VIRY.CZ

Krásný večer, den či ráno.
Ntb ze kterého píši, je již 2 roky starý, tudíž jsem se rozhodl otočit se na vás na profíky a zkusit zda něco společně nenajdeme v NTB co tam být nemá, předem mockrát děkuji.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-02-2021
Ran by PRDOSLAV (administrator) on PRDOSLAV-NTB (Micro-Star International Co., Ltd. GF75 Thin 9SC) (16-02-2021 23:14:51)
Running from C:\Users\PRDOSLAV\Desktop
Loaded Profiles: PRDOSLAV
Platform: Windows 10 Home Version 20H2 19042.804 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Pro\DiscSoftBusServicePro.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_c52b34f1b30918c5\RstMwService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_93cd1ac04c27c7e5\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_93cd1ac04c27c7e5\IntelCpHeciSvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\PRDOSLAV\AppData\Local\Microsoft\OneDrive\21.002.0104.0005_1\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2012.21.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20566.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20566.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.521.2012.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.521.2012.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\NisSrv.exe
(Micro-Star International CO., LTD. -> ) C:\Program Files (x86)\MSI\Dragon Center\Sendevsvc\Sendevsvc.exe
(Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\Dragon Center\MSIAPP_Service\MSIAPService.exe
(Micro-Star International Co., Ltd.) [File not signed] C:\Windows\SysWOW64\MSIService.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_4ea4d8037d4ef09c\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_ec5ad85a0fbc74ea\RtkAudUService64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_ec5ad85a0fbc74ea\RtkAudUService64.exe [1212720 2020-12-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-12-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Policies\Explorer: [UseDesktopIniCache] 0
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\MountPoints2: {78b509bc-0bb6-11ea-bbfe-4889e716f2dc} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\MountPoints2: {bdf40bce-6348-11eb-8b27-4889e716f2dc} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\MountPoints2: {d0c7d56e-2519-11eb-8b13-00d861097152} - "F:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\88.0.4324.150\Installer\chrmstp.exe [2021-02-10] (Google LLC -> Google LLC)
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0155BADE-7884-4379-926F-66417DFCC696} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5199792 2021-02-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {0D400830-B1A2-4EA0-BD81-B372E7E40E73} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {14778D44-2904-4267-9BAA-20F0689D6CEF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1745BFA6-6086-4E92-819E-35720B3DD999} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
Task: {1AB97E9E-CFE0-4EFD-80FB-955E21788E82} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3EE2AC5E-03C6-40FE-AF5A-E906EDEF11AE} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
Task: {4A9F6C2B-6DDE-48B4-9B98-712C67150892} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [142216 2021-02-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {4BF72C72-5BDD-4988-85EC-6BD16CFB3318} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-09-26] (Google LLC -> Google LLC)
Task: {4E07B5A1-F2D2-499D-AEAD-A04920869685} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5199792 2021-02-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {520F4D1F-B380-4B01-AC87-9A6FBD574A69} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe
Task: {5327C3DF-F647-4A83-840F-168E914C6BA5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {53EBC5AB-12E6-4820-AAA0-2330B162294B} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {61C44446-659F-4733-A38E-01F97D66D026} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {71A08FD4-D7A4-4A92-AC13-43C473AE275E} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe
Task: {82CE4E14-F94F-4633-874E-3EEBA5F4FD13} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993800 2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {8365A554-A145-4287-8B05-40273CD552F2} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe
Task: {8DD0C37A-030E-43FF-9E04-6D45CA4B1CD0} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [142216 2021-02-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {8F9052F3-91A8-4C28-AE4D-23D0444116FA} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {9347D433-71B8-4212-9A00-0F7739617127} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26913848 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9824F88F-2A45-4137-A897-7CAA341D2B87} - System32\Tasks\MSISCMTsk => C:\Program Files (x86)\MSI\MSI Remind Manager\MSISCMTsk.exe [344184 2020-02-13] (Micro-Star International CO., LTD. -> Application)
Task: {9C8F7EC6-246A-4B94-9EEB-A0C4A69FF0C2} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {AF598F00-9DFB-4DF8-B7F7-0F0080CECFC6} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B0D5E313-5E53-4A4B-8E90-77C9F12F831C} - System32\Tasks\MSI_Dragon Center => C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe [6255104 2020-05-06] (Micro-Star International Co., Ltd.) [File not signed]
Task: {B9B1F186-BE08-43B5-BFFF-F9DE2713DC53} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993800 2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {BE52EDE5-1462-44E6-A46E-8B67EF41534A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CB8BD3A2-561C-4ED3-A1D0-4046B522800A} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {DF4E0E85-709C-4A45-B038-95ACAF234616} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1190424 2018-08-14] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {E1F48C05-5539-4673-81FB-03B865505914} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E6DAA935-B8C1-413F-8F78-4B1B2DD10A0A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E82084AB-3F9E-43CE-ADBD-BFD60C57499B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-09-26] (Google LLC -> Google LLC)
Task: {EB6C4619-A6AD-4128-ACC0-B7582CA1AB99} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F87C7FBA-5684-4790-A686-8BD78F3C8344} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.10.1 0.0.0.0
Tcpip\..\Interfaces\{41390136-14d9-4ad4-b140-a0d1b94d90a2}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{bcbdebf0-34e1-4d08-879c-a923554a03f8}: [DhcpNameServer] 192.168.10.1 0.0.0.0

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.281.2 -> C:\Program Files\Java\jre1.8.0_281\bin\dtplugin\npDeployJava1.dll [2021-02-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.281.2 -> C:\Program Files\Java\jre1.8.0_281\bin\plugin2\npjp2.dll [2021-02-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-02-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-02-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\PRDOSLAV\AppData\Local\Google\Chrome\User Data\Default [2021-02-16]
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxp://www.google.com ... duckgo.com"
CHR Extension: (Prezentace) - C:\Users\PRDOSLAV\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-02-16]
CHR Extension: (Just Black) - C:\Users\PRDOSLAV\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2021-02-16]
CHR Extension: (Dokumenty) - C:\Users\PRDOSLAV\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-02-16]
CHR Extension: (Disk Google) - C:\Users\PRDOSLAV\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-02-16]
CHR Extension: (YouTube) - C:\Users\PRDOSLAV\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-02-16]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\PRDOSLAV\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-02-16]
CHR Extension: (Vysoký kontrast) - C:\Users\PRDOSLAV\AppData\Local\Google\Chrome\User Data\Default\Extensions\djcfdncoelnlbldjfhinnjlhdjlikmph [2021-02-16]
CHR Extension: (Tabulky) - C:\Users\PRDOSLAV\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-02-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\PRDOSLAV\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-02-16]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\PRDOSLAV\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2021-02-16]
CHR Extension: (Excel Online) - C:\Users\PRDOSLAV\AppData\Local\Google\Chrome\User Data\Default\Extensions\iljnkagajgfdmfnnidjijobijlfjfgnb [2021-02-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PRDOSLAV\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-16]
CHR Extension: (Gmail) - C:\Users\PRDOSLAV\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-02-16]
CHR Extension: (Chrome Media Router) - C:\Users\PRDOSLAV\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-02-16]
CHR HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [83984 2018-08-14] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8905608 2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Pro Bus Service; C:\Program Files\DAEMON Tools Pro\DiscSoftBusServicePro.exe [2863472 2020-05-14] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA)
R2 Micro Star SCM; C:\WINDOWS\SysWOW64\MSIService.exe [160768 2009-07-09] (Micro-Star International Co., Ltd.) [File not signed]
R2 MSI Foundation Service; C:\Program Files (x86)\MSI\Dragon Center\MSIAPP_Service\MSIAPService.exe [47568 2018-10-29] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
S4 NahimicService; C:\WINDOWS\system32\NahimicService.exe [2719664 2020-11-04] (A-Volute -> Nahimic)
S3 Rockstar Service; D:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1631360 2020-12-02] (Rockstar Games, Inc. -> Rockstar Games)
R2 RtkAudioUniversalService; C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_ec5ad85a0fbc74ea\RtkAudUService64.exe [1212720 2020-12-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 Sendevsvc; C:\Program Files (x86)\MSI\Dragon Center\Sendevsvc\Sendevsvc.exe [302888 2019-01-30] (Micro-Star International CO., LTD. -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\NisSrv.exe [2462960 2021-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MsMpEng.exe [128376 2021-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_4ea4d8037d4ef09c\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_4ea4d8037d4ef09c\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2019-11-22] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2019-11-22] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtproscsibus; C:\WINDOWS\System32\drivers\dtproscsibus.sys [42472 2020-10-09] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-06-29] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2020-06-29] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 MpKslb25b05cd; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CE18F8DB-1342-4964-91B9-769E32E6BC94}\MpKslDrv.sys [47344 2021-02-16] (Microsoft Windows -> Microsoft Corporation)
R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [85592 2020-06-16] (A-Volute -> Windows (R) Win 7 DDK provider)
R0 RapportHades64; C:\WINDOWS\System32\Drivers\RapportHades64.sys [398984 2020-08-18] (IBM -> IBM Corp.)
R0 RapportKE64; C:\WINDOWS\System32\Drivers\RapportKE64.sys [448904 2020-08-18] (IBM -> IBM Corp.)
S3 Revoflt; C:\WINDOWS\System32\DRIVERS\revoflt.sys [38400 2020-10-14] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
S3 RT-USB; C:\WINDOWS\system32\drivers\RT-USB64.SYS [97152 2014-05-12] (Ross-Tech, LLC -> Ross-Tech LLC)
S3 RZSURROUNDVADService; C:\WINDOWS\system32\drivers\RzSurroundVAD.sys [49176 2016-10-16] (Razer USA Ltd. -> Windows (R) Win 7 DDK provider)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 SjtWinIo20; C:\WINDOWS\System32\drivers\SjtWinIo_v2_0.sys [11776 2021-01-28] (Microsoft Windows Hardware Compatibility Publisher -> SpeedJet Technology INC.)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64872 2019-09-26] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49552 2021-02-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [419040 2021-02-11] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2021-02-11] (Microsoft Windows -> Microsoft Corporation)
R3 WINIO; C:\Program Files (x86)\MSI\Dragon Center\winio64.sys [18688 2018-07-18] (WDKTestCert heavenluo,131620253795976757 -> )
S3 WiseUnlock; C:\WINDOWS\WiseUnlock64.sys [33864 2020-09-26] (Beijing Lang Xingda Network Technology Co., Ltd -> WiseCleaner.com)
S1 amsdk; \??\C:\WINDOWS\system32\drivers\amsdk.sys [X]
U4 dmwappushservice; no ImagePath
S4 EneTechIo; \??\C:\WINDOWS\system32\drivers\ene.sys [X]
U4 Partizan; system32\drivers\Partizan.sys [X]
S1 RapportCerberus_2004080; \??\c:\programdata\trusteer\rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_2004080.sys [X]
S3 RapportIaso; \??\c:\programdata\trusteer\rapport\store\exts\rapportms\baseline\rapportiaso64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-16 23:14 - 2021-02-16 23:15 - 000025498 _____ C:\Users\PRDOSLAV\Desktop\FRST.txt
2021-02-16 23:14 - 2021-02-16 23:14 - 000000000 ____D C:\FRST
2021-02-16 23:12 - 2021-02-16 23:12 - 002297856 _____ (Farbar) C:\Users\PRDOSLAV\Downloads\FRST64.exe
2021-02-16 23:12 - 2021-02-16 23:12 - 002297856 _____ (Farbar) C:\Users\PRDOSLAV\Desktop\FRST64.exe
2021-02-16 22:27 - 2021-02-16 22:27 - 000004920 _____ C:\Users\PRDOSLAV\Desktop\Emaily-part1-korekce.txt
2021-02-16 22:04 - 2021-02-16 22:04 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Roaming\DAEMON Tools Pro
2021-02-16 22:01 - 2021-02-16 22:42 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\VirtualStore
2021-02-16 21:44 - 2021-02-16 22:35 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\AMSDK
2021-02-16 09:14 - 2021-02-16 09:14 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Roaming\Sun
2021-02-16 08:45 - 2021-02-16 09:07 - 000000000 ____D C:\ProgramData\ADiag
2021-02-15 14:18 - 2021-02-15 14:18 - 000000000 ____D C:\Users\PRDOSLAV\Documents\backup
2021-02-15 11:31 - 2021-02-15 11:31 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Roaming\Mozilla
2021-02-15 11:31 - 2021-02-15 11:31 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\Trusteer
2021-02-15 11:31 - 2020-08-18 17:24 - 000448904 _____ (IBM Corp.) C:\WINDOWS\system32\Drivers\RapportKE64.sys
2021-02-15 11:31 - 2020-08-18 17:24 - 000398984 _____ (IBM Corp.) C:\WINDOWS\system32\Drivers\RapportHades64.sys
2021-02-15 11:30 - 2021-02-15 11:30 - 000000000 ____D C:\ProgramData\Trusteer
2021-02-14 00:05 - 2021-02-14 00:07 - 000000000 _____ C:\WINDOWS\system32\RzSurroundVADAudioDeviceManager_log.txt
2021-02-14 00:05 - 2021-02-14 00:05 - 000000000 ____D C:\ProgramData\RzSurroundVAD_1.1.63.0
2021-02-14 00:05 - 2021-02-14 00:05 - 000000000 _____ C:\WINDOWS\SysWOW64\RzSurroundVADAudioDeviceManager_log.txt
2021-02-13 22:34 - 2021-02-16 11:11 - 000011315 _____ C:\Users\PRDOSLAV\Documents\Sešit1.xlsm
2021-02-13 21:28 - 2021-02-13 21:28 - 008049538 _____ C:\Users\PRDOSLAV\Documents\13úno2144-212820story_esports_BuildPlayer-Workshop_DLC1_Starter.csv
2021-02-13 20:33 - 2021-02-13 20:33 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\OneDrive
2021-02-13 20:32 - 2021-02-16 22:01 - 000000000 ___RD C:\Users\PRDOSLAV\OneDrive
2021-02-13 20:32 - 2021-02-13 20:33 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3110588475-2115266248-3539613761-1001
2021-02-13 20:32 - 2021-02-13 20:33 - 000002420 _____ C:\Users\PRDOSLAV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-13 20:32 - 2021-02-13 20:32 - 000000000 ___HD C:\OneDriveTemp
2021-02-13 20:32 - 2021-02-13 20:32 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-02-13 19:44 - 2021-02-13 21:07 - 000000000 ____D C:\KVRT_Data
2021-02-13 11:31 - 2021-02-09 22:11 - 000052988 _____ C:\Users\PRDOSLAV\Desktop\Text_CZ.txt
2021-02-12 16:04 - 2021-02-12 21:56 - 000003542 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-02-12 16:04 - 2021-02-12 16:04 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-02-12 16:04 - 2021-02-12 16:04 - 000000000 ____D C:\Program Files (x86)\Adobe
2021-02-12 15:55 - 2021-02-12 15:55 - 000002441 _____ C:\Users\PRDOSLAV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nahimic Companion.lnk
2021-02-11 22:34 - 2021-02-11 22:34 - 000000000 ____D C:\Users\PRDOSLAV\Documents\Vlastní šablony Office
2021-02-11 22:22 - 2021-02-13 20:37 - 000000000 ____D C:\Users\PRDOSLAV\Documents\temp
2021-02-11 22:22 - 2021-02-11 22:22 - 000003014 _____ C:\WINDOWS\system32\Tasks\MSI_Dragon Center
2021-02-11 22:22 - 2021-02-11 22:22 - 000000000 ____D C:\Program Files (x86)\MSI
2021-02-10 22:24 - 2021-02-16 08:57 - 000000000 ____D C:\WINDOWS\Minidump
2021-02-10 22:24 - 2021-02-10 22:24 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Roaming\Wise Force Deleter
2021-02-10 22:23 - 2021-02-10 22:23 - 000000000 ____R C:\WINDOWS\SysWOW64\version_IObitDel.dll
2021-02-10 22:11 - 2020-12-16 17:08 - 005994080 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2021-02-10 22:11 - 2020-12-16 16:57 - 043517749 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2021-02-10 22:11 - 2019-12-19 08:07 - 002877104 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2021-02-10 22:03 - 2021-02-16 22:48 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-10 22:03 - 2021-02-10 22:03 - 000002418 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2021-02-10 21:59 - 2021-02-10 21:59 - 000000000 ____D C:\Program Files\Intel
2021-02-10 21:58 - 2021-02-10 21:58 - 000000000 ____D C:\Program Files (x86)\Realtek
2021-02-10 21:57 - 2021-02-10 22:12 - 000000000 ___HD C:\Program Files (x86)\Temp
2021-02-10 21:52 - 2021-02-16 22:01 - 000000000 ____D C:\Intel
2021-02-10 21:52 - 2021-02-10 21:52 - 000000000 ____D C:\Users\PRDOSLAV\ansel
2021-02-10 21:49 - 2021-02-10 21:49 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\SaraResults
2021-02-10 21:46 - 2021-02-10 21:46 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Roaming\WinRAR
2021-02-10 21:46 - 2021-02-10 21:46 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\SaRALogs
2021-02-10 21:45 - 2021-02-10 22:17 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\BitTorrentHelper
2021-02-10 21:41 - 2021-02-10 22:27 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\Deployment
2021-02-10 21:41 - 2021-02-10 21:41 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\Apps\2.0
2021-02-10 20:44 - 2021-02-10 20:44 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-10 20:43 - 2021-02-10 20:43 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-10 20:43 - 2021-02-10 20:43 - 001314112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-02-10 20:43 - 2021-02-10 20:43 - 000231232 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-02-10 20:43 - 2021-02-10 20:43 - 000010892 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-02-10 18:34 - 2021-02-10 18:34 - 000003294 _____ C:\WINDOWS\system32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2021-02-10 18:34 - 2021-02-10 18:34 - 000003242 _____ C:\WINDOWS\system32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2021-02-10 18:34 - 2021-02-10 18:34 - 000003238 _____ C:\WINDOWS\system32\Tasks\Microsoft_Hardware_Launch_itype_exe
2021-02-07 15:15 - 2021-02-07 15:15 - 000000222 _____ C:\Users\PRDOSLAV\Desktop\PC Building Simulator.url
2021-02-07 15:10 - 2021-02-07 15:11 - 000000000 ____D C:\Riot Games
2021-02-07 01:27 - 2021-02-07 01:27 - 000000000 ____D C:\Users\PRDOSLAV\Downloads\UnityText
2021-02-06 14:24 - 2021-02-06 14:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\ClockworkMod
2021-02-06 14:24 - 2021-02-06 14:24 - 000000000 ____D C:\Program Files (x86)\ClockworkMod
2021-02-06 14:19 - 2021-02-06 14:19 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Roaming\Xiaomi
2021-02-06 13:42 - 2021-02-16 10:56 - 000000000 ____D C:\adb
2021-02-06 11:53 - 2021-02-06 12:00 - 000000160 _____ C:\Users\PRDOSLAV\AppData\LocalLow\rbxcsettings.rbx
2021-02-05 22:04 - 2021-02-06 20:59 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Roaming\Disney Interactive
2021-02-05 17:54 - 2021-02-05 17:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Staxel [GOG.com]
2021-02-05 17:48 - 2021-02-05 17:48 - 000000000 ____D C:\GOG Games
2021-02-04 20:41 - 2021-02-04 20:41 - 000000000 ____D C:\WINDOWS\system32\A-Volute
2021-02-01 13:16 - 2021-02-01 13:16 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Roaming\GIMP
2021-02-01 13:16 - 2021-02-01 13:16 - 000000000 ____D C:\Users\PRDOSLAV\.cache
2021-02-01 13:06 - 2021-02-01 13:06 - 000000913 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.22.lnk
2021-02-01 13:04 - 2021-02-01 13:05 - 000000000 ____D C:\Program Files\GIMP 2
2021-02-01 12:50 - 2021-02-14 01:23 - 000000000 ____D C:\Users\PRDOSLAV\Documents\Nicepage Templates
2021-02-01 12:09 - 2021-02-01 12:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-02-01 12:07 - 2021-02-01 13:09 - 000000000 ____D C:\Users\PRDOSLAV\Documents\Nicepage
2021-02-01 12:02 - 2021-02-01 12:02 - 000000000 ____D C:\Users\PRDOSLAV\Documents\Lightshot
2021-02-01 12:01 - 2021-02-14 01:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
2021-01-31 08:24 - 2021-01-31 08:24 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\ElevatedDiagnostics
2021-01-30 18:29 - 2021-01-30 22:28 - 000000223 _____ C:\Users\PRDOSLAV\Desktop\Mad Games Tycoon 2.url
2021-01-30 00:54 - 2021-01-30 00:54 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2021-01-30 00:54 - 2021-01-30 00:54 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Roaming\GHISLER
2021-01-30 00:54 - 2021-01-30 00:54 - 000000000 ____D C:\totalcmd
2021-01-28 22:44 - 2021-02-11 22:22 - 000003116 _____ C:\WINDOWS\system32\Tasks\MSISCMTsk
2021-01-28 22:44 - 2021-02-11 22:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\Intel
2021-01-28 22:16 - 2021-01-28 22:16 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nová složka
2021-01-28 22:00 - 2021-01-28 22:00 - 000011776 _____ (SpeedJet Technology INC.) C:\WINDOWS\system32\Drivers\SjtWinIo_v2_0.sys
2021-01-28 21:46 - 2021-01-28 21:46 - 008823656 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\Netwtw08.sys
2021-01-28 21:46 - 2021-01-28 21:46 - 002673724 _____ C:\WINDOWS\system32\Drivers\Netwfw08.dat
2021-01-28 21:46 - 2021-01-28 21:46 - 001058152 _____ (Intel Corporation) C:\WINDOWS\system32\IntelIHVRouter08.dll
2021-01-28 21:45 - 2021-01-28 21:45 - 006161712 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\ibtusb.sys
2021-01-28 21:45 - 2021-01-28 21:45 - 000539440 _____ (Intel Corporation) C:\WINDOWS\system32\ibtsiva.exe
2021-01-28 21:45 - 2021-01-28 21:45 - 000441648 _____ (Intel Corporation) C:\WINDOWS\system32\ibtproppage.dll
2021-01-26 23:30 - 2021-01-23 09:15 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-01-26 23:30 - 2021-01-23 09:15 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-01-26 23:30 - 2021-01-23 09:14 - 001855192 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-01-26 23:30 - 2021-01-23 09:14 - 001855192 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-01-26 23:30 - 2021-01-23 09:14 - 001094880 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-01-26 23:30 - 2021-01-23 09:14 - 001094880 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-01-26 23:30 - 2021-01-23 09:14 - 000948952 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-01-26 23:30 - 2021-01-23 09:14 - 000948952 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-01-26 23:30 - 2021-01-23 09:12 - 001512096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-01-26 23:30 - 2021-01-23 09:12 - 001164960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-01-26 23:30 - 2021-01-23 09:12 - 000689312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-01-26 23:30 - 2021-01-23 09:12 - 000680096 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-01-26 23:30 - 2021-01-23 09:12 - 000672928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-01-26 23:30 - 2021-01-23 09:12 - 000613536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-01-26 23:30 - 2021-01-23 09:12 - 000558240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-01-26 23:30 - 2021-01-23 09:12 - 000547488 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-01-26 23:30 - 2021-01-23 09:11 - 008262304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-01-26 23:30 - 2021-01-23 09:11 - 007392928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-01-26 23:30 - 2021-01-23 09:11 - 004611744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-01-26 23:30 - 2021-01-23 09:11 - 002731168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-01-26 23:30 - 2021-01-23 09:11 - 002103456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-01-26 23:30 - 2021-01-23 09:11 - 001589408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-01-26 23:30 - 2021-01-23 09:11 - 000813216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-01-26 23:30 - 2021-01-23 09:11 - 000657056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-01-26 23:30 - 2021-01-23 09:11 - 000446624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-01-26 23:30 - 2021-01-23 09:10 - 006070848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-01-26 23:30 - 2021-01-23 09:10 - 000850080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-01-26 23:30 - 2021-01-22 23:59 - 000084264 _____ C:\WINDOWS\system32\nvinfo.pb
2021-01-25 23:24 - 2021-02-10 21:31 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Roaming\obs-studio
2021-01-25 23:24 - 2021-01-25 23:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2021-01-23 14:18 - 2021-01-24 10:42 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\blitz-updater
2021-01-22 23:19 - 2021-01-22 23:19 - 000000322 _____ C:\WINDOWS\system32\.crusader
2021-01-22 23:03 - 2021-02-10 22:17 - 000000000 ____D C:\Users\PRDOSLAV\AppData\LocalLow\uTorrent
2021-01-22 19:23 - 2021-01-22 19:23 - 000000000 ____D C:\Users\PRDOSLAV\AppData\LocalLow\Eggcode

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-16 22:37 - 2020-12-26 18:46 - 000000000 ____D C:\Program Files (x86)\Steam
2021-02-16 22:37 - 2020-09-27 08:30 - 000002238 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-02-16 22:37 - 2020-09-27 08:30 - 000000000 ____D C:\Program Files\CCleaner
2021-02-16 22:37 - 2020-09-26 22:56 - 000000000 ____D C:\WINDOWS\INF
2021-02-16 22:21 - 2021-01-03 11:35 - 000000000 ____D C:\ProgramData\Common
2021-02-16 22:08 - 2020-09-26 22:58 - 000717844 _____ C:\WINDOWS\system32\perfh005.dat
2021-02-16 22:08 - 2020-09-26 22:58 - 000144986 _____ C:\WINDOWS\system32\perfc005.dat
2021-02-16 22:08 - 2020-09-26 22:20 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-16 22:04 - 2020-09-26 22:56 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-16 22:03 - 2020-09-26 22:51 - 000000000 ____D C:\ProgramData\NVIDIA
2021-02-16 22:01 - 2020-09-26 23:00 - 000000008 __RSH C:\ProgramData\ntuser.pol
2021-02-16 22:01 - 2020-09-26 22:08 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-16 22:00 - 2020-09-26 22:53 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-02-16 22:00 - 2020-06-12 23:13 - 000008192 ___SH C:\DumpStack.log.tmp
2021-02-16 21:58 - 2021-01-02 20:26 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2021-02-16 21:58 - 2020-09-26 22:56 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2021-02-16 21:58 - 2020-09-26 22:11 - 000000000 ____D C:\Users\PRDOSLAV
2021-02-16 21:42 - 2020-09-26 22:07 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-16 17:21 - 2020-10-05 21:12 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Roaming\vlc
2021-02-16 09:26 - 2021-01-10 10:00 - 000000128 _____ C:\Users\PRDOSLAV\AppData\Roaming\winscp.rnd
2021-02-16 09:16 - 2020-09-26 22:45 - 000000000 ____D C:\Program Files\Java
2021-02-16 09:16 - 2020-03-31 16:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2021-02-16 09:15 - 2020-09-26 22:46 - 000192168 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2021-02-16 09:11 - 2020-09-26 22:32 - 000000844 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2021-02-16 09:11 - 2020-09-26 22:32 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Roaming\Notepad++
2021-02-16 09:11 - 2020-09-26 22:32 - 000000000 ____D C:\Program Files\Notepad++
2021-02-16 08:59 - 2021-01-09 10:28 - 000000000 ____D C:\Users\PRDOSLAV\Documents\Plány
2021-02-15 22:03 - 2020-09-26 22:56 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-15 22:02 - 2020-09-26 22:20 - 000000000 ____D C:\ProgramData\Packages
2021-02-15 22:01 - 2020-09-26 22:20 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\Packages
2021-02-15 15:02 - 2020-09-26 22:56 - 000000000 ____D C:\WINDOWS\ELAMBKUP
2021-02-15 11:33 - 2021-01-09 10:38 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\Adobe
2021-02-15 11:33 - 2020-10-22 21:03 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Roaming\Adobe
2021-02-13 20:36 - 2020-11-01 10:35 - 002505048 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-12 21:55 - 2020-09-26 22:56 - 000000000 ____D C:\WINDOWS\SystemApps
2021-02-12 18:23 - 2020-11-21 11:21 - 000001476 _____ C:\Users\PRDOSLAV\Desktop\Roblox Player.lnk
2021-02-12 18:23 - 2020-11-21 11:20 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2021-02-12 15:53 - 2021-01-09 10:38 - 000000000 ____D C:\ProgramData\Adobe
2021-02-12 15:49 - 2020-10-23 20:04 - 000000000 ____D C:\Program Files\DIFX
2021-02-12 15:48 - 2021-01-09 10:42 - 000000000 ____D C:\Users\PRDOSLAV\AppData\LocalLow\Adobe
2021-02-11 23:35 - 2020-09-26 22:31 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\D3DSCache
2021-02-11 23:35 - 2020-09-26 22:08 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-02-11 22:29 - 2020-09-26 22:46 - 000000000 ____D C:\ProgramData\MSI
2021-02-11 22:22 - 2020-09-26 22:42 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-02-11 22:22 - 2019-03-14 01:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2021-02-10 22:10 - 2019-11-20 18:19 - 000000000 __SHD C:\Users\PRDOSLAV\IntelGraphicsProfiles
2021-02-10 22:03 - 2020-10-31 23:08 - 000000000 ____D C:\Program Files\Microsoft Office
2021-02-10 21:59 - 2020-09-26 22:56 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-02-10 21:54 - 2020-10-17 06:51 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\Intel
2021-02-10 21:45 - 2021-01-16 16:27 - 000001102 _____ C:\Users\PRDOSLAV\Desktop\Grand Theft Auto V.lnk
2021-02-10 21:45 - 2021-01-16 09:01 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2021-02-10 21:38 - 2021-01-16 09:02 - 000000000 ____D C:\Program Files\Rockstar Games
2021-02-10 21:31 - 2021-01-16 09:01 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\Rockstar Games
2021-02-10 21:31 - 2020-09-26 22:30 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Roaming\.minecraft
2021-02-10 21:31 - 2020-09-26 22:20 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\Publishers
2021-02-10 21:30 - 2020-12-28 23:03 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\Google
2021-02-10 21:30 - 2020-09-26 23:00 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\NVIDIA Corporation
2021-02-10 21:00 - 2020-09-26 22:54 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-10 20:52 - 2020-09-26 22:56 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-02-10 20:52 - 2020-09-26 22:56 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-02-10 20:52 - 2020-09-26 22:56 - 000000000 ____D C:\WINDOWS\SystemResources
2021-02-10 20:52 - 2020-09-26 22:56 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-10 20:52 - 2020-09-26 22:56 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-02-10 20:52 - 2020-09-26 22:56 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-10 20:52 - 2020-09-26 22:56 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-10 20:52 - 2020-09-26 22:56 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-02-10 20:52 - 2020-09-26 22:56 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-10 20:52 - 2020-09-26 22:53 - 000000000 ____D C:\WINDOWS\servicing
2021-02-10 20:36 - 2020-10-02 18:54 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-10 20:34 - 2020-10-02 18:54 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-10 17:45 - 2020-09-26 22:25 - 000002214 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-07 20:58 - 2020-10-05 14:51 - 000000000 ____D C:\ProgramData\Riot Games
2021-02-07 16:26 - 2020-11-14 00:11 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Roaming\DS4Windows
2021-02-07 15:21 - 2020-10-05 14:51 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\Riot Games
2021-02-07 15:11 - 2019-11-20 22:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2021-02-07 01:23 - 2020-10-11 00:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\by.xatab
2021-02-06 14:31 - 2020-09-26 22:56 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-02-06 11:55 - 2020-11-21 11:20 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\Roblox
2021-02-06 11:46 - 2020-09-26 22:56 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-02-05 17:15 - 2020-09-18 22:12 - 000000766 _____ C:\Users\PRDOSLAV\Desktop\House Flipper.lnk
2021-02-05 16:24 - 2020-09-26 22:25 - 000003472 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-05 16:24 - 2020-09-26 22:25 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-01 21:18 - 2020-09-26 22:25 - 000000000 ____D C:\Program Files\Google
2021-02-01 13:11 - 2020-09-26 22:25 - 000000000 ____D C:\Program Files (x86)\Google
2021-02-01 12:45 - 2020-10-22 21:05 - 000055045 _____ C:\WINDOWS\system32\sfcdetails.txt
2021-02-01 12:09 - 2020-10-31 23:09 - 000002380 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2021-01-30 00:49 - 2020-11-01 01:54 - 000001133 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk
2021-01-30 00:49 - 2020-11-01 01:54 - 000000000 ____D C:\Program Files (x86)\WinSCP
2021-01-29 18:50 - 2020-09-26 22:13 - 000000000 ____D C:\ProgramData\Intel
2021-01-29 16:19 - 2020-09-26 23:00 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\NVIDIA
2021-01-28 22:13 - 2020-09-27 08:30 - 000003048 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-01-27 23:55 - 2020-10-23 22:04 - 000000000 ____D C:\Users\PRDOSLAV\Downloads\Naruto
2021-01-23 09:10 - 2020-09-25 23:08 - 007116680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-01-22 19:01 - 2020-09-27 00:31 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-01-20 21:15 - 2021-01-09 10:44 - 000002672 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2021-01-17 09:21 - 2021-01-16 09:01 - 000000000 ____D C:\Users\PRDOSLAV\Documents\Rockstar Games

==================== Files in the root of some directories ========

2021-01-10 10:00 - 2021-02-16 09:26 - 000000128 _____ () C:\Users\PRDOSLAV\AppData\Roaming\winscp.rnd

==================== FCheck ================================

(If an entry is included in the fixlist, the file/folder will be moved.)

FCheck: C:\WINDOWS\SysWOW64\version_IObitDel.dll [2021-02-10] <==== ATTENTION (zero byte File/Folder)

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

/////////////////////////////////////

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-02-2021
Ran by PRDOSLAV (16-02-2021 23:15:34)
Running from C:\Users\PRDOSLAV\Desktop
Windows 10 Home Version 20H2 19042.804 (X64) (2020-09-26 21:20:26)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3110588475-2115266248-3539613761-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3110588475-2115266248-3539613761-503 - Limited - Disabled)
Guest (S-1-5-21-3110588475-2115266248-3539613761-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3110588475-2115266248-3539613761-504 - Limited - Disabled)
PRDOSLAV (S-1-5-21-3110588475-2115266248-3539613761-1001 - Administrator - Enabled) => C:\Users\PRDOSLAV

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\uTorrent) (Version: 3.5.5.45852 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.008.20071 - Adobe Systems Incorporated)
Aktualizace NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden
Balíček ovladače systému Windows - Ross-Tech HIDClass (01/05/2014 6.3.0.3) (HKLM\...\3A9B09BBD4F12A76FBBD3A428729660930BA5F13) (Version: 01/05/2014 6.3.0.3 - Ross-Tech)
CCleaner (HKLM\...\CCleaner) (Version: 5.76 - Piriform)
DAEMON Tools Pro (HKLM\...\DAEMON Tools Pro) (Version: 8.3.0.0767 - Disc Soft Ltd)
Dragon Center (HKLM-x32\...\{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 2.6.2005.0601 - Micro-Star International Co., Ltd.) Hidden
Dragon Center (HKLM-x32\...\InstallShield_{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 2.6.2005.0601 - Micro-Star International Co., Ltd.)
GIMP 2.10.22 (HKLM\...\GIMP-2_is1) (Version: 2.10.22 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.150 - Google LLC)
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: 1.0.2215.0 - Rockstar Games)
House Flipper v.1.2122 (a24be) (44415) (HKLM-x32\...\House Flipper_is1) (Version: - )
Intel® Chipset Device Software (HKLM-x32\...\{70281077-96c3-4f75-938c-dc4746110c00}) (Version: 10.1.17903.8106 - Intel(R) Corporation)
Java 8 Update 281 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180281F0}) (Version: 8.0.2810.9 - Oracle Corporation)
League of Legends (HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Microsoft Excel 2019 - cs-cz (HKLM\...\Excel2019Retail - cs-cz) (Version: 16.0.13628.20380 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\OneDriveSetup.exe) (Version: 21.002.0104.0005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Word 2019 - cs-cz (HKLM\...\Word2019Retail - cs-cz) (Version: 16.0.13628.20380 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.9.3 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 461.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.40 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20380 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Passpartout: The Starving Artist (HKLM-x32\...\1427891789_is1) (Version: 1.7.2 - GOG.com)
Planet Zoo (HKLM-x32\...\Planet Zoo_is1) (Version: - )
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9084.1 - Realtek Semiconductor Corp.)
Remove Empty Directories version 2.2 (HKLM-x32\...\{06F25DC8-71E2-44E2-805A-F15E15B51C74}_is1) (Version: 2.2 - Jonas John)
Revo Uninstaller Pro 4.3.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.3.8 - VS Revo Group, Ltd.)
Roblox Player for PRDOSLAV (HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\roblox-player) (Version: - Roblox Corporation)
Roblox Studio for PRDOSLAV (HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\roblox-studio) (Version: - Roblox Corporation)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.33.319 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.7.5 - Rockstar Games)
Staxel (HKLM-x32\...\1780262881_is1) (Version: Staxel 1.5.56 (201118a) - GOG.com)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH)
TreeSize Free V4.4.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.4.2 - JAM Software)
VCDS SVO 19.6 (HKLM-x32\...\VCDS SVO) (Version: SVO 19.6.2 - Ross-Tech, LLC)
VEGAS Pro 18.0 (HKLM\...\{82C2EEEE-F7A1-11EA-B428-00155D8D255C}) (Version: 18.0.334 - VEGAS)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
WinSCP 5.17.10 (HKLM-x32\...\winscp3_is1) (Version: 5.17.10 - Martin Prikryl)
Wise Force Deleter 1.5.3 (HKLM-x32\...\Wise Force Deleter_is1) (Version: 1.5.3 - WiseCleaner.com, Inc.)

Packages:
=========
MSI Driver & App Center -> C:\Program Files\WindowsApps\msiappadm.MSIDriverAppCenter_1.2009.1001.0_x64__7f61qv3vk9gn2 [2021-02-10] (msiappadm)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-01-26] (NVIDIA Corp.)
OneDrive -> C:\Program Files\WindowsApps\microsoft.microsoftskydrive_19.23.11.0_x64__8wekyb3d8bbwe [2021-02-15] (Microsoft Corporation)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.20.238.0_x64__dt26b99r8h8gj [2021-02-10] (Realtek Semiconductor Corp)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3110588475-2115266248-3539613761-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => C:\Users\PRDOSLAV\OneDrive [2021-02-13 20:32]
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => -> No File
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => -> No File
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2020-11-02] (Notepad++ -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers2: [DaemonShellExtDrive] -> [CC]{A5415364-784A-41A5-B47A-D452909CA8FF} => -> No File
ContextMenuHandlers3: [DaemonShellExtImage] -> [CC]{40966797-8FFE-46C8-9EF8-7003F33CCF0F} => -> No File
ContextMenuHandlers6: [RUShellExt] -> [CC]{2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\WINDOWS\system32\frapsv64.dll [105984 2019-08-30] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2019-08-30] (Beepa P/L) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-05-14 06:59 - 2020-10-09 23:35 - 005353328 _____ (AVB Disc Soft, SIA -> Disc Soft Ltd) [File not signed] C:\Program Files\DAEMON Tools Pro\Engine.dll
2016-08-10 20:34 - 2016-08-10 20:34 - 000047816 _____ (MICRO-STAR INTERNATIONAL CO., LTD -> www.internals.com) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\MSIAPP_Service\WinIo64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\62195876.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\62195876.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
SearchScopes: HKU\S-1-5-21-3110588475-2115266248-3539613761-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_281\bin\ssv.dll [2021-02-16] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_281\bin\jp2ssv.dll [2021-02-16] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-02-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-10] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2020-09-26 22:56 - 2021-02-16 21:46 - 000000841 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

2020-12-31 16:28 - 2020-09-26 22:55 - 000000407 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Users\PRDOSLAV\AppData\Local\Microsoft\WindowsApps;C:\adb
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\PRDOSLAV\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\tapeta programu windows prohlížeč fotografií.jpg
DNS Servers: 192.168.10.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: AdobeARMservice => 3
MSCONFIG\Services: AGMService => 3
MSCONFIG\Services: AGSService => 3
MSCONFIG\Services: Disc Soft Pro Bus Service => 3
MSCONFIG\Services: EasyAntiCheat => 3
MSCONFIG\Services: Rockstar Service => 3
MSCONFIG\Services: sshd => 3
MSCONFIG\Services: Steam Client Service => 3
HKLM\...\StartupApproved\StartupFolder: => "AnyDesk.lnk"
HKLM\...\StartupApproved\StartupFolder: => "errorlog.txt"
HKLM\...\StartupApproved\Run: => "RtkAudUService"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "RZSurroundHelper"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeGCInvoker-1.0"
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\StartupApproved\StartupFolder: => "RT-Updater-SVO.lnk"
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\StartupApproved\StartupFolder: => "Dragon Center.lnk"
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\StartupApproved\Run: => "DAEMON Tools Pro Agent"
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\StartupApproved\Run: => "com.blitz.app"
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\StartupApproved\Run: => "RzAppEngine"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{EC9F76DB-F118-413B-8391-DC66EA4C0354}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9A29FAFA-7910-4F68-A013-21DD95B67925}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{72417710-F769-42AC-A88F-A262E2FBAA07}] => (Allow) C:\Ross-Tech\VCDS-SVO\VCIConfig.EXE (Ross-Tech, LLC -> Ross-Tech, LLC)
FirewallRules: [{4D9B1368-2E99-43FA-A2BE-279D727EE38A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4765405B-7F9F-48B8-88B2-04E2CEEAE450}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1BF2223F-ACD5-414E-9315-757AA6B1A8F7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3AB8DC26-53FF-4805-9655-6F5388AF1833}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{23A8467D-98E9-49AD-B52B-509680804E65}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{5B4AD96C-D946-4703-BBA3-119710294B15}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{346FDF41-E355-4578-BBD0-8C4AA9E64850}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{F4398B6B-6FCC-4936-BC94-37F78B223C7D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{9E3D3026-AE61-476C-983F-130A4900278C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client_game.exe () [File not signed]
FirewallRules: [{F58FC49C-B51D-451F-BBB3-982021550F72}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client_game.exe () [File not signed]
FirewallRules: [TCP Query User{C9B71383-DE35-4E2B-8308-FCA1EB4996A1}D:\games\planet zoo\planetzoo.exe] => (Allow) D:\games\planet zoo\planetzoo.exe (Frontier Developments) [File not signed]
FirewallRules: [UDP Query User{AE59501E-807B-40FB-BBA7-5D32E1D085B1}D:\games\planet zoo\planetzoo.exe] => (Allow) D:\games\planet zoo\planetzoo.exe (Frontier Developments) [File not signed]
FirewallRules: [{EC8593E2-83C6-4A00-8B54-2EAC311BB074}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{04BBB615-B8E1-45C2-B0E1-8EEB02DC8A52}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{5BD36732-E769-44DA-AB31-746AF3BC2471}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PC Building Simulator\PCBS.exe () [File not signed]
FirewallRules: [{F6812CB4-D053-418B-A309-12811F31CFDB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PC Building Simulator\PCBS.exe () [File not signed]
FirewallRules: [{CC230264-1CA6-4378-80A0-DB8B57600383}] => (Allow) LPort=32682
FirewallRules: [TCP Query User{D264C3EC-FA01-44BF-A95C-B603D85ECAFF}C:\program files\java\jre1.8.0_281\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_281\bin\javaw.exe
FirewallRules: [UDP Query User{319B8886-7384-48F2-8088-9FEE5B4DA7F7}C:\program files\java\jre1.8.0_281\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_281\bin\javaw.exe
FirewallRules: [{31523857-B8AF-44A0-830D-9EC768B33F64}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mad Games Tycoon 2\Mad Games Tycoon 2.exe () [File not signed]
FirewallRules: [{DDD127CF-B0F1-4137-9D5E-DF16F1040CE4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mad Games Tycoon 2\Mad Games Tycoon 2.exe () [File not signed]
FirewallRules: [{2615EE9B-5298-45E2-86C7-E03C94CA2562}] => (Allow) C:\GOG Games\Staxel\bin\Staxel.Client.exe (Plukit BV) [File not signed]
FirewallRules: [{FAE1251D-DAEC-4AF7-8608-AACC074C64C4}] => (Allow) C:\GOG Games\Staxel\bin\Staxel.Client.exe (Plukit BV) [File not signed]
FirewallRules: [{ADE22A5B-BD54-4E64-8211-23BB1E5CDCE6}] => (Allow) C:\GOG Games\Staxel\bin\Staxel.Client.exe (Plukit BV) [File not signed]
FirewallRules: [{4A4B921E-4A12-4DE6-B19B-633D5522D2B1}] => (Allow) C:\GOG Games\Staxel\bin\Staxel.Client.exe (Plukit BV) [File not signed]
FirewallRules: [{DCC29FB0-AE06-4AEB-8099-7440AA6F05F7}] => (Allow) C:\GOG Games\Staxel\bin\Staxel.Server.exe () [File not signed]
FirewallRules: [{4D55CC42-ABDE-4F41-99BB-7AF5F39A2A1E}] => (Allow) C:\GOG Games\Staxel\bin\Staxel.Server.exe () [File not signed]
FirewallRules: [{3A306336-9F37-4CC7-A358-DDA392C56012}] => (Allow) C:\GOG Games\Staxel\bin\Staxel.Server.exe () [File not signed]
FirewallRules: [{064C1C5B-2511-4734-BF6E-EEFE09C7B2FA}] => (Allow) C:\GOG Games\Staxel\bin\Staxel.Server.exe () [File not signed]
FirewallRules: [{2C3433F0-FE20-4312-81BB-FFB8CB23068C}] => (Allow) C:\GOG Games\Staxel\bin\Staxel.Server.NoConsole.exe () [File not signed]
FirewallRules: [{F294292C-7653-4544-98AB-8027D372B04F}] => (Allow) C:\GOG Games\Staxel\bin\Staxel.Server.NoConsole.exe () [File not signed]
FirewallRules: [{3F2E3F46-715C-45F3-8F3E-7DCE624CA7B9}] => (Allow) C:\GOG Games\Staxel\bin\Staxel.Server.NoConsole.exe () [File not signed]
FirewallRules: [{0B140738-E7A9-406F-82FE-3C467EA34447}] => (Allow) C:\GOG Games\Staxel\bin\Staxel.Server.NoConsole.exe () [File not signed]
FirewallRules: [{709A43D3-4D17-4772-B82C-36236E887219}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

15-02-2021 11:31:10 Installed Rapport
15-02-2021 11:36:53 Removed Rapport
16-02-2021 08:57:42 JRT Pre-Junkware Removal
16-02-2021 08:58:47 JRT Pre-Junkware Removal
16-02-2021 09:36:42 Installed Sophos Virus Removal Tool.

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/16/2021 10:37:27 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službě Windows Search se nepodařilo zpracovat seznam zahrnutých a vyloučených umístění, a to s chybou <30, 0x80040d07, iehistory://{S-1-5-21-3110588475-2115266248-3539613761-1001}/>.

Error: (02/16/2021 10:21:01 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).

Error: (02/16/2021 10:00:38 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (02/16/2021 10:00:38 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (02/16/2021 10:00:38 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (02/16/2021 10:00:38 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (02/16/2021 09:46:21 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (02/16/2021 10:31:49 AM) (Source: MsiInstaller) (EventID: 11606) (User: PRDOSLAV-NTB)
Description: Product: Sophos Virus Removal Tool -- Error 1606.Could not access network location data.


System errors:
=============
Error: (02/16/2021 10:02:35 PM) (Source: DCOM) (EventID: 10001) (User: PRDOSLAV-NTB)
Description: Nelze spustit server DCOM: Microsoft.MicrosoftEdge_44.19041.423.0_neutral__8wekyb3d8bbwe!MicrosoftEdge.AppXeb42j1vh6rk395pm0vmcx57dxqjhej5d.mca jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147942667
při provádění příkazu:
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca

Error: (02/16/2021 10:02:35 PM) (Source: DCOM) (EventID: 10001) (User: PRDOSLAV-NTB)
Description: Nelze spustit server DCOM: Microsoft.MicrosoftEdge_44.19041.423.0_neutral__8wekyb3d8bbwe!MicrosoftEdge.AppXeb42j1vh6rk395pm0vmcx57dxqjhej5d.mca jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147942667
při provádění příkazu:
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca

Error: (02/16/2021 09:57:29 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (02/16/2021 09:57:29 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (02/16/2021 09:57:28 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (02/16/2021 09:57:28 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (02/16/2021 09:57:28 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (02/16/2021 10:05:09 AM) (Source: DCOM) (EventID: 10001) (User: PRDOSLAV-NTB)
Description: Nelze spustit server DCOM: Microsoft.MicrosoftEdge_44.19041.423.0_neutral__8wekyb3d8bbwe!MicrosoftEdge.AppXeb42j1vh6rk395pm0vmcx57dxqjhej5d.mca jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147942667
při provádění příkazu:
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca

Windows Defender:
================
Date: 2021-02-16 22:12:02
Description:
Prohled�v�n� Antivirov� ochrana v programu Microsoft Defender bylo zastaveno p�ed dokon�en�m.
ID prohled�v�n�: {B97877E4-3D82-4420-A434-628ED222F6F2}
Typ prohled�v�n�: Antimalwarov� program
Parametry prohled�v�n�: Rychl� prohled�v�n�
U�ivatel: NT AUTHORITY\SYSTEM

Date: 2021-02-15 10:13:08
Description:
Prohled�v�n� Antivirov� ochrana v programu Microsoft Defender bylo zastaveno p�ed dokon�en�m.
ID prohled�v�n�: {DB619582-C698-4654-A569-F522119EBD61}
Typ prohled�v�n�: Antimalwarov� program
Parametry prohled�v�n�: Rychl� prohled�v�n�
U�ivatel: NT AUTHORITY\SYSTEM

Date: 2021-02-13 09:49:12
Description:
Prohled�v�n� Antivirov� ochrana v programu Microsoft Defender bylo zastaveno p�ed dokon�en�m.
ID prohled�v�n�: {C4D57146-1A58-4EDC-A056-0D226FE872AE}
Typ prohled�v�n�: Antimalwarov� program
Parametry prohled�v�n�: Rychl� prohled�v�n�
U�ivatel: NT AUTHORITY\SYSTEM

Date: 2021-02-12 22:05:01
Description:
Antivirov� ochrana v programu Microsoft Defender zjistil malware nebo jin� potenci�ln� ne��douc� software.
Dal�� informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
N�zev: Rogue:Win32/PrivacyCenter
ID: 140760
Z�va�nost: V�n�
Kategorie: Trojsk� k��
Cesta: file:_C:\Users\PRDOSLAV\Downloads\pre-scan_V9_18.10.19.1.exe; webfile:_C:\Users\PRDOSLAV\Downloads\pre-scan_V9_18.10.19.1.exe|https://download.toolslib.net/download/ ... 5005176146
P�vod detekce: Internet
Typ detekce: Konkr�tn�
Zdroj detekce: Soubory ke sta�en� a p��lohy
U�ivatel: PRDOSLAV-NTB\PRDOSLAV
N�zev procesu: Unknown
Verze bezpe�nostn�ch informac�: AV: 1.331.830.0, AS: 1.331.830.0, NIS: 1.331.830.0
Verze modulu: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-02-12 00:19:11
Description:
Prohled�v�n� Antivirov� ochrana v programu Microsoft Defender bylo zastaveno p�ed dokon�en�m.
ID prohled�v�n�: {0F72122E-9F7F-4D9F-8F7E-5C4A1FCCE56D}
Typ prohled�v�n�: Antimalwarov� program
Parametry prohled�v�n�: Rychl� prohled�v�n�
U�ivatel: NT AUTHORITY\SYSTEM

Date: 2021-02-11 23:35:16
Description:
Prohled�v�n� Antivirov� ochrana v programu Microsoft Defender bylo zastaveno p�ed dokon�en�m.
ID prohled�v�n�: {ED186A56-4B5E-4FFF-AB86-40B8C539BA7A}
Typ prohled�v�n�: Antimalwarov� program
Parametry prohled�v�n�: Rychl� prohled�v�n�
U�ivatel: NT AUTHORITY\SYSTEM

Date: 2021-02-11 23:30:54
Description:
Prohled�v�n� Antivirov� ochrana v programu Microsoft Defender bylo zastaveno p�ed dokon�en�m.
ID prohled�v�n�: {00B76F13-2863-4BD8-84E3-194B4C22D1F4}
Typ prohled�v�n�: Antimalwarov� program
Parametry prohled�v�n�: Rychl� prohled�v�n�
U�ivatel: NT AUTHORITY\SYSTEM

Date: 2021-02-09 19:50:56
Description:
Antivirov� ochrana v programu Microsoft Defender narazil na chybu p�i pokusu o aktualizaci bezpe�nostn�ch informac�.
Nov� verze bezpe�nostn�ch informac�:
P�edchoz� verze bezpe�nostn�ch informac�: 1.331.545.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpe�nostn�ch informac�: Antivirov� program
Typ aktualizace: �pln�
U�ivatel: NT AUTHORITY\SYSTEM
Aktu�ln� verze modulu:
P�edchoz� verze modulu: 1.1.17800.5
K�d chyby: 0x8024402c
Popis chyby: P�i zji��ov�n� aktualizac� do�lo k neo�ek�van�m pot��m. Informace o instalaci nebo �e�en� pot�� s aktualizacemi naleznete v n�pov�d� a podpo�e.

CodeIntegrity:
===============
Date: 2021-02-15 15:01:51
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. E17F2IMS.109 05/19/2020
Motherboard: Micro-Star International Co., Ltd. MS-17F2
Processor: Intel(R) Core(TM) i7-9750H CPU @ 2.60GHz
Percentage of memory in use: 30%
Total physical RAM: 16227.32 MB
Available physical RAM: 11298.89 MB
Total Virtual: 17251.32 MB
Available Virtual: 11322.61 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:280.5 GB) (Free:167.24 GB) NTFS
Drive d: (Data) (Fixed) (Total:177.5 GB) (Free:44.31 GB) NTFS

\\?\Volume{ac5adbe9-eb71-4de3-b174-579b4d3f00f2}\ (WinRE tools) (Fixed) (Total:0.88 GB) (Free:0.43 GB) NTFS
\\?\Volume{68105432-156c-48c2-9dc5-3545d3fd71f2}\ (BIOS_RVY) (Fixed) (Total:17.64 GB) (Free:1.57 GB) NTFS
\\?\Volume{4abc0b6c-3530-4e6b-9ee2-f1feaa4985b1}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.26 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: FF7B3DBC)

Partition: GPT.

==================== End of Addition.txt =======================

Dobry den.

Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.

# -------------------------------
# Malwarebytes AdwCleaner 8.1.0.0
# -------------------------------
# Build: 02-15-2021
# Database: 2021-01-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 02-19-2021
# Duration: 00:00:05
# OS: Windows 10 Home
# Scanned: 7021
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Do poznamkoveho bloku skopirujte obsah dole:
Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.

Fix result of Farbar Recovery Scan Tool (x64) Version: 20-02-2021 01
Ran by PRDOSLAV (21-02-2021 00:08:57) Run:1
Running from C:\Users\PRDOSLAV\Desktop
Loaded Profiles: PRDOSLAV
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-12-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Policies\Explorer: [UseDesktopIniCache] 0
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\MountPoints2: {78b509bc-0bb6-11ea-bbfe-4889e716f2dc} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\MountPoints2: {bdf40bce-6348-11eb-8b27-4889e716f2dc} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\MountPoints2: {d0c7d56e-2519-11eb-8b13-00d861097152} - "F:\HiSuiteDownLoader.exe"
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
Task: {4BF72C72-5BDD-4988-85EC-6BD16CFB3318} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-09-26] (Google LLC -> Google LLC)
Task: {71A08FD4-D7A4-4A92-AC13-43C473AE275E} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe
Task: {DF4E0E85-709C-4A45-B038-95ACAF234616} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1190424 2018-08-14] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {E82084AB-3F9E-43CE-ADBD-BFD60C57499B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-09-26] (Google LLC -> Google LLC)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxp://www.google.com ... duckgo.com"
S1 amsdk; \??\C:\WINDOWS\system32\drivers\amsdk.sys [X]
U4 dmwappushservice; no ImagePath
S4 EneTechIo; \??\C:\WINDOWS\system32\drivers\ene.sys [X]
U4 Partizan; system32\drivers\Partizan.sys [X]
S1 RapportCerberus_2004080; \??\c:\programdata\trusteer\rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_2004080.sys [X]
S3 RapportIaso; \??\c:\programdata\trusteer\rapport\store\exts\rapportms\baseline\rapportiaso64.sys [X]
2021-02-12 16:04 - 2021-02-12 21:56 - 000003542 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-02-10 22:23 - 2021-02-10 22:23 - 000000000 ____R C:\WINDOWS\SysWOW64\version_IObitDel.dll
2021-02-05 16:24 - 2020-09-26 22:25 - 000003472 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-05 16:24 - 2020-09-26 22:25 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
FCheck: C:\WINDOWS\SysWOW64\version_IObitDel.dll [2021-02-10] <==== ATTENTION (zero byte File/Folder)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => -> No File
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => -> No File
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers2: [DaemonShellExtDrive] -> [CC]{A5415364-784A-41A5-B47A-D452909CA8FF} => -> No File
ContextMenuHandlers3: [DaemonShellExtImage] -> [CC]{40966797-8FFE-46C8-9EF8-7003F33CCF0F} => -> No File
ContextMenuHandlers6: [RUShellExt] -> [CC]{2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => -> No File
ContextMenuHandlers6: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\62195876.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\62195876.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\S-1-5-21-3110588475-2115266248-3539613761-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
FirewallRules: [{CC230264-1CA6-4378-80A0-DB8B57600383}] => (Allow) LPort=32682

EmptyTemp:

*****************

Processes closed successfully.
Restore point was successfully created.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\UseDesktopIniCache" => not found
"HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableLockWorkstation" => not found
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{78b509bc-0bb6-11ea-bbfe-4889e716f2dc} => removed successfully
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bdf40bce-6348-11eb-8b27-4889e716f2dc} => removed successfully
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d0c7d56e-2519-11eb-8b13-00d861097152} => removed successfully
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Edge => removed successfully
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\SOFTWARE\Policies\Microsoft\Edge => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4BF72C72-5BDD-4988-85EC-6BD16CFB3318}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4BF72C72-5BDD-4988-85EC-6BD16CFB3318}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{71A08FD4-D7A4-4A92-AC13-43C473AE275E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{71A08FD4-D7A4-4A92-AC13-43C473AE275E}" => removed successfully
C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeGCInvoker-1.0" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DF4E0E85-709C-4A45-B038-95ACAF234616}" => not found
C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E82084AB-3F9E-43CE-ADBD-BFD60C57499B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E82084AB-3F9E-43CE-ADBD-BFD60C57499B}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect => removed successfully
"Chrome StartupUrls" => removed successfully
HKLM\System\CurrentControlSet\Services\amsdk => removed successfully
amsdk => service removed successfully
HKLM\System\CurrentControlSet\Services\dmwappushservice => removed successfully
dmwappushservice => service removed successfully
HKLM\System\CurrentControlSet\Services\EneTechIo => removed successfully
EneTechIo => service removed successfully
HKLM\System\CurrentControlSet\Services\Partizan => removed successfully
Partizan => service removed successfully
HKLM\System\CurrentControlSet\Services\RapportCerberus_2004080 => removed successfully
RapportCerberus_2004080 => service removed successfully
HKLM\System\CurrentControlSet\Services\RapportIaso => removed successfully
RapportIaso => service removed successfully
"C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task" => not found
C:\WINDOWS\SysWOW64\version_IObitDel.dll => moved successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
"C:\WINDOWS\SysWOW64\version_IObitDel.dll" => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrivePro1 (ErrorConflict) => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrivePro2 (SyncInProgress) => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrivePro3 (InSync) => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32 => removed successfully
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\DaemonShellExtDrive => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\DaemonShellExtImage => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\RUShellExt => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32 => removed successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\62195876.sys => removed successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => removed successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\62195876.sys => removed successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Local Page"="C:\Windows\System32\blank.htm" => value restored successfully
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\AdobeGCInvoker-1.0" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\AdobeGCInvoker-1.0" => not found
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\AdobeAAMUpdater-1.0" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CC230264-1CA6-4378-80A0-DB8B57600383}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 120003673 B
Java, Flash, Steam htmlcache => 361396880 B
Windows/system/drivers => 11931026 B
Edge => 0 B
Chrome => 509380893 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 26342 B
PRDOSLAV => 323593354 B

RecycleBin => 210882247 B
EmptyTemp: => 1.4 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 00:09:42 ====

Poprosim o nove logy FRAT + ADDITION

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-02-2021
Ran by PRDOSLAV (administrator) on PRDOSLAV-NTB (Micro-Star International Co., Ltd. GF75 Thin 9SC) (22-02-2021 07:14:01)
Running from C:\Users\PRDOSLAV\Desktop
Loaded Profiles: PRDOSLAV
Platform: Windows 10 Home Version 20H2 19042.804 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adguard Software Limited -> Adguard Software Ltd) C:\Program Files (x86)\Adguard\AdguardSvc.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Pro\DiscSoftBusServicePro.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
(A-Volute SAS -> A-Volute) C:\Users\PRDOSLAV\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe
(A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicSvc64.exe
(A-Volute SAS -> Nahimic) C:\Windows\SysWOW64\NahimicSvc32.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3282.0_x64__8j3eq9eme6ctt\IGCC.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_c52b34f1b30918c5\RstMwService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_233e086e960c2400\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_233e086e960c2400\IntelCpHeciSvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2012.21.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20566.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20566.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.521.2012.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.521.2012.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.740_none_e752aa59261f271f\TiWorker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\NisSrv.exe
(Micro-Star International CO., LTD. -> ) C:\Program Files (x86)\MSI\Dragon Center\Sendevsvc\Sendevsvc.exe
(Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\Dragon Center\MSIAPP_Service\MSIAPService.exe
(Micro-Star International Co., Ltd.) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_4ea4d8037d4ef09c\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_ec5ad85a0fbc74ea\RtkAudUService64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_ec5ad85a0fbc74ea\RtkAudUService64.exe [1212720 2020-12-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\RunOnce: [RealProtect] => C:\Program Files\McAfee\Real Protect\RealProtect.exe [8068168 2021-02-21] (McAfee, Inc. -> McAfee, LLC.)
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32721976 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe [5703528 2020-11-20] (Adguard Software Limited -> Adguard Software Ltd)
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\Run: [Facebook.MessengerDesktop] => C:\Users\PRDOSLAV\AppData\Local\Programs\Messenger\Messenger.exe messenger://openAtLogin
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\MountPoints2: {0a25ba03-733f-11eb-8b37-4889e716f2dc} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\MountPoints2: {0a25ba42-733f-11eb-8b37-4889e716f2dc} - "E:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\88.0.4324.182\Installer\chrmstp.exe [2021-02-19] (Google LLC -> Google LLC)
Startup: C:\Users\PRDOSLAV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RT-Updater-SVO.lnk [2021-02-18]
ShortcutTarget: RT-Updater-SVO.lnk -> C:\Ross-Tech\VCDS-SVO\VCDS.exe (No File)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0A8A729B-8270-4184-BECC-490D3116D024} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646896 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {13B3396A-39D8-46A7-8E3E-D5A00D94A309} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {14778D44-2904-4267-9BAA-20F0689D6CEF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1745BFA6-6086-4E92-819E-35720B3DD999} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
Task: {1AB97E9E-CFE0-4EFD-80FB-955E21788E82} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2A056B6F-011F-4A34-9DF3-D0F61C7BEACB} - System32\Tasks\NahimicSvc32Run => C:\WINDOWS\SysWOW64\NahimicSvc32.exe [823304 2020-12-09] (A-Volute SAS -> Nahimic)
Task: {3C6B3A1A-15FF-4D27-8D6D-6E76860B97E7} - System32\Tasks\NahimicTask64 => C:\WINDOWS\system32\.\NahimicSvc64.exe [1067016 2020-12-09] (A-Volute SAS -> Nahimic)
Task: {3EE2AC5E-03C6-40FE-AF5A-E906EDEF11AE} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
Task: {4DABF43B-4E44-4688-8894-567F0B9E8436} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993800 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {520F4D1F-B380-4B01-AC87-9A6FBD574A69} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe
Task: {5327C3DF-F647-4A83-840F-168E914C6BA5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5656C497-8CB5-4040-99B7-592C317E6B46} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {57B9E487-0579-4B81-981C-E3B433AA47CF} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-02-16] (Piriform Software Ltd -> Piriform)
Task: {5877EC20-A755-413C-9BD4-EF05F4CE19E4} - \Adobe Acrobat Update Task -> No File <==== ATTENTION
Task: {5F361A70-9843-4B43-BDD5-4EA0AE102407} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {63714D00-F448-47B5-89C9-9CB642DF10B6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5199792 2021-02-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {675D02F5-D0F5-4AD1-B2D3-A2B20B960008} - System32\Tasks\NahimicSvc64Run => C:\WINDOWS\system32\NahimicSvc64.exe [1067016 2020-12-09] (A-Volute SAS -> Nahimic)
Task: {67690B0C-0906-4D86-99A9-1507A67939E3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5199792 2021-02-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {69AC8258-4D53-4734-9CDB-36ED12B69C45} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {707E84D1-7BFE-48EC-A6E7-3D8A468BF055} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {73DFBA8A-F9CF-49C6-907E-0E2D454BF80C} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302128 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7618DBCE-1C03-4B53-B361-B23B0ED09A22} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8365A554-A145-4287-8B05-40273CD552F2} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe
Task: {925C82F9-4A08-4140-A0F1-BCC25A407666} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {9347D433-71B8-4212-9A00-0F7739617127} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27165752 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {94E2F2CE-3D59-424F-B2EB-420EBBABD1D7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993800 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {9734D2F1-A2F0-49AF-803F-BC86B6AF23E6} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [142152 2021-02-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {9824F88F-2A45-4137-A897-7CAA341D2B87} - System32\Tasks\MSISCMTsk => C:\Program Files (x86)\MSI\MSI Remind Manager\MSISCMTsk.exe [344184 2020-02-13] (Micro-Star International CO., LTD. -> Application)
Task: {B0D5E313-5E53-4A4B-8E90-77C9F12F831C} - System32\Tasks\MSI_Dragon Center => C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe [6255104 2020-05-06] (Micro-Star International Co., Ltd.) [File not signed]
Task: {B81C3947-E1C5-4D6D-BC8F-1F7B872A2B6D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BE52EDE5-1462-44E6-A46E-8B67EF41534A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D6088A59-FDF9-44F8-9436-D3BCA7400F9B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [142152 2021-02-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {E8BCFB85-E798-4986-A5AE-5641B3217C82} - System32\Tasks\NahimicTask32 => C:\WINDOWS\system32\..\SysWOW64\NahimicSvc32.exe [823304 2020-12-09] (A-Volute SAS -> Nahimic)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.10.1 0.0.0.0
Tcpip\..\Interfaces\{41390136-14d9-4ad4-b140-a0d1b94d90a2}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{bcbdebf0-34e1-4d08-879c-a923554a03f8}: [DhcpNameServer] 192.168.10.1 0.0.0.0

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.281.2 -> C:\Program Files\Java\jre1.8.0_281\bin\dtplugin\npDeployJava1.dll [2021-02-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.281.2 -> C:\Program Files\Java\jre1.8.0_281\bin\plugin2\npjp2.dll [2021-02-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-02-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-02-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-02-15] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\PRDOSLAV\AppData\Local\Google\Chrome\User Data\Default [2021-02-22]
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxp://www.google.com ... duckgo.com"
CHR Extension: (Just Black) - C:\Users\PRDOSLAV\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2021-02-21]
CHR Extension: (YouTube) - C:\Users\PRDOSLAV\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-02-21]
CHR Extension: (Vysoký kontrast) - C:\Users\PRDOSLAV\AppData\Local\Google\Chrome\User Data\Default\Extensions\djcfdncoelnlbldjfhinnjlhdjlikmph [2021-02-21]
CHR Extension: (AdGuard asistent prohlížeče) - C:\Users\PRDOSLAV\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbohpolgemkbfphodcfgnpjcmedcjhpn [2021-02-21]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\PRDOSLAV\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2021-02-21]
CHR Extension: (Excel Online) - C:\Users\PRDOSLAV\AppData\Local\Google\Chrome\User Data\Default\Extensions\iljnkagajgfdmfnnidjijobijlfjfgnb [2021-02-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PRDOSLAV\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-21]
CHR Extension: (Gmail) - C:\Users\PRDOSLAV\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-02-21]
CHR Extension: (Chrome Media Router) - C:\Users\PRDOSLAV\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-02-21]
CHR HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Adguard Service; C:\Program Files (x86)\Adguard\AdguardSvc.exe [177000 2020-11-20] (Adguard Software Limited -> Adguard Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8905608 2021-02-13] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Pro Bus Service; C:\Program Files\DAEMON Tools Pro\DiscSoftBusServicePro.exe [2863472 2020-05-14] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [410864 2021-01-25] (NVIDIA Corporation -> NVIDIA)
S2 Micro Star SCM; C:\WINDOWS\SysWOW64\MSIService.exe [160768 2009-07-09] (Micro-Star International Co., Ltd.) [File not signed]
R2 MSI Foundation Service; C:\Program Files (x86)\MSI\Dragon Center\MSIAPP_Service\MSIAPService.exe [47568 2018-10-29] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1633288 2020-12-09] (A-Volute SAS -> Nahimic)
S3 Rockstar Service; D:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1631360 2020-12-02] (Rockstar Games, Inc. -> Rockstar Games)
R2 RtkAudioUniversalService; C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_ec5ad85a0fbc74ea\RtkAudUService64.exe [1212720 2020-12-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 Sendevsvc; C:\Program Files (x86)\MSI\Dragon Center\Sendevsvc\Sendevsvc.exe [302888 2019-01-30] (Micro-Star International CO., LTD. -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\NisSrv.exe [2462960 2021-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MsMpEng.exe [128376 2021-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 AdobeARMservice; "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_4ea4d8037d4ef09c\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_4ea4d8037d4ef09c\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 adgnetworktdidrv; C:\WINDOWS\System32\drivers\adgnetworktdidrv.sys [67584 2020-04-07] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2019-11-22] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2019-11-22] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtproscsibus; C:\WINDOWS\System32\drivers\dtproscsibus.sys [42472 2020-10-09] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-06-29] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 MpKsl5af7bb23; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C348D673-B11B-40B7-948D-0A6B788988E7}\MpKslDrv.sys [47344 2021-02-21] (Microsoft Windows -> Microsoft Corporation)
R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [85592 2020-06-16] (A-Volute -> Windows (R) Win 7 DDK provider)
R0 RapportHades64; C:\WINDOWS\System32\Drivers\RapportHades64.sys [398984 2020-08-18] (IBM -> IBM Corp.)
R0 RapportKE64; C:\WINDOWS\System32\Drivers\RapportKE64.sys [448904 2020-08-18] (IBM -> IBM Corp.)
S3 Revoflt; C:\WINDOWS\System32\DRIVERS\revoflt.sys [38400 2020-10-14] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
S3 RT-USB; C:\WINDOWS\system32\drivers\RT-USB64.SYS [97152 2014-05-12] (Ross-Tech, LLC -> Ross-Tech LLC)
S3 RZSURROUNDVADService; C:\WINDOWS\system32\drivers\RzSurroundVAD.sys [49176 2016-10-16] (Razer USA Ltd. -> Windows (R) Win 7 DDK provider)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 SjtWinIo20; C:\WINDOWS\System32\drivers\SjtWinIo_v2_0.sys [11776 2021-01-28] (Microsoft Windows Hardware Compatibility Publisher -> SpeedJet Technology INC.)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64872 2019-09-26] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
R3 trufos; C:\WINDOWS\System32\drivers\trufos.sys [611728 2021-02-21] (Bitdefender SRL -> Bitdefender)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49552 2021-02-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [419040 2021-02-11] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2021-02-11] (Microsoft Windows -> Microsoft Corporation)
R3 WINIO; C:\Program Files (x86)\MSI\Dragon Center\winio64.sys [18688 2018-07-18] (WDKTestCert heavenluo,131620253795976757 -> )
R3 WiseUnlock; C:\WINDOWS\WiseUnlock64.sys [33864 2020-09-26] (Beijing Lang Xingda Network Technology Co., Ltd -> WiseCleaner.com)
U3 DiagTrack; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-22 07:14 - 2021-02-22 07:14 - 000025092 _____ C:\Users\PRDOSLAV\Desktop\FRST.txt
2021-02-22 07:13 - 2021-02-22 07:13 - 000000098 _____ C:\WINDOWS\ntbtlog.txt
2021-02-22 07:07 - 2021-02-22 07:09 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Roaming\Messenger
2021-02-22 07:07 - 2021-02-22 07:09 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\Messenger
2021-02-22 07:07 - 2021-02-22 07:07 - 000002396 _____ C:\Users\PRDOSLAV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Messenger.lnk
2021-02-22 07:07 - 2021-02-22 07:07 - 000002388 _____ C:\Users\PRDOSLAV\Desktop\Messenger.lnk
2021-02-22 07:07 - 2021-02-22 07:07 - 000000000 ____D C:\Users\PRDOSLAV\AppData\LocalLow\Messenger
2021-02-22 07:07 - 2021-02-22 07:07 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\messenger-updater
2021-02-21 23:33 - 2021-02-21 23:33 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\FSDART
2021-02-21 23:15 - 2021-02-21 23:15 - 000183803 _____ C:\Users\PRDOSLAV\Desktop\CZ_Mad_Games_Tycoon_2_-_2021.02.21A.rar
2021-02-21 23:13 - 2021-02-21 23:13 - 000000000 __SHD C:\ZIL.QUAR
2021-02-21 15:37 - 2021-02-21 15:37 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Roaming\java
2021-02-21 15:37 - 2021-02-21 15:37 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Roaming\.tlauncher
2021-02-21 15:29 - 2021-02-21 15:30 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Roaming\.technic
2021-02-21 13:32 - 2021-02-21 13:43 - 000000056 _____ C:\WINDOWS\Lic.xxx
2021-02-21 13:31 - 2021-02-21 13:31 - 000611728 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\trufos.sys
2021-02-21 13:31 - 2021-02-21 13:27 - 000632064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr80.dll
2021-02-21 13:31 - 2021-02-21 13:27 - 000554240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp80.dll
2021-02-21 13:31 - 2021-02-21 13:26 - 000176760 _____ (MicroWorld Technologies Inc.) C:\WINDOWS\SysWOW64\eEmpty.exe
2021-02-21 13:26 - 2021-02-21 13:26 - 000000000 ____D C:\ProgramData\MicroWorld
2021-02-21 09:02 - 2021-02-21 09:02 - 000003112 _____ C:\WINDOWS\system32\Tasks\NahimicTask32
2021-02-21 09:02 - 2021-02-21 09:02 - 000003092 _____ C:\WINDOWS\system32\Tasks\NahimicTask64
2021-02-21 09:01 - 2021-02-21 09:04 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\NPE
2021-02-21 09:01 - 2021-02-21 09:01 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\Trend Micro
2021-02-21 09:01 - 2021-02-21 09:01 - 000000000 ____D C:\ProgramData\Norton
2021-02-21 09:01 - 2021-02-21 09:01 - 000000000 ____D C:\Program Files (x86)\Trend Micro
2021-02-21 08:43 - 2021-02-21 08:43 - 001351894 _____ C:\Users\PRDOSLAV\AppData\Local\census.cache
2021-02-21 08:42 - 2021-02-21 08:42 - 000411020 _____ C:\Users\PRDOSLAV\AppData\Local\ars.cache
2021-02-21 08:29 - 2021-02-21 08:29 - 000000010 _____ C:\Users\PRDOSLAV\AppData\Local\sponge.last.runtime.cache
2021-02-21 08:25 - 2021-02-21 09:01 - 000000000 ____D C:\ProgramData\Trend Micro
2021-02-21 08:25 - 2021-02-21 08:25 - 000000000 ____D C:\WINDOWS\Trend Micro
2021-02-21 08:24 - 2021-02-21 08:24 - 000000036 _____ C:\Users\PRDOSLAV\AppData\Local\housecall.guid.cache
2021-02-21 02:18 - 2021-02-21 02:18 - 000000000 ____D C:\ProgramData\Emsisoft
2021-02-20 19:54 - 2021-02-20 20:12 - 000000000 ____D C:\Users\PRDOSLAV\Documents\HiSuite
2021-02-20 19:54 - 2021-02-20 19:54 - 000000000 ____D C:\Users\PRDOSLAV\.android
2021-02-20 00:53 - 2021-02-20 00:53 - 026664336 _____ (Intel Corporation) C:\WINDOWS\system32\mfxplugin64_hw.dll
2021-02-20 00:53 - 2021-02-20 00:53 - 013509520 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\mfxplugin32_hw.dll
2021-02-20 00:53 - 2021-02-20 00:53 - 000499088 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-02-20 00:53 - 2021-02-20 00:53 - 000419240 _____ C:\WINDOWS\system32\ze_loader.dll
2021-02-20 00:53 - 2021-02-20 00:53 - 000361888 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-02-20 00:53 - 2021-02-20 00:53 - 000330184 _____ (Intel Corporation) C:\WINDOWS\system32\libmfxhw64.dll
2021-02-20 00:53 - 2021-02-20 00:53 - 000272344 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\libmfxhw32.dll
2021-02-20 00:53 - 2021-02-20 00:53 - 000161416 _____ (Intel Corporation) C:\WINDOWS\system32\intel_gfx_api-x64.dll
2021-02-20 00:53 - 2021-02-20 00:53 - 000140200 _____ C:\WINDOWS\system32\ze_validation_layer.dll
2021-02-20 00:53 - 2021-02-20 00:53 - 000136920 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll
2021-02-20 00:50 - 2021-02-20 00:58 - 000000000 ____D C:\ProgramData\ProductData
2021-02-19 22:01 - 2021-02-19 22:01 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-19 13:05 - 2020-04-07 08:30 - 000067584 _____ () C:\WINDOWS\system32\Drivers\adgnetworktdidrv.sys
2021-02-19 12:56 - 2021-02-21 01:29 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Roaming\qBittorrent
2021-02-19 12:56 - 2021-02-19 12:56 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\qBittorrent
2021-02-19 12:56 - 2021-02-19 12:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2021-02-19 12:56 - 2021-02-19 12:56 - 000000000 ____D C:\Program Files\qBittorrent
2021-02-19 12:35 - 2021-02-22 07:14 - 000000000 ____D C:\ProgramData\Adguard
2021-02-19 12:35 - 2021-02-22 00:15 - 000000000 ____D C:\Program Files (x86)\Adguard
2021-02-19 12:35 - 2021-02-19 12:35 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Roaming\Adguard Software Ltd
2021-02-19 12:35 - 2021-02-19 12:35 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\Adguard_Software_Ltd
2021-02-19 12:35 - 2021-02-19 12:35 - 000000000 ____D C:\ProgramData\Package Cache
2021-02-19 12:35 - 2021-02-19 12:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AdGuard
2021-02-19 12:11 - 2021-02-19 12:10 - 008463216 _____ (Malwarebytes) C:\Users\PRDOSLAV\Desktop\adwcleaner_8.1.exe
2021-02-18 08:36 - 2021-02-21 13:34 - 000000298 _____ C:\Users\PRDOSLAV\Desktop\kratom§.txt
2021-02-17 11:13 - 2021-02-17 11:13 - 000003152 _____ C:\WINDOWS\system32\Tasks\NahimicSvc64Run
2021-02-17 11:13 - 2021-02-17 11:13 - 000003152 _____ C:\WINDOWS\system32\Tasks\NahimicSvc32Run
2021-02-17 11:13 - 2020-12-16 17:08 - 005994080 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2021-02-17 11:13 - 2020-12-16 16:57 - 043517749 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2021-02-17 11:12 - 2021-02-17 11:13 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\NhNotifSys
2021-02-17 11:12 - 2021-02-17 11:12 - 000002441 _____ C:\Users\PRDOSLAV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nahimic Companion.lnk
2021-02-17 11:12 - 2021-02-17 11:12 - 000000000 ____D C:\WINDOWS\system32\A-Volute
2021-02-17 11:12 - 2021-02-17 11:12 - 000000000 ____D C:\ProgramData\A-Volute
2021-02-17 11:07 - 2021-02-21 22:53 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\CrashDumps
2021-02-17 08:46 - 2021-02-17 16:29 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\PlaceholderTileLogoFolder
2021-02-17 00:02 - 2021-02-17 00:02 - 000000000 ____D C:\Program Files\Malwarebytes
2021-02-16 23:39 - 2021-02-16 23:39 - 000000000 ____D C:\Program Files (x86)\Microsoft Group Policy
2021-02-16 23:34 - 2021-02-16 23:34 - 000001536 _____ C:\WINDOWS\unins000.dat
2021-02-16 23:34 - 2021-02-16 23:34 - 000000000 ____D C:\WINDOWS\SysWOW64\GPBAK
2021-02-16 23:34 - 2021-02-16 23:33 - 000707354 _____ C:\WINDOWS\unins000.exe
2021-02-16 23:34 - 2020-09-26 22:56 - 000000000 ____D C:\WINDOWS\system32\GroupPolicyUsers
2021-02-16 23:34 - 2008-04-14 02:11 - 000295936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appmgr.dll
2021-02-16 23:34 - 2001-08-23 13:00 - 000034871 _____ C:\WINDOWS\SysWOW64\gpedit.msc
2021-02-16 23:14 - 2021-02-22 07:14 - 000000000 ____D C:\FRST
2021-02-16 23:12 - 2021-02-22 00:12 - 002301440 _____ (Farbar) C:\Users\PRDOSLAV\Desktop\FRST64.exe
2021-02-16 22:27 - 2021-02-16 22:27 - 000004920 _____ C:\Users\PRDOSLAV\Desktop\Emaily-part1-korekce.txt
2021-02-16 22:04 - 2021-02-16 22:04 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Roaming\DAEMON Tools Pro
2021-02-16 22:01 - 2021-02-16 22:42 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\VirtualStore
2021-02-16 22:00 - 2014-02-13 23:59 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2021-02-16 21:44 - 2021-02-17 10:50 - 000000000 ____D C:\Program Files (x86)\Zemana
2021-02-16 21:44 - 2021-02-16 22:36 - 000135512 _____ C:\WINDOWS\ZAM.krnl.trace
2021-02-16 21:44 - 2021-02-16 22:35 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\AMSDK
2021-02-16 09:14 - 2021-02-16 09:14 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Roaming\Sun
2021-02-16 08:45 - 2021-02-16 09:07 - 000000000 ____D C:\ProgramData\ADiag
2021-02-15 14:18 - 2021-02-15 14:18 - 000000000 ____D C:\Users\PRDOSLAV\Documents\backup
2021-02-15 11:31 - 2021-02-15 11:31 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Roaming\Mozilla
2021-02-15 11:31 - 2020-08-18 17:24 - 000448904 _____ (IBM Corp.) C:\WINDOWS\system32\Drivers\RapportKE64.sys
2021-02-15 11:31 - 2020-08-18 17:24 - 000398984 _____ (IBM Corp.) C:\WINDOWS\system32\Drivers\RapportHades64.sys
2021-02-15 11:30 - 2021-02-15 11:30 - 000000000 ____D C:\ProgramData\Trusteer
2021-02-14 00:05 - 2021-02-14 00:07 - 000000000 _____ C:\WINDOWS\system32\RzSurroundVADAudioDeviceManager_log.txt
2021-02-14 00:05 - 2021-02-14 00:05 - 000000000 ____D C:\ProgramData\RzSurroundVAD_1.1.63.0
2021-02-14 00:05 - 2021-02-14 00:05 - 000000000 _____ C:\WINDOWS\SysWOW64\RzSurroundVADAudioDeviceManager_log.txt
2021-02-13 22:34 - 2021-02-18 09:16 - 000011414 _____ C:\Users\PRDOSLAV\Documents\Sešit1.xlsm
2021-02-13 21:28 - 2021-02-13 21:28 - 008049538 _____ C:\Users\PRDOSLAV\Documents\13úno2144-212820story_esports_BuildPlayer-Workshop_DLC1_Starter.csv
2021-02-13 20:33 - 2021-02-13 20:33 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\OneDrive
2021-02-13 20:32 - 2021-02-22 00:06 - 000000000 ___RD C:\Users\PRDOSLAV\OneDrive
2021-02-13 20:32 - 2021-02-19 10:01 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3110588475-2115266248-3539613761-1001
2021-02-13 20:32 - 2021-02-19 10:01 - 000002420 _____ C:\Users\PRDOSLAV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-13 20:32 - 2021-02-13 20:32 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-02-13 20:32 - 2021-02-13 20:32 - 000000000 ____D C:\OneDriveTemp
2021-02-13 11:31 - 2021-02-09 22:11 - 000052988 _____ C:\Users\PRDOSLAV\Desktop\Text_CZ.txt
2021-02-12 16:04 - 2021-02-20 15:12 - 000002103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-02-12 16:04 - 2021-02-12 16:04 - 000000000 ____D C:\Program Files (x86)\Adobe
2021-02-11 22:34 - 2021-02-11 22:34 - 000000000 ____D C:\Users\PRDOSLAV\Documents\Vlastní šablony Office
2021-02-11 22:22 - 2021-02-13 20:37 - 000000000 ____D C:\Users\PRDOSLAV\Documents\temp
2021-02-11 22:22 - 2021-02-11 22:22 - 000003014 _____ C:\WINDOWS\system32\Tasks\MSI_Dragon Center
2021-02-11 22:22 - 2021-02-11 22:22 - 000000000 ____D C:\Program Files (x86)\MSI
2021-02-10 22:24 - 2021-02-16 08:57 - 000000000 ____D C:\WINDOWS\Minidump
2021-02-10 22:24 - 2021-02-10 22:24 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Roaming\Wise Force Deleter
2021-02-10 22:11 - 2019-12-19 08:07 - 002877104 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2021-02-10 22:03 - 2021-02-22 07:02 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-10 22:03 - 2021-02-10 22:03 - 000002418 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2021-02-10 21:59 - 2021-02-10 21:59 - 000000000 ____D C:\Program Files\Intel
2021-02-10 21:58 - 2021-02-10 21:58 - 000000000 ____D C:\Program Files (x86)\Realtek
2021-02-10 21:57 - 2021-02-17 11:14 - 000000000 ___HD C:\Program Files (x86)\Temp
2021-02-10 21:52 - 2021-02-10 21:52 - 000000000 ____D C:\Users\PRDOSLAV\ansel
2021-02-10 21:49 - 2021-02-10 21:49 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\SaraResults
2021-02-10 21:46 - 2021-02-10 21:46 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Roaming\WinRAR
2021-02-10 21:46 - 2021-02-10 21:46 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\SaRALogs
2021-02-10 21:45 - 2021-02-10 22:17 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\BitTorrentHelper
2021-02-10 21:41 - 2021-02-10 22:27 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\Deployment
2021-02-10 21:41 - 2021-02-10 21:41 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\Apps\2.0
2021-02-10 20:44 - 2021-02-10 20:44 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-10 20:43 - 2021-02-10 20:43 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-10 20:43 - 2021-02-10 20:43 - 001314112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-02-10 20:43 - 2021-02-10 20:43 - 000231232 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-02-10 20:43 - 2021-02-10 20:43 - 000010892 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-02-10 18:34 - 2021-02-10 18:34 - 000003294 _____ C:\WINDOWS\system32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2021-02-10 18:34 - 2021-02-10 18:34 - 000003242 _____ C:\WINDOWS\system32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2021-02-10 18:34 - 2021-02-10 18:34 - 000003238 _____ C:\WINDOWS\system32\Tasks\Microsoft_Hardware_Launch_itype_exe
2021-02-07 15:15 - 2021-02-07 15:15 - 000000222 _____ C:\Users\PRDOSLAV\Desktop\PC Building Simulator.url
2021-02-07 15:10 - 2021-02-07 15:11 - 000000000 ____D C:\Riot Games
2021-02-07 01:27 - 2021-02-07 01:27 - 000000000 ____D C:\Users\PRDOSLAV\Downloads\UnityText
2021-02-06 14:24 - 2021-02-06 14:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\ClockworkMod
2021-02-06 14:24 - 2021-02-06 14:24 - 000000000 ____D C:\Program Files (x86)\ClockworkMod
2021-02-06 14:19 - 2021-02-06 14:19 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Roaming\Xiaomi
2021-02-06 11:53 - 2021-02-06 12:00 - 000000160 _____ C:\Users\PRDOSLAV\AppData\LocalLow\rbxcsettings.rbx
2021-02-05 22:04 - 2021-02-06 20:59 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Roaming\Disney Interactive
2021-02-02 21:45 - 2021-02-04 22:55 - 000000000 ____D C:\Users\PRDOSLAV\Desktop\Čeština Mad Games Tycoon 2 -2021.02.21A
2021-02-01 13:16 - 2021-02-01 13:16 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Roaming\GIMP
2021-02-01 13:16 - 2021-02-01 13:16 - 000000000 ____D C:\Users\PRDOSLAV\.cache
2021-02-01 13:06 - 2021-02-01 13:06 - 000000913 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.22.lnk
2021-02-01 13:04 - 2021-02-01 13:05 - 000000000 ____D C:\Program Files\GIMP 2
2021-02-01 12:50 - 2021-02-14 01:23 - 000000000 ____D C:\Users\PRDOSLAV\Documents\Nicepage Templates
2021-02-01 12:09 - 2021-02-01 12:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-02-01 12:07 - 2021-02-01 13:09 - 000000000 ____D C:\Users\PRDOSLAV\Documents\Nicepage
2021-02-01 12:02 - 2021-02-01 12:02 - 000000000 ____D C:\Users\PRDOSLAV\Documents\Lightshot
2021-02-01 12:01 - 2021-02-14 01:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
2021-01-31 08:24 - 2021-01-31 08:24 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\ElevatedDiagnostics
2021-01-30 18:29 - 2021-01-30 22:28 - 000000223 _____ C:\Users\PRDOSLAV\Desktop\Mad Games Tycoon 2.url
2021-01-28 22:44 - 2021-02-11 22:22 - 000003116 _____ C:\WINDOWS\system32\Tasks\MSISCMTsk
2021-01-28 22:44 - 2021-02-11 22:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\Intel
2021-01-28 22:16 - 2021-01-28 22:16 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nová složka
2021-01-28 22:00 - 2021-01-28 22:00 - 000011776 _____ (SpeedJet Technology INC.) C:\WINDOWS\system32\Drivers\SjtWinIo_v2_0.sys
2021-01-28 21:46 - 2021-01-28 21:46 - 008823656 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\Netwtw08.sys
2021-01-28 21:46 - 2021-01-28 21:46 - 002673724 _____ C:\WINDOWS\system32\Drivers\Netwfw08.dat
2021-01-28 21:46 - 2021-01-28 21:46 - 001058152 _____ (Intel Corporation) C:\WINDOWS\system32\IntelIHVRouter08.dll
2021-01-28 21:45 - 2021-01-28 21:45 - 006161712 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\ibtusb.sys
2021-01-28 21:45 - 2021-01-28 21:45 - 000539440 _____ (Intel Corporation) C:\WINDOWS\system32\ibtsiva.exe
2021-01-28 21:45 - 2021-01-28 21:45 - 000441648 _____ (Intel Corporation) C:\WINDOWS\system32\ibtproppage.dll
2021-01-26 23:30 - 2021-01-23 09:15 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-01-26 23:30 - 2021-01-23 09:15 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-01-26 23:30 - 2021-01-23 09:14 - 001855192 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-01-26 23:30 - 2021-01-23 09:14 - 001855192 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-01-26 23:30 - 2021-01-23 09:14 - 001094880 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-01-26 23:30 - 2021-01-23 09:14 - 001094880 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-01-26 23:30 - 2021-01-23 09:14 - 000948952 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-01-26 23:30 - 2021-01-23 09:14 - 000948952 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-01-26 23:30 - 2021-01-23 09:12 - 001512096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-01-26 23:30 - 2021-01-23 09:12 - 001164960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-01-26 23:30 - 2021-01-23 09:12 - 000689312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-01-26 23:30 - 2021-01-23 09:12 - 000680096 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-01-26 23:30 - 2021-01-23 09:12 - 000672928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-01-26 23:30 - 2021-01-23 09:12 - 000613536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-01-26 23:30 - 2021-01-23 09:12 - 000558240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-01-26 23:30 - 2021-01-23 09:12 - 000547488 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-01-26 23:30 - 2021-01-23 09:11 - 008262304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-01-26 23:30 - 2021-01-23 09:11 - 007392928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-01-26 23:30 - 2021-01-23 09:11 - 004611744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-01-26 23:30 - 2021-01-23 09:11 - 002731168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-01-26 23:30 - 2021-01-23 09:11 - 002103456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-01-26 23:30 - 2021-01-23 09:11 - 001589408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-01-26 23:30 - 2021-01-23 09:11 - 000813216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-01-26 23:30 - 2021-01-23 09:11 - 000657056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-01-26 23:30 - 2021-01-23 09:11 - 000446624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-01-26 23:30 - 2021-01-23 09:10 - 006070848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-01-26 23:30 - 2021-01-23 09:10 - 000850080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-01-26 23:30 - 2021-01-22 23:59 - 000084264 _____ C:\WINDOWS\system32\nvinfo.pb
2021-01-25 23:24 - 2021-02-10 21:31 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Roaming\obs-studio
2021-01-25 23:24 - 2021-01-25 23:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-22 06:38 - 2020-09-26 22:07 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-22 00:12 - 2020-12-26 18:46 - 000000000 ____D C:\Program Files (x86)\Steam
2021-02-22 00:11 - 2020-09-27 08:30 - 000000000 ____D C:\Program Files\CCleaner
2021-02-22 00:03 - 2021-01-03 11:35 - 000000000 ____D C:\ProgramData\Common
2021-02-21 23:37 - 2021-01-10 10:00 - 000000128 _____ C:\Users\PRDOSLAV\AppData\Roaming\winscp.rnd
2021-02-21 23:14 - 2020-10-23 20:03 - 000000000 ____D C:\Ross-Tech
2021-02-21 22:53 - 2020-09-26 22:56 - 000000000 ____D C:\WINDOWS\INF
2021-02-21 22:52 - 2020-09-27 08:30 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-02-21 18:55 - 2020-09-26 22:51 - 000000000 ____D C:\ProgramData\NVIDIA
2021-02-21 13:43 - 2020-09-26 22:56 - 000000545 _____ C:\WINDOWS\win.ini
2021-02-21 09:09 - 2020-09-26 22:58 - 000717844 _____ C:\WINDOWS\system32\perfh005.dat
2021-02-21 09:09 - 2020-09-26 22:58 - 000144986 _____ C:\WINDOWS\system32\perfc005.dat
2021-02-21 09:09 - 2020-09-26 22:20 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-21 09:03 - 2020-11-21 11:21 - 000001476 _____ C:\Users\PRDOSLAV\Desktop\Roblox Player.lnk
2021-02-21 09:03 - 2020-11-21 11:20 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2021-02-21 09:02 - 2020-09-26 22:08 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-21 09:02 - 2020-06-12 23:13 - 000008192 ___SH C:\DumpStack.log.tmp
2021-02-21 09:01 - 2020-09-26 22:53 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-02-20 19:54 - 2020-09-26 22:11 - 000000000 ____D C:\Users\PRDOSLAV
2021-02-20 15:24 - 2020-10-31 23:08 - 000000000 ____D C:\Program Files\Microsoft Office
2021-02-20 00:46 - 2020-09-26 23:00 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-20 00:46 - 2020-09-26 23:00 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-20 00:46 - 2020-09-26 23:00 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-20 00:46 - 2020-09-26 23:00 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-20 00:46 - 2020-09-26 23:00 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-20 00:46 - 2020-09-26 23:00 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-20 00:46 - 2020-09-26 23:00 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-20 00:46 - 2020-09-26 23:00 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-20 00:46 - 2020-09-26 23:00 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-20 00:46 - 2020-09-26 23:00 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-20 00:46 - 2020-09-26 22:30 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-02-20 00:46 - 2020-09-26 22:30 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-02-20 00:46 - 2020-09-26 22:08 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-02-19 21:58 - 2020-11-14 00:11 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Roaming\DS4Windows
2021-02-19 19:20 - 2020-09-26 22:56 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-19 06:34 - 2020-09-26 22:25 - 000002214 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-17 13:20 - 2020-10-05 21:12 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Roaming\vlc
2021-02-17 12:28 - 2020-09-26 22:56 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-17 12:28 - 2020-09-26 22:20 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\Publishers
2021-02-17 12:28 - 2020-09-26 22:20 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\Packages
2021-02-17 11:13 - 2020-09-26 22:42 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-02-17 11:08 - 2021-01-09 10:38 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\Adobe
2021-02-17 00:05 - 2020-09-26 22:56 - 000000000 __RSD C:\WINDOWS\Media
2021-02-17 00:05 - 2020-09-26 22:56 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2021-02-17 00:05 - 2020-09-26 22:56 - 000000000 ___RD C:\WINDOWS\Offline Web Pages
2021-02-16 23:37 - 2020-09-26 22:56 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2021-02-16 23:36 - 2020-09-26 22:56 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-16 23:36 - 2020-09-26 22:54 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-16 23:34 - 2021-01-02 20:26 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2021-02-16 22:37 - 2020-09-27 08:30 - 000002238 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-02-16 09:16 - 2020-09-26 22:45 - 000000000 ____D C:\Program Files\Java
2021-02-16 09:16 - 2020-03-31 16:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2021-02-16 09:15 - 2020-09-26 22:46 - 000192168 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2021-02-16 09:11 - 2020-09-26 22:32 - 000000844 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2021-02-16 09:11 - 2020-09-26 22:32 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Roaming\Notepad++
2021-02-16 09:11 - 2020-09-26 22:32 - 000000000 ____D C:\Program Files\Notepad++
2021-02-16 08:59 - 2021-01-09 10:28 - 000000000 ____D C:\Users\PRDOSLAV\Documents\Plány
2021-02-15 22:02 - 2020-09-26 22:20 - 000000000 ____D C:\ProgramData\Packages
2021-02-15 15:02 - 2020-09-26 22:56 - 000000000 ____D C:\WINDOWS\ELAMBKUP
2021-02-15 11:33 - 2020-10-22 21:03 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Roaming\Adobe
2021-02-13 20:36 - 2020-11-01 10:35 - 002505048 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-12 21:55 - 2020-09-26 22:56 - 000000000 ____D C:\WINDOWS\SystemApps
2021-02-12 15:53 - 2021-01-09 10:38 - 000000000 ____D C:\ProgramData\Adobe
2021-02-12 15:49 - 2020-10-23 20:04 - 000000000 ____D C:\Program Files\DIFX
2021-02-12 15:48 - 2021-01-09 10:42 - 000000000 ____D C:\Users\PRDOSLAV\AppData\LocalLow\Adobe
2021-02-11 23:35 - 2020-09-26 22:31 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\D3DSCache
2021-02-11 23:35 - 2020-09-26 22:08 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-02-11 22:29 - 2020-09-26 22:46 - 000000000 ____D C:\ProgramData\MSI
2021-02-11 22:22 - 2019-03-14 01:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2021-02-10 22:10 - 2019-11-20 18:19 - 000000000 __SHD C:\Users\PRDOSLAV\IntelGraphicsProfiles
2021-02-10 21:59 - 2020-09-26 22:56 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-02-10 21:54 - 2020-10-17 06:51 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\Intel
2021-02-10 21:45 - 2021-01-16 16:27 - 000001102 _____ C:\Users\PRDOSLAV\Desktop\Grand Theft Auto V.lnk
2021-02-10 21:45 - 2021-01-16 09:01 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2021-02-10 21:38 - 2021-01-16 09:02 - 000000000 ____D C:\Program Files\Rockstar Games
2021-02-10 21:31 - 2021-01-16 09:01 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\Rockstar Games
2021-02-10 21:31 - 2020-09-26 22:30 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Roaming\.minecraft
2021-02-10 21:30 - 2020-12-28 23:03 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\Google
2021-02-10 21:30 - 2020-09-26 23:00 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\NVIDIA Corporation
2021-02-10 20:52 - 2020-09-26 22:56 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-02-10 20:52 - 2020-09-26 22:56 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-02-10 20:52 - 2020-09-26 22:56 - 000000000 ____D C:\WINDOWS\SystemResources
2021-02-10 20:52 - 2020-09-26 22:56 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-10 20:52 - 2020-09-26 22:56 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-02-10 20:52 - 2020-09-26 22:56 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-10 20:52 - 2020-09-26 22:56 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-02-10 20:52 - 2020-09-26 22:56 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-10 20:52 - 2020-09-26 22:53 - 000000000 ____D C:\WINDOWS\servicing
2021-02-10 20:36 - 2020-10-02 18:54 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-10 20:34 - 2020-10-02 18:54 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-07 20:58 - 2020-10-05 14:51 - 000000000 ____D C:\ProgramData\Riot Games
2021-02-07 15:21 - 2020-10-05 14:51 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\Riot Games
2021-02-07 15:11 - 2019-11-20 22:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2021-02-07 01:23 - 2020-10-11 00:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\by.xatab
2021-02-06 14:31 - 2020-09-26 22:56 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-02-06 11:55 - 2020-11-21 11:20 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\Roblox
2021-02-06 11:46 - 2020-09-26 22:56 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-02-05 17:15 - 2020-09-18 22:12 - 000000766 _____ C:\Users\PRDOSLAV\Desktop\House Flipper.lnk
2021-02-01 21:18 - 2020-09-26 22:25 - 000000000 ____D C:\Program Files\Google
2021-02-01 13:11 - 2020-09-26 22:25 - 000000000 ____D C:\Program Files (x86)\Google
2021-02-01 12:45 - 2020-10-22 21:05 - 000055045 _____ C:\WINDOWS\system32\sfcdetails.txt
2021-02-01 12:09 - 2020-10-31 23:09 - 000002380 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2021-01-30 00:49 - 2020-11-01 01:54 - 000001133 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk
2021-01-30 00:49 - 2020-11-01 01:54 - 000000000 ____D C:\Program Files (x86)\WinSCP
2021-01-29 18:50 - 2020-09-26 22:13 - 000000000 ____D C:\ProgramData\Intel
2021-01-29 16:19 - 2020-09-26 23:00 - 000000000 ____D C:\Users\PRDOSLAV\AppData\Local\NVIDIA
2021-01-27 23:55 - 2020-10-23 22:04 - 000000000 ____D C:\Users\PRDOSLAV\Downloads\Naruto
2021-01-27 12:17 - 2020-09-26 23:00 - 002797808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2021-01-27 12:17 - 2020-09-26 23:00 - 002154224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2021-01-27 12:17 - 2020-09-26 23:00 - 001295088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2021-01-25 04:38 - 2020-10-30 22:38 - 000070896 _____ C:\WINDOWS\system32\FvSDK_x64.dll
2021-01-25 04:38 - 2020-10-30 22:38 - 000059632 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll
2021-01-23 09:10 - 2020-09-25 23:08 - 007116680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll

==================== Files in the root of some directories ========

2020-03-18 03:10 - 2020-03-18 03:10 - 000000258 _____ () C:\ProgramData\fontcacheev1.dat
2021-01-10 10:00 - 2021-02-21 23:37 - 000000128 _____ () C:\Users\PRDOSLAV\AppData\Roaming\winscp.rnd
2021-02-21 08:42 - 2021-02-21 08:42 - 000411020 _____ () C:\Users\PRDOSLAV\AppData\Local\ars.cache
2021-02-21 08:43 - 2021-02-21 08:43 - 001351894 _____ () C:\Users\PRDOSLAV\AppData\Local\census.cache
2021-02-21 08:24 - 2021-02-21 08:24 - 000000036 _____ () C:\Users\PRDOSLAV\AppData\Local\housecall.guid.cache
2021-02-21 08:29 - 2021-02-21 08:29 - 000000010 _____ () C:\Users\PRDOSLAV\AppData\Local\sponge.last.runtime.cache

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-02-2021
Ran by PRDOSLAV (22-02-2021 07:14:48)
Running from C:\Users\PRDOSLAV\Desktop
Windows 10 Home Version 20H2 19042.804 (X64) (2020-09-26 21:20:26)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3110588475-2115266248-3539613761-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3110588475-2115266248-3539613761-503 - Limited - Disabled)
Guest (S-1-5-21-3110588475-2115266248-3539613761-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3110588475-2115266248-3539613761-504 - Limited - Disabled)
PRDOSLAV (S-1-5-21-3110588475-2115266248-3539613761-1001 - Administrator - Enabled) => C:\Users\PRDOSLAV

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)


AdGuard (HKLM-x32\...\{4aba1eab-3222-4eec-b751-fcc490bf0327}) (Version: 7.5.3430.0 - Adguard Software Ltd)
AdGuard (HKLM-x32\...\{685F6AB3-7C61-42D1-AE5B-3864E48D1035}) (Version: 7.5.3430.0 - Adguard Software Ltd) Hidden
Administrative Templates (.admx) for Windows 10 October 2020 Update (HKLM-x32\...\{FF72BA97-45EE-495D-9DEC-EAC1D0819429}) (Version: 1.0.0 - Microsoft Coporation)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20138 - Adobe Systems Incorporated)
Aktualizace NVIDIA 38.0.6.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.6.0 - NVIDIA Corporation) Hidden
Balíček ovladače systému Windows - Ross-Tech HIDClass (01/05/2014 6.3.0.3) (HKLM\...\3A9B09BBD4F12A76FBBD3A428729660930BA5F13) (Version: 01/05/2014 6.3.0.3 - Ross-Tech)
CCleaner (HKLM\...\CCleaner) (Version: 5.77 - Piriform)
DAEMON Tools Pro (HKLM\...\DAEMON Tools Pro) (Version: 8.3.0.0767 - Disc Soft Ltd)
Dragon Center (HKLM-x32\...\{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 2.6.2005.0601 - Micro-Star International Co., Ltd.) Hidden
Dragon Center (HKLM-x32\...\InstallShield_{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 2.6.2005.0601 - Micro-Star International Co., Ltd.)
GIMP 2.10.22 (HKLM\...\GIMP-2_is1) (Version: 2.10.22 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.182 - Google LLC)
gpedt.msc 1.0 (HKLM-x32\...\{10B9C608-BF7C-4CCF-A658-C01D969DCA21}_is1) (Version: - Richard)
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: 1.0.2215.0 - Rockstar Games)
House Flipper v.1.2122 (a24be) (44415) (HKLM-x32\...\House Flipper_is1) (Version: - )
Intel® Chipset Device Software (HKLM-x32\...\{70281077-96c3-4f75-938c-dc4746110c00}) (Version: 10.1.17903.8106 - Intel(R) Corporation)
Java 8 Update 281 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180281F0}) (Version: 8.0.2810.9 - Oracle Corporation)
League of Legends (HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Messenger 91.5.119 (HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\c1b3adcf-2068-5e8d-b25d-30ce588e3a4c) (Version: 91.5.119 - Facebook, Inc.)
Microsoft Excel 2019 - cs-cz (HKLM\...\Excel2019Retail - cs-cz) (Version: 16.0.13628.20448 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\OneDriveSetup.exe) (Version: 21.016.0124.0003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Word 2019 - cs-cz (HKLM\...\Word2019Retail - cs-cz) (Version: 16.0.13628.20448 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.9.3 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29548709 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29548709 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.21.0.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.21.0.36 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 461.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.40 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20448 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Passpartout: The Starving Artist (HKLM-x32\...\1427891789_is1) (Version: 1.7.2 - GOG.com)
Planet Zoo (HKLM-x32\...\Planet Zoo_is1) (Version: - )
qBittorrent 4.3.3 (HKLM-x32\...\qBittorrent) (Version: 4.3.3 - The qBittorrent project)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9084.1 - Realtek Semiconductor Corp.)
Remove Empty Directories version 2.2 (HKLM-x32\...\{06F25DC8-71E2-44E2-805A-F15E15B51C74}_is1) (Version: 2.2 - Jonas John)
Revo Uninstaller Pro 4.3.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.3.8 - VS Revo Group, Ltd.)
Roblox Player for PRDOSLAV (HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\roblox-player) (Version: - Roblox Corporation)
Roblox Studio for PRDOSLAV (HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\roblox-studio) (Version: - Roblox Corporation)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.33.319 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.7.5 - Rockstar Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TreeSize Free V4.4.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.4.2 - JAM Software)
VCDS SVO 19.6 (HKLM-x32\...\VCDS SVO) (Version: SVO 19.6.2 - Ross-Tech, LLC)
VEGAS Pro 18.0 (HKLM\...\{82C2EEEE-F7A1-11EA-B428-00155D8D255C}) (Version: 18.0.334 - VEGAS)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
WinSCP 5.17.10 (HKLM-x32\...\winscp3_is1) (Version: 5.17.10 - Martin Prikryl)
Wise Force Deleter 1.5.3 (HKLM-x32\...\Wise Force Deleter_is1) (Version: 1.5.3 - WiseCleaner.com, Inc.)

Packages:
=========
MSI Driver & App Center -> C:\Program Files\WindowsApps\msiappadm.MSIDriverAppCenter_1.2009.1001.0_x64__7f61qv3vk9gn2 [2021-02-10] (msiappadm)
Nahimic -> C:\Program Files\WindowsApps\A-Volute.Nahimic_1.5.7.0_x64__w2gh52qy24etm [2021-02-17] (A-Volute)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-02-17] (NVIDIA Corp.)
OneDrive -> C:\Program Files\WindowsApps\microsoft.microsoftskydrive_19.23.11.0_x64__8wekyb3d8bbwe [2021-02-15] (Microsoft Corporation)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3282.0_x64__8j3eq9eme6ctt [2021-02-17] (INTEL CORP) [Startup Task]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.20.238.0_x64__dt26b99r8h8gj [2021-02-10] (Realtek Semiconductor Corp)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3110588475-2115266248-3539613761-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => C:\Users\PRDOSLAV\OneDrive [2021-02-13 20:32]
CustomCLSID: HKU\S-1-5-21-3110588475-2115266248-3539613761-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\PRDOSLAV\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS -> A-Volute)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2020-11-02] (Notepad++ -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\WINDOWS\system32\frapsv64.dll [105984 2019-08-30] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2019-08-30] (Beepa P/L) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-02-21 23:36 - 2008-04-19 17:35 - 000080384 _____ () [File not signed] C:\Program Files (x86)\ClamWin\bin\ExpShell64.dll
2020-11-19 19:11 - 2021-02-19 13:05 - 006936424 _____ (Adguard Software Limited -> Adguard Software Ltd) [File not signed] C:\Program Files (x86)\Adguard\AdguardCore.dll
2020-05-14 06:59 - 2020-10-09 23:35 - 005353328 _____ (AVB Disc Soft, SIA -> Disc Soft Ltd) [File not signed] C:\Program Files\DAEMON Tools Pro\Engine.dll
2018-11-23 07:01 - 2018-11-23 07:01 - 000438784 _____ (A-Volute) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\YooMixCOM.dll
2021-01-28 22:35 - 2021-01-28 22:36 - 042499072 _____ (Intel Corporation) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3282.0_x64__8j3eq9eme6ctt\IGCC.dll
2016-08-10 20:34 - 2016-08-10 20:34 - 000047816 _____ (MICRO-STAR INTERNATIONAL CO., LTD -> www.internals.com) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\MSIAPP_Service\WinIo64.dll
2015-06-11 19:35 - 2015-06-11 19:35 - 000047816 _____ (MICRO-STAR INTERNATIONAL CO., LTD -> www.internals.com) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\WinIo64.dll
2017-11-01 21:58 - 2017-11-01 21:58 - 001141248 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\Adguard\SQLite.Interop.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_281\bin\ssv.dll [2021-02-16] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_281\bin\jp2ssv.dll [2021-02-16] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-02-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-10] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2020-09-26 22:56 - 2021-02-16 21:46 - 000000841 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

2020-12-31 16:28 - 2020-09-26 22:55 - 000000407 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\PRDOSLAV\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\tapeta programu windows prohlížeč fotografií.jpg
DNS Servers: 192.168.10.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: AdobeARMservice => 3
MSCONFIG\Services: AGMService => 3
MSCONFIG\Services: AGSService => 3
MSCONFIG\Services: Disc Soft Pro Bus Service => 3
MSCONFIG\Services: EasyAntiCheat => 3
MSCONFIG\Services: Rockstar Service => 3
MSCONFIG\Services: sshd => 3
MSCONFIG\Services: Steam Client Service => 3
HKLM\...\StartupApproved\StartupFolder: => "AnyDesk.lnk"
HKLM\...\StartupApproved\StartupFolder: => "errorlog.txt"
HKLM\...\StartupApproved\Run: => "RtkAudUService"
HKLM\...\StartupApproved\Run: => "RZSurroundHelper"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeGCInvoker-1.0"
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\StartupApproved\StartupFolder: => "RT-Updater-SVO.lnk"
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\StartupApproved\StartupFolder: => "Dragon Center.lnk"
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\StartupApproved\Run: => "DAEMON Tools Pro Agent"
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\StartupApproved\Run: => "com.blitz.app"
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\StartupApproved\Run: => "RzAppEngine"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{EC9F76DB-F118-413B-8391-DC66EA4C0354}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9A29FAFA-7910-4F68-A013-21DD95B67925}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{72417710-F769-42AC-A88F-A262E2FBAA07}] => (Allow) C:\Ross-Tech\VCDS-SVO\VCIConfig.EXE (Ross-Tech, LLC -> Ross-Tech, LLC)
FirewallRules: [{23A8467D-98E9-49AD-B52B-509680804E65}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{5B4AD96C-D946-4703-BBA3-119710294B15}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{346FDF41-E355-4578-BBD0-8C4AA9E64850}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{F4398B6B-6FCC-4936-BC94-37F78B223C7D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{9E3D3026-AE61-476C-983F-130A4900278C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client_game.exe () [File not signed]
FirewallRules: [{F58FC49C-B51D-451F-BBB3-982021550F72}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client_game.exe () [File not signed]
FirewallRules: [TCP Query User{C9B71383-DE35-4E2B-8308-FCA1EB4996A1}D:\games\planet zoo\planetzoo.exe] => (Allow) D:\games\planet zoo\planetzoo.exe (Frontier Developments) [File not signed]
FirewallRules: [UDP Query User{AE59501E-807B-40FB-BBA7-5D32E1D085B1}D:\games\planet zoo\planetzoo.exe] => (Allow) D:\games\planet zoo\planetzoo.exe (Frontier Developments) [File not signed]
FirewallRules: [{EC8593E2-83C6-4A00-8B54-2EAC311BB074}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{04BBB615-B8E1-45C2-B0E1-8EEB02DC8A52}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{5BD36732-E769-44DA-AB31-746AF3BC2471}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PC Building Simulator\PCBS.exe () [File not signed]
FirewallRules: [{F6812CB4-D053-418B-A309-12811F31CFDB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PC Building Simulator\PCBS.exe () [File not signed]
FirewallRules: [TCP Query User{D264C3EC-FA01-44BF-A95C-B603D85ECAFF}C:\program files\java\jre1.8.0_281\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_281\bin\javaw.exe
FirewallRules: [UDP Query User{319B8886-7384-48F2-8088-9FEE5B4DA7F7}C:\program files\java\jre1.8.0_281\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_281\bin\javaw.exe
FirewallRules: [{31523857-B8AF-44A0-830D-9EC768B33F64}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mad Games Tycoon 2\Mad Games Tycoon 2.exe () [File not signed]
FirewallRules: [{DDD127CF-B0F1-4137-9D5E-DF16F1040CE4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mad Games Tycoon 2\Mad Games Tycoon 2.exe () [File not signed]
FirewallRules: [{A42EB437-75DC-4C66-BB9A-3B3A30A4F311}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{AD556DD5-09F0-4E97-858B-34705EBB45AB}] => (Allow) C:\Program Files (x86)\Adguard\AdguardSvc.exe (Adguard Software Limited -> Adguard Software Ltd)
FirewallRules: [{A0624FDD-0D1B-42F5-AD65-156A19C4E7DA}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{9859ED59-9629-4895-B413-D683BB60E157}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{EC1441C2-7DAB-43A7-9C08-1FA10733A78E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0CFA1B1D-9F69-4563-85CA-2783C283986C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8B19C25F-3F6E-4CA6-9F28-159C12507ED6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DEC847B0-D57C-4390-934D-7BE7A5E7922E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

==================== Restore Points =========================

15-02-2021 11:31:10 Installed Rapport
15-02-2021 11:36:53 Removed Rapport
16-02-2021 08:57:42 JRT Pre-Junkware Removal
16-02-2021 08:58:47 JRT Pre-Junkware Removal
16-02-2021 09:36:42 Installed Sophos Virus Removal Tool.
16-02-2021 23:26:27 Instalační služba modulů systému Windows
16-02-2021 23:33:36 Instalační služba modulů systému Windows
16-02-2021 23:33:47 Instalační služba modulů systému Windows
16-02-2021 23:33:57 Instalační služba modulů systému Windows
16-02-2021 23:34:04 Instalační služba modulů systému Windows
16-02-2021 23:34:11 Instalační služba modulů systému Windows
16-02-2021 23:34:22 Instalační služba modulů systému Windows
16-02-2021 23:34:33 Instalační služba modulů systému Windows
16-02-2021 23:34:46 Instalační služba modulů systému Windows
16-02-2021 23:34:58 Instalační služba modulů systému Windows
16-02-2021 23:35:10 Instalační služba modulů systému Windows
16-02-2021 23:35:22 Instalační služba modulů systému Windows
16-02-2021 23:35:34 Instalační služba modulů systému Windows
16-02-2021 23:35:46 Instalační služba modulů systému Windows
16-02-2021 23:35:54 Instalační služba modulů systému Windows
16-02-2021 23:36:04 Instalační služba modulů systému Windows
16-02-2021 23:36:12 Instalační služba modulů systému Windows
16-02-2021 23:37:54 Installed Administrative Templates (.admx) for Windows 10 October 2020 Update
17-02-2021 10:44:49 Installed Nahimic Restore Tool
20-02-2021 00:51:53 Driver Booster : Intel(R) UHD Graphics 630

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/22/2021 12:12:09 AM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službě Windows Search se nepodařilo zpracovat seznam zahrnutých a vyloučených umístění, a to s chybou <30, 0x80040d07, iehistory://{S-1-5-21-3110588475-2115266248-3539613761-1001}/>.

Error: (02/22/2021 12:12:04 AM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službě Windows Search se nepodařilo zpracovat seznam zahrnutých a vyloučených umístění, a to s chybou <30, 0x80040d07, iehistory://{S-1-5-21-3110588475-2115266248-3539613761-1001}/>.

Error: (02/21/2021 10:53:08 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službě Windows Search se nepodařilo zpracovat seznam zahrnutých a vyloučených umístění, a to s chybou <30, 0x80040d07, iehistory://{S-1-5-21-3110588475-2115266248-3539613761-1001}/>.

Error: (02/21/2021 09:01:49 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (02/21/2021 09:01:49 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]


Error: (02/21/2021 01:11:03 AM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službě Windows Search se nepodařilo zpracovat seznam zahrnutých a vyloučených umístění, a to s chybou <30, 0x80040d07, iehistory://{S-1-5-21-3110588475-2115266248-3539613761-1001}/>.

Error: (02/21/2021 12:30:46 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).


System errors:
=============
Error: (02/22/2021 07:08:56 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Micro Star SCM byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/22/2021 12:14:42 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Adguard Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (02/21/2021 09:31:06 AM) (Source: DCOM) (EventID: 10010) (User: PRDOSLAV-NTB)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/21/2021 09:01:50 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelIHVRouter08.dll

Error: (02/21/2021 09:01:50 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelIHVRouter08.dll

Error: (02/21/2021 09:01:49 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelIHVRouter08.dll

Error: (02/21/2021 09:01:47 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba NPEService je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (02/21/2021 02:17:56 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.


Windows Defender:
================
Date: 2021-02-21 15:29:09
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {44154003-3C86-47D6-B31F-E1A9F61080E6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM


Date: 2021-02-21 13:43:16
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Behavior:Win32/Locky.gen!B!rsm
Závažnost: Vážné
Kategorie: Ransomware
Cesta: behavior:_pid76638805371429; process:_pid:13580,ProcessStart:132583843044975993
Původ detekce: Neznámý
Typ detekce: Obecný
Zdroj detekce: Neznámý
Uživatel:
Název procesu: C:\Users\PRDOSLAV\AppData\Local\Temp\mwavscan.exe
Verze bezpečnostních informací: AV: 1.331.1502.0, AS: 1.331.1502.0, NIS: 1.331.1502.0
Verze modulu: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-02-21 13:43:15
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Behavior:Win32/Locky.gen!B!rsm
Závažnost: Vážné
Kategorie: Ransomware
Cesta: behavior:_pid76638805371429; process:_pid:13580,ProcessStart:132583843044975993
Původ detekce: Neznámý
Typ detekce: Konkrétní
Zdroj detekce: Neznámý
Uživatel:
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.331.1502.0, AS: 1.331.1502.0, NIS: 1.331.1502.0
Verze modulu: AM: 1.1.17800.5, NIS: 1.1.17800.5

CodeIntegrity:
===============
Date: 2021-02-15 15:01:51
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. E17F2IMS.109 05/19/2020
Motherboard: Micro-Star International Co., Ltd. MS-17F2
Processor: Intel(R) Core(TM) i7-9750H CPU @ 2.60GHz
Percentage of memory in use: 36%
Total physical RAM: 16227.32 MB
Available physical RAM: 10255.88 MB
Total Virtual: 17251.32 MB
Available Virtual: 9729.88 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:280.5 GB) (Free:147.23 GB) NTFS
Drive d: (Data) (Fixed) (Total:177.5 GB) (Free:44.31 GB) NTFS

\\?\Volume{ac5adbe9-eb71-4de3-b174-579b4d3f00f2}\ (WinRE tools) (Fixed) (Total:0.88 GB) (Free:0.43 GB) NTFS
\\?\Volume{68105432-156c-48c2-9dc5-3545d3fd71f2}\ (BIOS_RVY) (Fixed) (Total:17.64 GB) (Free:1.57 GB) NTFS
\\?\Volume{4abc0b6c-3530-4e6b-9ee2-f1feaa4985b1}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.26 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: FF7B3DBC)

Partition: GPT.

==================== End of Addition.txt =======================

Ok, docistime:

Do poznamkoveho bloku skopirujte obsah dole:
Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.

Fix result of Farbar Recovery Scan Tool (x64) Version: 21-02-2021
Ran by Woytman (22-02-2021 09:27:23) Run:1
Running from C:\Users\Woytman\Desktop
Loaded Profiles: Woytman
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:

HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\MountPoints2: {0a25ba03-733f-11eb-8b37-4889e716f2dc} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\MountPoints2: {0a25ba42-733f-11eb-8b37-4889e716f2dc} - "E:\HiSuiteDownLoader.exe"
ShortcutTarget: RT-Updater-SVO.lnk -> C:\Ross-Tech\VCDS-SVO\VCDS.exe (No File)
Task: {5877EC20-A755-413C-9BD4-EF05F4CE19E4} - \Adobe Acrobat Update Task -> No File <==== ATTENTION
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxp://www.google.com ... duckgo.com"
S2 AdobeARMservice; "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" [X]
U3 DiagTrack; no ImagePath
*****************

Processes closed successfully.
Restore point was successfully created.
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0a25ba03-733f-11eb-8b37-4889e716f2dc} => removed successfully
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0a25ba42-733f-11eb-8b37-4889e716f2dc} => removed successfully
"C:\Ross-Tech\VCDS-SVO\VCDS.exe" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5877EC20-A755-413C-9BD4-EF05F4CE19E4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5877EC20-A755-413C-9BD4-EF05F4CE19E4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => not found
"Chrome StartupUrls" => removed successfully
AdobeARMservice => service not found.
HKLM\System\CurrentControlSet\Services\DiagTrack => removed successfully
DiagTrack => service removed successfully


The system needed a reboot.

==== End of Fixlog 09:27:34 ====

Ako je na tom pocitac?