}) (Version: 3.0.15 - MFD LABS LTD)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.13530.20440 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.53 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.71 - )
Microsoft OneDrive (HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\Teams) (Version: 1.3.00.12058 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{97238E8A-4919-4A1E-965A-C6C36938F4CE}) (Version: 2.68.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{2749c485-3a8b-4533-92ff-7cf6e8221cff}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Mozilla Firefox 85.0 (x64 cs) (HKLM\...\Mozilla Firefox 85.0 (x64 cs)) (Version: 85.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0.1 - Mozilla)
Mozilla Thunderbird 60.9.1 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 60.9.1 (x86 cs)) (Version: 60.9.1 - Mozilla)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.1 - Nikon)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 461.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.40 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.20.0221 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.20.0221 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13530.20440 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13530.20440 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13530.20440 - Microsoft Corporation) Hidden
Opera Stable 73.0.3856.344 (HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\Opera 73.0.3856.344) (Version: 73.0.3856.344 - Opera Software)
PicosmosTools 2.0.0.0 (HKLM-x32\...\PicosmosTools) (Version: 2.0.0.0 - Free Time)
Product Key Recovery (HKLM-x32\...\Product Key Recovery) (Version: - SmartKey, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.18362.31252 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8443 - Realtek Semiconductor Corp.)
Seznam Software (HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\SeznamInstall) (Version: 2.1.32 - Seznam.cz)
SmartByte Drivers and Services (HKLM\...\{9668B1BB-D0FE-4C0C-800C-B1555E069A62}) (Version: 3.1.940 - Název společnosti:)
Thunderbolt™ Software (HKLM-x32\...\{30F0067F-DD79-431B-BA5F-6CB4897785A5}) (Version: 17.4.79.510 - Intel Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Viber (HKLM-x32\...\{42C4FDB0-2783-46D1-8160-9C6A353E05CC}) (Version: 9.6.0.12 - Viber Media Inc.) Hidden
Viber (HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\{984742de-418e-4f95-ac61-487a3cee7822}) (Version: 9.6.0.12 - Viber Media Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-4) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.191 - McAfee, LLC)
WhatsApp (HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\WhatsApp) (Version: 2.2102.8 - WhatsApp)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.60 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)
YouTubePlayer version 1.4 (HKLM-x32\...\{719F8D15-70B1-4AFA-A611-3EE118499D9F}_is1) (Version: 1.4 - YouTubePlayer)
Zoom (HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.)
Packages:
=========
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_2.9.0.1_neutral__6e5tt8cgb93ep [2021-01-16] (Canon Inc.)
Dell Customer Connect -> C:\Program Files\WindowsApps\DellInc.DellCustomerConnect_5.2.45.0_x64__htrsf667h5kn2 [2020-07-28] (Dell Inc)
Dell Mobile Connect -> C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.1.9518.0_x64__0vhbc3ng4wbp0 [2020-07-18] (Screenovate Technologies) [Startup Task]
Dell Power Manager -> C:\Program Files\WindowsApps\DellInc.DellPowerManager_3.7.10.0_x64__htrsf667h5kn2 [2020-10-10] (Dell Inc)
Dell Product Registration -> C:\Program Files\WindowsApps\DellInc.DellProductRegistration_3.4.6.0_x64__htrsf667h5kn2 [2018-06-26] (Dell Inc)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.5.201.0_x64__rz1tebttyb220 [2020-09-26] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-09] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2018-09-30] (Microsoft Corporation)
Hidden City: Hidden Object Adventure -> C:\Program Files\WindowsApps\828B5831.HiddenCityMysteryofShadows_1.37.3702.0_x86__ytsefhwckbdv6 [2020-10-01] (G5 Entertainment AB)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.2.0_neutral__8xx8rvfyw5nnt [2020-06-03] (Instagram)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2018-09-06] (LinkedIn)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_730.2.121.0_x64__8xx8rvfyw5nnt [2020-10-25] (Facebook Inc) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-10] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-10] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-25] (Microsoft Studios) [MS Ad]
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.28.32802.0_x64__8wekyb3d8bbwe [2020-10-25] (Microsoft Corporation) [Startup Task]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-18] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-01-27] (NVIDIA Corp.)
O2 TV -> C:\Program Files\WindowsApps\D8378DF7.O2TVGo_20182.0.25.0_x64__tqn3m7kee4xc8 [2020-08-05] (O2 Czech Republic a.s.)
RAR Opener -> C:\Program Files\WindowsApps\DeviceDoctor.RAROpener_1.3.48.0_x64__mkdtfchztkfbm [2018-09-07] (Tiny Opener)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-26] (Microsoft Corporation)
SmartByte -> C:\Program Files\WindowsApps\RivetNetworks.SmartByte_3.1.940.0_x64__rh07ty8m5nkag [2020-09-06] (Rivet Networks LLC)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0 [2020-10-25] (Spotify AB) [Startup Task]
SupportAssist Driver Update -> C:\Program Files\WindowsApps\DriverToaster_1.5.0.0_x86__rqs2nt378nwsp [2018-09-06] (Dell Inc.)
To-Do Prime -> C:\Program Files\WindowsApps\28251VinodShinde.To-DoPrime_1.50.40.0_x64__m4hs2z1tqny7y [2020-06-03] (Vinod Shinde)
ToDo-List -> C:\Program Files\WindowsApps\35998AlexanderSworski.ToDo-List_1.1.9.0_x64__f1p03rq2y10n8 [2020-06-03] (Alexander Sworski)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2019-08-02] (Microsoft Corporation)
Váš telefon -> C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20092.123.0_x64__8wekyb3d8bbwe [2020-10-25] (Microsoft Corporation)
Waves MaxxAudio Pro for Dell -> C:\Program Files\WindowsApps\WavesAudio.WavesMaxxAudioProforDell_1.1.131.0_x64__fh4rh281wavaa [2018-09-06] (Waves Audio)
WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2041.7.0_x64__cv1g1gvanyjgm [2020-10-25] (WhatsApp Inc.)
Wunderlist: To-Do List & Tasks -> C:\Program Files\WindowsApps\6Wunderkinder.Wunderlist_3.6.43.0_x64__b4cwydgxqx59r [2020-05-01] (6 Wunderkinder GmbH)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-8910E2A5A6E5} -> [Creative Cloud Files] => C:\Users\havra\Creative Cloud Files [2018-09-07 10:35]
CustomCLSID: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\havra\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20031.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (IDSA Production signing key 2021 -> Intel)
CustomCLSID: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_ea0ec4bdf897f2a9\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
CustomCLSID: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\havra\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20031.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\havra\Dropbox [2018-09-06 12:53]
CustomCLSID: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-03-19] () [File not signed] [File is in use]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time) [File not signed]
ContextMenuHandlers1: [PicosmosShell] -> {A3888921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\PicosmosTools\ShellEx64_100.dll [2018-05-12] (Free Time) [File not signed]
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-12-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-01-30] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-03-19] () [File not signed] [File is in use]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time) [File not signed]
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-12-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki127005.inf_amd64_753576c4406c1193\igfxDTCM.dll [2018-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvdmi.inf_amd64_b706d4e32506a94f\nvshext.dll [2021-01-23] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-12-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-01-30] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2021-01-27 05:00 - 2021-01-27 05:00 - 000011264 _____ () [File not signed] [File is in use] C:\Program Files (x86)\eM Client\cs\MailClient.Accounts.resources.dll
2021-01-27 05:00 - 2021-01-27 05:00 - 000009216 _____ () [File not signed] [File is in use] C:\Program Files (x86)\eM Client\cs\MailClient.Common.UI.resources.dll
2021-01-27 05:00 - 2021-01-27 05:00 - 000004608 _____ () [File not signed] [File is in use] C:\Program Files (x86)\eM Client\cs\MailClient.Imap.Base.resources.dll
2021-01-27 05:00 - 2021-01-27 05:00 - 000007680 _____ () [File not signed] [File is in use] C:\Program Files (x86)\eM Client\cs\MailClient.Protocols.resources.dll
2021-01-27 05:00 - 2021-01-27 05:00 - 000794624 _____ () [File not signed] [File is in use] C:\Program Files (x86)\eM Client\cs\MailClient.resources.dll
2021-01-30 16:58 - 2021-01-30 16:58 - 001036288 _____ () [File not signed] \\?\C:\Users\havra\AppData\Local\Temp\358de90b-de58-4692-944d-a5d5c0ef3fe0.tmp.node
2021-01-27 05:00 - 2021-01-27 05:00 - 093837824 _____ () [File not signed] C:\Program Files (x86)\eM Client\libcef\libcef.dll
2012-09-23 19:44 - 2012-09-23 19:44 - 000010240 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\cs_cz\Acrobat Elements\ContextMenuShim64.cze
2020-04-26 18:12 - 2012-06-14 16:18 - 000359936 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2013-06-17 18:33 - 2013-06-17 18:33 - 000090112 _____ (Free Time) [File not signed] C:\Program Files (x86)\FormatFactory\ShellEx64_103.dll
2018-05-12 09:52 - 2018-05-12 09:52 - 000169984 _____ (Free Time) [File not signed] C:\Program Files (x86)\PicosmosTools\ShellEx64_100.dll
2020-08-14 20:29 - 2020-08-14 20:29 - 000122880 _____ (Rivet Networks) [File not signed] C:\Program Files\Rivet Networks\SmartByte\KillerNetworkServicePS.dll
2021-01-09 18:18 - 2021-01-09 18:18 - 000913920 _____ (ServiceStack) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\ServiceStack.Text\8ca4971d44541d48e21f0e804700d8fc\ServiceStack.Text.ni.dll
2021-01-27 05:00 - 2021-01-27 05:00 - 000944840 _____ (SQLite Development Team) [File not signed] C:\Program Files (x86)\eM Client\win-x86\sqlite3.native.dll
2021-01-27 05:00 - 2021-01-27 05:00 - 000729600 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\eM Client\libcef\chrome_elf.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=12454
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001 -> DefaultScope {A9AF42DC-6834-4230-9184-7E01AB6C6C61} URL =
SearchScopes: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001 -> {2584D045-063D-450C-98AD-71BF606488E0} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001 -> {2D8CFB70-2A7C-4B09-A4AE-4AA42963E74F} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001 -> {404DF86F-9171-4780-9A69-E0CB5B03D7F1} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001 -> {4EB8507E-BCB3-4FD8-99F7-4C9D2CA1B2FF} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001 -> {5ECF9F50-8DC8-4235-B99F-BB72F0B9676B} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001 -> {80C5279E-71D9-4FBE-A897-AD6F86BA3415} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001 -> {ABC04BB9-8A5C-42B9-9096-AD53C9BFAFAD} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001 -> {B55C3FE5-1A80-4699-9CFE-27CFE26031B0} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001 -> {D60B70BD-5559-4ABD-8427-10519DFA8989} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2021-01-30] (McAfee, LLC -> McAfee, LLC)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-01-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2021-01-30] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-13] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 14:46 - 2017-09-29 14:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\havra\Pictures\received_1086403274730104.jpeg
DNS Servers: 217.30.64.53 - 217.30.64.54
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => ""
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => ""
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\StartupApproved\StartupFolder: => "Mámemail Pošťák.lnk"
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\StartupApproved\StartupFolder: => "wandoujia_helper.lnk"
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\StartupApproved\Run: => ""
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{B7E4CB5C-4677-45EE-94D5-7E8A2F23293F}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.1.9518.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
FirewallRules: [{C0A89B7C-9105-4F35-8858-708EAA60411E}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.1.9518.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
FirewallRules: [UDP Query User{212C20BC-137F-43EB-885C-B8C4C539DFC5}C:\users\havra\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\havra\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{176C1347-C60F-46F6-AC83-0E6751DB00FC}C:\users\havra\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\havra\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4DB21198-77BC-4E90-850B-64BA1AF98F52}] => (Allow) C:\Users\havra\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{25F76282-CDF2-4CD0-8EBE-A208191F9E13}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Package\PTInstOnline.exe (Free Time Co., Ltd. -> Free Time)
FirewallRules: [{760703AB-EE0A-4B2C-A7CB-C02AA949D984}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{505499DB-FD03-4DF5-A32F-55A993C75BCB}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [{DBEA28E5-A32B-4E93-9B9C-FE70B4889085}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{AA98CD5C-E06F-448C-A898-91A046A63904}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [{99E1E210-63A5-4793-8F07-BDCFF753165F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5ABF222D-413E-469E-B46C-E963E08B2AA5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{8DD45874-DA23-4B61-A18D-86204FE3E5AF}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{8E22717A-5C5F-49F6-B9A7-8CEEA56A943D}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F278C01F-80E8-4F5A-871E-06CFE55BD66F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A06B78A5-F357-4EED-947A-D9657CAEE6D3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{22BDA38D-1D63-4317-AC2A-892EFA16C6A4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16050.11029.20079.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{55D0626F-0F34-44D2-9068-42A8FE80F352}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{8E6CC5F3-4F42-4359-833D-5EC18F0AABD3}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{6430A3B2-BAF8-48DF-9B7B-9F1F442E1768}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{8E221DD1-C533-40DC-9155-18FDA6D7B22C}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{915A6952-80B4-4564-9F19-E866EC2C1194}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{E44C1914-7F2F-4F70-A971-A8298A7310B9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{690E41BF-EAE2-4B47-8DA5-63B3CC8BE3E0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1AB60A55-21D4-46DC-B065-DD9F9E898F4D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{69F8F2B6-04E7-4142-94C1-6E5F6D805FD6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6312DBD9-5D58-41DA-B2D1-C9ABD4EB75A7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2629352C-3E52-42AD-BFDE-189BCE8A0888}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E8A37CB1-253C-4C13-A8E6-EEB265FF8C00}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D425733F-3728-4BDC-9E07-A72E0525AFB0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A81CF913-0263-4EC7-837F-3C16E23B3344}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{76580351-9979-41FC-9182-26E3A48E1AE3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B851B1A2-08BF-4925-AE50-B8A55CB6ACB0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D53D16F1-B1AD-45C1-9F0E-0CDF38798059}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EDF11564-BF1C-40DC-939F-6A91418C2782}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8EE88FD5-920E-4889-944C-887D928F0B5C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{119EB0A3-E3BA-46BC-B30D-F417B4E1B473}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5CA86DC2-5020-44B4-9B10-8D46F6459FF1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E0CF9C58-AD88-47F3-BA26-CF4BFB06892A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{23C6B9E2-5249-4A49-AB6A-85B15B8AE42E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{885639C8-191E-4B4A-8244-AD0D3A4E1D72}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{1690DA0E-31DA-4ADF-8F45-FC8883358545}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{CFD8D370-B812-469E-9769-7D474311FE42}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{F2CF45C4-8536-4CDC-A0B0-69430823DE76}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
==================== Restore Points =========================
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/30/2021 11:46:06 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).
Error: (01/30/2021 10:08:24 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (01/30/2021 10:05:32 AM) (Source: DellCommandPowerManager) (EventID: 0) (User: )
Description: Error from DellPowerManager.exe GUI-ATA02
Message: Invalid alert info: 000300000008000700000000
Error: (01/28/2021 08:57:48 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (01/28/2021 08:54:35 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).
Error: (01/27/2021 07:34:54 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Objekt nebo vlastnost nebyly nalezeny.
Error: (01/27/2021 07:34:53 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Objekt nebo vlastnost nebyly nalezeny.
Error: (01/27/2021 07:32:59 PM) (Source: DellCommandPowerManager) (EventID: 0) (User: )
Description: Error from DellPowerManager.exe GUI-ATA02
Message: Invalid alert info: 000300000008000700000000
System errors:
=============
Error: (01/30/2021 06:20:57 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.
Error: (01/30/2021 05:42:50 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (01/30/2021 01:34:09 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (01/30/2021 12:25:47 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (01/28/2021 11:06:31 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (01/28/2021 10:59:25 PM) (Source: volsnap) (EventID: 25) (User: )
Description: Stínové kopie svazku C: byly smazány, protože úložiště stínové kopie nebylo možné včas zvětšit. Zvažte možnost snížení vstupně-výstupního zatížení systému nebo zvolte svazek úložiště stínové kopie, pro který není vytvářena stínová kopie.
Error: (01/28/2021 10:46:31 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (22:08:36, 28.01.2021) bylo neočekávané.
Error: (01/28/2021 10:45:06 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
CodeIntegrity:
===================================
Date: 2020-10-24 15:29:14.0600000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Avira\Antivirus\libcurl.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. 1.14.0 10/29/2020
Motherboard: Dell Inc. 0JGKPC
Processor: Intel(R) Core(TM) i7-8750H CPU @ 2.20GHz
Percentage of memory in use: 64%
Total physical RAM: 16240.71 MB
Available physical RAM: 5730.84 MB
Total Virtual: 22393.19 MB
Available Virtual: 8613.32 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:462.7 GB) (Free:5.84 GB) NTFS
\\?\Volume{b4fca574-aaf3-4053-bd44-f45a28cb866a}\ (WINRETOOLS) (Fixed) (Total:0.79 GB) (Free:0.28 GB) NTFS
\\?\Volume{f0fabba5-6b6f-4d9e-8691-130082bf8c98}\ (Image) (Fixed) (Total:11.54 GB) (Free:0.15 GB) NTFS
\\?\Volume{f8802ac2-6042-4b30-abe7-21b009ba693a}\ (DELLSUPPORT) (Fixed) (Total:1.14 GB) (Free:0.34 GB) NTFS
\\?\Volume{80085436-f96a-42a2-bfaf-7f82caca7bab}\ (ESP) (Fixed) (Total:0.63 GB) (Free:0.56 GB) FAT32
==================== MBR & Partition Table ====================
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 119412
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Otevřte poznámkový blok a zkopírujte do něj:
Uložte do C:\Users\havra\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {6710DC49-4BAE-4925-9082-562BDB2089D4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-26] (Google Inc -> Google Inc.)
Task: {69C77036-2A96-414C-B020-B8048957B88D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-26] (Google Inc -> Google Inc.)
C:\Users\havra\AppData\Roaming\AdobeWLCMCache.dat
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
SearchScopes: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001 -> DefaultScope {A9AF42DC-6834-4230-9184-7E01AB6C6C61} URL =
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
vivienn@centrum.cz
- Návštěvník
- Příspěvky: 25
- Registrován: 03 pro 2013 10:35
Re: Prosím o kontrolu logu
Tady je to:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-01-2021
Ran by havra (administrator) on DESKTOP-2OHMFH6 (Dell Inc. G3 3779) (31-01-2021 00:18:32)
Running from C:\Users\havra\Downloads
Loaded Profiles: havra
Platform: Windows 10 Home Version 20H2 19042.746 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell INC.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(IDSA Production signing key 2021 -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(IDSA Production signing key 2021 -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(IDSA Production signing key 2021 -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127005.inf_amd64_753576c4406c1193\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127005.inf_amd64_753576c4406c1193\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127005.inf_amd64_753576c4406c1193\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127005.inf_amd64_753576c4406c1193\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_0c50c5dc47ed0efe\RstMwService.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_3.7.142.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2009.4.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12010.1001.2.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <6>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_b706d4e32506a94f\Display.NvContainer\NVDisplay.Container.exe <2>
(Opera Software AS -> Opera Software) C:\Users\havra\AppData\Local\Programs\Opera\assistant\browser_assistant.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <3>
(Rivet Networks LLC -> Rivet Networks LLC) C:\Program Files\Rivet Networks\SmartByte\RAPS.exe
(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe
(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
(Rivet Networks LLC -> Rivet Networks, LLC.) C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_ea0ec4bdf897f2a9\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_ea0ec4bdf897f2a9\WavesSysSvc64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320056 2019-08-28] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [834336 2019-02-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_ea0ec4bdf897f2a9\WavesSvc64.exe [1222928 2018-04-30] (Waves Inc -> Waves Audio Ltd.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7992336 2021-01-25] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [705728 2020-11-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [331040 2020-12-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [286064 2021-01-25] (IDSA Production signing key 2021 -> Intel)
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\havra\AppData\Local\Microsoft\Teams\Update.exe [2339472 2020-05-07] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\Run: [Opera Browser Assistant] => C:\Users\havra\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3154456 2020-11-25] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [4708328 2021-01-15] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
HKLM\...\Windows x64\Print Processors\Canon iP7200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBA.DLL [30208 2012-04-16] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [55432 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\Canon BJ Language Monitor iP7200 series: C:\Windows\system32\CNMLMBA.DLL [389120 2012-04-16] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [359936 2012-06-14] (CANON INC.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.104\Installer\chrmstp.exe [2021-01-23] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {03F455CA-DB34-47DF-8CCB-F018A591C074} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23062920 2021-01-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {0EBF024B-C829-4608-BDC2-792D33552D1D} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {113683D9-9297-4156-8DF5-7A619BD6CC6F} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {1A6545DC-08D1-479C-8482-CF1952AE8498} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-09-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {34A0C1F7-F000-40F9-B221-C805C21BD5F2} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {37A7AA81-8360-4984-AB24-3F6EAED4E25D} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [29934096 2020-12-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {3A5B2645-1E38-403E-8D20-68C43A0A0A70} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3E73DEBB-4F68-4605-99C3-7B630690EAD3} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2021-01-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {4024C783-6370-4761-9010-4C34944A3A92} - System32\Tasks\Opera scheduled assistant Autoupdate 1601063340 => C:\Users\havra\AppData\Local\Programs\Opera\launcher.exe [1583256 2021-01-14] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\havra\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {4FB18B6C-D8E5-46A0-B28E-1A7A2E771CE7} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {50A28E7D-8692-4D6E-997F-52C40AFEE192} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5752B731-7117-44DD-BB24-531AEEEDDADE} - System32\Tasks\Adobe Uninstaller => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410968 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
Task: {5778B5B3-A497-4E27-80A5-72953A752247} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5B7AC550-0C2C-4679-81C0-032FE8CDC77B} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {71A3787B-CEE9-4F0B-886E-477269A719B7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {7BD6625E-053E-4918-A7FB-5944B4D2A595} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8844FBFE-18DB-4365-986B-7581B9C424EE} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-09-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {8922BD8B-A4D5-42A5-A5C2-FF7DE114119C} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {8C25766F-F412-41DA-9C10-09E2767A938F} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {8C6ACEE0-8DA2-4844-A6A1-55A0DEFEE003} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {92E732FE-C535-4B9F-BA00-F25CCF916193} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {947D9F7B-D6E3-4C65-AC7F-39094C783294} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {94CA4961-A252-495A-BF2B-98BBC0D1170F} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {952700EB-1DFA-4487-A272-376FB1E9BE51} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1547160 2021-01-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {98548407-1358-4CD1-8005-45070148A685} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23062920 2021-01-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {9C9EC591-BC4B-4251-9DCC-F26938213013} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {9F090741-E54D-4030-9975-1C88BD2EBB99} - System32\Tasks\SmartByte Telemetry => C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe [95072 2020-08-14] (Rivet Networks LLC -> DELL)
Task: {A1A4AEE7-07BD-42A7-A663-E8669D1766C4} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2649200 2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {AC436E73-FF26-43BE-AAD8-9D20CE6E9BEC} - System32\Tasks\Opera scheduled Autoupdate 1601063328 => C:\Users\havra\AppData\Local\Programs\Opera\launcher.exe [1583256 2021-01-14] (Opera Software AS -> Opera Software)
Task: {AC88252D-6922-4218-9678-6168EAFDF9AD} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {B55DD385-0860-49ED-940E-4F6746358E1F} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2021-01-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {B5DB60C3-0F97-41E8-BB18-0D5DEE682E67} - System32\Tasks\Avira_Security_Update => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [233184 2020-12-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {BC203149-3E40-473E-91DA-AB3940E0EFC8} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [677344 2021-01-28] (Mozilla Corporation -> Mozilla Foundation)
Task: {BD36FA78-D46F-489A-B1E2-7178994FABDA} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {C07FFD26-4556-48CD-9932-9AAD19FDCC23} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2302168 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {D3F976F5-48A5-40BB-B8F8-B3FFD528EB39} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-10] (Adobe Inc. -> Adobe)
Task: {D9D77C24-BF4B-4F32-A26F-24CDAD9AE415} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [331040 2020-12-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {E6116DEC-0801-4BAF-B044-B612D8FE1704} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {E7A3FD8C-6D80-43A0-B293-872680FF3BAF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-10] (Adobe Inc. -> Adobe)
Task: {F1507717-0C4E-4038-9E6A-D6E3263756A3} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-havraniveta@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 217.30.64.53 217.30.64.54 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{3f6949a5-7cd0-488b-97c6-e7ca22185103}: [DhcpNameServer] 212.80.66.7 10.0.0.2 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{71a4fd38-48ec-4a85-acae-fcdc5bd5ff02}: [DhcpNameServer] 217.30.64.53 217.30.64.54 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{a599493c-d9be-4c72-a21f-e249e5e7d470}: [DhcpNameServer] 8.8.8.8 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\havra\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-31]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: 0gut8d9h.default
FF ProfilePath: C:\Users\havra\AppData\Roaming\Mozilla\Firefox\Profiles\0gut8d9h.default [2021-01-31]
FF Session Restore: Mozilla\Firefox\Profiles\0gut8d9h.default -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\0gut8d9h.default -> hxxps://postovnezdarma.cz; hxxps://paleosnadno.cz; hxxps://teams.microsoft.com; hxxps://www.slevomat.cz; hxxps://www.maccosmetics.cz
FF Extension: (To Google Translate) - C:\Users\havra\AppData\Roaming\Mozilla\Firefox\Profiles\0gut8d9h.default\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2020-11-11]
FF Extension: (VratnePenize.cz Připomínáček) - C:\Users\havra\AppData\Roaming\Mozilla\Firefox\Profiles\0gut8d9h.default\Extensions\toolbar@vratnepenize.cz.xpi [2020-05-23]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\havra\AppData\Roaming\Mozilla\Firefox\Profiles\0gut8d9h.default\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2021-01-30]
FF Extension: (WA Web Plus for WhatsApp™) - C:\Users\havra\AppData\Roaming\Mozilla\Firefox\Profiles\0gut8d9h.default\Extensions\{e5b78745-5fde-4ebf-b8c7-465120c9dfe4}.xpi [2020-06-18]
FF Extension: (No Name) - C:\Users\havra\AppData\Roaming\Mozilla\Firefox\Profiles\0gut8d9h.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2017-11-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-10] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-10] (Adobe Inc. -> )
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2017-10-17] (CANON INC.) [File not signed]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\S-1-5-21-3433778575-2911662788-3899533387-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\havra\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-19] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
Chrome:
=======
CHR Profile: C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default [2021-01-31]
CHR Extension: (Prezentace) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-11-26]
CHR Extension: (Dokumenty) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-11-26]
CHR Extension: (Disk Google) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-28]
CHR Extension: (YouTube) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-11-26]
CHR Extension: (Avira Password Manager) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2021-01-28]
CHR Extension: (Adobe Acrobat) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-01-28]
CHR Extension: (Tabulky) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-11-26]
CHR Extension: (Avira Browser Safety) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2021-01-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-01-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-10-11]
CHR Extension: (Gmail) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-28]
CHR Extension: (Chrome Media Router) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-28]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-11-01]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Opera:
=======
OPR Profile: C:\Users\havra\AppData\Roaming\Opera Software\Opera Stable [2021-01-31]
OPR Extension: (Avira Safe Shopping) - C:\Users\havra\AppData\Roaming\Opera Software\Opera Stable\Extensions\dalelnnofafalcmkmnhdbigbjjkloabo [2020-09-25]
OPR Extension: (Avira Password Manager) - C:\Users\havra\AppData\Roaming\Opera Software\Opera Stable\Extensions\ngohaaocccbohaffogpbgfpmpgbcgccg [2020-09-25]
OPR Extension: (Free Avira Phantom VPN – Unblock Websites) - C:\Users\havra\AppData\Roaming\Opera Software\Opera Stable\Extensions\pcgkmkjdikhiodinhloioejnpjgmfigd [2020-09-25]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-10] (Adobe Inc. -> Adobe)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1205960 2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [537472 2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [483432 2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [483432 2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [573960 2021-01-14] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [636592 2020-11-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2988544 2020-06-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [384360 2020-12-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [244888 2020-12-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [161072 2020-12-16] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8960384 2021-01-19] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-09-06] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-09-06] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44064 2021-01-25] (Dropbox, Inc -> Dropbox, Inc.)
S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [315008 2020-08-18] (Dell Inc -> Dell Inc.)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [19128 2020-12-25] (Dell Inc -> Dell INC.)
S3 Dell.CommandPowerManager.Service; C:\WINDOWS\system32\dllhost.exe /Processid:{FB532BEF-8DC0-4B53-BCCC-887E4E733C3C} [21312 2020-11-06] (Microsoft Windows -> Microsoft Corporation)
S3 Dell.CommandPowerManager.Service; C:\WINDOWS\system32\dllhost.exe /Processid:{FB532BEF-8DC0-4B53-BCCC-887E4E733C3C} [21312 2020-11-06] (Microsoft Windows -> Microsoft Corporation)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38592 2020-10-29] (Dell Inc -> )
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-01-30] (Malwarebytes Inc -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [958216 2021-01-30] (McAfee, LLC -> McAfee, LLC)
R2 RAPSService; C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe [64848 2020-08-14] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [64856 2020-08-14] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 SmartByte Analytics Service; C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe [1630576 2020-08-14] (Rivet Networks LLC -> Rivet Networks)
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2385256 2020-08-14] (Rivet Networks LLC -> Rivet Networks)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvdmi.inf_amd64_b706d4e32506a94f\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvdmi.inf_amd64_b706d4e32506a94f\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [78936 2019-06-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22336 2019-02-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [207424 2020-11-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [199752 2020-05-06] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [89736 2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [45472 2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R3 DBUtilDrv2; C:\WINDOWS\System32\drivers\DBUtilDrv2.sys [24952 2021-01-10] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [36400 2018-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2021-01-30] (Malwarebytes Corporation -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220600 2021-01-30] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-01-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198248 2021-01-31] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-01-31] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-01-30] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [142440 2021-01-31] (Malwarebytes Inc -> Malwarebytes)
R3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2020-03-18] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
R3 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [164424 2020-08-14] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [25608 2020-10-08] (AVG Technologies CZ, s.r.o. -> SlimWare Utilities, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 NVHDA; \SystemRoot\system32\drivers\nvhda64v.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-01-31 00:14 - 2021-01-31 00:14 - 000198248 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-01-31 00:14 - 2021-01-31 00:14 - 000142440 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-01-31 00:14 - 2021-01-31 00:14 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-01-31 00:08 - 2021-01-31 00:11 - 000003827 _____ C:\Users\havra\Downloads\Fixlog.txt
2021-01-30 16:53 - 2021-01-31 00:08 - 000000000 ____D C:\Users\havra\AppData\Roaming\Messenger for Desktop
2021-01-30 16:53 - 2021-01-30 16:57 - 000002535 _____ C:\Users\havra\Desktop\Messenger for Desktop.lnk
2021-01-30 16:53 - 2021-01-30 16:53 - 000709264 _____ (MFD LABS LTD) C:\Users\havra\Downloads\messengerfordesktop-setup.exe
2021-01-30 16:53 - 2021-01-30 16:53 - 000002543 _____ C:\Users\havra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Messenger for Desktop.lnk
2021-01-30 16:53 - 2021-01-30 16:53 - 000000000 ____D C:\Users\havra\AppData\Local\messengerfordesktop-updater
2021-01-30 11:57 - 2021-01-30 11:57 - 000007879 _____ C:\Users\havra\Desktop\text.txt
2021-01-30 11:48 - 2021-01-30 11:48 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-01-30 11:48 - 2021-01-30 11:48 - 000220600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-01-30 11:48 - 2021-01-30 11:47 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-01-30 11:27 - 2021-01-30 11:48 - 000002043 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-01-30 11:27 - 2021-01-30 11:48 - 000002031 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-01-30 11:27 - 2021-01-30 11:47 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-01-30 11:27 - 2021-01-30 11:27 - 000000000 ____D C:\Users\havra\AppData\Local\mbam
2021-01-30 11:27 - 2021-01-30 11:27 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-01-30 11:26 - 2021-01-30 11:26 - 000000000 ____D C:\Program Files\Malwarebytes
2021-01-30 11:25 - 2021-01-30 11:25 - 002086424 _____ (Malwarebytes) C:\Users\havra\Downloads\MBSetup.exe
2021-01-30 10:40 - 2021-01-30 18:26 - 000058452 _____ C:\Users\havra\Downloads\Addition.txt
2021-01-30 10:34 - 2021-01-31 00:18 - 000039040 _____ C:\Users\havra\Downloads\FRST.txt
2021-01-30 10:33 - 2021-01-31 00:18 - 000000000 ____D C:\FRST
2021-01-30 10:33 - 2021-01-30 10:33 - 002297856 _____ (Farbar) C:\Users\havra\Downloads\FRST64.exe
2021-01-28 22:56 - 2021-01-28 22:56 - 000001540 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2021-01-28 22:07 - 2021-01-28 22:07 - 001798297 _____ C:\Users\havra\Desktop\fd.pdf
2021-01-28 22:04 - 2021-01-28 22:04 - 000327832 _____ C:\Users\havra\Desktop\david_franc.tif
2021-01-28 21:09 - 2021-01-28 21:09 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-01-28 21:08 - 2021-01-28 21:08 - 000000000 ____D C:\WINDOWS\Panther
2021-01-28 21:04 - 2021-01-28 21:04 - 000001108 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eM Client.lnk
2021-01-28 20:57 - 2021-01-28 22:46 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-01-27 19:40 - 2021-01-27 19:40 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2021-01-27 19:38 - 2021-01-23 09:15 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-01-27 19:38 - 2021-01-23 09:15 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-01-27 19:38 - 2021-01-23 09:14 - 001855192 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-01-27 19:38 - 2021-01-23 09:14 - 001855192 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-01-27 19:38 - 2021-01-23 09:14 - 001453728 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-01-27 19:38 - 2021-01-23 09:14 - 001193120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-01-27 19:38 - 2021-01-23 09:14 - 001094880 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-01-27 19:38 - 2021-01-23 09:14 - 001094880 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-01-27 19:38 - 2021-01-23 09:14 - 000948952 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-01-27 19:38 - 2021-01-23 09:14 - 000948952 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-01-27 19:38 - 2021-01-23 09:12 - 001512096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-01-27 19:38 - 2021-01-23 09:12 - 001164960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-01-27 19:38 - 2021-01-23 09:12 - 000689312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-01-27 19:38 - 2021-01-23 09:12 - 000680096 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-01-27 19:38 - 2021-01-23 09:12 - 000672928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-01-27 19:38 - 2021-01-23 09:12 - 000613536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-01-27 19:38 - 2021-01-23 09:12 - 000558240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-01-27 19:38 - 2021-01-23 09:12 - 000547488 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-01-27 19:38 - 2021-01-23 09:11 - 008262304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-01-27 19:38 - 2021-01-23 09:11 - 007392928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-01-27 19:38 - 2021-01-23 09:11 - 004611744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-01-27 19:38 - 2021-01-23 09:11 - 002731168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-01-27 19:38 - 2021-01-23 09:11 - 002103456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-01-27 19:38 - 2021-01-23 09:11 - 001589408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-01-27 19:38 - 2021-01-23 09:11 - 000813216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-01-27 19:38 - 2021-01-23 09:11 - 000657056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-01-27 19:38 - 2021-01-23 09:11 - 000446624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-01-27 19:38 - 2021-01-23 09:10 - 007116680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-01-27 19:38 - 2021-01-23 09:10 - 006070848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-01-27 19:38 - 2021-01-23 09:10 - 000850080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-01-27 19:38 - 2021-01-22 23:59 - 000084264 _____ C:\WINDOWS\system32\nvinfo.pb
2021-01-27 19:34 - 2021-01-27 19:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2021-01-25 21:28 - 2021-01-25 21:28 - 118444029 _____ C:\Users\havra\Downloads\DaVinci_Resolve_16_Reference_Manual.pdf
2021-01-25 21:26 - 2021-01-25 21:44 - 2441458126 _____ C:\Users\havra\Downloads\DaVinci_Resolve_17.0b7_Windows(1).zip
2021-01-25 21:02 - 2021-01-25 21:02 - 001116061 _____ C:\Users\havra\Desktop\david_franc.pdf
2021-01-25 17:12 - 2021-01-25 17:12 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2021-01-25 17:12 - 2021-01-25 17:12 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2021-01-25 17:12 - 2021-01-25 17:12 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2021-01-25 17:12 - 2021-01-25 17:12 - 000044064 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2021-01-24 13:06 - 2021-01-24 13:06 - 003048577 _____ C:\Users\havra\Downloads\vecteezy_abstract-watercolor-stroke-design-background_254909.zip
2021-01-24 12:56 - 2021-01-24 12:57 - 060442988 _____ C:\Users\havra\Downloads\Archivar.zip
2021-01-24 12:46 - 2021-01-24 12:46 - 012549894 _____ C:\Users\havra\Downloads\vecteezy_watercolor-flower-frame-background-with-text-space-vector-illustration_563617.zip
2021-01-24 12:46 - 2021-01-24 12:46 - 010779160 _____ C:\Users\havra\Downloads\vecteezy_watercolor-flower-background-illustration-with-text-space-isolated-on-a-white-background-vector-illustration_564125.zip
2021-01-24 12:43 - 2021-01-24 12:43 - 037897324 _____ C:\Users\havra\Downloads\vecteezy_watercolor-pink-floral-card-floral-frame-watercolor-background-with-flowers_146553.zip
2021-01-24 12:42 - 2021-01-24 12:42 - 053215250 _____ C:\Users\havra\Downloads\09.zip
2021-01-24 12:41 - 2021-01-24 12:41 - 019220157 _____ C:\Users\havra\Downloads\vecteezy_save-the-date-watercolor-card-watercolor-floral-card-save-the-date-illustration-with-blue-watercolor-flowers-wedding-painted-card_146556.zip
2021-01-24 12:41 - 2021-01-24 12:41 - 015816158 _____ C:\Users\havra\Downloads\vecteezy_vintage-watercolor-floral-card-watercolor-flowers-on-vintage-background-flowers-watercolor-illustration_146555.zip
2021-01-24 12:18 - 2021-01-24 12:18 - 034939012 _____ C:\Users\havra\Downloads\mega_pack_flowers_by_ikoci_dcdaxux.zip
2021-01-23 17:49 - 2021-01-23 17:49 - 000000000 ____D C:\Users\havra\AppData\Local\M-Photo_Ltd
2021-01-23 17:35 - 2021-01-23 17:35 - 031558304 _____ (CDSM ) C:\Users\havra\Downloads\designer_cdsm_skn-32_210x148_2021_win_cz.exe
2021-01-23 17:32 - 2021-01-23 17:32 - 000000000 ____D C:\ProgramData\M-Photo
2021-01-23 17:31 - 2021-01-23 20:26 - 000000000 ____D C:\CDSM
2021-01-23 17:31 - 2021-01-23 17:31 - 015284974 _____ C:\WINDOWS\SysWOW64\CDSM_CDSM Designer_uninstaller.exe
2021-01-23 17:31 - 2021-01-23 17:31 - 000002317 _____ C:\Users\Public\Desktop\CDSM Designer.lnk
2021-01-23 17:31 - 2021-01-23 17:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDSM
2021-01-23 17:31 - 2021-01-23 17:31 - 000000000 ____D C:\Program Files (x86)\CDSM
2021-01-23 17:19 - 2021-01-23 17:25 - 932341237 _____ C:\Users\havra\Downloads\CDSM_Designer_setup_7.1.7.1.exe
2021-01-20 22:58 - 2021-01-20 22:58 - 000000000 ____D C:\Users\havra\AppData\Local\EopAuthApp
2021-01-20 22:57 - 2021-01-20 22:57 - 000002158 _____ C:\Users\Public\Desktop\eObčanka - Správce karty.lnk
2021-01-20 22:57 - 2021-01-20 22:57 - 000002153 _____ C:\Users\Public\Desktop\eObčanka - identifikace.lnk
2021-01-20 22:57 - 2021-01-20 22:57 - 000000000 ____D C:\Program Files\eObcanka
2021-01-20 22:52 - 2021-01-20 22:52 - 017093800 _____ C:\Users\havra\Downloads\eObcanka_x64.exe
2021-01-19 18:40 - 2021-01-19 18:40 - 000000000 ____D C:\ProgramData\Intel Package Cache {1CEAC85D-2590-4760-800F-8DE5E91F3700}
2021-01-19 18:39 - 2021-01-19 18:39 - 000004206 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1601063328
2021-01-19 18:39 - 2021-01-19 18:39 - 000001395 _____ C:\Users\havra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2021-01-16 23:03 - 2021-01-16 23:33 - 2967829919 _____ C:\Users\havra\Downloads\sarlatan fullhd 2020.mp4
2021-01-15 22:45 - 2021-01-15 22:45 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-15 22:45 - 2021-01-15 22:45 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-15 22:45 - 2021-01-15 22:45 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-15 22:45 - 2021-01-15 22:45 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-15 22:45 - 2021-01-15 22:45 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-15 22:45 - 2021-01-15 22:45 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-15 22:45 - 2021-01-15 22:45 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-15 22:45 - 2021-01-15 22:45 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-15 22:45 - 2021-01-15 22:45 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-15 22:45 - 2021-01-15 22:45 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-15 22:45 - 2021-01-15 22:45 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-15 22:45 - 2021-01-15 22:45 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-15 22:45 - 2021-01-15 22:45 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-15 22:45 - 2021-01-15 22:45 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-15 22:45 - 2021-01-15 22:45 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-15 22:45 - 2021-01-15 22:45 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-15 22:45 - 2021-01-15 22:45 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-15 22:45 - 2021-01-15 22:45 - 000010894 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-01-15 22:44 - 2021-01-15 22:44 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-15 22:44 - 2021-01-15 22:44 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-15 22:44 - 2021-01-15 22:44 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-01-15 22:44 - 2021-01-15 22:44 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-15 22:44 - 2021-01-15 22:44 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-01-15 22:44 - 2021-01-15 22:44 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-15 22:44 - 2021-01-15 22:44 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-15 22:44 - 2021-01-15 22:44 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-15 22:44 - 2021-01-15 22:44 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-15 22:44 - 2021-01-15 22:44 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-15 22:44 - 2021-01-15 22:44 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-15 22:44 - 2021-01-15 22:44 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-15 22:44 - 2021-01-15 22:44 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-15 22:44 - 2021-01-15 22:44 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-01-15 22:43 - 2021-01-15 22:43 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-15 22:43 - 2021-01-15 22:43 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-01-15 22:43 - 2021-01-15 22:43 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-15 22:43 - 2021-01-15 22:43 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-01-15 22:43 - 2021-01-15 22:43 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-15 22:43 - 2021-01-15 22:43 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-15 22:43 - 2021-01-15 22:43 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-15 22:43 - 2021-01-15 22:43 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-10 18:40 - 2021-01-10 18:40 - 000003072 _____ C:\Users\havra\AppData\Roaming\MCLAB Prefsv3
2021-01-10 14:51 - 2021-01-10 14:51 - 000024952 _____ C:\WINDOWS\system32\Drivers\DBUtilDrv2.sys
2021-01-10 11:43 - 2021-01-10 11:43 - 000001904 _____ C:\Users\Public\Desktop\MCLAB.lnk
2021-01-10 11:43 - 2021-01-10 11:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCLAB
2021-01-10 11:41 - 2021-01-10 12:05 - 000000000 ____D C:\Program Files (x86)\MCLAB
2021-01-10 11:28 - 2021-01-10 11:38 - 1212398897 _____ C:\Users\havra\Downloads\MCLAB(1).exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-01-31 00:16 - 2019-02-07 20:19 - 000000000 ____D C:\ProgramData\Mozilla
2021-01-31 00:16 - 2018-06-26 07:10 - 000000000 ____D C:\ProgramData\NVIDIA
2021-01-31 00:15 - 2019-02-09 13:09 - 000000000 ____D C:\Users\Public\Speedup Sessions
2021-01-31 00:15 - 2018-09-06 12:56 - 000000000 ____D C:\Users\havra\AppData\LocalLow\Mozilla
2021-01-31 00:14 - 2020-10-10 12:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-31 00:14 - 2020-10-10 12:28 - 000008192 ___SH C:\DumpStack.log.tmp
2021-01-31 00:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-01-31 00:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-31 00:14 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-31 00:14 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-01-31 00:14 - 2018-09-06 12:45 - 000000000 __SHD C:\Users\havra\IntelGraphicsProfiles
2021-01-31 00:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-01-31 00:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Registration
2021-01-31 00:08 - 2018-09-06 13:22 - 000000000 ____D C:\Users\havra\AppData\Roaming\WhatsApp
2021-01-30 23:42 - 2020-06-05 19:24 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-30 23:42 - 2020-06-05 19:24 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-01-30 23:42 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-30 23:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-01-30 23:41 - 2020-10-10 12:28 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-30 16:56 - 2018-09-06 22:23 - 000001329 _____ C:\Users\havra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Messenger.lnk
2021-01-30 16:56 - 2018-09-06 22:23 - 000000000 ____D C:\Users\havra\AppData\Local\Messenger
2021-01-30 16:04 - 2018-09-19 21:56 - 000000000 ____D C:\Users\havra\AppData\Roaming\eM Client
2021-01-30 15:43 - 2020-10-10 12:31 - 001693410 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-30 15:43 - 2019-12-07 15:41 - 000719302 _____ C:\WINDOWS\system32\perfh005.dat
2021-01-30 15:43 - 2019-12-07 15:41 - 000145428 _____ C:\WINDOWS\system32\perfc005.dat
2021-01-30 15:43 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-01-30 15:35 - 2020-10-10 12:30 - 000000000 ____D C:\Users\havra
2021-01-30 11:48 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-01-30 11:12 - 2019-06-20 20:31 - 000000000 ____D C:\Users\havra\AppData\Local\WhatsApp
2021-01-30 10:08 - 2019-10-25 21:19 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-01-28 22:56 - 2018-06-26 07:09 - 000000000 ____D C:\Program Files (x86)\Intel
2021-01-28 22:56 - 2018-06-26 07:08 - 000000000 ____D C:\ProgramData\Package Cache
2021-01-28 22:46 - 2018-09-06 12:56 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-01-28 22:45 - 2018-09-06 12:42 - 000000000 ____D C:\ProgramData\Goodix
2021-01-28 21:09 - 2018-09-06 12:56 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-01-28 21:04 - 2018-09-19 21:56 - 000000000 ____D C:\Program Files (x86)\eM Client
2021-01-28 20:55 - 2018-09-07 10:37 - 000000000 ____D C:\Users\havra\AppData\Local\NVIDIA
2021-01-27 19:35 - 2018-09-06 12:51 - 000000000 ____D C:\Program Files (x86)\Dropbox
2021-01-25 22:55 - 2018-09-06 12:45 - 000000000 ____D C:\Users\havra\AppData\Local\Packages
2021-01-25 22:08 - 2018-11-27 23:53 - 000000000 ____D C:\Program Files\Microsoft Office
2021-01-25 16:44 - 2018-10-11 14:14 - 000000000 ____D C:\Users\havra\AppData\Local\D3DSCache
2021-01-24 12:29 - 2019-01-12 23:08 - 000000000 ____D C:\Users\havra\Downloads\santoro
2021-01-23 17:51 - 2018-09-06 12:51 - 000000938 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2021-01-23 17:51 - 2018-09-06 12:51 - 000000934 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2021-01-23 16:15 - 2018-10-16 20:35 - 000001480 _____ C:\Users\havra\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2021-01-23 16:08 - 2020-10-10 12:35 - 000003998 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2021-01-23 16:08 - 2020-10-10 12:35 - 000003766 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2021-01-23 16:08 - 2018-11-26 14:55 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-20 23:05 - 2018-09-06 13:12 - 000000000 ____D C:\Users\havra\AppData\Local\CrashDumps
2021-01-20 22:05 - 2018-09-06 13:21 - 000000000 ____D C:\Users\havra\AppData\Local\SquirrelTemp
2021-01-20 18:33 - 2020-10-10 12:35 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-01-20 18:33 - 2020-10-10 12:35 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-01-19 23:10 - 2019-07-03 22:40 - 000000000 ____D C:\Users\havra\Desktop\POSLAT FOTO
2021-01-19 22:52 - 2018-09-19 21:56 - 000000000 ____D C:\Users\havra\AppData\Local\eM Client
2021-01-16 22:57 - 2018-09-06 13:03 - 000000000 ____D C:\Users\havra\AppData\Local\PlaceholderTileLogoFolder
2021-01-15 23:48 - 2020-10-10 12:28 - 000630624 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-15 23:47 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-15 23:47 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-15 22:47 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-01-15 22:43 - 2020-10-10 12:31 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-01-15 22:37 - 2018-09-06 12:39 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-01-15 22:35 - 2018-09-06 12:39 - 135062968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-01-13 21:54 - 2020-09-16 22:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-01-10 17:27 - 2018-12-08 14:52 - 000000000 ____D C:\Users\havra\Documents\MCLAB Projects
2021-01-10 11:21 - 2018-09-08 16:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2021-01-09 16:46 - 2018-09-08 16:39 - 000001284 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2021-01-09 16:16 - 2020-11-29 11:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2021-01-09 16:16 - 2018-09-06 13:07 - 000000000 ____D C:\Users\Public\PrivacyPal Sessions
2021-01-02 10:32 - 2018-06-26 07:08 - 000000000 ____D C:\Program Files\Intel
2021-01-02 10:31 - 2020-10-10 12:35 - 000003718 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update
==================== Files in the root of some directories ========
2021-01-10 18:40 - 2021-01-10 18:40 - 000003072 _____ () C:\Users\havra\AppData\Roaming\MCLAB Prefsv3
2018-10-16 20:35 - 2021-01-23 16:15 - 000001480 _____ () C:\Users\havra\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2018-09-29 23:18 - 2018-09-29 23:18 - 000000000 _____ () C:\Users\havra\AppData\Local\oobelibMkey.log
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-01-2021
Ran by havra (31-01-2021 00:20:12)
Running from C:\Users\havra\Downloads
Windows 10 Home Version 20H2 19042.746 (X64) (2020-10-10 11:35:51)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3433778575-2911662788-3899533387-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3433778575-2911662788-3899533387-503 - Limited - Disabled)
Guest (S-1-5-21-3433778575-2911662788-3899533387-501 - Limited - Disabled)
havra (S-1-5-21-3433778575-2911662788-3899533387-1001 - Administrator - Enabled) => C:\Users\havra
WDAGUtilityAccount (S-1-5-21-3433778575-2911662788-3899533387-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {88AE6B46-DC3C-455A-A21B-085F285A3546}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.23 - Adobe Systems)
Adobe After Effects CC 2018 (HKLM\...\{8ADE49BB-209D-4F01-9B3B-A51F0D8CE9E1}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe After Effects CC 2018 (HKLM-x32\...\AEFT_15_0_0) (Version: 15.0.0 - Adobe Systems Incorporated)
Adobe Ai (HKLM\...\{A6D98A72-324F-4F31-BC36-5118A8EAECDD}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.7.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
Adobe Illustrator CC 2018 (HKLM-x32\...\ILST_22_0_1) (Version: 22.0.1 - Adobe Systems Incorporated)
Adobe Indes (HKLM\...\{CA2E76F3-BB69-486A-88D2-A3D387B69484}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe InDesign CC 2018 (HKLM-x32\...\IDSN_13_0_1) (Version: 13.0.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_1_6) (Version: 19.1.6 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2018 (HKLM\...\{7DC3F900-68E5-40F1-869D-9D20A69D8A1D}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CC 2018 (HKLM-x32\...\PPRO_12_0_0) (Version: 12.0.0 - Adobe Systems Incorporated)
Aktualizace NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{77a9e051-78e4-40ba-8659-8162beadb3fa}) (Version: 20.70.0 - Intel Corporation)
Audiolibrix Manager 2.1.0 (HKLM\...\d2402422-088d-502c-a1d4-8e2ce36e8ce5) (Version: 2.1.0 - Audiolibrix)
Avira (HKLM-x32\...\{161e6084-b0f5-43e8-86d8-09eda5c0893d}) (Version: 1.2.153.30452 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{426D1710-5DFD-45E9-B11D-464792C5AD35}) (Version: 1.2.153.30452 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{fe9700ea-db9c-48bd-9561-b7d053321d04}) (Version: 1.2.152.1479 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2101.2070 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.37.1.24458 - Avira Operations GmbH & Co. KG) Hidden
Avira Privacy Pal (HKLM-x32\...\{F2BC8305-DFBE-4C02-A906-9BBD8EE299A3}_is1) (Version: 2.4.0.1962 - Avira Operations GmbH & Co. KG)
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.0.42.14101 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version: - Avira Operations GmbH & Co. KG;)
Avira Software Updater (HKLM-x32\...\{9F45C615-6D95-47B5-BB0C-D78F6D15DE21}) (Version: 2.0.6.42639 - Avira Operations GmbH & Co. KG) Hidden
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.9.0.11050 - Avira Operations GmbH & Co. KG) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Canon Easy-PhotoPrint Editor (HKLM-x32\...\Canon Easy-PhotoPrint Editor) (Version: 1.4.0 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon iP7200 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP7200_series) (Version: - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
CDSM Designer (HKLM-x32\...\CDSM_CDSM Designer) (Version: - )
Dell Digital Delivery (HKLM-x32\...\{A9758B6E-19FC-4DB4-A031-AFE6C2327A35}) (Version: 3.5.1004.0 - Dell Products, LP)
Dell Mobile Connect Drivers (HKLM\...\{AAB336F0-6FC6-4BFE-AD7E-315FCDF20156}) (Version: 1.1.3750 - Screenovate Technologies Ltd.)
Dell Power Manager Service (HKLM\...\{18469ED8-8C36-4CF7-BD43-0FC9B1931AF8}) (Version: 3.7.0 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{69BD2675-5E9B-440E-ADEE-3AEA812D6900}) (Version: 5.3.1.13866 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{85538c44-3493-4bf6-8d8b-aa13aee53222}) (Version: 5.3.1.13866 - Dell Inc.)
Dell Update - SupportAssist Update Plugin (HKLM\...\{3C4F6923-3BE1-4E6C-8DEE-9EEF1E433795}) (Version: 5.2.1.12926 - Dell Inc.) Hidden
Dell Update - SupportAssist Update Plugin (HKLM-x32\...\{8d32f870-d6fd-4420-b5cb-c29ac65f628d}) (Version: 5.2.1.12926 - Dell Inc.)
Dell Update (HKLM-x32\...\{944FB5B0-9588-45FD-ABE8-73FC879801ED}) (Version: 4.0.0 - Dell Inc.)
Documentation Manager (HKLM\...\{EC7D2299-EAEC-498A-947B-ADC4495AA6D6}) (Version: 22.20.0.6 - Intel Corporation) Hidden
Driver Easy verze 1.5 (HKLM-x32\...\Driver Easy_is1) (Version: 1.5 - )
Dropbox (HKLM-x32\...\Dropbox) (Version: 114.4.426 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.415.1 - Dropbox, Inc.) Hidden
DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 2.0.6875.402 - PC-Doctor, Inc.) Hidden
eM Client (HKLM-x32\...\{D1A4EE66-AD4A-4EBB-91B2-19B5BCEB82B1}) (Version: 8.1.1054.0 - eM Client Inc.)
eObčanka (HKLM\...\{B60846B5-C015-4BCA-AED5-61A696B16159}) (Version: 3.1.3.21015 - MONET+, a.s. pro Ministerstvo vnitra České republiky)
FormatFactory 4.3.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.3.0.0 - Free Time)
Goodix Fingerprint Driver (HKLM\...\{60FAB781-18F2-4D2B-A8E7-B3AADD327955}_is1) (Version: 1.0.33.800 - Goodix, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.104 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Intel Driver && Support Assistant (HKLM-x32\...\{F0E9774D-C5A1-4C83-89F9-191E1334D476}) (Version: 21.1.5.2 - Intel) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{D40D4164-EEDB-4F0F-85C6-2058A9E34CC7}) (Version: 2.4.04370 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.4.10501.6067 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2014.14.0.1540 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.4973 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.7.0.1006 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1727.1 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.60.155.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{047f2156-ee7f-4a24-b3c2-c0c5c2c81557}) (Version: 1.60.155.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000020-0220-1029-84C8-B8D95FA3C8C3}) (Version: 22.20.0.3 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{beabe998-b0dd-460a-82c3-f48ff70bca66}) (Version: 21.1.5.2 - Intel)
Intel® Chipset Device Software (HKLM-x32\...\{55d73ea7-6354-42db-8831-02d048ae57f8}) (Version: 10.1.17541.8066 - Intel(R) Corporation) Hidden
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{7EBADAB6-B7AC-4560-85A7-FF345559F193}) (Version: 17.2.6.1027 - Intel Corporation)
Intel® Software Installer (HKLM-x32\...\{4a50fa17-2911-43ed-a2a1-d3a34411e2bb}) (Version: 21.110.2.1 - Intel Corporation) Hidden
Intel® Software Installer (HKLM-x32\...\{76cc8e2a-8308-43d3-a3c3-423d2a1ca435}) (Version: 22.20.0.6 - Intel Corporation) Hidden
jwDuplFiles 2.0 (HKLM-x32\...\jwDuplFiles_is1) (Version: - jw)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.2.15 - PandoraTV)
LibreOffice 6.4.2.2 (HKLM\...\{366B3DEE-791D-4044-AC14-4FE2265754BA}) (Version: 6.4.2.2 - The Document Foundation)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
MCLAB (HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\MCLAB) (Version: MCLAB 2019.3.0 - Computer MCL Brno, spol. s.r.o.)
Messenger for Desktop (HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\{4e2a4302-5df4-5868-a685-36c844414384}) (Version: 3.0.15 - MFD LABS LTD)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.13530.20440 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.56 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.71 - )
Microsoft OneDrive (HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\Teams) (Version: 1.3.00.12058 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{97238E8A-4919-4A1E-965A-C6C36938F4CE}) (Version: 2.68.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{2749c485-3a8b-4533-92ff-7cf6e8221cff}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Mozilla Firefox 85.0 (x64 cs) (HKLM\...\Mozilla Firefox 85.0 (x64 cs)) (Version: 85.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0.1 - Mozilla)
Mozilla Thunderbird 60.9.1 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 60.9.1 (x86 cs)) (Version: 60.9.1 - Mozilla)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.1 - Nikon)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 461.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.40 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.20.0221 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.20.0221 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13530.20440 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13530.20440 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13530.20440 - Microsoft Corporation) Hidden
Opera Stable 73.0.3856.344 (HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\Opera 73.0.3856.344) (Version: 73.0.3856.344 - Opera Software)
PicosmosTools 2.0.0.0 (HKLM-x32\...\PicosmosTools) (Version: 2.0.0.0 - Free Time)
Product Key Recovery (HKLM-x32\...\Product Key Recovery) (Version: - SmartKey, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.18362.31252 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8443 - Realtek Semiconductor Corp.)
Seznam Software (HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\SeznamInstall) (Version: 2.1.32 - Seznam.cz)
SmartByte Drivers and Services (HKLM\...\{9668B1BB-D0FE-4C0C-800C-B1555E069A62}) (Version: 3.1.940 - Název společnosti:)
Thunderbolt™ Software (HKLM-x32\...\{30F0067F-DD79-431B-BA5F-6CB4897785A5}) (Version: 17.4.79.510 - Intel Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Viber (HKLM-x32\...\{42C4FDB0-2783-46D1-8160-9C6A353E05CC}) (Version: 9.6.0.12 - Viber Media Inc.) Hidden
Viber (HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\{984742de-418e-4f95-ac61-487a3cee7822}) (Version: 9.6.0.12 - Viber Media Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-4) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.191 - McAfee, LLC)
WhatsApp (HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\WhatsApp) (Version: 2.2102.8 - WhatsApp)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.60 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)
YouTubePlayer version 1.4 (HKLM-x32\...\{719F8D15-70B1-4AFA-A611-3EE118499D9F}_is1) (Version: 1.4 - YouTubePlayer)
Zoom (HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.)
Packages:
=========
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_2.9.0.1_neutral__6e5tt8cgb93ep [2021-01-16] (Canon Inc.)
Dell Customer Connect -> C:\Program Files\WindowsApps\DellInc.DellCustomerConnect_5.2.45.0_x64__htrsf667h5kn2 [2020-07-28] (Dell Inc)
Dell Mobile Connect -> C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.1.9518.0_x64__0vhbc3ng4wbp0 [2020-07-18] (Screenovate Technologies) [Startup Task]
Dell Power Manager -> C:\Program Files\WindowsApps\DellInc.DellPowerManager_3.7.10.0_x64__htrsf667h5kn2 [2020-10-10] (Dell Inc)
Dell Product Registration -> C:\Program Files\WindowsApps\DellInc.DellProductRegistration_3.4.6.0_x64__htrsf667h5kn2 [2018-06-26] (Dell Inc)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.5.201.0_x64__rz1tebttyb220 [2020-09-26] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-09] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2018-09-30] (Microsoft Corporation)
Hidden City: Hidden Object Adventure -> C:\Program Files\WindowsApps\828B5831.HiddenCityMysteryofShadows_1.37.3702.0_x86__ytsefhwckbdv6 [2020-10-01] (G5 Entertainment AB)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.2.0_neutral__8xx8rvfyw5nnt [2020-06-03] (Instagram)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2018-09-06] (LinkedIn)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_730.2.121.0_x64__8xx8rvfyw5nnt [2020-10-25] (Facebook Inc) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-10] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-10] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-25] (Microsoft Studios) [MS Ad]
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.28.32802.0_x64__8wekyb3d8bbwe [2020-10-25] (Microsoft Corporation) [Startup Task]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-18] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-01-27] (NVIDIA Corp.)
O2 TV -> C:\Program Files\WindowsApps\D8378DF7.O2TVGo_20182.0.25.0_x64__tqn3m7kee4xc8 [2020-08-05] (O2 Czech Republic a.s.)
RAR Opener -> C:\Program Files\WindowsApps\DeviceDoctor.RAROpener_1.3.48.0_x64__mkdtfchztkfbm [2018-09-07] (Tiny Opener)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-26] (Microsoft Corporation)
SmartByte -> C:\Program Files\WindowsApps\RivetNetworks.SmartByte_3.1.940.0_x64__rh07ty8m5nkag [2020-09-06] (Rivet Networks LLC)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0 [2020-10-25] (Spotify AB) [Startup Task]
SupportAssist Driver Update -> C:\Program Files\WindowsApps\DriverToaster_1.5.0.0_x86__rqs2nt378nwsp [2018-09-06] (Dell Inc.)
To-Do Prime -> C:\Program Files\WindowsApps\28251VinodShinde.To-DoPrime_1.50.40.0_x64__m4hs2z1tqny7y [2020-06-03] (Vinod Shinde)
ToDo-List -> C:\Program Files\WindowsApps\35998AlexanderSworski.ToDo-List_1.1.9.0_x64__f1p03rq2y10n8 [2020-06-03] (Alexander Sworski)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2019-08-02] (Microsoft Corporation)
Váš telefon -> C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20092.123.0_x64__8wekyb3d8bbwe [2020-10-25] (Microsoft Corporation)
Waves MaxxAudio Pro for Dell -> C:\Program Files\WindowsApps\WavesAudio.WavesMaxxAudioProforDell_1.1.131.0_x64__fh4rh281wavaa [2018-09-06] (Waves Audio)
WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2041.7.0_x64__cv1g1gvanyjgm [2020-10-25] (WhatsApp Inc.)
Wunderlist: To-Do List & Tasks -> C:\Program Files\WindowsApps\6Wunderkinder.Wunderlist_3.6.43.0_x64__b4cwydgxqx59r [2020-05-01] (6 Wunderkinder GmbH)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-8910E2A5A6E5} -> [Creative Cloud Files] => C:\Users\havra\Creative Cloud Files [2018-09-07 10:35]
CustomCLSID: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\havra\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20031.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (IDSA Production signing key 2021 -> Intel)
CustomCLSID: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_ea0ec4bdf897f2a9\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
CustomCLSID: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\havra\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20031.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\havra\Dropbox [2018-09-06 12:53]
CustomCLSID: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-03-19] () [File not signed] [File is in use]
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time) [File not signed]
ContextMenuHandlers1: [PicosmosShell] -> {A3888921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\PicosmosTools\ShellEx64_100.dll [2018-05-12] (Free Time) [File not signed]
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-12-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-01-30] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-03-19] () [File not signed] [File is in use]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time) [File not signed]
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-12-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki127005.inf_amd64_753576c4406c1193\igfxDTCM.dll [2018-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvdmi.inf_amd64_b706d4e32506a94f\nvshext.dll [2021-01-23] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-12-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-01-30] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-08-05 23:52 - 2020-08-05 23:52 - 020951040 _____ () [File not signed] C:\Program Files\WindowsApps\D8378DF7.O2TVGo_20182.0.25.0_x64__tqn3m7kee4xc8\O2TV.UWP.dll
2020-04-26 18:12 - 2012-06-14 16:18 - 000359936 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2020-08-14 20:29 - 2020-08-14 20:29 - 000122880 _____ (Rivet Networks) [File not signed] C:\Program Files\Rivet Networks\SmartByte\KillerNetworkServicePS.dll
2021-01-09 18:18 - 2021-01-09 18:18 - 000913920 _____ (ServiceStack) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\ServiceStack.Text\8ca4971d44541d48e21f0e804700d8fc\ServiceStack.Text.ni.dll
2018-12-26 14:32 - 2018-12-26 14:32 - 001478144 _____ (SQLite Development Team) [File not signed] C:\Program Files\WindowsApps\D8378DF7.O2TVGo_20182.0.25.0_x64__tqn3m7kee4xc8\sqlite3.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=12454
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001 -> {2584D045-063D-450C-98AD-71BF606488E0} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001 -> {2D8CFB70-2A7C-4B09-A4AE-4AA42963E74F} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001 -> {404DF86F-9171-4780-9A69-E0CB5B03D7F1} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001 -> {4EB8507E-BCB3-4FD8-99F7-4C9D2CA1B2FF} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001 -> {5ECF9F50-8DC8-4235-B99F-BB72F0B9676B} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001 -> {80C5279E-71D9-4FBE-A897-AD6F86BA3415} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001 -> {ABC04BB9-8A5C-42B9-9096-AD53C9BFAFAD} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001 -> {B55C3FE5-1A80-4699-9CFE-27CFE26031B0} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001 -> {D60B70BD-5559-4ABD-8427-10519DFA8989} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2021-01-30] (McAfee, LLC -> McAfee, LLC)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-01-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2021-01-30] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-13] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 14:46 - 2017-09-29 14:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\havra\Pictures\received_1086403274730104.jpeg
DNS Servers: 217.30.64.53 - 217.30.64.54
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => ""
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => ""
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\StartupApproved\StartupFolder: => "Mámemail Pošťák.lnk"
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\StartupApproved\StartupFolder: => "wandoujia_helper.lnk"
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\StartupApproved\Run: => ""
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{B7E4CB5C-4677-45EE-94D5-7E8A2F23293F}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.1.9518.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
FirewallRules: [{C0A89B7C-9105-4F35-8858-708EAA60411E}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.1.9518.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
FirewallRules: [UDP Query User{212C20BC-137F-43EB-885C-B8C4C539DFC5}C:\users\havra\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\havra\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{176C1347-C60F-46F6-AC83-0E6751DB00FC}C:\users\havra\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\havra\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4DB21198-77BC-4E90-850B-64BA1AF98F52}] => (Allow) C:\Users\havra\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{25F76282-CDF2-4CD0-8EBE-A208191F9E13}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Package\PTInstOnline.exe (Free Time Co., Ltd. -> Free Time)
FirewallRules: [{760703AB-EE0A-4B2C-A7CB-C02AA949D984}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{505499DB-FD03-4DF5-A32F-55A993C75BCB}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [{DBEA28E5-A32B-4E93-9B9C-FE70B4889085}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{AA98CD5C-E06F-448C-A898-91A046A63904}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [{99E1E210-63A5-4793-8F07-BDCFF753165F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5ABF222D-413E-469E-B46C-E963E08B2AA5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{8DD45874-DA23-4B61-A18D-86204FE3E5AF}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{8E22717A-5C5F-49F6-B9A7-8CEEA56A943D}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F278C01F-80E8-4F5A-871E-06CFE55BD66F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A06B78A5-F357-4EED-947A-D9657CAEE6D3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{22BDA38D-1D63-4317-AC2A-892EFA16C6A4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16050.11029.20079.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{55D0626F-0F34-44D2-9068-42A8FE80F352}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{8E6CC5F3-4F42-4359-833D-5EC18F0AABD3}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{6430A3B2-BAF8-48DF-9B7B-9F1F442E1768}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{8E221DD1-C533-40DC-9155-18FDA6D7B22C}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{915A6952-80B4-4564-9F19-E866EC2C1194}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{E44C1914-7F2F-4F70-A971-A8298A7310B9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{690E41BF-EAE2-4B47-8DA5-63B3CC8BE3E0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1AB60A55-21D4-46DC-B065-DD9F9E898F4D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{69F8F2B6-04E7-4142-94C1-6E5F6D805FD6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6312DBD9-5D58-41DA-B2D1-C9ABD4EB75A7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2629352C-3E52-42AD-BFDE-189BCE8A0888}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E8A37CB1-253C-4C13-A8E6-EEB265FF8C00}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D425733F-3728-4BDC-9E07-A72E0525AFB0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A81CF913-0263-4EC7-837F-3C16E23B3344}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{76580351-9979-41FC-9182-26E3A48E1AE3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B851B1A2-08BF-4925-AE50-B8A55CB6ACB0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D53D16F1-B1AD-45C1-9F0E-0CDF38798059}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EDF11564-BF1C-40DC-939F-6A91418C2782}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8EE88FD5-920E-4889-944C-887D928F0B5C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{119EB0A3-E3BA-46BC-B30D-F417B4E1B473}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5CA86DC2-5020-44B4-9B10-8D46F6459FF1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E0CF9C58-AD88-47F3-BA26-CF4BFB06892A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{23C6B9E2-5249-4A49-AB6A-85B15B8AE42E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{885639C8-191E-4B4A-8244-AD0D3A4E1D72}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{5155E528-7BDA-4D25-9060-8A880070BE47}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{54D22FF5-FB89-4933-A3B2-CAB591C5820B}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{E38B2A67-538B-4ACE-93D8-FC18C5139EF7}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
==================== Restore Points =========================
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/31/2021 12:14:02 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (01/30/2021 11:41:38 PM) (Source: DellCommandPowerManager) (EventID: 0) (User: )
Description: Error from DellPowerManager.exe GUI-ATA02
Message: Invalid alert info: 000300000008000700000000
Error: (01/30/2021 11:46:06 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).
Error: (01/30/2021 10:08:24 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (01/30/2021 10:05:32 AM) (Source: DellCommandPowerManager) (EventID: 0) (User: )
Description: Error from DellPowerManager.exe GUI-ATA02
Message: Invalid alert info: 000300000008000700000000
Error: (01/28/2021 08:57:48 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (01/28/2021 08:54:35 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).
Error: (01/27/2021 07:34:54 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Objekt nebo vlastnost nebyly nalezeny.
System errors:
=============
Error: (01/31/2021 12:14:02 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\system32\IntelIHVRouter08.dll
Error: (01/31/2021 12:14:02 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\system32\IntelIHVRouter08.dll
Error: (01/31/2021 12:13:57 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\system32\IntelIHVRouter08.dll
Error: (01/31/2021 12:13:56 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-2OHMFH6)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/31/2021 12:13:56 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-2OHMFH6)
Description: Server Microsoft.Windows.Search_1.14.0.19041_neutral_neutral_cw5n1h2txyewy!CortanaUI#{0916D3F3-6E81-4C64-A77F-2A1E618F3FEF} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/31/2021 12:08:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Driver & Support Assistant Updater byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (01/31/2021 12:08:06 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Systémová aplikace modelu COM+ byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.
Error: (01/31/2021 12:08:06 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Dell SupportAssist Remediation byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.
CodeIntegrity:
===================================
Date: 2020-10-24 15:29:14.0600000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Avira\Antivirus\libcurl.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. 1.14.0 10/29/2020
Motherboard: Dell Inc. 0JGKPC
Processor: Intel(R) Core(TM) i7-8750H CPU @ 2.20GHz
Percentage of memory in use: 45%
Total physical RAM: 16240.71 MB
Available physical RAM: 8858.44 MB
Total Virtual: 22640.71 MB
Available Virtual: 13414.63 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:462.7 GB) (Free:6.92 GB) NTFS
\\?\Volume{b4fca574-aaf3-4053-bd44-f45a28cb866a}\ (WINRETOOLS) (Fixed) (Total:0.79 GB) (Free:0.28 GB) NTFS
\\?\Volume{f0fabba5-6b6f-4d9e-8691-130082bf8c98}\ (Image) (Fixed) (Total:11.54 GB) (Free:0.15 GB) NTFS
\\?\Volume{f8802ac2-6042-4b30-abe7-21b009ba693a}\ (DELLSUPPORT) (Fixed) (Total:1.14 GB) (Free:0.34 GB) NTFS
\\?\Volume{80085436-f96a-42a2-bfaf-7f82caca7bab}\ (ESP) (Fixed) (Total:0.63 GB) (Free:0.56 GB) FAT32
==================== MBR & Partition Table ====================
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-01-2021
Ran by havra (administrator) on DESKTOP-2OHMFH6 (Dell Inc. G3 3779) (31-01-2021 00:18:32)
Running from C:\Users\havra\Downloads
Loaded Profiles: havra
Platform: Windows 10 Home Version 20H2 19042.746 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell INC.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(IDSA Production signing key 2021 -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(IDSA Production signing key 2021 -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(IDSA Production signing key 2021 -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127005.inf_amd64_753576c4406c1193\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127005.inf_amd64_753576c4406c1193\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127005.inf_amd64_753576c4406c1193\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127005.inf_amd64_753576c4406c1193\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_0c50c5dc47ed0efe\RstMwService.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_3.7.142.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2009.4.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12010.1001.2.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <6>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_b706d4e32506a94f\Display.NvContainer\NVDisplay.Container.exe <2>
(Opera Software AS -> Opera Software) C:\Users\havra\AppData\Local\Programs\Opera\assistant\browser_assistant.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <3>
(Rivet Networks LLC -> Rivet Networks LLC) C:\Program Files\Rivet Networks\SmartByte\RAPS.exe
(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe
(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
(Rivet Networks LLC -> Rivet Networks, LLC.) C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_ea0ec4bdf897f2a9\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_ea0ec4bdf897f2a9\WavesSysSvc64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320056 2019-08-28] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [834336 2019-02-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_ea0ec4bdf897f2a9\WavesSvc64.exe [1222928 2018-04-30] (Waves Inc -> Waves Audio Ltd.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7992336 2021-01-25] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [705728 2020-11-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [331040 2020-12-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [286064 2021-01-25] (IDSA Production signing key 2021 -> Intel)
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\havra\AppData\Local\Microsoft\Teams\Update.exe [2339472 2020-05-07] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\Run: [Opera Browser Assistant] => C:\Users\havra\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3154456 2020-11-25] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [4708328 2021-01-15] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
HKLM\...\Windows x64\Print Processors\Canon iP7200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBA.DLL [30208 2012-04-16] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [55432 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\Canon BJ Language Monitor iP7200 series: C:\Windows\system32\CNMLMBA.DLL [389120 2012-04-16] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [359936 2012-06-14] (CANON INC.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.104\Installer\chrmstp.exe [2021-01-23] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {03F455CA-DB34-47DF-8CCB-F018A591C074} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23062920 2021-01-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {0EBF024B-C829-4608-BDC2-792D33552D1D} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {113683D9-9297-4156-8DF5-7A619BD6CC6F} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {1A6545DC-08D1-479C-8482-CF1952AE8498} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-09-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {34A0C1F7-F000-40F9-B221-C805C21BD5F2} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {37A7AA81-8360-4984-AB24-3F6EAED4E25D} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [29934096 2020-12-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {3A5B2645-1E38-403E-8D20-68C43A0A0A70} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3E73DEBB-4F68-4605-99C3-7B630690EAD3} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2021-01-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {4024C783-6370-4761-9010-4C34944A3A92} - System32\Tasks\Opera scheduled assistant Autoupdate 1601063340 => C:\Users\havra\AppData\Local\Programs\Opera\launcher.exe [1583256 2021-01-14] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\havra\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {4FB18B6C-D8E5-46A0-B28E-1A7A2E771CE7} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {50A28E7D-8692-4D6E-997F-52C40AFEE192} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5752B731-7117-44DD-BB24-531AEEEDDADE} - System32\Tasks\Adobe Uninstaller => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410968 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
Task: {5778B5B3-A497-4E27-80A5-72953A752247} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5B7AC550-0C2C-4679-81C0-032FE8CDC77B} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {71A3787B-CEE9-4F0B-886E-477269A719B7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {7BD6625E-053E-4918-A7FB-5944B4D2A595} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8844FBFE-18DB-4365-986B-7581B9C424EE} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-09-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {8922BD8B-A4D5-42A5-A5C2-FF7DE114119C} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {8C25766F-F412-41DA-9C10-09E2767A938F} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {8C6ACEE0-8DA2-4844-A6A1-55A0DEFEE003} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {92E732FE-C535-4B9F-BA00-F25CCF916193} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {947D9F7B-D6E3-4C65-AC7F-39094C783294} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {94CA4961-A252-495A-BF2B-98BBC0D1170F} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {952700EB-1DFA-4487-A272-376FB1E9BE51} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1547160 2021-01-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {98548407-1358-4CD1-8005-45070148A685} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23062920 2021-01-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {9C9EC591-BC4B-4251-9DCC-F26938213013} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {9F090741-E54D-4030-9975-1C88BD2EBB99} - System32\Tasks\SmartByte Telemetry => C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe [95072 2020-08-14] (Rivet Networks LLC -> DELL)
Task: {A1A4AEE7-07BD-42A7-A663-E8669D1766C4} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2649200 2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {AC436E73-FF26-43BE-AAD8-9D20CE6E9BEC} - System32\Tasks\Opera scheduled Autoupdate 1601063328 => C:\Users\havra\AppData\Local\Programs\Opera\launcher.exe [1583256 2021-01-14] (Opera Software AS -> Opera Software)
Task: {AC88252D-6922-4218-9678-6168EAFDF9AD} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {B55DD385-0860-49ED-940E-4F6746358E1F} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2021-01-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {B5DB60C3-0F97-41E8-BB18-0D5DEE682E67} - System32\Tasks\Avira_Security_Update => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [233184 2020-12-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {BC203149-3E40-473E-91DA-AB3940E0EFC8} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [677344 2021-01-28] (Mozilla Corporation -> Mozilla Foundation)
Task: {BD36FA78-D46F-489A-B1E2-7178994FABDA} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {C07FFD26-4556-48CD-9932-9AAD19FDCC23} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2302168 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {D3F976F5-48A5-40BB-B8F8-B3FFD528EB39} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-10] (Adobe Inc. -> Adobe)
Task: {D9D77C24-BF4B-4F32-A26F-24CDAD9AE415} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [331040 2020-12-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {E6116DEC-0801-4BAF-B044-B612D8FE1704} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {E7A3FD8C-6D80-43A0-B293-872680FF3BAF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-10] (Adobe Inc. -> Adobe)
Task: {F1507717-0C4E-4038-9E6A-D6E3263756A3} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-havraniveta@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 217.30.64.53 217.30.64.54 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{3f6949a5-7cd0-488b-97c6-e7ca22185103}: [DhcpNameServer] 212.80.66.7 10.0.0.2 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{71a4fd38-48ec-4a85-acae-fcdc5bd5ff02}: [DhcpNameServer] 217.30.64.53 217.30.64.54 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{a599493c-d9be-4c72-a21f-e249e5e7d470}: [DhcpNameServer] 8.8.8.8 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\havra\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-31]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: 0gut8d9h.default
FF ProfilePath: C:\Users\havra\AppData\Roaming\Mozilla\Firefox\Profiles\0gut8d9h.default [2021-01-31]
FF Session Restore: Mozilla\Firefox\Profiles\0gut8d9h.default -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\0gut8d9h.default -> hxxps://postovnezdarma.cz; hxxps://paleosnadno.cz; hxxps://teams.microsoft.com; hxxps://www.slevomat.cz; hxxps://www.maccosmetics.cz
FF Extension: (To Google Translate) - C:\Users\havra\AppData\Roaming\Mozilla\Firefox\Profiles\0gut8d9h.default\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2020-11-11]
FF Extension: (VratnePenize.cz Připomínáček) - C:\Users\havra\AppData\Roaming\Mozilla\Firefox\Profiles\0gut8d9h.default\Extensions\toolbar@vratnepenize.cz.xpi [2020-05-23]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\havra\AppData\Roaming\Mozilla\Firefox\Profiles\0gut8d9h.default\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2021-01-30]
FF Extension: (WA Web Plus for WhatsApp™) - C:\Users\havra\AppData\Roaming\Mozilla\Firefox\Profiles\0gut8d9h.default\Extensions\{e5b78745-5fde-4ebf-b8c7-465120c9dfe4}.xpi [2020-06-18]
FF Extension: (No Name) - C:\Users\havra\AppData\Roaming\Mozilla\Firefox\Profiles\0gut8d9h.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2017-11-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-10] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-10] (Adobe Inc. -> )
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2017-10-17] (CANON INC.) [File not signed]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\S-1-5-21-3433778575-2911662788-3899533387-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\havra\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-19] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
Chrome:
=======
CHR Profile: C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default [2021-01-31]
CHR Extension: (Prezentace) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-11-26]
CHR Extension: (Dokumenty) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-11-26]
CHR Extension: (Disk Google) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-28]
CHR Extension: (YouTube) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-11-26]
CHR Extension: (Avira Password Manager) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2021-01-28]
CHR Extension: (Adobe Acrobat) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-01-28]
CHR Extension: (Tabulky) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-11-26]
CHR Extension: (Avira Browser Safety) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2021-01-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-01-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-10-11]
CHR Extension: (Gmail) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-28]
CHR Extension: (Chrome Media Router) - C:\Users\havra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-28]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-11-01]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Opera:
=======
OPR Profile: C:\Users\havra\AppData\Roaming\Opera Software\Opera Stable [2021-01-31]
OPR Extension: (Avira Safe Shopping) - C:\Users\havra\AppData\Roaming\Opera Software\Opera Stable\Extensions\dalelnnofafalcmkmnhdbigbjjkloabo [2020-09-25]
OPR Extension: (Avira Password Manager) - C:\Users\havra\AppData\Roaming\Opera Software\Opera Stable\Extensions\ngohaaocccbohaffogpbgfpmpgbcgccg [2020-09-25]
OPR Extension: (Free Avira Phantom VPN – Unblock Websites) - C:\Users\havra\AppData\Roaming\Opera Software\Opera Stable\Extensions\pcgkmkjdikhiodinhloioejnpjgmfigd [2020-09-25]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-10] (Adobe Inc. -> Adobe)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1205960 2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [537472 2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [483432 2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [483432 2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [573960 2021-01-14] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [636592 2020-11-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2988544 2020-06-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [384360 2020-12-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [244888 2020-12-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [161072 2020-12-16] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8960384 2021-01-19] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-09-06] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-09-06] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44064 2021-01-25] (Dropbox, Inc -> Dropbox, Inc.)
S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [315008 2020-08-18] (Dell Inc -> Dell Inc.)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [19128 2020-12-25] (Dell Inc -> Dell INC.)
S3 Dell.CommandPowerManager.Service; C:\WINDOWS\system32\dllhost.exe /Processid:{FB532BEF-8DC0-4B53-BCCC-887E4E733C3C} [21312 2020-11-06] (Microsoft Windows -> Microsoft Corporation)
S3 Dell.CommandPowerManager.Service; C:\WINDOWS\system32\dllhost.exe /Processid:{FB532BEF-8DC0-4B53-BCCC-887E4E733C3C} [21312 2020-11-06] (Microsoft Windows -> Microsoft Corporation)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38592 2020-10-29] (Dell Inc -> )
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-01-30] (Malwarebytes Inc -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [958216 2021-01-30] (McAfee, LLC -> McAfee, LLC)
R2 RAPSService; C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe [64848 2020-08-14] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [64856 2020-08-14] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 SmartByte Analytics Service; C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe [1630576 2020-08-14] (Rivet Networks LLC -> Rivet Networks)
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2385256 2020-08-14] (Rivet Networks LLC -> Rivet Networks)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvdmi.inf_amd64_b706d4e32506a94f\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvdmi.inf_amd64_b706d4e32506a94f\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [78936 2019-06-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22336 2019-02-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [207424 2020-11-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [199752 2020-05-06] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [89736 2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [45472 2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R3 DBUtilDrv2; C:\WINDOWS\System32\drivers\DBUtilDrv2.sys [24952 2021-01-10] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [36400 2018-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2021-01-30] (Malwarebytes Corporation -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220600 2021-01-30] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-01-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198248 2021-01-31] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-01-31] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-01-30] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [142440 2021-01-31] (Malwarebytes Inc -> Malwarebytes)
R3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2020-03-18] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
R3 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [164424 2020-08-14] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [25608 2020-10-08] (AVG Technologies CZ, s.r.o. -> SlimWare Utilities, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 NVHDA; \SystemRoot\system32\drivers\nvhda64v.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-01-31 00:14 - 2021-01-31 00:14 - 000198248 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-01-31 00:14 - 2021-01-31 00:14 - 000142440 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-01-31 00:14 - 2021-01-31 00:14 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-01-31 00:08 - 2021-01-31 00:11 - 000003827 _____ C:\Users\havra\Downloads\Fixlog.txt
2021-01-30 16:53 - 2021-01-31 00:08 - 000000000 ____D C:\Users\havra\AppData\Roaming\Messenger for Desktop
2021-01-30 16:53 - 2021-01-30 16:57 - 000002535 _____ C:\Users\havra\Desktop\Messenger for Desktop.lnk
2021-01-30 16:53 - 2021-01-30 16:53 - 000709264 _____ (MFD LABS LTD) C:\Users\havra\Downloads\messengerfordesktop-setup.exe
2021-01-30 16:53 - 2021-01-30 16:53 - 000002543 _____ C:\Users\havra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Messenger for Desktop.lnk
2021-01-30 16:53 - 2021-01-30 16:53 - 000000000 ____D C:\Users\havra\AppData\Local\messengerfordesktop-updater
2021-01-30 11:57 - 2021-01-30 11:57 - 000007879 _____ C:\Users\havra\Desktop\text.txt
2021-01-30 11:48 - 2021-01-30 11:48 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-01-30 11:48 - 2021-01-30 11:48 - 000220600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-01-30 11:48 - 2021-01-30 11:47 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-01-30 11:27 - 2021-01-30 11:48 - 000002043 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-01-30 11:27 - 2021-01-30 11:48 - 000002031 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-01-30 11:27 - 2021-01-30 11:47 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-01-30 11:27 - 2021-01-30 11:27 - 000000000 ____D C:\Users\havra\AppData\Local\mbam
2021-01-30 11:27 - 2021-01-30 11:27 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-01-30 11:26 - 2021-01-30 11:26 - 000000000 ____D C:\Program Files\Malwarebytes
2021-01-30 11:25 - 2021-01-30 11:25 - 002086424 _____ (Malwarebytes) C:\Users\havra\Downloads\MBSetup.exe
2021-01-30 10:40 - 2021-01-30 18:26 - 000058452 _____ C:\Users\havra\Downloads\Addition.txt
2021-01-30 10:34 - 2021-01-31 00:18 - 000039040 _____ C:\Users\havra\Downloads\FRST.txt
2021-01-30 10:33 - 2021-01-31 00:18 - 000000000 ____D C:\FRST
2021-01-30 10:33 - 2021-01-30 10:33 - 002297856 _____ (Farbar) C:\Users\havra\Downloads\FRST64.exe
2021-01-28 22:56 - 2021-01-28 22:56 - 000001540 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2021-01-28 22:07 - 2021-01-28 22:07 - 001798297 _____ C:\Users\havra\Desktop\fd.pdf
2021-01-28 22:04 - 2021-01-28 22:04 - 000327832 _____ C:\Users\havra\Desktop\david_franc.tif
2021-01-28 21:09 - 2021-01-28 21:09 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-01-28 21:08 - 2021-01-28 21:08 - 000000000 ____D C:\WINDOWS\Panther
2021-01-28 21:04 - 2021-01-28 21:04 - 000001108 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eM Client.lnk
2021-01-28 20:57 - 2021-01-28 22:46 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-01-27 19:40 - 2021-01-27 19:40 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2021-01-27 19:38 - 2021-01-23 09:15 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-01-27 19:38 - 2021-01-23 09:15 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-01-27 19:38 - 2021-01-23 09:14 - 001855192 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-01-27 19:38 - 2021-01-23 09:14 - 001855192 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-01-27 19:38 - 2021-01-23 09:14 - 001453728 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-01-27 19:38 - 2021-01-23 09:14 - 001193120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-01-27 19:38 - 2021-01-23 09:14 - 001094880 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-01-27 19:38 - 2021-01-23 09:14 - 001094880 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-01-27 19:38 - 2021-01-23 09:14 - 000948952 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-01-27 19:38 - 2021-01-23 09:14 - 000948952 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-01-27 19:38 - 2021-01-23 09:12 - 001512096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-01-27 19:38 - 2021-01-23 09:12 - 001164960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-01-27 19:38 - 2021-01-23 09:12 - 000689312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-01-27 19:38 - 2021-01-23 09:12 - 000680096 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-01-27 19:38 - 2021-01-23 09:12 - 000672928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-01-27 19:38 - 2021-01-23 09:12 - 000613536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-01-27 19:38 - 2021-01-23 09:12 - 000558240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-01-27 19:38 - 2021-01-23 09:12 - 000547488 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-01-27 19:38 - 2021-01-23 09:11 - 008262304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-01-27 19:38 - 2021-01-23 09:11 - 007392928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-01-27 19:38 - 2021-01-23 09:11 - 004611744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-01-27 19:38 - 2021-01-23 09:11 - 002731168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-01-27 19:38 - 2021-01-23 09:11 - 002103456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-01-27 19:38 - 2021-01-23 09:11 - 001589408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-01-27 19:38 - 2021-01-23 09:11 - 000813216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-01-27 19:38 - 2021-01-23 09:11 - 000657056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-01-27 19:38 - 2021-01-23 09:11 - 000446624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-01-27 19:38 - 2021-01-23 09:10 - 007116680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-01-27 19:38 - 2021-01-23 09:10 - 006070848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-01-27 19:38 - 2021-01-23 09:10 - 000850080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-01-27 19:38 - 2021-01-22 23:59 - 000084264 _____ C:\WINDOWS\system32\nvinfo.pb
2021-01-27 19:34 - 2021-01-27 19:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2021-01-25 21:28 - 2021-01-25 21:28 - 118444029 _____ C:\Users\havra\Downloads\DaVinci_Resolve_16_Reference_Manual.pdf
2021-01-25 21:26 - 2021-01-25 21:44 - 2441458126 _____ C:\Users\havra\Downloads\DaVinci_Resolve_17.0b7_Windows(1).zip
2021-01-25 21:02 - 2021-01-25 21:02 - 001116061 _____ C:\Users\havra\Desktop\david_franc.pdf
2021-01-25 17:12 - 2021-01-25 17:12 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2021-01-25 17:12 - 2021-01-25 17:12 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2021-01-25 17:12 - 2021-01-25 17:12 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2021-01-25 17:12 - 2021-01-25 17:12 - 000044064 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2021-01-24 13:06 - 2021-01-24 13:06 - 003048577 _____ C:\Users\havra\Downloads\vecteezy_abstract-watercolor-stroke-design-background_254909.zip
2021-01-24 12:56 - 2021-01-24 12:57 - 060442988 _____ C:\Users\havra\Downloads\Archivar.zip
2021-01-24 12:46 - 2021-01-24 12:46 - 012549894 _____ C:\Users\havra\Downloads\vecteezy_watercolor-flower-frame-background-with-text-space-vector-illustration_563617.zip
2021-01-24 12:46 - 2021-01-24 12:46 - 010779160 _____ C:\Users\havra\Downloads\vecteezy_watercolor-flower-background-illustration-with-text-space-isolated-on-a-white-background-vector-illustration_564125.zip
2021-01-24 12:43 - 2021-01-24 12:43 - 037897324 _____ C:\Users\havra\Downloads\vecteezy_watercolor-pink-floral-card-floral-frame-watercolor-background-with-flowers_146553.zip
2021-01-24 12:42 - 2021-01-24 12:42 - 053215250 _____ C:\Users\havra\Downloads\09.zip
2021-01-24 12:41 - 2021-01-24 12:41 - 019220157 _____ C:\Users\havra\Downloads\vecteezy_save-the-date-watercolor-card-watercolor-floral-card-save-the-date-illustration-with-blue-watercolor-flowers-wedding-painted-card_146556.zip
2021-01-24 12:41 - 2021-01-24 12:41 - 015816158 _____ C:\Users\havra\Downloads\vecteezy_vintage-watercolor-floral-card-watercolor-flowers-on-vintage-background-flowers-watercolor-illustration_146555.zip
2021-01-24 12:18 - 2021-01-24 12:18 - 034939012 _____ C:\Users\havra\Downloads\mega_pack_flowers_by_ikoci_dcdaxux.zip
2021-01-23 17:49 - 2021-01-23 17:49 - 000000000 ____D C:\Users\havra\AppData\Local\M-Photo_Ltd
2021-01-23 17:35 - 2021-01-23 17:35 - 031558304 _____ (CDSM ) C:\Users\havra\Downloads\designer_cdsm_skn-32_210x148_2021_win_cz.exe
2021-01-23 17:32 - 2021-01-23 17:32 - 000000000 ____D C:\ProgramData\M-Photo
2021-01-23 17:31 - 2021-01-23 20:26 - 000000000 ____D C:\CDSM
2021-01-23 17:31 - 2021-01-23 17:31 - 015284974 _____ C:\WINDOWS\SysWOW64\CDSM_CDSM Designer_uninstaller.exe
2021-01-23 17:31 - 2021-01-23 17:31 - 000002317 _____ C:\Users\Public\Desktop\CDSM Designer.lnk
2021-01-23 17:31 - 2021-01-23 17:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDSM
2021-01-23 17:31 - 2021-01-23 17:31 - 000000000 ____D C:\Program Files (x86)\CDSM
2021-01-23 17:19 - 2021-01-23 17:25 - 932341237 _____ C:\Users\havra\Downloads\CDSM_Designer_setup_7.1.7.1.exe
2021-01-20 22:58 - 2021-01-20 22:58 - 000000000 ____D C:\Users\havra\AppData\Local\EopAuthApp
2021-01-20 22:57 - 2021-01-20 22:57 - 000002158 _____ C:\Users\Public\Desktop\eObčanka - Správce karty.lnk
2021-01-20 22:57 - 2021-01-20 22:57 - 000002153 _____ C:\Users\Public\Desktop\eObčanka - identifikace.lnk
2021-01-20 22:57 - 2021-01-20 22:57 - 000000000 ____D C:\Program Files\eObcanka
2021-01-20 22:52 - 2021-01-20 22:52 - 017093800 _____ C:\Users\havra\Downloads\eObcanka_x64.exe
2021-01-19 18:40 - 2021-01-19 18:40 - 000000000 ____D C:\ProgramData\Intel Package Cache {1CEAC85D-2590-4760-800F-8DE5E91F3700}
2021-01-19 18:39 - 2021-01-19 18:39 - 000004206 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1601063328
2021-01-19 18:39 - 2021-01-19 18:39 - 000001395 _____ C:\Users\havra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2021-01-16 23:03 - 2021-01-16 23:33 - 2967829919 _____ C:\Users\havra\Downloads\sarlatan fullhd 2020.mp4
2021-01-15 22:45 - 2021-01-15 22:45 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-15 22:45 - 2021-01-15 22:45 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-15 22:45 - 2021-01-15 22:45 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-15 22:45 - 2021-01-15 22:45 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-15 22:45 - 2021-01-15 22:45 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-15 22:45 - 2021-01-15 22:45 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-15 22:45 - 2021-01-15 22:45 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-15 22:45 - 2021-01-15 22:45 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-15 22:45 - 2021-01-15 22:45 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-15 22:45 - 2021-01-15 22:45 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-15 22:45 - 2021-01-15 22:45 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-15 22:45 - 2021-01-15 22:45 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-15 22:45 - 2021-01-15 22:45 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-15 22:45 - 2021-01-15 22:45 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-15 22:45 - 2021-01-15 22:45 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-15 22:45 - 2021-01-15 22:45 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-15 22:45 - 2021-01-15 22:45 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-15 22:45 - 2021-01-15 22:45 - 000010894 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-01-15 22:44 - 2021-01-15 22:44 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-15 22:44 - 2021-01-15 22:44 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-15 22:44 - 2021-01-15 22:44 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-01-15 22:44 - 2021-01-15 22:44 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-15 22:44 - 2021-01-15 22:44 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-01-15 22:44 - 2021-01-15 22:44 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-15 22:44 - 2021-01-15 22:44 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-15 22:44 - 2021-01-15 22:44 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-15 22:44 - 2021-01-15 22:44 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-15 22:44 - 2021-01-15 22:44 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-15 22:44 - 2021-01-15 22:44 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-15 22:44 - 2021-01-15 22:44 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-15 22:44 - 2021-01-15 22:44 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-15 22:44 - 2021-01-15 22:44 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-01-15 22:43 - 2021-01-15 22:43 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-15 22:43 - 2021-01-15 22:43 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-01-15 22:43 - 2021-01-15 22:43 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-15 22:43 - 2021-01-15 22:43 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-01-15 22:43 - 2021-01-15 22:43 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-15 22:43 - 2021-01-15 22:43 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-15 22:43 - 2021-01-15 22:43 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-15 22:43 - 2021-01-15 22:43 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-10 18:40 - 2021-01-10 18:40 - 000003072 _____ C:\Users\havra\AppData\Roaming\MCLAB Prefsv3
2021-01-10 14:51 - 2021-01-10 14:51 - 000024952 _____ C:\WINDOWS\system32\Drivers\DBUtilDrv2.sys
2021-01-10 11:43 - 2021-01-10 11:43 - 000001904 _____ C:\Users\Public\Desktop\MCLAB.lnk
2021-01-10 11:43 - 2021-01-10 11:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCLAB
2021-01-10 11:41 - 2021-01-10 12:05 - 000000000 ____D C:\Program Files (x86)\MCLAB
2021-01-10 11:28 - 2021-01-10 11:38 - 1212398897 _____ C:\Users\havra\Downloads\MCLAB(1).exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-01-31 00:16 - 2019-02-07 20:19 - 000000000 ____D C:\ProgramData\Mozilla
2021-01-31 00:16 - 2018-06-26 07:10 - 000000000 ____D C:\ProgramData\NVIDIA
2021-01-31 00:15 - 2019-02-09 13:09 - 000000000 ____D C:\Users\Public\Speedup Sessions
2021-01-31 00:15 - 2018-09-06 12:56 - 000000000 ____D C:\Users\havra\AppData\LocalLow\Mozilla
2021-01-31 00:14 - 2020-10-10 12:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-31 00:14 - 2020-10-10 12:28 - 000008192 ___SH C:\DumpStack.log.tmp
2021-01-31 00:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-01-31 00:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-31 00:14 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-31 00:14 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-01-31 00:14 - 2018-09-06 12:45 - 000000000 __SHD C:\Users\havra\IntelGraphicsProfiles
2021-01-31 00:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-01-31 00:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Registration
2021-01-31 00:08 - 2018-09-06 13:22 - 000000000 ____D C:\Users\havra\AppData\Roaming\WhatsApp
2021-01-30 23:42 - 2020-06-05 19:24 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-30 23:42 - 2020-06-05 19:24 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-01-30 23:42 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-30 23:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-01-30 23:41 - 2020-10-10 12:28 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-30 16:56 - 2018-09-06 22:23 - 000001329 _____ C:\Users\havra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Messenger.lnk
2021-01-30 16:56 - 2018-09-06 22:23 - 000000000 ____D C:\Users\havra\AppData\Local\Messenger
2021-01-30 16:04 - 2018-09-19 21:56 - 000000000 ____D C:\Users\havra\AppData\Roaming\eM Client
2021-01-30 15:43 - 2020-10-10 12:31 - 001693410 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-30 15:43 - 2019-12-07 15:41 - 000719302 _____ C:\WINDOWS\system32\perfh005.dat
2021-01-30 15:43 - 2019-12-07 15:41 - 000145428 _____ C:\WINDOWS\system32\perfc005.dat
2021-01-30 15:43 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-01-30 15:35 - 2020-10-10 12:30 - 000000000 ____D C:\Users\havra
2021-01-30 11:48 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-01-30 11:12 - 2019-06-20 20:31 - 000000000 ____D C:\Users\havra\AppData\Local\WhatsApp
2021-01-30 10:08 - 2019-10-25 21:19 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-01-28 22:56 - 2018-06-26 07:09 - 000000000 ____D C:\Program Files (x86)\Intel
2021-01-28 22:56 - 2018-06-26 07:08 - 000000000 ____D C:\ProgramData\Package Cache
2021-01-28 22:46 - 2018-09-06 12:56 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-01-28 22:45 - 2018-09-06 12:42 - 000000000 ____D C:\ProgramData\Goodix
2021-01-28 21:09 - 2018-09-06 12:56 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-01-28 21:04 - 2018-09-19 21:56 - 000000000 ____D C:\Program Files (x86)\eM Client
2021-01-28 20:55 - 2018-09-07 10:37 - 000000000 ____D C:\Users\havra\AppData\Local\NVIDIA
2021-01-27 19:35 - 2018-09-06 12:51 - 000000000 ____D C:\Program Files (x86)\Dropbox
2021-01-25 22:55 - 2018-09-06 12:45 - 000000000 ____D C:\Users\havra\AppData\Local\Packages
2021-01-25 22:08 - 2018-11-27 23:53 - 000000000 ____D C:\Program Files\Microsoft Office
2021-01-25 16:44 - 2018-10-11 14:14 - 000000000 ____D C:\Users\havra\AppData\Local\D3DSCache
2021-01-24 12:29 - 2019-01-12 23:08 - 000000000 ____D C:\Users\havra\Downloads\santoro
2021-01-23 17:51 - 2018-09-06 12:51 - 000000938 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2021-01-23 17:51 - 2018-09-06 12:51 - 000000934 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2021-01-23 16:15 - 2018-10-16 20:35 - 000001480 _____ C:\Users\havra\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2021-01-23 16:08 - 2020-10-10 12:35 - 000003998 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2021-01-23 16:08 - 2020-10-10 12:35 - 000003766 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2021-01-23 16:08 - 2018-11-26 14:55 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-20 23:05 - 2018-09-06 13:12 - 000000000 ____D C:\Users\havra\AppData\Local\CrashDumps
2021-01-20 22:05 - 2018-09-06 13:21 - 000000000 ____D C:\Users\havra\AppData\Local\SquirrelTemp
2021-01-20 18:33 - 2020-10-10 12:35 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-01-20 18:33 - 2020-10-10 12:35 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-01-19 23:10 - 2019-07-03 22:40 - 000000000 ____D C:\Users\havra\Desktop\POSLAT FOTO
2021-01-19 22:52 - 2018-09-19 21:56 - 000000000 ____D C:\Users\havra\AppData\Local\eM Client
2021-01-16 22:57 - 2018-09-06 13:03 - 000000000 ____D C:\Users\havra\AppData\Local\PlaceholderTileLogoFolder
2021-01-15 23:48 - 2020-10-10 12:28 - 000630624 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-15 23:47 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-15 23:47 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-01-15 23:47 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-15 22:47 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-01-15 22:43 - 2020-10-10 12:31 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-01-15 22:37 - 2018-09-06 12:39 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-01-15 22:35 - 2018-09-06 12:39 - 135062968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-01-13 21:54 - 2020-09-16 22:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-01-10 17:27 - 2018-12-08 14:52 - 000000000 ____D C:\Users\havra\Documents\MCLAB Projects
2021-01-10 11:21 - 2018-09-08 16:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2021-01-09 16:46 - 2018-09-08 16:39 - 000001284 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2021-01-09 16:16 - 2020-11-29 11:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2021-01-09 16:16 - 2018-09-06 13:07 - 000000000 ____D C:\Users\Public\PrivacyPal Sessions
2021-01-02 10:32 - 2018-06-26 07:08 - 000000000 ____D C:\Program Files\Intel
2021-01-02 10:31 - 2020-10-10 12:35 - 000003718 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update
==================== Files in the root of some directories ========
2021-01-10 18:40 - 2021-01-10 18:40 - 000003072 _____ () C:\Users\havra\AppData\Roaming\MCLAB Prefsv3
2018-10-16 20:35 - 2021-01-23 16:15 - 000001480 _____ () C:\Users\havra\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2018-09-29 23:18 - 2018-09-29 23:18 - 000000000 _____ () C:\Users\havra\AppData\Local\oobelibMkey.log
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-01-2021
Ran by havra (31-01-2021 00:20:12)
Running from C:\Users\havra\Downloads
Windows 10 Home Version 20H2 19042.746 (X64) (2020-10-10 11:35:51)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3433778575-2911662788-3899533387-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3433778575-2911662788-3899533387-503 - Limited - Disabled)
Guest (S-1-5-21-3433778575-2911662788-3899533387-501 - Limited - Disabled)
havra (S-1-5-21-3433778575-2911662788-3899533387-1001 - Administrator - Enabled) => C:\Users\havra
WDAGUtilityAccount (S-1-5-21-3433778575-2911662788-3899533387-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {88AE6B46-DC3C-455A-A21B-085F285A3546}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.23 - Adobe Systems)
Adobe After Effects CC 2018 (HKLM\...\{8ADE49BB-209D-4F01-9B3B-A51F0D8CE9E1}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe After Effects CC 2018 (HKLM-x32\...\AEFT_15_0_0) (Version: 15.0.0 - Adobe Systems Incorporated)
Adobe Ai (HKLM\...\{A6D98A72-324F-4F31-BC36-5118A8EAECDD}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.7.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
Adobe Illustrator CC 2018 (HKLM-x32\...\ILST_22_0_1) (Version: 22.0.1 - Adobe Systems Incorporated)
Adobe Indes (HKLM\...\{CA2E76F3-BB69-486A-88D2-A3D387B69484}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe InDesign CC 2018 (HKLM-x32\...\IDSN_13_0_1) (Version: 13.0.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_1_6) (Version: 19.1.6 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2018 (HKLM\...\{7DC3F900-68E5-40F1-869D-9D20A69D8A1D}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CC 2018 (HKLM-x32\...\PPRO_12_0_0) (Version: 12.0.0 - Adobe Systems Incorporated)
Aktualizace NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{77a9e051-78e4-40ba-8659-8162beadb3fa}) (Version: 20.70.0 - Intel Corporation)
Audiolibrix Manager 2.1.0 (HKLM\...\d2402422-088d-502c-a1d4-8e2ce36e8ce5) (Version: 2.1.0 - Audiolibrix)
Avira (HKLM-x32\...\{161e6084-b0f5-43e8-86d8-09eda5c0893d}) (Version: 1.2.153.30452 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{426D1710-5DFD-45E9-B11D-464792C5AD35}) (Version: 1.2.153.30452 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{fe9700ea-db9c-48bd-9561-b7d053321d04}) (Version: 1.2.152.1479 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2101.2070 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.37.1.24458 - Avira Operations GmbH & Co. KG) Hidden
Avira Privacy Pal (HKLM-x32\...\{F2BC8305-DFBE-4C02-A906-9BBD8EE299A3}_is1) (Version: 2.4.0.1962 - Avira Operations GmbH & Co. KG)
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.0.42.14101 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version: - Avira Operations GmbH & Co. KG;)
Avira Software Updater (HKLM-x32\...\{9F45C615-6D95-47B5-BB0C-D78F6D15DE21}) (Version: 2.0.6.42639 - Avira Operations GmbH & Co. KG) Hidden
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.9.0.11050 - Avira Operations GmbH & Co. KG) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Canon Easy-PhotoPrint Editor (HKLM-x32\...\Canon Easy-PhotoPrint Editor) (Version: 1.4.0 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon iP7200 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP7200_series) (Version: - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
CDSM Designer (HKLM-x32\...\CDSM_CDSM Designer) (Version: - )
Dell Digital Delivery (HKLM-x32\...\{A9758B6E-19FC-4DB4-A031-AFE6C2327A35}) (Version: 3.5.1004.0 - Dell Products, LP)
Dell Mobile Connect Drivers (HKLM\...\{AAB336F0-6FC6-4BFE-AD7E-315FCDF20156}) (Version: 1.1.3750 - Screenovate Technologies Ltd.)
Dell Power Manager Service (HKLM\...\{18469ED8-8C36-4CF7-BD43-0FC9B1931AF8}) (Version: 3.7.0 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{69BD2675-5E9B-440E-ADEE-3AEA812D6900}) (Version: 5.3.1.13866 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{85538c44-3493-4bf6-8d8b-aa13aee53222}) (Version: 5.3.1.13866 - Dell Inc.)
Dell Update - SupportAssist Update Plugin (HKLM\...\{3C4F6923-3BE1-4E6C-8DEE-9EEF1E433795}) (Version: 5.2.1.12926 - Dell Inc.) Hidden
Dell Update - SupportAssist Update Plugin (HKLM-x32\...\{8d32f870-d6fd-4420-b5cb-c29ac65f628d}) (Version: 5.2.1.12926 - Dell Inc.)
Dell Update (HKLM-x32\...\{944FB5B0-9588-45FD-ABE8-73FC879801ED}) (Version: 4.0.0 - Dell Inc.)
Documentation Manager (HKLM\...\{EC7D2299-EAEC-498A-947B-ADC4495AA6D6}) (Version: 22.20.0.6 - Intel Corporation) Hidden
Driver Easy verze 1.5 (HKLM-x32\...\Driver Easy_is1) (Version: 1.5 - )
Dropbox (HKLM-x32\...\Dropbox) (Version: 114.4.426 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.415.1 - Dropbox, Inc.) Hidden
DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 2.0.6875.402 - PC-Doctor, Inc.) Hidden
eM Client (HKLM-x32\...\{D1A4EE66-AD4A-4EBB-91B2-19B5BCEB82B1}) (Version: 8.1.1054.0 - eM Client Inc.)
eObčanka (HKLM\...\{B60846B5-C015-4BCA-AED5-61A696B16159}) (Version: 3.1.3.21015 - MONET+, a.s. pro Ministerstvo vnitra České republiky)
FormatFactory 4.3.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.3.0.0 - Free Time)
Goodix Fingerprint Driver (HKLM\...\{60FAB781-18F2-4D2B-A8E7-B3AADD327955}_is1) (Version: 1.0.33.800 - Goodix, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.104 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Intel Driver && Support Assistant (HKLM-x32\...\{F0E9774D-C5A1-4C83-89F9-191E1334D476}) (Version: 21.1.5.2 - Intel) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{D40D4164-EEDB-4F0F-85C6-2058A9E34CC7}) (Version: 2.4.04370 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.4.10501.6067 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2014.14.0.1540 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.4973 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.7.0.1006 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1727.1 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.60.155.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{047f2156-ee7f-4a24-b3c2-c0c5c2c81557}) (Version: 1.60.155.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000020-0220-1029-84C8-B8D95FA3C8C3}) (Version: 22.20.0.3 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{beabe998-b0dd-460a-82c3-f48ff70bca66}) (Version: 21.1.5.2 - Intel)
Intel® Chipset Device Software (HKLM-x32\...\{55d73ea7-6354-42db-8831-02d048ae57f8}) (Version: 10.1.17541.8066 - Intel(R) Corporation) Hidden
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{7EBADAB6-B7AC-4560-85A7-FF345559F193}) (Version: 17.2.6.1027 - Intel Corporation)
Intel® Software Installer (HKLM-x32\...\{4a50fa17-2911-43ed-a2a1-d3a34411e2bb}) (Version: 21.110.2.1 - Intel Corporation) Hidden
Intel® Software Installer (HKLM-x32\...\{76cc8e2a-8308-43d3-a3c3-423d2a1ca435}) (Version: 22.20.0.6 - Intel Corporation) Hidden
jwDuplFiles 2.0 (HKLM-x32\...\jwDuplFiles_is1) (Version: - jw)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.2.15 - PandoraTV)
LibreOffice 6.4.2.2 (HKLM\...\{366B3DEE-791D-4044-AC14-4FE2265754BA}) (Version: 6.4.2.2 - The Document Foundation)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
MCLAB (HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\MCLAB) (Version: MCLAB 2019.3.0 - Computer MCL Brno, spol. s.r.o.)
Messenger for Desktop (HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\{4e2a4302-5df4-5868-a685-36c844414384}) (Version: 3.0.15 - MFD LABS LTD)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.13530.20440 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.56 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.71 - )
Microsoft OneDrive (HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\Teams) (Version: 1.3.00.12058 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{97238E8A-4919-4A1E-965A-C6C36938F4CE}) (Version: 2.68.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{2749c485-3a8b-4533-92ff-7cf6e8221cff}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Mozilla Firefox 85.0 (x64 cs) (HKLM\...\Mozilla Firefox 85.0 (x64 cs)) (Version: 85.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0.1 - Mozilla)
Mozilla Thunderbird 60.9.1 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 60.9.1 (x86 cs)) (Version: 60.9.1 - Mozilla)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.1 - Nikon)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 461.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.40 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.20.0221 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.20.0221 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13530.20440 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13530.20440 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13530.20440 - Microsoft Corporation) Hidden
Opera Stable 73.0.3856.344 (HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\Opera 73.0.3856.344) (Version: 73.0.3856.344 - Opera Software)
PicosmosTools 2.0.0.0 (HKLM-x32\...\PicosmosTools) (Version: 2.0.0.0 - Free Time)
Product Key Recovery (HKLM-x32\...\Product Key Recovery) (Version: - SmartKey, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.18362.31252 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8443 - Realtek Semiconductor Corp.)
Seznam Software (HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\SeznamInstall) (Version: 2.1.32 - Seznam.cz)
SmartByte Drivers and Services (HKLM\...\{9668B1BB-D0FE-4C0C-800C-B1555E069A62}) (Version: 3.1.940 - Název společnosti:)
Thunderbolt™ Software (HKLM-x32\...\{30F0067F-DD79-431B-BA5F-6CB4897785A5}) (Version: 17.4.79.510 - Intel Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Viber (HKLM-x32\...\{42C4FDB0-2783-46D1-8160-9C6A353E05CC}) (Version: 9.6.0.12 - Viber Media Inc.) Hidden
Viber (HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\{984742de-418e-4f95-ac61-487a3cee7822}) (Version: 9.6.0.12 - Viber Media Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-4) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.191 - McAfee, LLC)
WhatsApp (HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\WhatsApp) (Version: 2.2102.8 - WhatsApp)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.60 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)
YouTubePlayer version 1.4 (HKLM-x32\...\{719F8D15-70B1-4AFA-A611-3EE118499D9F}_is1) (Version: 1.4 - YouTubePlayer)
Zoom (HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.)
Packages:
=========
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_2.9.0.1_neutral__6e5tt8cgb93ep [2021-01-16] (Canon Inc.)
Dell Customer Connect -> C:\Program Files\WindowsApps\DellInc.DellCustomerConnect_5.2.45.0_x64__htrsf667h5kn2 [2020-07-28] (Dell Inc)
Dell Mobile Connect -> C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.1.9518.0_x64__0vhbc3ng4wbp0 [2020-07-18] (Screenovate Technologies) [Startup Task]
Dell Power Manager -> C:\Program Files\WindowsApps\DellInc.DellPowerManager_3.7.10.0_x64__htrsf667h5kn2 [2020-10-10] (Dell Inc)
Dell Product Registration -> C:\Program Files\WindowsApps\DellInc.DellProductRegistration_3.4.6.0_x64__htrsf667h5kn2 [2018-06-26] (Dell Inc)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.5.201.0_x64__rz1tebttyb220 [2020-09-26] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-09] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2018-09-30] (Microsoft Corporation)
Hidden City: Hidden Object Adventure -> C:\Program Files\WindowsApps\828B5831.HiddenCityMysteryofShadows_1.37.3702.0_x86__ytsefhwckbdv6 [2020-10-01] (G5 Entertainment AB)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.2.0_neutral__8xx8rvfyw5nnt [2020-06-03] (Instagram)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2018-09-06] (LinkedIn)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_730.2.121.0_x64__8xx8rvfyw5nnt [2020-10-25] (Facebook Inc) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-10] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-10] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-25] (Microsoft Studios) [MS Ad]
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.28.32802.0_x64__8wekyb3d8bbwe [2020-10-25] (Microsoft Corporation) [Startup Task]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-18] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-01-27] (NVIDIA Corp.)
O2 TV -> C:\Program Files\WindowsApps\D8378DF7.O2TVGo_20182.0.25.0_x64__tqn3m7kee4xc8 [2020-08-05] (O2 Czech Republic a.s.)
RAR Opener -> C:\Program Files\WindowsApps\DeviceDoctor.RAROpener_1.3.48.0_x64__mkdtfchztkfbm [2018-09-07] (Tiny Opener)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-26] (Microsoft Corporation)
SmartByte -> C:\Program Files\WindowsApps\RivetNetworks.SmartByte_3.1.940.0_x64__rh07ty8m5nkag [2020-09-06] (Rivet Networks LLC)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0 [2020-10-25] (Spotify AB) [Startup Task]
SupportAssist Driver Update -> C:\Program Files\WindowsApps\DriverToaster_1.5.0.0_x86__rqs2nt378nwsp [2018-09-06] (Dell Inc.)
To-Do Prime -> C:\Program Files\WindowsApps\28251VinodShinde.To-DoPrime_1.50.40.0_x64__m4hs2z1tqny7y [2020-06-03] (Vinod Shinde)
ToDo-List -> C:\Program Files\WindowsApps\35998AlexanderSworski.ToDo-List_1.1.9.0_x64__f1p03rq2y10n8 [2020-06-03] (Alexander Sworski)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2019-08-02] (Microsoft Corporation)
Váš telefon -> C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20092.123.0_x64__8wekyb3d8bbwe [2020-10-25] (Microsoft Corporation)
Waves MaxxAudio Pro for Dell -> C:\Program Files\WindowsApps\WavesAudio.WavesMaxxAudioProforDell_1.1.131.0_x64__fh4rh281wavaa [2018-09-06] (Waves Audio)
WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2041.7.0_x64__cv1g1gvanyjgm [2020-10-25] (WhatsApp Inc.)
Wunderlist: To-Do List & Tasks -> C:\Program Files\WindowsApps\6Wunderkinder.Wunderlist_3.6.43.0_x64__b4cwydgxqx59r [2020-05-01] (6 Wunderkinder GmbH)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-8910E2A5A6E5} -> [Creative Cloud Files] => C:\Users\havra\Creative Cloud Files [2018-09-07 10:35]
CustomCLSID: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\havra\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20031.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (IDSA Production signing key 2021 -> Intel)
CustomCLSID: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_ea0ec4bdf897f2a9\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
CustomCLSID: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\havra\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20031.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\havra\Dropbox [2018-09-06 12:53]
CustomCLSID: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-03-19] () [File not signed] [File is in use]
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time) [File not signed]
ContextMenuHandlers1: [PicosmosShell] -> {A3888921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\PicosmosTools\ShellEx64_100.dll [2018-05-12] (Free Time) [File not signed]
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-12-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-01-30] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-03-19] () [File not signed] [File is in use]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time) [File not signed]
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-12-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki127005.inf_amd64_753576c4406c1193\igfxDTCM.dll [2018-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvdmi.inf_amd64_b706d4e32506a94f\nvshext.dll [2021-01-23] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-12-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-01-30] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-08-05 23:52 - 2020-08-05 23:52 - 020951040 _____ () [File not signed] C:\Program Files\WindowsApps\D8378DF7.O2TVGo_20182.0.25.0_x64__tqn3m7kee4xc8\O2TV.UWP.dll
2020-04-26 18:12 - 2012-06-14 16:18 - 000359936 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2020-08-14 20:29 - 2020-08-14 20:29 - 000122880 _____ (Rivet Networks) [File not signed] C:\Program Files\Rivet Networks\SmartByte\KillerNetworkServicePS.dll
2021-01-09 18:18 - 2021-01-09 18:18 - 000913920 _____ (ServiceStack) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\ServiceStack.Text\8ca4971d44541d48e21f0e804700d8fc\ServiceStack.Text.ni.dll
2018-12-26 14:32 - 2018-12-26 14:32 - 001478144 _____ (SQLite Development Team) [File not signed] C:\Program Files\WindowsApps\D8378DF7.O2TVGo_20182.0.25.0_x64__tqn3m7kee4xc8\sqlite3.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=12454
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001 -> {2584D045-063D-450C-98AD-71BF606488E0} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001 -> {2D8CFB70-2A7C-4B09-A4AE-4AA42963E74F} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001 -> {404DF86F-9171-4780-9A69-E0CB5B03D7F1} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001 -> {4EB8507E-BCB3-4FD8-99F7-4C9D2CA1B2FF} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001 -> {5ECF9F50-8DC8-4235-B99F-BB72F0B9676B} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001 -> {80C5279E-71D9-4FBE-A897-AD6F86BA3415} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001 -> {ABC04BB9-8A5C-42B9-9096-AD53C9BFAFAD} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001 -> {B55C3FE5-1A80-4699-9CFE-27CFE26031B0} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001 -> {D60B70BD-5559-4ABD-8427-10519DFA8989} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2021-01-30] (McAfee, LLC -> McAfee, LLC)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-01-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2021-01-30] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-13] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 14:46 - 2017-09-29 14:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\havra\Pictures\received_1086403274730104.jpeg
DNS Servers: 217.30.64.53 - 217.30.64.54
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => ""
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => ""
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\StartupApproved\StartupFolder: => "Mámemail Pošťák.lnk"
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\StartupApproved\StartupFolder: => "wandoujia_helper.lnk"
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\StartupApproved\Run: => ""
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{B7E4CB5C-4677-45EE-94D5-7E8A2F23293F}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.1.9518.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
FirewallRules: [{C0A89B7C-9105-4F35-8858-708EAA60411E}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.1.9518.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
FirewallRules: [UDP Query User{212C20BC-137F-43EB-885C-B8C4C539DFC5}C:\users\havra\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\havra\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{176C1347-C60F-46F6-AC83-0E6751DB00FC}C:\users\havra\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\havra\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4DB21198-77BC-4E90-850B-64BA1AF98F52}] => (Allow) C:\Users\havra\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{25F76282-CDF2-4CD0-8EBE-A208191F9E13}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Package\PTInstOnline.exe (Free Time Co., Ltd. -> Free Time)
FirewallRules: [{760703AB-EE0A-4B2C-A7CB-C02AA949D984}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{505499DB-FD03-4DF5-A32F-55A993C75BCB}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [{DBEA28E5-A32B-4E93-9B9C-FE70B4889085}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{AA98CD5C-E06F-448C-A898-91A046A63904}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [{99E1E210-63A5-4793-8F07-BDCFF753165F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5ABF222D-413E-469E-B46C-E963E08B2AA5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{8DD45874-DA23-4B61-A18D-86204FE3E5AF}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{8E22717A-5C5F-49F6-B9A7-8CEEA56A943D}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F278C01F-80E8-4F5A-871E-06CFE55BD66F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A06B78A5-F357-4EED-947A-D9657CAEE6D3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{22BDA38D-1D63-4317-AC2A-892EFA16C6A4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16050.11029.20079.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{55D0626F-0F34-44D2-9068-42A8FE80F352}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{8E6CC5F3-4F42-4359-833D-5EC18F0AABD3}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{6430A3B2-BAF8-48DF-9B7B-9F1F442E1768}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{8E221DD1-C533-40DC-9155-18FDA6D7B22C}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{915A6952-80B4-4564-9F19-E866EC2C1194}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{E44C1914-7F2F-4F70-A971-A8298A7310B9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{690E41BF-EAE2-4B47-8DA5-63B3CC8BE3E0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1AB60A55-21D4-46DC-B065-DD9F9E898F4D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{69F8F2B6-04E7-4142-94C1-6E5F6D805FD6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6312DBD9-5D58-41DA-B2D1-C9ABD4EB75A7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2629352C-3E52-42AD-BFDE-189BCE8A0888}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E8A37CB1-253C-4C13-A8E6-EEB265FF8C00}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D425733F-3728-4BDC-9E07-A72E0525AFB0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A81CF913-0263-4EC7-837F-3C16E23B3344}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{76580351-9979-41FC-9182-26E3A48E1AE3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B851B1A2-08BF-4925-AE50-B8A55CB6ACB0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D53D16F1-B1AD-45C1-9F0E-0CDF38798059}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EDF11564-BF1C-40DC-939F-6A91418C2782}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8EE88FD5-920E-4889-944C-887D928F0B5C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{119EB0A3-E3BA-46BC-B30D-F417B4E1B473}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5CA86DC2-5020-44B4-9B10-8D46F6459FF1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E0CF9C58-AD88-47F3-BA26-CF4BFB06892A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{23C6B9E2-5249-4A49-AB6A-85B15B8AE42E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{885639C8-191E-4B4A-8244-AD0D3A4E1D72}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{5155E528-7BDA-4D25-9060-8A880070BE47}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{54D22FF5-FB89-4933-A3B2-CAB591C5820B}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{E38B2A67-538B-4ACE-93D8-FC18C5139EF7}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
==================== Restore Points =========================
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/31/2021 12:14:02 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (01/30/2021 11:41:38 PM) (Source: DellCommandPowerManager) (EventID: 0) (User: )
Description: Error from DellPowerManager.exe GUI-ATA02
Message: Invalid alert info: 000300000008000700000000
Error: (01/30/2021 11:46:06 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).
Error: (01/30/2021 10:08:24 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (01/30/2021 10:05:32 AM) (Source: DellCommandPowerManager) (EventID: 0) (User: )
Description: Error from DellPowerManager.exe GUI-ATA02
Message: Invalid alert info: 000300000008000700000000
Error: (01/28/2021 08:57:48 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (01/28/2021 08:54:35 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).
Error: (01/27/2021 07:34:54 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Objekt nebo vlastnost nebyly nalezeny.
System errors:
=============
Error: (01/31/2021 12:14:02 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\system32\IntelIHVRouter08.dll
Error: (01/31/2021 12:14:02 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\system32\IntelIHVRouter08.dll
Error: (01/31/2021 12:13:57 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\system32\IntelIHVRouter08.dll
Error: (01/31/2021 12:13:56 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-2OHMFH6)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/31/2021 12:13:56 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-2OHMFH6)
Description: Server Microsoft.Windows.Search_1.14.0.19041_neutral_neutral_cw5n1h2txyewy!CortanaUI#{0916D3F3-6E81-4C64-A77F-2A1E618F3FEF} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/31/2021 12:08:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Driver & Support Assistant Updater byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (01/31/2021 12:08:06 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Systémová aplikace modelu COM+ byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.
Error: (01/31/2021 12:08:06 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Dell SupportAssist Remediation byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.
CodeIntegrity:
===================================
Date: 2020-10-24 15:29:14.0600000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Avira\Antivirus\libcurl.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. 1.14.0 10/29/2020
Motherboard: Dell Inc. 0JGKPC
Processor: Intel(R) Core(TM) i7-8750H CPU @ 2.20GHz
Percentage of memory in use: 45%
Total physical RAM: 16240.71 MB
Available physical RAM: 8858.44 MB
Total Virtual: 22640.71 MB
Available Virtual: 13414.63 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:462.7 GB) (Free:6.92 GB) NTFS
\\?\Volume{b4fca574-aaf3-4053-bd44-f45a28cb866a}\ (WINRETOOLS) (Fixed) (Total:0.79 GB) (Free:0.28 GB) NTFS
\\?\Volume{f0fabba5-6b6f-4d9e-8691-130082bf8c98}\ (Image) (Fixed) (Total:11.54 GB) (Free:0.15 GB) NTFS
\\?\Volume{f8802ac2-6042-4b30-abe7-21b009ba693a}\ (DELLSUPPORT) (Fixed) (Total:1.14 GB) (Free:0.34 GB) NTFS
\\?\Volume{80085436-f96a-42a2-bfaf-7f82caca7bab}\ (ESP) (Fixed) (Total:0.63 GB) (Free:0.56 GB) FAT32
==================== MBR & Partition Table ====================
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 119412
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Potřebuji vidět obsah souboru fixlog.txt. Je v C:\Users\havra\Downloads. Děkuji.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
vivienn@centrum.cz
- Návštěvník
- Příspěvky: 25
- Registrován: 03 pro 2013 10:35
Re: Prosím o kontrolu logu
Zde je:
Fix result of Farbar Recovery Scan Tool (x64) Version: 27-01-2021
Ran by havra (31-01-2021 00:08:01) Run:1
Running from C:\Users\havra\Downloads
Loaded Profiles: havra
Boot Mode: Normal
==============================================
fixlist content:
*****************
CloseProcesses:
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {6710DC49-4BAE-4925-9082-562BDB2089D4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-26] (Google Inc -> Google Inc.)
Task: {69C77036-2A96-414C-B020-B8048957B88D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-26] (Google Inc -> Google Inc.)
C:\Users\havra\AppData\Roaming\AdobeWLCMCache.dat
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
SearchScopes: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001 -> DefaultScope {A9AF42DC-6834-4230-9184-7E01AB6C6C61} URL =
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6710DC49-4BAE-4925-9082-562BDB2089D4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6710DC49-4BAE-4925-9082-562BDB2089D4}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{69C77036-2A96-414C-B020-B8048957B88D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{69C77036-2A96-414C-B020-B8048957B88D}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
C:\Users\havra\AppData\Roaming\AdobeWLCMCache.dat => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
"HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 11034624 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 14263807 B
Java, Flash, Steam htmlcache => 5285 B
Windows/system/drivers => 8458204 B
Edge => 2010291 B
Chrome => 26031070 B
Firefox => 1005928855 B
Opera => 10697247 B
Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6448078 B
systemprofile32 => 6448078 B
LocalService => 6532684 B
NetworkService => 6533806 B
havra => 246914227 B
RecycleBin => 4996752 B
EmptyTemp: => 1.3 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 00:11:40 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 27-01-2021
Ran by havra (31-01-2021 00:08:01) Run:1
Running from C:\Users\havra\Downloads
Loaded Profiles: havra
Boot Mode: Normal
==============================================
fixlist content:
*****************
CloseProcesses:
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {6710DC49-4BAE-4925-9082-562BDB2089D4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-26] (Google Inc -> Google Inc.)
Task: {69C77036-2A96-414C-B020-B8048957B88D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-26] (Google Inc -> Google Inc.)
C:\Users\havra\AppData\Roaming\AdobeWLCMCache.dat
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
SearchScopes: HKU\S-1-5-21-3433778575-2911662788-3899533387-1001 -> DefaultScope {A9AF42DC-6834-4230-9184-7E01AB6C6C61} URL =
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6710DC49-4BAE-4925-9082-562BDB2089D4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6710DC49-4BAE-4925-9082-562BDB2089D4}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{69C77036-2A96-414C-B020-B8048957B88D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{69C77036-2A96-414C-B020-B8048957B88D}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
C:\Users\havra\AppData\Roaming\AdobeWLCMCache.dat => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
"HKU\S-1-5-21-3433778575-2911662788-3899533387-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 11034624 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 14263807 B
Java, Flash, Steam htmlcache => 5285 B
Windows/system/drivers => 8458204 B
Edge => 2010291 B
Chrome => 26031070 B
Firefox => 1005928855 B
Opera => 10697247 B
Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6448078 B
systemprofile32 => 6448078 B
LocalService => 6532684 B
NetworkService => 6533806 B
havra => 246914227 B
RecycleBin => 4996752 B
EmptyTemp: => 1.3 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 00:11:40 ====
-
Rudy
- Site Admin
- Příspěvky: 119412
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Smazáno, log je již OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
vivienn@centrum.cz
- Návštěvník
- Příspěvky: 25
- Registrován: 03 pro 2013 10:35
Re: Prosím o kontrolu logu
Děkuju strašně moc za pomoc! Jste úžasný. Hezký večer. Ivet
Hezký večer. Ivet-
Rudy
- Site Admin
- Příspěvky: 119412
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Hezký den a nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?